Exemplo n.º 1
0
function requestRecommendation($user_id, $author, $email, $message)
{
    if (!checkLock("peer")) {
        return 6;
    }
    $config = $GLOBALS['config'];
    $user_id = escape($user_id);
    $author = escape($author);
    $email = escape($email);
    if (!validEmail($email)) {
        return 1;
    }
    if (strlen($author) <= 3) {
        return 2;
    }
    //make sure there aren't too many recommendations already
    $result = mysql_query("SELECT COUNT(*) FROM recommendations WHERE user_id = '{$user_id}'");
    $row = mysql_fetch_row($result);
    if ($row[0] >= $config['max_recommend']) {
        return 4;
        //too many recommendations
    }
    //ensure this email hasn't been asked with this user already
    $result = mysql_query("SELECT COUNT(*) FROM recommendations WHERE user_id = '{$user_id}' AND email = '{$email}'");
    $row = mysql_fetch_row($result);
    if ($row[0] > 0) {
        return 5;
        //email address already asked
    }
    lockAction("peer");
    //first create an instance
    $instance_id = customCreate(customGetCategory('recommend', true), $user_id);
    //insert into recommendations table
    $auth = escape(uid(64));
    mysql_query("INSERT INTO recommendations (user_id, instance_id, author, email, auth, status, filename) VALUES ('{$user_id}', '{$instance_id}', '{$author}', '{$email}', '{$auth}', '0', '')");
    $recommend_id = mysql_insert_id();
    $userinfo = getUserInformation($user_id);
    //array (username, email address, name)
    //send email now
    $content = page_db("request_recommendation");
    $content = str_replace('$USERNAME$', $userinfo[0], $content);
    $content = str_replace('$USEREMAIL$', $userinfo[1], $content);
    $content = str_replace('$NAME$', $userinfo[2], $content);
    $content = str_replace('$AUTHOR$', $author, $content);
    $content = str_replace('$EMAIL$', $email, $content);
    $content = str_replace('$MESSAGE$', page_convert($message), $content);
    $content = str_replace('$AUTH$', $auth, $content);
    $content = str_replace('$SUBMIT_ADDRESS$', $config['site_address'] . "/recommend.php?id={$recommend_id}&user_id={$user_id}&auth={$auth}", $content);
    $result = one_mail("Recommendation request", $content, $email);
    if ($result) {
        return 0;
    } else {
        return 3;
    }
}
Exemplo n.º 2
0
<?php

include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
if (isset($_SESSION['admin'])) {
    $club_id = $_SESSION['admin_club_id'];
    $user_id = $_SESSION['user_id'];
    $userInfo = getUserInformation($_SESSION['user_id']);
    //array of (username, email, name)
    if ($club_id > 0) {
        if (isset($_REQUEST['old_password'])) {
            $pass = $_REQUEST['old_password'];
            if (verifyLogin($user_id, $_REQUEST['old_password']) === true) {
                if (isset($_REQUEST['description']) && isset($_REQUEST['view_time']) && isset($_REQUEST['open_time']) && isset($_REQUEST['close_time'])) {
                    $description = escape($_REQUEST['description']);
                    $view_time = strtotime($_REQUEST['view_time']);
                    $open_time = strtotime($_REQUEST['open_time']);
                    $close_time = strtotime($_REQUEST['close_time']);
                    $num_recommend = escape($_REQUEST['num_recommend']);
                    mysql_query("UPDATE clubs SET description='{$description}', view_time='{$view_time}', open_time='{$open_time}', close_time='{$close_time}', num_recommend='{$num_recommend}' WHERE id='{$club_id}'");
                    $success = "Club information updated successfully.";
                }
                if (isset($_REQUEST['new_password']) && isset($_REQUEST['new_password_conf']) && isset($_REQUEST['email'])) {
                    $update_res = updateAccount($user_id, $pass, $_REQUEST['new_password'], $_REQUEST['new_password_conf'], $_REQUEST['email']);
                    if ($update_res == 0) {
                        $success = "Club and account info updated successfully!";
                    } else {
                        if (abs($update_res) == 1) {
                            $error = "Invalid New Password!";
Exemplo n.º 3
0
function createApplicationPDF($user_id, $application_id, $targetDirectory)
{
    $user_id = escape($user_id);
    $application_id = escape($application_id);
    //first verify that application belongs to user and has not been submitted yet
    $checkArray = checkApplication($user_id, $application_id, true);
    if ($checkArray[0] == -2 || $checkArray[0] == -1) {
        return array(FALSE, "verification failure");
    }
    $club_id = $checkArray[1];
    //get application fields
    if ($club_id == 0) {
        $result = mysql_query("SELECT baseapp.varname, baseapp.vardesc, baseapp.vartype, profiles.val, 0 AS sort_col, baseapp.orderId AS sort2_col FROM profiles, baseapp WHERE profiles.user_id = '{$user_id}' AND profiles.var_id = baseapp.id UNION ALL SELECT baseapp.varname, baseapp.vardesc, baseapp.vartype, answers.val, basecat.orderId AS sort_col, baseapp.orderId AS sort2_col FROM answers, baseapp, basecat WHERE answers.application_id = '{$application_id}' AND baseapp.id = answers.var_id AND basecat.id = baseapp.category ORDER BY sort_col, sort2_col");
        $sectionheader = "General Application";
    } else {
        $result = mysql_query("SELECT supplements.varname, supplements.vardesc, supplements.vartype, answers.val FROM answers, supplements WHERE answers.application_id = '{$application_id}' AND supplements.id = answers.var_id ORDER BY supplements.orderId");
        $clubInfo = clubInfo($club_id);
        //array (club name, club description, open_time, close_time, num_recommendations)
        $sectionheader = "Supplement: " . $clubInfo[0];
    }
    $userInfo = getUserInformation($user_id);
    //array(username, email, name)
    return generatePDFByResult($result, $targetDirectory, latexSpecialChars($sectionheader), "User ID: " . latexSpecialChars($user_id) . "\\\\" . latexSpecialChars($userInfo[2]));
}
Exemplo n.º 4
0
<?php

include "../config.php";
include "../include/common.php";
include "../include/db_connect.php";
include "../include/session.php";
if (isset($_SESSION['admin']) && isset($_REQUEST['id'])) {
    //todo: admins currently can get information of users that didn't apply to their club
    $user_id = escape($_REQUEST['id']);
    $userinfo = getUserInformation($user_id);
    //userinfo is array(username, email)
    $profile = getProfile($user_id);
    get_page_advanced("user_detail", "admin", array('username' => $userinfo[0], 'email' => $userinfo[1], 'name' => $userinfo[2], 'profile' => $profile));
} else {
    header('Location: index.php');
}
Exemplo n.º 5
0
	
	<? if(count($messages[$box_id]) != 0 ) {
		foreach($messages[$box_id] as $message) { //message is array(message id, sender id, sender username, receiver id, receiver username, subject, time int) ?>
		<tr class="message_info" >
				<td><input type="checkbox" name="index[]" value="<?php 
echo $message[0];
?>
" /></td>
			<? if($box_name != "sent") { 
				$user_data = getUserInformation($message[1]);
				$name = $user_data[2];
				if(strlen($name) > 20) {
					$name = substr($name, 0, 18) . "...";
				}
			} else { 
				$user_data = getUserInformation($message[1]);
				$name = $user_data[2];
				if(strlen($name) > 20) {
					$name = substr($name, 0, 18) . "...";
				}
			} 
				$mess_title = $message[5];
				if(strlen($mess_title) > 50) {
					$mess_title = substr($mess_title, 0, 55) . "...";
				}
			?>
				<td onclick="showmessage(<?php 
echo $message[0];
?>
)" style="cursor:pointer"><?php 
echo $name;