#current microtime
if ($wbo->validate()) {
#if there's no payload (as opposed to blank), then update the metadata
if ($wbo->payload_exists()) {
$db->store_object($wbo);
} else {
$db->update_object($wbo);
}
} else {
report_problem(WEAVE_ERROR_INVALID_WBO, 400);
}
echo json_encode($server_time);
} else {
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$json = get_json();
check_quota($db);
check_timestamp($collection, $db);
$success_ids = array();
$failed_ids = array();
$db->begin_transaction();
foreach ($json as $wbo_data) {
$wbo = new wbo();
if (!$wbo->extract_json($wbo_data)) {
$failed_ids[$wbo->id()] = $wbo->get_error();
continue;
}
$wbo->collection($collection);
$wbo->modified($server_time);
if ($wbo->validate()) {
#if there's no payload (as opposed to blank), then update the metadata
if ($wbo->payload_exists()) {
if ($nb) {
$erreur_affichage = "<hr />\n\t\t\t\t\t\t\t\t<div class='row'>\n\t\t\t\t\t\t\t\t\t<div class='colonne10'><img src='./images/error.png' /></div>\n\t\t\t\t\t\t\t\t\t<div class='colonne-suite'>{$titre_prete} : <span class='erreur'>" . $msg["circ_pret_piege_expl_todo"] . "</span><br />";
$alert_sound_list[] = "critique";
$erreur_affichage .= "<input type='button' class='bouton' value='{$msg[76]}' onClick=\"document.location='./circ.php?categ=pret&id_empr={$id_empr}'\" />";
$erreur_affichage .= " <input type='button' class='bouton' value='{$msg[389]}' onClick=\"document.location='./circ.php?categ=pret&id_empr={$id_empr}&cb_doc={$cb_doc}&expl_todo=1&confirm={$confirm}'\" />";
$erreur_affichage .= "</div></div><br />";
$empr = new emprunteur($id_empr, $erreur_affichage, FALSE, 1);
$affichage = $empr->fiche;
print pmb_bidi($affichage);
print alert_sound_script();
exit;
}
}
//Y-a-t-il un quota ?
if (!$quota) {
$qt = check_quota($id_empr, $id_expl);
//Si quota violé
if (is_array($qt)) {
$erreur_affichage = "<hr />\n\t\t\t\t\t\t\t\t<div class='row'>\n\t\t\t\t\t\t\t\t\t<div class='colonne10'><img src='./images/error.png' /></div>\n\t\t\t\t\t\t\t\t\t<div class='colonne-suite'>{$titre_prete} : <span class='erreur'>" . $qt["MESSAGE"] . "</span><br />";
$alert_sound_list[] = "critique";
$erreur_affichage .= "<input type='button' class='bouton' value='{$msg[76]}' onClick=\"document.location='./circ.php?categ=pret&id_empr={$id_empr}'\" />";
if ($qt["FORCE"] == 1) {
$quota = 1;
$erreur_affichage .= " <input type='button' class='bouton' value='{$msg[389]}' onClick=\"document.location='./circ.php?categ=pret&id_empr={$id_empr}&cb_doc={$cb_doc}"a={$quota}'\" />";
}
$erreur_affichage .= "</div></div><br />";
$empr = new emprunteur($id_empr, $erreur_affichage, FALSE, 1);
$affichage = $empr->fiche;
print pmb_bidi($affichage);
print alert_sound_script();
exit;
if (substr($subquery, 0, 6) == 'INSERT') {
$tempID = $connect->Insert_ID($thissurvey['tablename'], "id");
// Find out id immediately if inserted
$_SESSION['srid'] = $tempID;
$saved_id = $tempID;
}
if ($bFinalizeThisAnswer === true) {
$connect->Execute("DELETE FROM " . db_table_name("saved_control") . " where srid=" . $_SESSION['srid'] . ' and sid=' . $surveyid);
// Checked
}
} else {
echo submitfailed($connect->ErrorMsg());
}
}
if ($bQuotaMatched) {
check_quota('enforce', $surveyid);
}
} elseif (isset($move)) {
// This else block is only there to take care of date conversion if the survey is not active - otherwise this is done in creatInsertQuery
$fieldmap = createFieldMap($surveyid);
//Creates a list of the legitimate questions for this survey
$inserts = array_unique($_SESSION['insertarray']);
foreach ($inserts as $value) {
//Work out if the field actually exists in this survey
unset($fieldexists);
if (isset($fieldmap[$value])) {
$fieldexists = $fieldmap[$value];
}
//Iterate through possible responses
if (isset($_SESSION[$value]) && isset($fieldexists) && $_SESSION[$value] != '') {
if ($fieldexists['type'] == 'D' && isset($_POST[$value])) {
$pCreate_mailbox_username_text = $PALANG['pCreate_mailbox_username_text_error1'];
}
if (empty($fPassword) or empty($fPassword2) or $fPassword != $fPassword2) {
if (empty($fPassword) and empty($fPassword2) and $CONF['generate_password'] == "YES") {
$fPassword = generate_password();
} else {
$error = 1;
$tUsername = escape_string($_POST['fUsername']);
$tName = $fName;
$tQuota = $fQuota;
$tDomain = $fDomain;
$pCreate_mailbox_password_text = $PALANG['pCreate_mailbox_password_text_error'];
}
}
if ($CONF['quota'] == "YES") {
if (!check_quota($fQuota, $fDomain)) {
$error = 1;
$tUsername = escape_string($_POST['fUsername']);
$tName = $fName;
$tQuota = $fQuota;
$tDomain = $fDomain;
$pCreate_mailbox_quota_text = $PALANG['pCreate_mailbox_quota_text_error'];
}
}
$result = db_query("SELECT * FROM {$table_alias} WHERE address='{$fUsername}'");
if ($result['rows'] == 1) {
$error = 1;
$tUsername = escape_string($_POST['fUsername']);
$tName = $fName;
$tQuota = $fQuota;
$tDomain = $fDomain;
/**
* Write values to database.
* @param <type> $updatedValues
* @param <boolean> $finished - true if the survey needs to be finalized
*/
private function _UpdateValuesInDatabase($updatedValues, $finished = false, $setSubmitDate = false)
{
// Update these values in the database
global $connect;
// TODO - now that using $this->updatedValues, may be able to remove local copies of it (unless needed by other sub-systems)
$updatedValues = $this->updatedValues;
if (!$this->surveyOptions['deletenonvalues']) {
$nonNullValues = array();
foreach ($updatedValues as $key => $value) {
if (!is_null($value)) {
if (isset($value['value']) && !is_null($value['value'])) {
$nonNullValues[$key] = $value;
}
}
}
$updatedValues = $nonNullValues;
}
$message = '';
if ($this->surveyOptions['datestamp'] == true && $this->surveyOptions['anonymized'] == true) {
// On anonymous datestamped surveys, set the datestamp to 1-1-1980
$datestamp = date("Y-m-d H:i:s", mktime(0, 0, 0, 1, 1, 1980));
} else {
// Otherwise, use the real date/time, it will only be saved when the table holds a
// datestamp field
$datestamp = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
}
$_SESSION['datestamp'] = $datestamp;
if ($this->surveyOptions['active'] && !isset($_SESSION['srid'])) {
// Create initial insert row for this record
$sdata = array("datestamp" => $datestamp, "ipaddr" => $this->surveyOptions['ipaddr'] ? getIPAddress() : '', "startlanguage" => $this->surveyOptions['startlanguage'], "token" => $this->surveyOptions['token'], "refurl" => $this->surveyOptions['refurl'] ? getenv("HTTP_REFERER") : NULL, "startdate" => $datestamp);
//One of the strengths of ADOdb's AutoExecute() is that only valid field names for $table are updated
if ($connect->AutoExecute($this->surveyOptions['tablename'], $sdata, 'INSERT')) {
$srid = $connect->Insert_ID($this->surveyOptions['tablename'], "id");
$_SESSION['srid'] = $srid;
} else {
$message .= $this->gT("Unable to insert record into survey table: ") . $connect->ErrorMsg() . "<br/>";
$_SESSION['flashmessage'] = $message;
echo $message;
}
//Insert Row for Timings, if needed
if ($this->surveyOptions['savetimings']) {
$tdata = array('id' => $srid, 'interviewtime' => 0);
if ($connect->AutoExecute($this->surveyOptions['tablename_timings'], $tdata, 'INSERT')) {
$trid = $connect->Insert_ID($this->surveyOptions['tablename_timings'], "sid");
} else {
$message .= $this->gT("Unable to insert record into timings table ") . $connect->ErrorMsg() . "<br/>";
$_SESSION['flashmessage'] = $message;
echo $message;
}
}
}
if (count($updatedValues) > 0 || $finished) {
$query = 'UPDATE ' . $this->surveyOptions['tablename'] . " SET ";
$setter = array();
switch ($this->surveyMode) {
case 'question':
$thisstep = $this->currentQuestionSeq;
break;
case 'group':
$thisstep = $this->currentGroupSeq;
break;
case 'survey':
$thisstep = 1;
break;
}
$setter[] = db_quote_id('lastpage') . "=" . db_quoteall($thisstep);
if ($this->surveyOptions['datestamp'] && isset($_SESSION['datestamp'])) {
$setter[] = db_quote_id('datestamp') . "=" . db_quoteall($_SESSION['datestamp']);
}
if ($this->surveyOptions['ipaddr']) {
$setter[] = db_quote_id('ipaddr') . "=" . db_quoteall(getIPAddress());
}
foreach ($updatedValues as $key => $value) {
if (!empty($key)) {
$val = is_null($value) ? NULL : $value['value'];
$type = is_null($value) ? NULL : $value['type'];
// Clean up the values to cope with database storage requirements
switch ($type) {
case 'D':
//DATE
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in date fields
}
// otherwise will already be in yyyy-mm-dd format after ProcessCurrentResponses()
break;
case '|':
//File upload
// This block can be removed once we require 5.3 or later
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
$val = addslashes($val);
}
break;
case 'N':
//NUMERICAL QUESTION TYPE
//NUMERICAL QUESTION TYPE
case 'K':
//MULTIPLE NUMERICAL QUESTION
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in numerical inputs
}
break;
default:
break;
}
if (is_null($val)) {
$setter[] = db_quote_id($key) . "=NULL";
} else {
$setter[] = db_quote_id($key) . "=" . db_quoteall($val, true);
}
}
}
$query .= implode(', ', $setter);
$query .= " WHERE ID=";
if (isset($_SESSION['srid']) && $this->surveyOptions['active']) {
$query .= $_SESSION['srid'];
if (!db_execute_assoc($query)) {
echo submitfailed($connect->ErrorMsg());
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= 'Error in SQL update: ' . $connect->ErrorMsg() . '<br/>';
}
}
// Save Timings if needed
if ($this->surveyOptions['savetimings']) {
set_answer_time();
}
if ($finished) {
// Delete the save control record if successfully finalize the submission
$query = "DELETE FROM " . db_table_name("saved_control") . " where srid=" . $_SESSION['srid'] . ' and sid=' . $this->sid;
$connect->Execute($query);
// Checked
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= ';<br/>' . $query;
}
} elseif ($this->surveyOptions['allowsave'] && isset($_SESSION['scid'])) {
$connect->Execute("UPDATE " . db_table_name("saved_control") . " SET saved_thisstep=" . db_quoteall($thisstep) . " where scid=" . $_SESSION['scid']);
// Checked
}
// Check quotas whenever results are saved
$bQuotaMatched = false;
$aQuotas = check_quota('return', $this->sid);
if ($aQuotas !== false) {
if ($aQuotas != false) {
foreach ($aQuotas as $aQuota) {
if (isset($aQuota['status']) && $aQuota['status'] == 'matched') {
$bQuotaMatched = true;
}
}
}
}
if ($bQuotaMatched) {
check_quota('enforce', $this->sid);
// will create a page and quit.
} else {
if ($finished) {
$sQuery = 'UPDATE ' . $this->surveyOptions['tablename'] . " SET " . db_quote_id('submitdate') . "=" . db_quoteall($datestamp) . " WHERE ID=" . $_SESSION['srid'];
$connect->Execute($sQuery);
// Checked
}
}
}
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= $query;
}
}
return $message;
}
}
if ($can == false) {
if ($_output == 'html') {
httpStatusExit(403, 'Forbidden', '403-404.php');
} else {
httpStatusExit(403, 'Forbidden');
}
}
// intercept requests for WebID generator
if (isset($_POST['SPKAC'])) {
require_once '../inc/webidgen.php';
// exit required so it can successfully send the certificate
exit;
}
// check quota
if (check_quota($_root, $_SERVER["CONTENT_LENGTH"]) == false) {
httpStatusExit(507, 'Insufficient Storage');
}
// create dir structure if it doesn't exist
$d = dirname($_filename);
if (!file_exists($d)) {
mkdir($d, 0777, true);
}
// intercept requests for images
if (isset($_FILES["image"])) {
// Check if the user uploaded a new picture
if (isset($_FILES['image']) && $_FILES['image']['error'] == 0) {
// Allow only pictures with a size smaller than 5MB
if ($_FILES['image']['size'] <= IMAGE_SIZE) {
// Using getimagesize() to avoid fake mime types
$image_info = exif_imagetype($_FILES['image']['tmp_name']);
/**
* Write values to database.
* @param <type> $updatedValues
* @param <boolean> $finished - true if the survey needs to be finalized
*/
private function _UpdateValuesInDatabase($updatedValues, $finished = false)
{
// Update these values in the database
global $connect;
$message = '';
$_SESSION['datestamp'] = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
if ($this->surveyOptions['active'] && !isset($_SESSION['srid'])) {
// Create initial insert row for this record
$today = date_shift(date("Y-m-d H:i:s"), "Y-m-d H:i:s", $this->surveyOptions['timeadjust']);
$sdata = array("datestamp" => $today, "ipaddr" => $this->surveyOptions['ipaddr'] && isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '', "startlanguage" => $this->surveyOptions['startlanguage'], "token" => $this->surveyOptions['token'], "datestamp" => $this->surveyOptions['datestamp'] ? $_SESSION['datestamp'] : NULL, "refurl" => $this->surveyOptions['refurl'] ? getenv("HTTP_REFERER") : NULL, "startdate" => $this->surveyOptions['datestamp'] ? $_SESSION['datestamp'] : date("Y-m-d H:i:s", 0));
//One of the strengths of ADOdb's AutoExecute() is that only valid field names for $table are updated
if ($connect->AutoExecute($this->surveyOptions['tablename'], $sdata, 'INSERT')) {
$srid = $connect->Insert_ID($this->surveyOptions['tablename'], "id");
$_SESSION['srid'] = $srid;
} else {
$message .= $this->gT("Unable to insert record into survey table: ") . $connect->ErrorMsg() . "<br/>";
$_SESSION['flashmessage'] = $message;
echo $message;
}
//Insert Row for Timings, if needed
if ($this->surveyOptions['savetimings']) {
$tdata = array('id' => $srid, 'interviewtime' => 0);
if ($connect->AutoExecute($this->surveyOptions['tablename_timings'], $tdata, 'INSERT')) {
$trid = $connect->Insert_ID($this->surveyOptions['tablename_timings'], "sid");
} else {
$message .= $this->gT("Unable to insert record into timings table ") . $connect->ErrorMsg() . "<br/>";
$_SESSION['flashmessage'] = $message;
echo $message;
}
}
}
if (count($updatedValues) > 0 || $finished) {
$query = 'UPDATE ' . $this->surveyOptions['tablename'] . " SET ";
$setter = array();
switch ($this->surveyMode) {
case 'question':
$thisstep = $this->currentQuestionSeq;
break;
case 'group':
$thisstep = $this->currentGroupSeq;
break;
case 'survey':
$thisstep = 1;
break;
}
$setter[] = db_quote_id('lastpage') . "=" . db_quoteall($thisstep);
if ($this->surveyOptions['datestamp'] && isset($_SESSION['datestamp'])) {
$setter[] = db_quote_id('datestamp') . "=" . db_quoteall($_SESSION['datestamp']);
}
if ($this->surveyOptions['ipaddr'] && isset($_SERVER['REMOTE_ADDR'])) {
$setter[] = db_quote_id('ipaddr') . "=" . db_quoteall($_SERVER['REMOTE_ADDR']);
}
if ($finished) {
$setter[] = db_quote_id('submitdate') . "=" . db_quoteall($_SESSION['datestamp']);
}
foreach ($updatedValues as $key => $value) {
$val = is_null($value) ? NULL : $value['value'];
$type = is_null($value) ? NULL : $value['type'];
// Clean up the values to cope with database storage requirements
switch ($type) {
case 'D':
//DATE
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in date fields
}
// otherwise will already be in yyyy-mm-dd format after ProcessCurrentResponses()
break;
case 'N':
//NUMERICAL QUESTION TYPE
//NUMERICAL QUESTION TYPE
case 'K':
//MULTIPLE NUMERICAL QUESTION
if (trim($val) == '') {
$val = NULL;
// since some databases can't store blanks in numerical inputs
}
break;
default:
break;
}
if (is_null($val)) {
$setter[] = db_quote_id($key) . "=NULL";
} else {
$setter[] = db_quote_id($key) . "=" . db_quoteall($val);
}
}
$query .= implode(', ', $setter);
$query .= " WHERE ID=";
if (isset($_SESSION['srid']) && $this->surveyOptions['active']) {
$query .= $_SESSION['srid'];
if (!db_execute_assoc($query)) {
echo submitfailed($connect->ErrorMsg());
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= 'Error in SQL update: ' . $connect->ErrorMsg() . '<br/>';
}
}
// Save Timings if needed
if ($this->surveyOptions['savetimings']) {
set_answer_time();
}
if ($finished) {
// Delete the save control record if successfully finalize the submission
$query = "DELETE FROM " . db_table_name("saved_control") . " where srid=" . $_SESSION['srid'] . ' and sid=' . $this->sid;
$connect->Execute($query);
// Checked
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= ';<br/>' . $query;
}
// Check Quotas
$bQuotaMatched = false;
$aQuotas = check_quota('return', $this->sid);
if ($aQuotas !== false) {
if ($aQuotas != false) {
foreach ($aQuotas as $aQuota) {
if (isset($aQuota['status']) && $aQuota['status'] == 'matched') {
$bQuotaMatched = true;
}
}
}
}
if ($bQuotaMatched) {
check_quota('enforce', $this->sid);
// will create a page and quit.
}
} else {
if ($this->surveyOptions['allowsave'] && isset($_SESSION['scid'])) {
$connect->Execute("UPDATE " . db_table_name("saved_control") . " SET saved_thisstep=" . db_quoteall($thisstep) . " where scid=" . $_SESSION['scid']);
// Checked
}
}
}
if (($this->debugLevel & LEM_DEBUG_VALIDATION_SUMMARY) == LEM_DEBUG_VALIDATION_SUMMARY) {
$message .= $query;
}
}
return $message;
}
<?php
/* MKCOL.php
* service HTTP MKCOL controller
*/
require_once 'runtime.php';
// permissions
if (empty($_user)) {
httpStatusExit(401, 'Unauthorized');
}
if ($_wac->can('Write') == false) {
httpStatusExit(403, 'Forbidden');
}
// check quota (avoids making lots of dirs if out of space)
if (check_quota($_root, 10) == false) {
httpStatusExit(507, 'Insufficient Storage');
}
// action
@mkdir($_filename, 0777, true);
header("Link: <" . $_metabase . $_metaname . ">; rel=meta", false);
httpStatusExit(201, 'Created');