function get_output_file($instance_name, $file_num, $auth_str)
{
$result = BoincResult::lookup_name(BoincDb::escape_string($instance_name));
if (!$result) {
die("no job instance {$instance_name}");
}
$workunit = BoincWorkunit::lookup_id($result->workunitid);
if (!$workunit) {
die("no job {$result->workunitid}");
}
$batch = BoincBatch::lookup_id($workunit->batch);
if (!$batch) {
die("no batch {$workunit->batch}");
}
$user = BoincUser::lookup_id($batch->user_id);
if (!$user) {
die("no user {$batch->user_id}");
}
$x = md5($user->authenticator . $result->name);
if ($x != $auth_str) {
die("bad auth str");
}
$names = get_outfile_names($result);
if ($file_num >= count($names)) {
die("bad file num: {$file_num} > " . count($names));
}
$name = $names[$file_num];
$fanout = parse_config(get_config(), "<uldl_dir_fanout>");
$upload_dir = parse_config(get_config(), "<upload_dir>");
$path = dir_hier_path($name, $upload_dir, $fanout);
if (!is_file($path)) {
die("no such file {$path}");
}
do_download($path);
}
function search_action()
{
$where = "true";
$search_string = get_str('search_string');
if (strlen($search_string)) {
if (strlen($search_string) < 3) {
error_page(tra("search string must be at least 3 characters"));
}
$s = BoincDb::escape_string($search_string);
$s = escape_pattern($s);
$where .= " and name like '{$s}%'";
}
$country = get_str('country');
if ($country != 'any') {
$s = BoincDb::escape_string($country);
$where .= " and country='{$s}'";
}
$t = get_str('team');
if ($t == 'yes') {
$where .= " and teamid<>0";
} else {
if ($t == 'no') {
$where .= " and teamid=0";
}
}
$t = get_str('profile');
if ($t == 'yes') {
$where .= " and has_profile<>0";
} else {
if ($t == 'no') {
$where .= " and has_profile=0";
}
}
$search_type = get_str('search_type', true);
$order_clause = "id desc";
if ($search_type == 'rac') {
$order_clause = "expavg_credit desc";
} else {
if ($search_type == 'total') {
$order_clause = "total_credit desc";
}
}
$fields = "id, create_time, name, country, total_credit, expavg_credit, teamid, url, has_profile, donated";
$users = BoincUser::enum_fields($fields, $where, "order by {$order_clause} limit 100");
page_head(tra("User search results"));
$n = 0;
foreach ($users as $user) {
if ($n == 0) {
start_table();
table_header(tra("Name"), tra("Team"), tra("Average credit"), tra("Total credit"), tra("Country"), tra("Joined"));
}
show_user($user);
$n++;
}
end_table();
if (!$n) {
echo tra("No users match your search criteria.");
}
page_tail();
}
function add_app()
{
$name = BoincDb::escape_string(post_str('add_name'));
$user_friendly_name = BoincDb::escape_string(post_str('add_user_friendly_name'));
if (empty($name) || empty($user_friendly_name)) {
admin_error_page("To add a new application please supply both a brief name and a longer 'user-friendly' name.</font></p>");
}
$now = time();
$id = BoincApp::insert("(name,user_friendly_name,create_time) VALUES ('{$name}', '{$user_friendly_name}', {$now})");
if (!$id) {
admin_error_page("insert failed");
}
echo "Application added.\n <p>\n You must restart the project for this to take effect.\n ";
}
function search_post_content($keyword_list, $forum, $user, $time, $limit, $sort_style, $show_hidden)
{
$db = BoincDb::get();
$search_string = "%";
foreach ($keyword_list as $key => $word) {
$search_string .= BoincDb::escape_string($word) . "%";
}
$optional_join = "";
// if looking in a single forum, need to join w/ thread table
// because that's where the link to forum is
//
if ($forum) {
$optional_join = " LEFT JOIN " . $db->db_name . ".thread ON post.thread = thread.id";
}
$query = "select post.* from " . $db->db_name . ".post" . $optional_join . " where content like '" . $search_string . "'";
if ($forum) {
$query .= " and forum = {$forum->id}";
}
if ($user) {
$query .= " and post.user = {$user->id} ";
}
if ($time) {
$query .= " and post.timestamp > {$time}";
}
if (!$show_hidden) {
$query .= " AND post.hidden = 0";
}
switch ($sort_style) {
case VIEWS_MOST:
$query .= ' ORDER BY views DESC';
break;
case CREATE_TIME_NEW:
$query .= ' ORDER by post.timestamp desc';
break;
case CREATE_TIME_OLD:
$query .= ' ORDER by post.timestamp asc';
break;
case POST_SCORE:
$query .= ' ORDER by post.score desc';
break;
default:
$query .= ' ORDER BY post.timestamp DESC';
break;
}
$query .= " limit {$limit}";
return BoincPost::enum_general($query);
}
function add_admin($team)
{
$email_addr = get_str('email_addr');
$email_addr = BoincDb::escape_string($email_addr);
$user = BoincUser::lookup("email_addr='{$email_addr}'");
if (!$user) {
error_page(tra("no such user"));
}
if ($user->teamid != $team->id) {
error_page(tra("User is not member of team"));
}
if (is_team_admin($user, $team)) {
error_page(tra("%1 is already an admin of %2", $email_addr, $team->name));
}
$now = time();
$ret = BoincTeamAdmin::insert("(teamid, userid, create_time) values ({$team->id}, {$user->id}, {$now})");
if (!$ret) {
error_page(tra("Couldn't add admin"));
}
}
error_page("no such team");
}
require_admin($user, $team);
$team_url = BoincDb::escape_string(strip_tags(post_str("url", true)));
$x = strstr($team_url, "http://");
if ($x) {
$team_url = substr($team_url, 7);
}
$team_name = BoincDb::escape_string(strip_tags(post_str("name")));
$team_name_lc = strtolower($team_name);
$tnh = post_str("name_html", true);
$team_name_html = sanitize_html($tnh);
$team_name_html = BoincDb::escape_string($team_name_html);
$team_description = BoincDb::escape_string(post_str("description", true));
$type = BoincDb::escape_string(post_str("type", true));
$country = BoincDb::escape_string(post_str("country", true));
if ($country == "") {
$country = "International";
}
if (!is_valid_country($country)) {
error_page("bad country");
}
$joinable = post_str('joinable', true) ? 1 : 0;
$t = BoincTeam::lookup("name='{$team_name}'");
if ($t && $t->id != $teamid) {
error_page("The name '{$team_name}' is being used by another team.");
}
if (strlen($team_name) == 0) {
error_page("Must specify team name");
}
// Should be caught up with the post_str("name"),
if ($existing) {
echo tra("There's already an account with that email address");
} else {
$passwd_hash = md5($passwd . $user->email_addr);
// deal with the case where user hasn't set passwd
// (i.e. passwd is account key)
//
if ($passwd_hash != $user->passwd_hash) {
$passwd = $user->authenticator;
$passwd_hash = md5($passwd . $user->email_addr);
}
if ($passwd_hash != $user->passwd_hash) {
echo tra("Invalid password.");
} else {
$passwd_hash = md5($passwd . $email_addr);
$email_addr = BoincDb::escape_string($email_addr);
$result = $user->update("email_addr='{$email_addr}', passwd_hash='{$passwd_hash}', email_validated=0");
if ($result) {
echo tra("The email address of your account is now %1.", $email_addr);
if (defined("SHOW_NONVALIDATED_EMAIL_ADDR")) {
echo "<p>" . tra("Please %1validate this email address%2.", "<a href=validate_email_addr.php>", "</a>") . "\n";
}
} else {
echo tra("We can't update your email address due to a database problem. Please try again later.");
}
}
}
}
}
}
page_tail();
function update_badge()
{
$id = post_int("id");
$badge = BoincBadge::lookup_id($id);
if (!$badge) {
admin_error_page("no such badge");
}
$name = BoincDb::escape_string(post_str("name"));
$type = post_int("type");
$title = BoincDb::escape_string(post_str("title"));
$description = BoincDb::escape_string(post_str("description"));
$image_url = BoincDb::escape_string(post_str("image_url"));
$level = BoincDb::escape_string(post_str("level"));
$tags = BoincDb::escape_string(post_str("tags"));
$sql_rule = BoincDb::escape_string(post_str("sql_rule"));
$retval = $badge->update("name='{$name}', type={$type}, title='{$title}', description='{$description}', image_url='{$image_url}', level='{$level}', tags='{$tags}', sql_rule='{$sql_rule}'");
if (!$retval) {
admin_error_page("update failed");
}
}
function process_create_profile($user, $profile)
{
global $config;
$response1 = post_str('response1', true);
$response2 = post_str('response2', true);
$language = post_str('language', true);
$privatekey = parse_config($config, "<recaptcha_private_key>");
if ($privatekey) {
$recaptcha = new ReCaptcha($privatekey);
$resp = $recaptcha->verifyResponse($_SERVER["REMOTE_ADDR"], $_POST["g-recaptcha-response"]);
if (!$resp->success) {
$profile->response1 = $response1;
$profile->response2 = $response2;
show_profile_form($profile, tra("Your ReCaptcha response was not correct. Please try again."));
return;
}
}
if (!akismet_check($user, $response1)) {
$profile->response1 = $response1;
$profile->response2 = $response2;
show_profile_form($profile, tra("Your first response was flagged as spam by the Akismet anti-spam system. Please modify your text and try again."));
return;
}
if (!akismet_check($user, $response2)) {
$profile->response1 = $response1;
$profile->response2 = $response2;
show_profile_form($profile, tra("Your second response was flagged as spam by the Akismet anti-spam system. Please modify your text and try again."));
return;
}
if (isset($_POST['delete_pic'])) {
$delete_pic = $_POST['delete_pic'];
} else {
$delete_pic = "off";
}
if (strlen($response1) == 0 && strlen($response2) == 0 && $delete_pic != "on" && !is_uploaded_file($_FILES['picture']['tmp_name'])) {
error_page(tra("Your profile submission was empty."));
exit;
}
if ($delete_pic == "on") {
delete_user_pictures($profile->userid);
$profile->has_picture = false;
$profile->verification = 0;
}
$profile ? $has_picture = $profile->has_picture : ($has_picture = false);
if (is_uploaded_file($_FILES['picture']['tmp_name'])) {
$has_picture = true;
if ($profile) {
$profile->verification = 0;
}
// echo "<br>Name: " . $_FILES['picture']['name'];
// echo "<br>Type: " . $_FILES['picture']['type'];
// echo "<br>Size: " . $_FILES['picture']['size'];
// echo "<br>Temp name: " . $_FILES['picture']['tmp_name'];
$images = getImages($_FILES['picture']['tmp_name']);
// Write the original image file to disk.
// TODO: define a constant for image quality.
ImageJPEG($images[0], IMAGE_PATH . $user->id . '.jpg');
ImageJPEG($images[1], IMAGE_PATH . $user->id . '_sm.jpg');
}
$response1 = sanitize_html($response1);
$response2 = sanitize_html($response2);
$has_picture = $has_picture ? 1 : 0;
if ($profile) {
$query = " response1 = '" . BoincDb::escape_string($response1) . "'," . " response2 = '" . BoincDb::escape_string($response2) . "'," . " language = '" . BoincDb::escape_string($language) . "'," . " has_picture = {$has_picture}," . " verification = {$profile->verification}" . " WHERE userid = {$user->id}";
$result = BoincProfile::update_aux($query);
if (!$result) {
error_page(tra("Could not update the profile: database error"));
}
} else {
$query = 'SET ' . " userid={$user->id}," . " language = '" . BoincDb::escape_string($language) . "'," . " response1 = '" . BoincDb::escape_string($response1) . "'," . " response2 = '" . BoincDb::escape_string($response2) . "'," . " has_picture = {$has_picture}," . " recommend=0, " . " reject=0, " . " posts=0, " . " uotd_time=0, " . " verification=0";
$result = BoincProfile::insert($query);
if (!$result) {
error_page(tra("Could not create the profile: database error"));
}
}
$user->update("has_profile=1");
page_head(tra("Profile saved"));
echo tra("Congratulations! Your profile was successfully entered into our database.") . "<br><br>" . "<a href=\"view_profile.php?userid=" . $user->id . "\">" . tra("View your profile") . "</a><br>";
page_tail();
}
require_once "../inc/countries.inc";
$user = get_logged_in_user();
check_tokens($user->authenticator);
$name = boinc_htmlentities(post_str("user_name"));
if ($name != strip_tags($name)) {
error_page("HTML tags not allowed in name");
}
if (strlen($name) == 0) {
error_page("You must supply a name for your account.");
}
$url = post_str("url", true);
$url = strip_tags($url);
$country = post_str("country");
if ($country == "") {
$country = "International";
}
if (!is_valid_country($country)) {
error_page("bad country");
}
$country = BoincDb::escape_string($country);
$postal_code = post_str("postal_code", true);
$postal_code = strip_tags($postal_code);
$name = BoincDb::escape_string($name);
$url = BoincDb::escape_string($url);
$postal_code = BoincDb::escape_string($postal_code);
$result = $user->update("name='{$name}', url='{$url}', country='{$country}', postal_code='{$postal_code}'");
if ($result) {
Header("Location: home.php");
} else {
error_page("Couldn't update user info.");
}
function update_team($t, $team, $user)
{
global $dry_run;
if (trim($t->url) == $team->url && $t->type == $team->type && trim($t->name_html) == $team->name_html && trim($t->description) == $team->description && $t->country == $team->country && $t->id == $team->seti_id) {
echo " no changes\n";
return;
}
echo " updating\n";
$url = BoincDb::escape_string($t->url);
$name_html = BoincDb::escape_string($t->name_html);
$description = BoincDb::escape_string($t->description);
$country = BoincDb::escape_string($t->country);
$query = "update team set url='{$url}', type={$t->type}, name_html='{$name_html}', description='{$description}', country='{$country}', seti_id={$t->id} where id={$team->id}";
if ($dry_run) {
echo " {$query}\n";
return;
}
$retval = mysql_query($query);
if (!$retval) {
echo " update failed: {$query}\n";
exit;
}
}
xml_error(ERR_BAD_EMAIL_ADDR);
}
if (strlen($passwd_hash) != 32) {
xml_error(-1, "password hash length not 32");
}
$user = BoincUser::lookup_email_addr($email_addr);
if ($user) {
if ($user->passwd_hash != $passwd_hash) {
xml_error(ERR_DB_NOT_UNIQUE);
} else {
$authenticator = $user->authenticator;
}
} else {
$user = make_user($email_addr, $user_name, $passwd_hash, 'International');
if (!$user) {
xml_error(ERR_DB_NOT_UNIQUE);
}
if (defined('INVITE_CODES')) {
error_log("Account for '{$email_addr}' created using invitation code '{$invite_code}'");
}
}
if ($team_name) {
$team_name = BoincDb::escape_string($team_name);
$team = BoincTeam::lookup("name='{$team_name}'");
if ($team && $team->joinable) {
user_join_team($team, $user);
}
}
echo " <account_out>\n";
echo " <authenticator>{$user->authenticator}</authenticator>\n";
echo "</account_out>\n";
$project_prefs = str_ireplace("<project_preferences>", "<project_preferences>\n" . $orig_project_specific, $project_prefs);
}
$url = BoincDb::escape_string($url);
$send_email = BoincDb::escape_string($send_email);
$show_hosts = BoincDb::escape_string($show_hosts);
$venue = BoincDb::escape_string($venue);
if ($email_addr) {
if (!is_valid_email_addr($email_addr)) {
xml_error(-205, "Invalid email address");
}
if (is_banned_email_addr($email_addr)) {
xml_error(-205, "Invalid email address");
}
$email_addr = strtolower(BoincDb::escape_string($email_addr));
}
$password_hash = BoincDb::escape_string($password_hash);
$query = "";
if ($name) {
$query .= " name='{$name}', ";
}
if ($country) {
$query .= " country='{$country}', ";
}
if ($postal_code) {
$query .= " postal_code='{$postal_code}', ";
}
if ($global_prefs) {
$global_prefs = str_replace("\\r\\n", "\n", $global_prefs);
$x = bad_xml($global_prefs, "<global_preferences>", "</global_preferences>");
if ($x) {
error("Invalid global preferences: {$x}");
function search($params)
{
$list = array();
$tried = false;
if (strlen($params->keywords)) {
$kw = BoincDb::escape_string($params->keywords);
$name_lc = strtolower($kw);
$name_lc = escape_pattern($name_lc);
$list2 = get_teams("name='{$name_lc}'", $params->active);
merge_lists($list2, $list, 20);
$list2 = get_teams("name like '" . $name_lc . "%'", $params->active);
merge_lists($list2, $list, 5);
$list2 = get_teams("match(name) against ('{$kw}')", $params->active);
merge_lists($list2, $list, 5);
$list2 = get_teams("match(name, description) against ('{$kw}')", $params->active);
//echo "<br>keyword matches: ",sizeof($list2);
merge_lists($list2, $list, 3);
$tried = true;
}
if (strlen($params->country) && $params->country != 'None') {
$list2 = get_teams("country = '{$params->country}'", $params->active);
//echo "<br>country matches: ",sizeof($list2);
merge_lists($list2, $list, 1);
$tried = true;
}
if ($params->type and $params->type > 1) {
$list2 = get_teams("type={$params->type}", $params->active);
//echo "<br>type matches: ",sizeof($list2);
merge_lists($list2, $list, 2);
$tried = true;
}
if (!$tried) {
$list = get_teams("id>0", $params->active);
}
if (sizeof($list) == 0) {
echo 'No teams were found matching your criteria.
Try another search.
<p>Or you can <a href="team_create_form.php">create a new team</a>.</p>
<p>';
team_search_form($params);
} else {
echo "The following teams match one or more of your search criteria.\n\t\t\tTo join a team, click its name to go to the team page, then click <strong>Join this team</strong>.</p>\n\t\t\t<p>";
sort_list($list);
show_list($list);
echo "<h2>Change your search</h2>";
team_search_form($params);
}
}
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
// See the GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
require_once "../inc/boinc_db.inc";
require_once "../inc/xml.inc";
check_get_args(array("hostid", "account_key", "venue"));
xml_header();
$db = BoincDb::get();
if (!$db) {
xml_error($retval);
}
$auth = BoincDb::escape_string(get_str("account_key"));
$user = BoincUser::lookup("authenticator='{$auth}'");
if (!$user) {
xml_error(ERR_DB_NOT_FOUND);
}
$hostid = get_int("hostid");
$host = BoincHost::lookup_id($hostid);
if (!$host || $host->userid != $user->id) {
xml_error(ERR_DB_NOT_FOUND);
}
$venue = BoincDb::escape_string(get_str("venue"));
$result = $host->update("venue='{$venue}'");
if ($result) {
echo "<am_set_host_info_reply>\n <success/>\n</am_set_host_info_reply>\n";
} else {
xml_error(-1, "database error");
}
function update_user($user, $app_id)
{
if (VERBOSE) {
echo "processing user {$user->id}\n";
}
$p = get_new_prefs($user, $app_id);
if ($p) {
$p = BoincDb::escape_string($p);
$user->update("project_prefs='{$p}'");
if (VERBOSE) {
echo "updated user {$user->id}\n";
}
}
}
function handle_accept($user)
{
$srcid = get_int('userid');
$srcuser = BoincUser::lookup_id($srcid);
if (!$srcuser) {
error_page("No such user");
}
$friend = BoincFriend::lookup($srcid, $user->id);
if (!$friend) {
error_page("No request");
}
$friend->update("reciprocated=1");
// "accept message" not implemented in interface yet
$msg = post_str('message', true);
if ($msg) {
$msg = sanitize_tags(BoincDb::escape_string($msg));
}
$now = time();
$ret = BoincFriend::replace("user_src={$user->id}, user_dest={$srcid}, message='{$msg}', create_time={$now}, reciprocated=1");
if (!$ret) {
error_page(tra("Database error"));
}
$type = NOTIFY_FRIEND_ACCEPT;
BoincNotify::replace("userid={$srcid}, create_time={$now}, type={$type}, opaque={$user->id}");
BoincForumPrefs::lookup($srcuser);
if ($srcuser->prefs->pm_notification == 1) {
send_friend_accept_email($user, $srcuser, $msg);
}
$notify = BoincNotify::lookup($user->id, NOTIFY_FRIEND_REQ, $srcid);
if ($notify) {
$notify->delete();
}
page_head(tra("Friendship confirmed"));
echo tra("Your friendship with %1 has been confirmed.", "<b>" . $srcuser->name . "</b>");
page_tail();
}
$delete_problem .= "Cannot delete user: User has " . $c->count . " forum posts.<br/>";
}
if ($delete_problem) {
return false;
}
$q = "DELETE FROM user WHERE id=" . $user->id;
$result = mysql_query($q);
$delete_problem .= "User " . $user->id . " deleted.";
unset($user);
}
$delete_problem = "";
// Process user search form
$matches = "";
if (isset($_POST['search_submit'])) {
$search_name = post_str('search_text');
$search_name = BoincDb::escape_string(sanitize_tags($search_name));
if (!empty($search_name)) {
$result = mysql_query("SELECT * FROM user WHERE name='{$search_name}'");
if (mysql_num_rows($result) == 1) {
$user = mysql_fetch_object($result);
mysql_free_result($result);
} else {
$q = "SELECT * FROM user WHERE name LIKE '%" . $search_name . "%'";
$result = mysql_query($q);
if (mysql_num_rows($result) == 1) {
$user = mysql_fetch_object($result);
mysql_free_result($result);
}
if (mysql_num_rows($result) > 1) {
while ($row = mysql_fetch_object($result)) {
if (!empty($matches)) {
$content = post_str("content", true);
$title = post_str("title", true);
$preview = post_str("preview", true);
if (post_str('submit', true) && !$preview) {
check_tokens($logged_in_user->authenticator);
$add_signature = post_str('add_signature', true) == "1" ? 1 : 0;
$content = substr($content, 0, 64000);
$content = trim($content);
if (strlen($content)) {
$content = BoincDb::escape_string($content);
$now = time();
$post->update("signature={$add_signature}, content='{$content}', modified={$now}");
if ($can_edit_title) {
$title = trim($title);
$title = sanitize_tags($title);
$title = BoincDb::escape_string($title);
$thread->update("title='{$title}'");
}
header("Location: forum_thread.php?id={$thread->id}&postid={$postid}");
} else {
delete_post($post, $thread, $forum);
header("Location: forum_forum.php?id={$forum->id}");
}
}
page_head(tra("Forum"), '', '', '', $bbcode_js);
show_forum_header($logged_in_user);
switch ($forum->parent_type) {
case 0:
$category = BoincCategory::lookup_id($forum->category);
show_forum_title($category, $forum, $thread);
break;
function get_wu_output_file($wu_name, $file_num, $auth_str)
{
$wu_name = BoincDb::escape_string($wu_name);
$wu = BoincWorkunit::lookup("name='{$wu_name}'");
if (!$wu) {
die("no workunit {$wu_name}");
}
$batch = BoincBatch::lookup_id($wu->batch);
if (!$batch) {
die("no batch {$wu->batch}");
}
$user = BoincUser::lookup_id($batch->user_id);
if (!$user) {
die("no user {$batch->user_id}");
}
if ($user->authenticator != $auth_str) {
die("bad auth str: x={$x}, auth_str={$auth_str}");
}
$fanout = parse_config(get_config(), "<uldl_dir_fanout>");
$upload_dir = parse_config(get_config(), "<upload_dir>");
if (!$wu->canonical_resultid) {
die("no canonical result for wu {$wu->name}");
}
$result = BoincResult::lookup_id($wu->canonical_resultid);
$names = get_outfile_names($result);
$path = dir_hier_path($names[$file_num], $upload_dir, $fanout);
if (file_exists($path)) {
do_download($path);
} else {
echo "no such file: {$path}";
}
}
$hide_signatures = $_POST["forum_hide_signatures"] != "" ? 1 : 0;
$highlight_special = $_POST["forum_highlight_special"] != "" ? 1 : 0;
$jump_to_unread = $_POST["forum_jump_to_unread"] != "" ? 1 : 0;
$ignore_sticky_posts = $_POST["forum_ignore_sticky_posts"] != "" ? 1 : 0;
$no_signature_by_default = $_POST["signature_by_default"] != "" ? 0 : 1;
$signature = post_str("signature", true);
if (strlen($signature) > 250) {
error_page(tra("Your signature was too long, please keep it less than 250 characters."));
}
$forum_sort = post_int("forum_sort");
$thread_sort = post_int("thread_sort");
$display_wrap_postcount = post_int("forum_display_wrap_postcount");
if ($display_wrap_postcount < 1) {
$display_wrap_postcount = 1;
}
$signature = BoincDb::escape_string($signature);
$user->prefs->update("images_as_links={$images_as_links}, link_popup={$link_popup}, hide_avatars={$hide_avatars}, hide_signatures={$hide_signatures}, highlight_special={$highlight_special}, jump_to_unread={$jump_to_unread}, ignore_sticky_posts={$ignore_sticky_posts}, no_signature_by_default={$no_signature_by_default}, avatar='{$avatar_url}', signature='{$signature}', forum_sorting={$forum_sort}, thread_sorting={$thread_sort}, display_wrap_postcount={$display_wrap_postcount}");
}
// DISABLE_FORUMS
$add_user_to_filter = $_POST["add_user_to_filter"] != "";
if ($add_user_to_filter) {
$user_to_add = trim($_POST["forum_filter_user"]);
if ($user_to_add != "" and $user_to_add == strval(intval($user_to_add))) {
$other_user = BoincUser::lookup_id($user_to_add);
if (!$other_user) {
echo tra("No such user:"******" " . $user_to_add;
} else {
add_ignored_user($user, $other_user);
}
}
}
function edit_action($forum)
{
$title = strip_tags(post_str('title'));
$title = BoincDb::escape_string($title);
$description = strip_tags(post_str('description'));
$description = BoincDb::escape_string($description);
$post_min_interval = post_int('post_min_interval');
$post_min_total_credit = post_int('post_min_total_credit');
$post_min_expavg_credit = post_int('post_min_expavg_credit');
$ret = $forum->update("title='{$title}', description='{$description}', post_min_interval={$post_min_interval}, post_min_total_credit={$post_min_total_credit}, post_min_expavg_credit={$post_min_expavg_credit}");
if ($ret) {
page_head("Team Message Board Updated");
echo "Update successful";
page_tail();
} else {
error_page("update failed");
}
}
function handle_abort_jobs($r)
{
xml_start_tag("abort_jobs");
list($user, $user_submit) = authenticate_user($r, null);
$batch = null;
foreach ($r->job_name as $job_name) {
$job_name = BoincDb::escape_string($job_name);
$wu = BoincWorkunit::lookup("name='{$job_name}'");
if (!$wu) {
xml_error(-1, "No job {$job_name}");
}
if (!$wu->batch) {
xml_error(-1, "Job {$job_name} is not part of a batch");
}
if (!$batch || $wu->batch != $batch->id) {
$batch = BoincBatch::lookup_id($wu->batch);
}
if (!$batch || $batch->user_id != $user->id) {
xml_error(-1, "not owner");
}
echo "<aborted {$job_name}>\n";
abort_workunit($wu);
}
echo "<success>1</success>\n </abort_jobs>\n ";
}
$project_prefs = BoincDb::escape_string(get_str("project_prefs", true));
// Do processing on project prefs so that we don't overwrite project-specific
// settings if AMS has no idea about them
if (stripos($project_prefs, "<project_specific>") === false) {
// AMS request does not contain project specific prefs, preserve original
$orig_project_specific = stristr($user->project_prefs, "<project_specific>");
$orig_project_specific = substr($orig_project_specific, 0, stripos($orig_project_specific, "</project_specific>") + 19) . "\n";
$project_prefs = str_ireplace("<project_preferences>", "<project_preferences>\n" . $orig_project_specific, $project_prefs);
}
$url = BoincDb::escape_string(get_str("url", true));
$send_email = BoincDb::escape_string(get_str("send_email", true));
$show_hosts = BoincDb::escape_string(get_str("show_hosts", true));
$teamid = get_int("teamid", true);
$venue = BoincDb::escape_string(get_str("venue", true));
$email_addr = strtolower(BoincDb::escape_string(get_str("email_addr", true)));
$password_hash = BoincDb::escape_string(get_str("password_hash", true));
$query = "";
if ($name) {
$query .= " name='{$name}', ";
}
if ($country) {
$query .= " country='{$country}', ";
}
if ($postal_code) {
$query .= " postal_code='{$postal_code}', ";
}
if ($global_prefs) {
$global_prefs = str_replace("\\r\\n", "\n", $global_prefs);
$x = bad_xml($global_prefs, "<global_preferences>", "</global_preferences>");
if ($x) {
error("Invalid global preferences: {$x}");
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
// Show results with pending credit for a user
require_once "../inc/util.inc";
require_once "../inc/boinc_db.inc";
require_once "../inc/xml.inc";
check_get_args(array("format", "authenticator"));
BoincDb::get(true);
$config = get_config();
if (!parse_bool($config, "show_results")) {
error_page("This feature is turned off temporarily");
}
$format = get_str("format", true);
if ($format == "xml") {
xml_header();
$auth = BoincDb::escape_string(get_str('authenticator'));
$user = BoincUser::lookup("authenticator='{$auth}'");
if (!$user) {
echo "<error>" . xml_error(-136) . "</error>\n";
exit;
}
$sum = 0;
echo "<pending_credit>\n";
$results = BoincResult::enum("userid={$user->id} AND (validate_state=0 OR validate_state=4) AND claimed_credit > 0");
foreach ($results as $result) {
echo "<result>\n";
echo " <resultid>" . $result->id . "</resultid>\n";
echo " <workunitid>" . $result->workunitid . "</workunitid>\n";
echo " <hostid>" . $result->hostid . "</hostid>\n";
echo " <claimed_credit>" . $result->claimed_credit . "</claimed_credit>\n";
echo " <received_time>" . $result->received_time . "</received_time>\n";
function search($params)
{
$list = array();
$tried = false;
if (strlen($params->keywords)) {
$kw = BoincDb::escape_string($params->keywords);
$name_lc = strtolower($kw);
$list2 = get_teams("name='{$name_lc}'", $params->active);
merge_lists($list2, $list, 20);
$name_lc = escape_pattern($name_lc);
$list2 = get_teams("name like '" . $name_lc . "%'", $params->active);
merge_lists($list2, $list, 5);
$list2 = get_teams("match(name) against ('{$kw}')", $params->active);
merge_lists($list2, $list, 5);
$list2 = get_teams("match(name, description) against ('{$kw}')", $params->active);
//echo "<br>keyword matches: ",sizeof($list2);
merge_lists($list2, $list, 3);
$tried = true;
}
if (strlen($params->country) && $params->country != 'None') {
$country = BoincDb::escape_string($params->country);
$list2 = get_teams("country = '{$country}'", $params->active);
//echo "<br>country matches: ",sizeof($list2);
merge_lists($list2, $list, 1);
$tried = true;
}
if ($params->type and $params->type > 1) {
$list2 = get_teams("type={$params->type}", $params->active);
//echo "<br>type matches: ",sizeof($list2);
merge_lists($list2, $list, 2);
$tried = true;
}
if (!$tried) {
$list = get_teams("id>0", $params->active);
}
return $list;
}
// You should have received a copy of the GNU Lesser General Public License
// along with BOINC. If not, see <http://www.gnu.org/licenses/>.
require_once "../inc/boinc_db.inc";
require_once "../inc/util.inc";
if (DISABLE_PROFILES) {
error_page("Profiles are disabled");
}
check_get_args(array("search_string", "offset"));
function show_profile_link2($profile, $n)
{
$user = BoincUser::lookup_id($profile->userid);
echo "<tr><td>" . user_links($user) . "</td><td>" . date_str($user->create_time) . "</td><td>{$user->country}</td><td>" . (int) $user->total_credit . "</td><td>" . (int) $user->expavg_credit . "</td></tr>\n";
}
$search_string = get_str('search_string');
$search_string = sanitize_tags($search_string);
$search_string = BoincDb::escape_string($search_string);
$offset = get_int('offset', true);
if (!$offset) {
$offset = 0;
}
$count = 10;
page_head(tra("Profiles containing '%1'", $search_string));
$profiles = BoincProfile::enum("match(response1, response2) against ('{$search_string}') limit {$offset},{$count}");
start_table();
echo "\n <tr><th>" . tra("User name") . "</th>\n <th>" . tra("Joined project") . "</th>\n <th>" . tra("Country") . "</th>\n <th>" . tra("Total credit") . "</th>\n <th>" . tra("Recent credit") . "</th></tr>\n";
$n = 0;
foreach ($profiles as $profile) {
show_profile_link2($profile, $n + $offset + 1);
$n += 1;
}
end_table();
function handle_main($user)
{
global $submit_urls;
$user_submit = BoincUserSubmit::lookup_userid($user->id);
if (!$user_submit) {
error_page("Ask the project admins for permission to submit jobs");
}
page_head("Job submission and control");
if (isset($submit_urls)) {
// show links to per-app job submission pages
//
echo "<h2>Submit jobs</h2>\n <ul>\n ";
foreach ($submit_urls as $appname => $submit_url) {
$appname = BoincDb::escape_string($appname);
$app = BoincApp::lookup("name='{$appname}'");
if (!$app) {
error_page("bad submit_url name: {$appname}");
}
$usa = BoincUserSubmitApp::lookup("user_id={$user->id} and app_id={$app->id}");
if ($usa || $user_submit->submit_all) {
echo "<li> <a href={$submit_url}> {$app->user_friendly_name} </a>";
}
}
echo "</ul>\n";
}
// show links to admin pages if relevant
//
$usas = BoincUserSubmitApp::enum("user_id={$user->id}");
$app_admin = false;
foreach ($usas as $usa) {
if ($usa->manage) {
$app_admin = true;
break;
}
}
if ($user_submit->manage_all || $app_admin) {
echo "<h2>Administrative functions</h2><ul>\n";
if ($user_submit->manage_all) {
echo "<li>All applications<br>\n <a href=submit.php?action=admin&app_id=0>Batches</a>\n ·\n <a href=manage_project.php>Users</a>\n ";
$apps = BoincApp::enum("deprecated=0");
foreach ($apps as $app) {
echo "<li>{$app->user_friendly_name}<br>\n <a href=submit.php?action=admin&app_id={$app->id}>Batches</a>\n ·\n <a href=manage_app.php?app_id={$app->id}&action=app_version_form>Versions</a>\n ";
}
} else {
foreach ($usas as $usa) {
$app = BoincApp::lookup_id($usa->app_id);
echo "<li>{$app->user_friendly_name}<br>\n <a href=submit.php?action=admin&app_id={$app->id}>Batches</a>\n ";
if ($usa->manage) {
echo "·\n <a href=manage_app.php?app_id={$app->id}&action=app_version_form>Versions</a>\n ";
}
}
}
echo "</ul>\n";
}
$batches = BoincBatch::enum("user_id = {$user->id} order by id desc");
show_batches($batches, PAGE_SIZE, $user, null);
page_tail();
}
show_team_xml($team);
$total++;
if ($total == 100) {
break;
}
}
//do not error out
}
}
echo "</teams>\n";
exit;
}
$team_name = get_str("team_name");
$name_lc = strtolower($team_name);
$name_lc = escape_pattern($name_lc);
$clause = "name like '%" . BoincDb::escape_string($name_lc) . "%' order by expavg_credit desc limit 100";
$teams = BoincTeam::enum($clause);
if ($format == 'xml') {
echo "<teams>\n";
$total = 0;
foreach ($teams as $team) {
show_team_xml($team);
$total++;
if ($total == 100) {
break;
}
}
echo "</teams>\n";
exit;
}
page_head(tra("Search Results"));
if ($delete_problem) {
return false;
}
$q = "DELETE FROM user WHERE id=" . $user->id;
$result = mysql_query($q);
$delete_problem .= "User " . $user->id . " deleted.";
unset($user);
}
$delete_problem = "";
/**
* Process user search form
*/
$matches = "";
if (isset($_POST['search_submit'])) {
$search_name = post_str('search_text');
$search_name = BoincDb::escape_string(strip_tags($search_name));
if (!empty($search_name)) {
$result = mysql_query("SELECT * FROM user WHERE name='{$search_name}'");
if (mysql_num_rows($result) == 1) {
$user = mysql_fetch_object($result);
mysql_free_result($result);
} else {
$q = "SELECT * FROM user WHERE name LIKE '%" . $search_name . "%'";
$result = mysql_query($q);
if (mysql_num_rows($result) == 1) {
$user = mysql_fetch_object($result);
mysql_free_result($result);
}
if (mysql_num_rows($result) > 1) {
while ($row = mysql_fetch_object($result)) {
if (!empty($matches)) {
