function listAllCalendars(Google_Client &$client)
{
if (!isAuthenticated($client)) {
return;
}
$calList = createCalendar($client)->calendarList->listCalendarList();
print "<h1>Calendar List</h1><pre>" . print_r($calList, true) . "</pre>";
}
public static function calculate()
{
$count = count($_SESSION['BREADCRUMBMANAGER']);
if ($count > 0) {
$index = -1;
for ($i = 0; $i < $count; $i++) {
if ($_SESSION['BREADCRUMBMANAGER'][$i]->label == $_SESSION['title']) {
$index = $i + 1;
break;
}
}
if ($index >= 0) {
/* Link to page already within the breadcrumb trail.
*/
for ($i = $count - 1; $i >= $index; $i--) {
self::remove($i);
}
} else {
/* Check to see if the parent page is the same.
*/
if (isset($_SESSION['parentpagename'])) {
for ($i = 0; $i < $count; $i++) {
if ($_SESSION['BREADCRUMBMANAGER'][$i]->page == $_SESSION['parentpagename']) {
$index = $i + 1;
break;
}
}
}
if ($index >= 0) {
for ($i = $count - 1; $i >= $index; $i--) {
self::remove($i);
}
}
self::add($_SESSION['pagename'], $_SESSION['title']);
}
} else {
self::add($_SESSION['pagename'], $_SESSION['title']);
}
if (isAuthenticated()) {
if (isset($_SESSION['lastconnectiontime'])) {
$lastsessiontime = time() - $_SESSION['lastconnectiontime'];
/* 5 minutes. */
if ($lastsessiontime >= 300) {
//Unset the variables stored in session
unset($_SESSION['SESS_MEMBER_ID']);
unset($_SESSION['SESS_FIRST_NAME']);
unset($_SESSION['SESS_LAST_NAME']);
unset($_SESSION['ROLES']);
header("location: system-login-timeout.php");
}
}
}
$_SESSION['lastconnectiontime'] = time();
}
/**
* Authentication for admin users
*/
function authenticate()
{
if (!isAuthenticated()) {
header('WWW-Authenticate: Basic realm="My Realm"');
header('HTTP/1.0 401 Unauthorized');
echo 'Authentication Error';
echo '<pre>';
print_r($GLOBALS);
echo '</pre>';
exit;
}
}
public static function calculate()
{
unset($_SESSION['BREADCRUMBMANAGER']);
self::initialise();
self::add($_SESSION['pagename'], $_SESSION['title']);
self::fetchParent($_SESSION['pageid']);
if (isAuthenticated()) {
if (isset($_SESSION['lastconnectiontime'])) {
$lastsessiontime = time() - $_SESSION['lastconnectiontime'];
/* 5 minutes. */
if ($lastsessiontime >= 300) {
//Unset the variables stored in session
unset($_SESSION['SESS_MEMBER_ID']);
unset($_SESSION['SESS_FIRST_NAME']);
unset($_SESSION['SESS_LAST_NAME']);
unset($_SESSION['ROLES']);
header("location: system-login-timeout.php");
}
}
}
$_SESSION['lastconnectiontime'] = time();
}
function section_contact()
{
$obj = mysql_fetch_object(mysql_query("select text from bzl_siteconfig where name='contact'"));
echo nl2br($obj->text);
echo '<p><TABLE cellspacing=0 align=center><TR><TD colspan=3>
<HR>Matches can be reported to any of the following:<BR><BR></td></tr>';
$roles = getRolesWithPermission('show');
$res = sqlQuery("SELECT p.id, p.callsign, r.name as level from l_player p, bzl_roles r \n WHERE r.id = p.role_id AND r.id IN (" . join(',', $roles) . ") ORDER BY level");
while ($row = mysql_fetch_object($res)) {
if (++$line % 2) {
$cl = "rowEven";
} else {
$cl = "rowOdd";
}
echo "<tr class=\"{$cl}\"><td width=40% align=right>" . htmlLink($row->callsign, 'playerinfo', "id={$row->id}") . '</td><td width=10></td><td align=left>';
if (isAuthenticated()) {
echo htmlURLbutton('BZmail', 'sendmessage', "pid={$row->id}");
}
echo '</td></tr>';
}
echo '</table>';
}
function warnPrivatePage($from = "")
{
global $service_host;
if (isAuthenticated()) {
header("location:{$service_host}?function=join&obj1=warn");
} elseif (!empty($from)) {
header("location:{$service_host}?function=signin&obj1=warn&obj2={$from}");
} else {
header("location:{$service_host}?function=signin&obj1=warn");
}
exit;
}
<?php
require_once 'system-db.php';
if (!isset($_SESSION)) {
session_start();
}
if (!isAuthenticated() && !endsWith($_SERVER['PHP_SELF'], "system-login.php")) {
header("location: m.system-login.php?session=" . urlencode(base64_encode($_SERVER['PHP_SELF'] . "?" . $_SERVER['QUERY_STRING'])));
exit;
}
if (!isset($_SESSION['SESS_EVENT_ID']) && (!endsWith($_SERVER['PHP_SELF'], "system-client.php") && !endsWith($_SERVER['PHP_SELF'], "system-login.php"))) {
header("location: system-client.php");
exit;
}
//Include database connection details
require_once 'system-config.php';
require_once "confirmdialog.php";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<title>Schokolat</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta http-equiv="X-UA-Compatible" content="IE=8" />
<meta name="viewport" content="initial-scale=1.0, user-scalable=no" />
<link rel="shortcut icon" href="favicon.ico">
<link href="css/m.style.css?a=3" rel="stylesheet" type="text/css" />
<!--
<link href="css/jquery-ui-1.10.3.custom.css" rel="stylesheet" type="text/css" />
function section_teaminfo()
{
require_once 'lib/common.php';
$s_teamid = $_SESSION['teamid'];
$s_logedin = isAuthenticated();
$s_level = $_SESSION['level'];
$s_playerid = $_SESSION['playerid'];
$id = addslashes($_GET['id']);
$res = mysql_query("SELECT name, comment, leader, logo, status, score, \n unix_timestamp(status_changed) as status_changed, unix_timestamp(created) as ucreated\n FROM l_team WHERE id='{$id}'");
$team = mysql_fetch_object($res);
if (!$team) {
echo '<BR><CENTER>Specified team does not exist<BR>';
return;
}
echo '<TABLE align=center><TR><TD>' . htmlURLbutton('Opponent summary', 'oppsumm', "id={$id}") . '</td>';
// Join this team if opened, and if we are logged and not belonging to any team
if ($s_logedin && !$s_teamid && $members < 20 && $team->status == "opened") {
echo '<TD>' . htmlURLbutton('Join Team', 'jointhisteam', "id={$id}") . '</td>';
}
// Send a message to all the team members
if ($s_logedin && $team->status != 'deleted') {
echo '<TD>' . htmlURLbutton('Send BZmessage', 'sendmessage', "tid={$id}") . '</td>';
}
echo '</tr></table>';
if ($team->status == 'deleted') {
echo '<div class=feedback>';
if ($team->status_changed) {
echo "<br><center>This team was deleted on " . gmdate('Y-m-d', $team->status_changed) . "</center>";
} else {
echo "<br><center>This team is deleted.</center>";
}
echo '</div>';
}
echo '<BR><table align=center border=0 cellspacing=0 cellpadding=1>
<tr><td class=teamName align=center>' . $team->name . '<BR></td></tr>';
// Logo if any
if ($team->logo != "") {
echo '<tr><td align=center>
<table><TR><TD bgcolor=white><img src="' . $team->logo . '"></td></tr></table>
<hr></td></tr>';
}
// Ratings
$act45 = teamActivity($id, 45);
$act90 = teamActivity($id, 90);
echo '<tr><td> <TABLE align=center>
<TR><TD width=50% align=right>Created:</td><td width=10></td><td width=50%>' . gmdate('Y-m-d', $team->ucreated) . '</td></tr>
<TR><TD align=right>Rating:</td><td></td><td>' . displayRating($id) . '</td></tr>
<TR><TD align=right>Activity:</td><TD></td><td>' . sprintf('%1.2f / %1.2f', $act45, $act90) . '</td></tr>
<TR><TD colspan=3 align=center> Average number of games played per day<BR>
<NOBR>(exponential moving average over last 45 / 90 days)</nobr></td></tr>';
echo '</td></td></table></td></tr>';
// Matches statistics
$sta1 = mysql_fetch_object(mysql_query("select ifnull(sum(if(score1>score2,1,0)),0) win,\n ifnull(sum(if(score1=score2,1,0)),0) draw,\n ifnull(sum(if(score1<score2,1,0)),0) loss\n from " . TBL_MATCH . " where team1={$id}"));
$sta2 = mysql_fetch_object(mysql_query("select ifnull(sum(if(score2>score1,1,0)),0) win,\n ifnull(sum(if(score2=score1,1,0)),0) draw,\n ifnull(sum(if(score2<score1,1,0)),0) loss\n from " . TBL_MATCH . " where team2={$id}"));
$win = $sta1->win + $sta2->win;
$draw = $sta1->draw + $sta2->draw;
$loss = $sta1->loss + $sta2->loss;
echo "<tr><td align=center><hr>\n <table border=0 cellspacing=0 cellpadding=0 align=center><tr>\n <td align=center>Wins</td><td align=center> Draws </td><td align=center>Losses</td></tr><tr>\n <td align=center>{$win}</td><td align=center>{$draw}</td><td align=center>{$loss}</td>\n </tr></table>\n <hr></td></tr>";
// Comment if any
if ($team->comment != "") {
echo '<tr><td><ul>' . nl2br($team->comment) . '</ul><hr></td></tr>';
}
// Players list
$i = 0;
if (SHOW_PLAYER_ACTIVE > 0) {
$activeDays = SHOW_PLAYER_ACTIVE;
} else {
$activeDays = 0;
}
$res = mysql_query("select id, callsign, comment, status, C.flagname, \n last_login > subdate(now(), INTERVAL {$activeDays} DAY) as active\n from l_player\n left join bzl_countries C on country = C.numcode\n where team=" . $id . "\n order by active desc,callsign");
$members = 0;
echo '<TR><TD><table border=0 cellspacing=0 cellpadding=0 align=center>';
while ($obj = mysql_fetch_object($res)) {
$members++;
if (++$i & 1) {
$cl = "rowEven";
} else {
$cl = "rowOdd";
}
echo "<tr class='{$cl}' valign=middle>";
echo "<TD align=right><a href='index.php?link=playerinfo&id={$obj->id}'>{$obj->callsign}</a></td><TD>";
if ($obj->id == $team->leader) {
echo ' <img TITLE="Team Leader" src="' . THEME_DIR . 'leader.gif">';
}
echo '</td><TD>';
if ($obj->active) {
echo ' <img TITLE="Active player (has logged into this site recently)" src="' . THEME_DIR . 'active.gif">';
}
echo '</td><TD width=10></td>';
echo '<TD>' . smallflag($obj->flagname) . '</td>';
if ($s_logedin && (isFuncAllowed('teamadmin::edit_any_team') || $s_playerid == $team->leader)) {
if ($obj->id != $team->leader) {
// Link to ban a player from a team
echo '<td align=center>' . htmlURLbutSmall('BAN', 'banplayer', "playerid={$obj->id}&teamid={$id}&f_ok_x=2", ADMBUT) . '</form></td></tr>';
} else {
echo '<td> </td></tr>';
}
} else {
echo '<td> </td></tr>';
}
echo "\n";
}
echo '</td></tr></table>';
// Show last fights
$sql = "SELECT t1.id, t1.name, f.score1, t2.id, t2.name, f.score2, f.tsactual, unix_timestamp(f.tsactual) tstamp_ts \n" . "FROM " . TBL_MATCH . " f, l_team t1, l_team t2 " . "WHERE (f.team1 = '{$id}' OR f.team2 = '{$id}') " . " AND f.team1 = t1.id " . " AND f.team2 = t2.id " . "ORDER BY f.tsactual DESC " . "LIMIT 11 ";
$res = sqlQuery($sql);
$tmp = '';
$count = 0;
while ($row = mysql_fetch_array($res)) {
$count++;
if ($count < 11) {
if (isset($_SESSION['last_login']) && $_SESSION['last_login'] < $row[7]) {
$new1 = "<font color=\"red\">";
$new2 = "</font>";
} else {
$new1 = '';
$new2 = '';
}
if ($count % 2) {
$cl = "rowEven";
} else {
$cl = "rowOdd";
}
$tmp .= "<tr class=\"{$cl}\">";
$tmp .= '<td align="right">' . $new1 . $row[6] . $new2 . '</td>';
if ($row[0] != $id) {
$oppid = $row[0];
$oppname = stripslashes($row[1]);
$oppscore = $row[2];
$teamscore = $row[5];
} else {
$oppid = $row[3];
$oppname = stripslashes($row[4]);
$oppscore = $row[5];
$teamscore = $row[2];
}
$tmp .= "<td>{$new1}";
$oppname = '<a href="index.php?link=teaminfo&id=' . $oppid . '&' . SID . '">' . $new1 . $oppname . $new2 . '</a>';
if ($oppscore < $teamscore) {
$tmp .= "<b>Won</b> against {$oppname}";
} elseif ($oppscore > $teamscore) {
$tmp .= "<b>Lost</b> against {$oppname}";
} else {
$tmp .= "<b>Tie</b> against {$oppname}";
}
$tmp .= " ({$row[2]} - {$row[5]})";
$tmp .= "{$new2}</td>";
$tmp .= "</tr>\n";
}
}
echo '<tr>';
echo '<td align=center> <br><b>';
if ($count == 1) {
echo 'Last match';
} else {
if ($count == 11) {
echo 'Last 10 matches, view them all <a href="index.php?link=fights&id=' . $id . '&' . SID . '">here</a>';
} elseif ($count == 0) {
echo "No matches played";
} else {
echo "Last {$count} matches";
}
}
echo '</b><BR><BR></td></tr><TR><TD>';
echo "<table align=center border=0>{$tmp}</table>";
// Or... edit your team if you are a leader or ad admin, or with a password if you are a member
// Team members can't change the password, though...
// Unless ofcause the team is deleted
if ($team->status == 'deleted') {
if ($team->status_changed) {
echo "<br><center>This team is deleted as of " . gmdate('Y-m-d', $team->status_changed) . "</center>";
} else {
echo "<br><center>This team is deleted.</center>";
}
} else {
if ($s_logedin && (isFuncAllowed('teamadmin::edit_any_team') || $s_teamid == $id)) {
if (!isFuncAllowed('teamadmin::edit_any_team') && $s_playerid != $team->leader) {
// Team member, need password
echo '<form method=post>
<input type=hidden name=link value=teamadmin>
<input type=hidden name=id value=' . $id . '>
<br><center>Enter team password <input type=password size=8 maxlength=8 name=f_password> and
' . htmlFormButton('Edit Team', 'f_edit_x') . '
</center></form>';
} else {
$invites = sqlQuery("SELECT *, l_player.callsign FROM bzl_invites, l_player\n WHERE teamid={$id} AND expires > NOW() AND bzl_invites.playerid = l_player.id");
if (mysql_num_rows($invites) > 0) {
echo '<BR><HR>Invitations currently active:<BR><TABLE>';
while ($row = mysql_fetch_object($invites)) {
echo '<TR><TD width=25></td><TD>' . playerLink($row->playerid, $row->callsign) . "</td><TD width=10></td><TD>(expires: {$row->expires})</td></tr>";
}
echo '</table><HR>';
}
// Team leader or admin, let's go
echo '<center><BR>
' . htmlURLbutton('Edit Team', 'teamadmin', "id={$id}", ADMBUT) . '
<BR>
' . htmlURLbutton('Dismiss Team', 'dismissteam', "id={$id}", ADMBUT);
}
}
}
}
function section_teams()
{
require_once "lib/common.php";
$s_logedin = isAuthenticated();
$s_teamid = $_SESSION['teamid'];
$tacts = teamActivity(null, 45);
echo '<BR>';
$res = sqlQuery("\n SELECT l_team.id, l_team.name, l_team.logo, l_team.score, \n player2.callsign leader, player2.id leaderid, \n l_team.status, count(distinct l_player.callsign) numplayers,\n l_team.active = 'yes' activeteam, l_team.matches, l_team.matches > 0 sorter\n FROM l_team, l_player player2, l_player\n WHERE player2.id = l_team.leader \n AND l_team.status != 'deleted' \n AND l_player.team = l_team.id\n GROUP BY l_team.name, l_team.leader, l_team.status, l_team.score\n ORDER BY sorter desc, activeteam desc, l_team.score desc, l_team.name");
echo "<table align=center border=0 cellspacing=0 cellpadding=2>\n <tr class=tabhead align=center>\n <td>Name</td><td>Leader</td><td colspan=2>Members</td>\n <td colspan=2>Rating</td><td>Join</td><TD>Activity</td></tr>";
$separated = 0;
$rownum = 0;
while ($obj = mysql_fetch_object($res)) {
++$rownum;
if ($obj->activeteam == 0 && $separated == 0) {
$separated = 1;
echo '<tr><td align=center colspan=10><hr><b>Inactive Teams</b></td></tr>';
$rownum = 1;
}
if ($obj->sorter == 0 && $separated == 1) {
$separated = 2;
echo '<tr><td align=center colspan=10><hr><b>Did not play any match</b></td></tr>';
$rownum = 1;
}
if ($obj->logo != '') {
$logo = '<img src="' . THEME_DIR . 'islogo.gif">';
} else {
$logo = ' ';
}
if ($s_teamid == $obj->id) {
$c = 'myteam';
} elseif ($obj->status == 'deleted') {
$c = 'deletedteam';
} else {
if ($rownum % 2) {
$c = 'rowOdd';
} else {
$c = 'rowEven';
}
}
echo "<TR class='{$c}' valign=middle>";
$teamname = substr($obj->name, 0, 35);
$act = $tacts[$obj->id];
echo '<td><a href="index.php?link=teaminfo&id=' . $obj->id . '">' . $teamname . '</a></td>
<td><a href="index.php?link=playerinfo&id=' . $obj->leaderid . '&' . SID . '">' . $obj->leader . '</a></td>
<td align=center>' . $obj->numplayers . '</td><td>' . $logo . '</td>
<td align=left>' . displayRating($obj->id) . '</td>';
if ($separated) {
echo '<td> </td>';
} else {
echo '<td align=center>(' . $obj->matches . ')</td>';
}
// Print join or joinnot, not forgetting we may already belong to a team
echo '<TD align=left>';
if ($s_logedin) {
if (!$s_teamid) {
switch ($obj->status) {
case 'opened':
if ($obj->numplayers < 20) {
echo htmlURLbutSmall('JOIN', 'jointeam', "id={$obj->id}") . '</td>';
} else {
echo ' [Closed]</td>';
}
break;
case 'closed':
echo ' [Closed]</td>';
break;
default:
echo 'Deleted.</td>';
break;
}
} else {
if ($s_teamid == $obj->id) {
// if( $_SESSION['playerid'] != 2074 ) // Dont allow Admir to leave (SC request)
echo htmlURLbutSmall('Abandon', 'leaveteam', "id={$obj->id}&leader={$obj->leaderid}") . '</td>';
} elseif ($obj->status == 'closed') {
echo ' [Closed]</td>';
} elseif ($obj->status == 'deleted') {
echo 'deleted.</td>';
} else {
echo '</td>';
}
}
} elseif ($obj->status == 'closed') {
echo ' [Closed]</td>';
} else {
echo '</td>';
}
$act = sprintf('%1.2f', $tacts[$obj->id]);
echo "<TD align=center>{$act}</td>";
echo "</tr>";
}
echo "</table>";
// Create a new team, if logged in and not a team member
if ($s_logedin && !$s_teamid) {
echo '<br><center>
' . htmlURLbutton('Create New Team', 'createteam', null) . '</center>';
}
}
function tokenIsCorrect($token)
{
$username = explode(':', $token)[0];
return isAuthenticated($token, $username);
}
// anders form laten zien
?>
<!DOCTYPE html>
<html lang="en">
<head>
<title>Week 07 ajax demo</title>
<link rel="stylesheet" type="text/css"
href="css/style.css"/>
</head>
<body>
<?php
include 'header.php';
?>
<main>
<?php
if ($loginTry && !isAuthenticated()) {
echo '<span class="error">Login niet succesvol. Probeer opnieuw</span>';
}
?>
<form method="post" action="login.php" style="width: 450px; margin-left: auto; margin-right: auto">
<table >
<tr>
<td valign="top">
<label for="userid">Gebruikersnaam</label>
</td>
<td valign="top">
<input type="text" name="userid" maxlength="50" size="30">
</td>
</tr>
<tr>
<td valign="top">
<?php
include '../includes/config.inc.php';
include '../fcts/hiking.fct.php';
include '../fcts/event.fct.php';
include '../fcts/mail.fct.php';
$result['data'] = 'unknown';
$postdata = file_get_contents("php://input");
$request = json_decode($postdata);
if (isset($request->organiserName) && isset($request->organiserPhone) && isset($request->name) && isset($request->duration) && isset($request->elevation) && isset($request->level) && isset($request->date) && isset($request->venueId) && isset($request->venueName) && isset($request->venueAddress) && isset($request->venueCity) && isset($request->latitude) && isset($request->longitude) && isset($request->numberOfPeople) && isAuthenticated()) {
try {
$description = templateMailContent($request->name, $request->level, $request->duration, $request->elevation, $request->venueName, $request->date, "{$request->latitude},{$request->longitude}", $request->additionalInfo, $request->link, '', $request->organiserName, $request->organiserPhone);
$date = DateTime::createFromFormat('d/m/Y H:i', $request->date);
$lastId = addEvent($bdd, $_SESSION['id'], $request->venueName, $request->name, $description, $request->numberOfPeople, date_format($date, 'Y-m-d H:i:s'), $request->venueId, $request->venueName, $request->venueAddress, $request->venueCity, 'FR', $request->latitude, $request->longitude);
$hikingMail = "<p>Click <a href=\"http://hiking.cyril-grandjean.fr/validate-event.php?id={$lastId}\">here</a> to validate this hiking request ? :</p>{$description}";
sendHtmlEmailToAdmin($request->name, '*****@*****.**', "Hiking request " . $request->name . " by " . $_SESSION['name'], $hikingMail);
$result['data'] = 'success';
} catch (Exception $e) {
//header("HTTP/1.1 500 Internal Server Error");
$result['data'] = 'error';
$result['error'] = 'Exception occurred: ' + $e->getMessage();
}
} else {
//header("HTTP/1.1 500 Internal Server Error");
$result['data'] = 'error';
$result['error'] = 'Exception occurred: Not every required fields entered';
}
echo json_encode($result);
if ($activeMenu == "index") {
?>
class="active"<?php
}
?>
><a href="index.php">Home</a></li>
<li <?php
if ($activeMenu == "create-event") {
?>
class="active"<?php
}
?>
><a href="create-event.php">Create event</a></li>
</ul>
<?php
if (!isAuthenticated()) {
?>
<a href="https://secure.meetup.com/oauth2/authorize?client_id=<?php
echo $_CONFIG['meetupKey'];
?>
&response_type=code&redirect_uri=<?php
echo $_CONFIG['meetupWebsite'];
?>
" class="navbar-form navbar-right">
<button type="button" class="btn btn-success">Login</button>
</a>
<?php
} else {
?>
<span class="navbar-right">
<img class="navbar-brand" alt="Icon" src="<?php
function section_playerinfo_displayPlayer(&$se)
{
$s_level = $_SESSION['level'];
$s_logedin = isAuthenticated();
$s_playerid = $_SESSION['playerid'];
$s_leader = $_SESSION['leader'];
$s_teamid = $_SESSION['teamid'];
$editAny = isFuncAllowed('edit_any_players');
echo '<table width=90% align=center border=0 cellspacing=0 cellpadding=1>
<tr><td class=playername align=center>' . $se->callsign . '<BR><BR></td></tr>';
// Logo if any
if ($se->logo != "") {
echo '<tr><td align=center>' . section_playerinfo_dispLogo($se->logo, $se->logobg) . '<hr></td></tr>';
}
// Bio if any
if ($se->comment != "") {
echo "<tr><td class=playerbio>" . nl2br($se->comment) . "<hr></td></tr>";
}
// misc info ....
echo '</td></tr><TR><TD><table align=center><TR><TD width=100 valign=top align=left>';
if ($se->flagname) {
echo '<img src="' . FLAG_DIR . "c-{$se->flagname}.gif\">";
}
echo '</td><TD><TABLE>';
// Team if any
if ($se->teamname != "") {
echo "<tr><td>";
if ($se->leader == $se->id) {
$d = '<nobr>Leader (<img src="' . THEME_DIR . 'leader.gif">) of team</nobr>';
} else {
$d = "<nobr>Member of team</nobr>";
}
section_playerinfo_tab2($d, htmlLink($se->teamname, 'teaminfo', "id={$se->teamid}"));
} else {
echo "<tr><td align=center colspan=2>Does not belong to any team</td></tr>";
}
if ($se->altnik1 || $se->altnik2) {
if ($se->altnik1 && $se->altnik2) {
$plural = 's';
$niks = $se->altnik1 . ', ' . $se->altnik2;
} else {
if ($se->altnik1) {
$niks = $se->altnik1;
} else {
$niks = $se->altnik2;
}
}
section_playerinfo_tab2("<nobr>Alternate callsign{$plural}</nobr>", $niks);
}
if ($se->countryname) {
$loc = $se->countryname;
if ($se->stateabbr) {
$loc .= ' (';
if ($se->city) {
$loc .= $se->city . ', ';
}
$loc .= "{$se->stateabbr})";
}
section_playerinfo_tab2('Location', $loc);
}
if ($se->utczone || $se->zonename) {
section_playerinfo_tab2('Time zone', 'GMT ' . section_playerinfo_numPlus($se->utczone) . " ({$se->zonename})");
}
section_playerinfo_tab2('Site Member Since', date('Y-m-d', $se->created));
if (isset($se->last_login)) {
section_playerinfo_tab2('Last login', date('Y-m-d H:i', $se->last_login));
}
echo '<TR><TD colspan=2><HR></td></tr>';
if ($se->emailpub == 'Y') {
section_playerinfo_tab2('email', section_playerinfo_obsMail($se->email));
}
section_playerinfo_tab2('AIM', $se->aim);
section_playerinfo_tab2('IRC', $se->ircnik1);
section_playerinfo_tab2('ICQ', $se->icq);
section_playerinfo_tab2('YIM', $se->yim);
section_playerinfo_tab2('MSM', $se->msm);
section_playerinfo_tab2('Jabber', $se->jabber);
echo '</table></td><TD width=50></td></tr></table></tr>';
// Frequentation statistics
if ($se->status != 'deleted') {
echo '<tr><td><BR><BR>';
section_playerinfo_Frequentation($se->id);
echo '<BR></td></tr>';
}
if ($se->status != 'deleted') {
// Send a message to this player (but not to myself!)
if ($s_logedin && $s_playerid != $se->id) {
echo '<tr><td><hr></td></tr><tr align=center><td><TABLE><TR><TD>' . htmlURLbutton('SEND BZmessage', 'sendmessage', "pid={$se->id}");
// If I am a team leader, and my team is not full, I can invite him
if (isAuthenticated() && $_SESSION['leader']) {
// Check if my team full
$team = mysql_fetch_object(mysql_query("select count(*) as num from l_player where team={$s_teamid}"));
if ($team->num < 20) {
$mytn = queryGetTeamName($s_teamid);
echo '<TD width=5></td><TD>' . htmlURLbutton("INVITE to {$mytn}", 'invite', "id={$se->id}") . '</td>';
}
}
echo '</tr></table></td></tr>';
}
// Administrators and owner can edit a player
if ($s_logedin && ($editAny || $s_playerid == $se->id)) {
if ($editAny && $s_playerid != $se->id) {
$class = ADMBUT;
}
echo '<tr><td align=center><hr><TABLE><TR><TD>' . htmlURLbutton('Edit Profile', 'playeradmin', "id={$se->id}&edt_st=1", $class);
if (isFuncAllowed('visitlog::visit_log')) {
echo '</td><TD width=5></td><TD>' . htmlURLbutton('Visits', 'visitlog', "id={$se->id}", ADMBUT);
}
if (isFuncAllowed('deleteplayer::delete_player') && $se->role_id != ADMIN_PERMISSION) {
echo '</td><TD width=5></td><TD>' . htmlURLbutton('DELETE Player', 'deleteplayer', "id={$se->id}", ADMBUT);
}
echo '</td></tr></table></td></tr>';
}
}
echo "</table>";
}
public static function calculate()
{
if (isAuthenticated()) {
if (isset($_SESSION['lastconnectiontime'])) {
$lastsessiontime = time() - $_SESSION['lastconnectiontime'];
}
}
$_SESSION['lastconnectiontime'] = time();
}
require_once "{$TOPDIR}/lib/functions.php";
require_once "{$TOPDIR}/lib/jsonwrapper.php";
session_start();
header("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");
header("Cache-Control: no-store, no-cache, must-revalidate");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
if (isset($_REQUEST["password"])) {
// Clear data from session
$_SESSION = array();
// Zap existing session entirely
session_regenerate_id(true);
setpassword($_REQUEST["password"]);
// Invalid password
$_SESSION["xcatpassvalid"] = -1;
}
if (isset($_REQUEST["username"])) {
$_SESSION["username"] = $_REQUEST["username"];
// Invalid user name
$_SESSION["xcatpassvalid"] = -1;
}
$jdata = array();
if (isAuthenticated() && isRootAcess()) {
$jdata["authenticated"] = "yes";
} else {
$jdata["authenticated"] = "no";
}
echo json_encode($jdata);
?>
function isOpenIDAccount($email = null)
{
if ($email == null) {
if (!isAuthenticated() || !isset($_SESSION['valid_user'])) {
die("Error No 30342");
}
$db = AccessDB();
$login = mysql_real_escape_string($_SESSION['valid_user']);
$sql = "SELECT openid FROM members WHERE member_login='******';";
} else {
$db = AccessDB();
$email = mysql_real_escape_string($email);
$sql = "SELECT openid FROM members WHERE email='{$email}';";
}
$res = $db->getOne($sql);
return $res == 'yes' ? true : false;
}
// authenticate
if (isAuthenticated() == 1) {
// check if we are locked
if ($cfg["webapp_locked"] == 1) {
// only superadmin can login when we are locked
if (!IsSuperAdmin()) {
@header('location: locked.php');
exit;
}
}
} else {
// try to auth with supplied credentials
$credentials = getCredentials();
if ($credentials !== false) {
if (performAuthentication($credentials['username'], $credentials['password'], $credentials['md5pass']) == 1) {
if (isAuthenticated() != 1) {
@header('location: login.php');
exit;
}
$currentUser = $cfg["user"];
// check if we are locked
if ($cfg["webapp_locked"] == 1) {
// only superadmin can login when we are locked
if (!IsSuperAdmin()) {
@header('location: locked.php');
exit;
}
}
} else {
@header('location: login.php');
exit;
<header>
<div id="menu">
<?php
include_once 'userstorage.php';
// Trucje om de huidige pagina te bepalen
// Met de huidige pagina bedoel ik de naam van het (php) bestand dat op dit moment wordt 'uitgevoerd'
// de functie basename haalt de naam van het bestand uit een pad met eventuele subfolders
$page = basename($_SERVER["PHP_SELF"]);
// Definieer het menu in een array (elk menu item is ook weer een array)
$menu_items = array(array("Name" => "Home", "URL" => "index.php"), array("Name" => "Opgave 1", "URL" => "pagina1.php"), array("Name" => "Opgave 2", "URL" => "pagina2.php"), array("Name" => "Opgave 3", "URL" => "pagina3.php"), array("Name" => "Opgave 4", "URL" => "pagina4.php"), array("Name" => "Opgave 5", "URL" => "pagina5.php"));
if (isAuthenticated()) {
$menu_items[] = array("Name" => "Registreren", "URL" => "register.php");
}
// Render het menu met een for-each loop
echo '<ul class="menu">';
foreach ($menu_items as $menu_item) {
// Bepaal de (CSS) class van dit item
$class = "menu_item";
if ($menu_item["URL"] === $page) {
$class = "menu_item active";
}
echo ' ';
// wat spaties voor de netheid
echo '<li class="' . $class . '">';
// li element
echo '<a href="' . $menu_item['URL'] . '">' . $menu_item['Name'] . '</a>';
// a-element
echo "</li>\n";
}
echo " </ul>";
?>
function logout()
{
start_db();
if (isAuthenticated()) {
$qry = "UPDATE {$_SESSION['DB_PREFIX']}loginaudit SET " . "timeoff = NOW(), metamodifieddate = NOW(), metamodifieduserid = " . getLoggedOnMemberID() . " " . "WHERE id = " . $_SESSION['SESS_LOGIN_AUDIT'] . "";
$result = mysql_query($qry);
}
session_unset();
$_SESSION['ROLES'][] = 'PUBLIC';
}
function section_messages()
{
$vars = array('del', 'delbulk', 'checknum', 'read', 'link', 'read');
foreach ($vars as $var) {
${$var} = isset($_POST[$var]) ? $_POST[$var] : $_GET[$var];
}
echo '<BR>';
if (isAuthenticated()) {
$_SESSION['last_msg_read_ts'] = time();
$_SESSION['new_mail'] = 0;
if (isset($del)) {
mysql_query("delete from l_message\n where msgid={$del}\n and toid={$_SESSION['playerid']}");
}
if (isset($delbulk)) {
$numdel = 0;
for ($i = 0; $i < $checknum; $i++) {
$delid = $_POST["del" . $i];
if (isset($delid)) {
$numdel++;
mysql_query("delete from l_message where msgid={$delid} and toid={$_SESSION['playerid']}");
}
}
if ($numdel != 1) {
$esse = 's';
} else {
$esse = '';
}
echo "<center>Deleted {$numdel} message{$esse}.</center><BR>";
}
if (isset($read)) {
// Display one message
$res = sqlQuery("select l_player.callsign sender, l_message.status as msgstat, fromid, datesent, subject, msg, htmlok, l_message.team\n from l_message\n left join l_player\n on id = fromid\n where toid={$_SESSION['playerid']}\n and msgid={$read}");
if (mysql_num_rows($res) == 0) {
return errorPage('no messages found');
} else {
// Display the message
$msg = mysql_fetch_object($res);
echo '<table width=80% align=center border=0 cellspacing=0 cellpadding=1>
<tr class=tabhead><td align=right width=10><nobr>Date sent:</nobr></td><TD width=6></td><TD>' . $msg->datesent . '</td></tr>';
if ($msg->sender == '') {
// Administrative message
echo '<tr class=tabhead><td align=right>From: </td><TD></td><TD><b>CTF League System</b></td></tr>';
} else {
echo '<tr class=tabhead><td align=right>From: </td><TD></td><TD><a href="index.php?link=playerinfo&id=' . $msg->fromid . '&' . SID . '">' . $msg->sender . '</a></td></tr>';
}
if ($msg->subject == '') {
$subject = 'No subject';
} else {
$subject = stripslashes($msg->subject);
}
echo '<tr class=tabhead><td align=right>Subject:</td><TD></td><TD>' . wordwrap(htmlentities($subject), 40, '<br>') . '</td></tr>';
echo '<tr><td align=right valign=top><BR>Message:</td><TD></td><TD><BR><TABLE width=100% cellpadding=10 style="border: solid 1px"><TR><TD>';
if ($msg->sender == '' || $msg->htmlok > 0) {
// if admin message, allow html
echo nl2br($msg->msg);
} else {
echo nl2br(htmlentities($msg->msg));
}
echo '</td></tr></table></td></tr></table>';
if ($msg->msgstat == 'new') {
--$_SESSION['mail_unread'];
// Set message as read
mysql_query("update l_message set status='read' where msgid={$read}");
}
// Display buttons: delete goback reply
echo '<br><TABLE align=center><TR valign=top>';
// Can't reply to administrative messages
if ($msg->sender != '') {
echo '<TD><form method=post action="index.php">' . SID_FORM;
echo '<input type=hidden name=link value=sendmessage>';
echo '<input type=hidden name=pid value=' . $msg->fromid . '>';
echo '<input type=hidden name=toteam value="' . $msg->team . '">';
echo '<input type=hidden name=reply value=1>';
echo '<input type=hidden name=mid value=' . $read . '>';
echo htmlFormButton('Reply', 'reply_direct') . '</td>';
if ($msg->team == 'yes') {
echo '<td width=10></td><td>' . htmlFormButton('Reply To Team', 'reply_team') . '</td>';
}
echo '</form><TD width=10></td>';
}
echo '<TD>' . htmlURLbutton('Delete', 'messages', "del={$read}") . '</td><TD width=10></td><TD>' . htmlURLbutton('Back', 'messages', null, CLRBUT) . '</td></tr></table>';
}
} else {
// Display all messages
$res = mysql_query("select msgid, l_player.callsign sender, fromid, datesent, \n subject, l_message.status, l_message.team\n from l_message left join l_player on id = fromid\n where toid={$_SESSION['playerid']} order by datesent desc");
echo '<div class=checkbox>';
if (mysql_num_rows($res) == 0) {
echo "<center>You don't have any message to read.</center>";
} else {
echo '<script type="text/javascript">
function checkAll (form, checkallcheckbox)
{
for (i = 0; i < form.elements.length; i++)
if (form.elements[i].type == "checkbox"){
form.elements[i].checked = checkallcheckbox.checked;
}
}
</script>';
echo '<form name="myform" method=post>' . SID_FORM . '<table border=0 align=center cellspacing=0 cellpadding=1>
<tr class=tabhead><td><input type="checkbox" name="CheckAll" value="Check All"
onClick="checkAll(document.myform, document.myform.CheckAll)"</td><td>Date sent </td>
<td>Subject </td><td width=5></td><td>From</td></tr>';
$checknum = 0;
$rownum = 0;
while ($msg = mysql_fetch_object($res)) {
$cl = ++$rownum % 2 ? 'rowOdd' : 'rowEven';
echo "\n<tr class={$cl} valign=top><td>";
// Display checkbox for deleting message
echo '<input class=checkbox type=checkbox name=del' . $checknum . ' value=' . $msg->msgid . '> ';
$checknum++;
// New messages are bold, so we prepare some stuff
$bb = '';
$be = '';
switch ($msg->status) {
case 'new':
echo '<img src="' . THEME_DIR . 'msgnew.gif">';
$bb = '<b>';
$be = '</b>';
break;
case 'read':
echo '<img src="' . THEME_DIR . 'msgread.gif">';
break;
case 'replied':
echo '<img src="' . THEME_DIR . 'msgreplied.gif">';
break;
}
if ($msg->team == 'yes') {
echo '<img src="' . THEME_DIR . '/team.gif">';
}
echo '</td><td><font size=-2>' . $bb . $msg->datesent . $be . '</font> </td>';
if ($msg->subject == '') {
$subject = 'No subject';
} else {
$subject = stripslashes($msg->subject);
}
echo "<TD>{$bb}" . htmlLink(wordwrap($subject, 40, '<br>'), 'messages', "read={$msg->msgid}", $bb ? LINK_NEW : null) . "</a>{$be}</td><TD></td>";
if ($msg->sender == '') {
// Administrative message
echo '<td> <b>CTF League System</b></td></tr>';
} else {
echo '<td> <a href="index.php?link=playerinfo&id=' . $msg->fromid . '&' . SID . '">' . $msg->sender . '</a></td></tr>';
}
}
echo '</table><br> </div> <center>' . htmlFormButton('Delete Checked', 'delbulk') . '<input type=hidden name=link value="messages">
<input type=hidden name=checknum value=' . $checknum . '
</center></form>';
}
}
} else {
errorPage('You are not allowed to view the messages');
}
}
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with Mobile Assistant Connector. If not, see <http://www.gnu.org/licenses/>.
*
* @author eMagicOne <*****@*****.**>
* @copyright 2014-2015 eMagicOne
* @license http://www.gnu.org/licenses GNU General Public License
*/
require_once '../../../config/config.inc.php';
include_once 'functions.php';
$key = Tools::getValue('key');
$function = Tools::getValue('call_function');
$push_ids = Tools::getValue('push_ids');
$value = Tools::getValue('value');
if (!isAuthenticated($key)) {
die(Tools::jsonEncode('Authentication error'));
}
if ($function && function_exists($function)) {
if ($function == 'changeStatus') {
echo changeStatus($push_ids, $value);
} elseif ($function == 'deleteDevice') {
echo deleteDevice($push_ids);
} else {
echo call_user_func($function);
}
} else {
die(Tools::jsonEncode('error'));
}
function isAuthenticated($key)
{
return false;
} else {
if ($post["apikey"] == null || $post["apisecret"] == null || !preg_match("/^[a-zA-Z0-9]+\$/", $post["apikey"])) {
return false;
}
global $wpdb;
$sql = "SELECT COUNT(id) as total FROM " . MM_TABLE_API_KEYS . " WHERE ";
$sql .= "api_key=%s AND api_secret=%s AND status='1';";
$row = $wpdb->get_row($wpdb->prepare($sql, $post["apikey"], $post["apisecret"]));
if (is_object($row)) {
return $row->total > 0;
}
}
return true;
}
if (!isAuthenticated($_POST)) {
error_log("Access Denied to report data generator");
exit;
}
if (!isset($_POST['cacheId']) || empty($_POST['cacheId'])) {
echo "Invalid cache id";
exit;
}
// Send connection close to allow the caller to continue processing
// ----------------------------------------------------------------
MM_ConnectionUtils::closeConnectionAndContinueProcessing();
// Set operating parameters
// ----------------------------------------------------------------
$maxExecutionTime = 300;
//in seconds
$cacheId = $_POST['cacheId'];
<body>
<?php
/*
Importando classes e bibliotecas.
*/
require_once '../includes/functions.php';
require_once '../includes/conexao.class.php';
/*
Retomando a sessão.
*/
session_start();
/*
Testando se o usuário está autenticado.
*/
if (isAuthenticated() == false) {
echo "<p class='error_message'>Por favor, efetue o login.</p>";
exit;
} elseif (hasPermission($_SESSION['id'], 'Admin') == false) {
echo "<p class='error_message'>Você não possui privilégios para acessar esta área.</p>";
exit;
}
/*
Verifica se a configuração de log está ligada ou desligada. Se estiver ligada, ele irá fazer uso da
função logAction.
*/
/*$c = new conexao;
$c->set_charset('utf8');
$q = "SELECT * FROM configuracoes WHERE opcao = 'log';";
$r = $c->query($q);
$log = $r->fetch_object();
<?php
include '../includes/config.inc.php';
include '../includes/settings.inc.php';
include '../fcts/hiking.fct.php';
include '../fcts/restclient.class.php';
include '../fcts/event.fct.php';
//If the user is logged and the event id is set
if (isAuthenticated() && $_SESSION['id'] == $GLOBALS['organiserId'] && isset($_GET['id'])) {
$event = readEventId($bdd, $_GET['id']);
$venueId = $event['venueId'];
$accessData = array("access_token" => $_SESSION['access_token']);
$rest = new RestClient();
if ($event['venueId'] == 0) {
$venueData = array("name" => $event['venueName'], "address_1" => $event['venueAddress'], "city" => $event['venueCity'], "country" => $event['venueCountry']);
$data = $rest->setUrl('https://api.meetup.com/' . $GLOBALS['group_urlname'] . '/venues')->post($venueData, $accessData);
$venueId = $data['id'];
}
$eventData = array("name" => $event['name'], "group_id" => $GLOBALS['group_id'], "group_urlname" => $GLOBALS['group_urlname'], "description" => $event['description'], "event_hosts" => $event['event_organiser'], "rsvp_limit" => $event['rsvp_limit'], "how_to_find_us" => $event['how_to_find_us'], "time" => strtotime($event['time']) * 1000, "venue_id" => $venueId);
$data = $rest->setUrl('https://api.meetup.com/2/event')->post($eventData, $accessData);
} else {
header("HTTP/1.1 403 Access denied");
echo 'Access denied';
}
/**
* Retourneert de gebruikersnaam van de geauthentiseerde gebruiker, anders een
* waarschuwingsbericht.
* @return e gebruikersnaam van de geauthentiseerde gebruiker, anders een
* waarschuwingsbericht.
*/
function getAuthenticatedUsername()
{
if (!isAuthenticated()) {
return "<USER NOT AUTHENTICATED>";
}
return $_SESSION['username'];
}
function section_login()
{
$vars = array('f_ok', 'f_call', 'f_pass', 'link');
foreach ($vars as $var) {
${$var} = isset($_POST[$var]) ? $_POST[$var] : $_GET[$var];
}
echo '<BR>';
if ($f_ok) {
// Check the password
$res = mysql_query("select p.id, p.callsign, p.password, p.md5password, \n unix_timestamp(p.last_login) as last_login, p.utczone, p.country\n from l_player p,bzl_roles r where p.role_id = r.id AND p.callsign='" . addSlashes($f_call) . "'");
if (mysql_num_rows($res) != 0) {
$obj = mysql_fetch_object($res);
// Check MD5 password, or password, and do the conversion
$cyphermd5 = md5($f_pass);
// Do check the password
if ($obj->md5password == '') {
$cypher = crypt($f_pass, substr($obj->password, 0, 2));
if ($cypher == $obj->password) {
$idsuccess = 1;
// Update MD5 password in database
mysql_query("update l_player set md5password='******' where id=" . $obj->id);
} else {
$idsuccess = 0;
}
} else {
if ($cyphermd5 == $obj->md5password) {
$idsuccess = 1;
} else {
$idsuccess = 0;
}
}
if ($idsuccess == 1) {
// Logged in!
// Insert an entry into the statistics table
if (!$obj->country || $obj->country <= 0) {
$_SESSION['required'] = true;
}
$gmnow = gmdate("Y-m-d H:i:s");
sqlQuery('insert into ' . TBL_VISITS . " (ts, pid, ip) \n values ('{$gmnow}', {$obj->id}, '{$_SERVER['REMOTE_ADDR']}')");
if (!isset($obj->utczone)) {
$uz = 0 - $_POST['tzoffset'] / 60;
sqlQuery("update l_player set utczone={$uz} where id={$obj->id}");
}
$now = gmdate("Y-m-d H:i:s");
mysql_query("UPDATE l_player SET last_login='******' WHERE id=" . $obj->id);
$_SESSION['playerid'] = $obj->id;
$_SESSION['callsign'] = $obj->callsign;
$_SESSION['last_login'] = $obj->last_login;
$_SESSION['seqnum'] = 1;
session_refresh();
// refresh cookie for 60 days ...
setcookie('themename', THEME_NAME, time() + 60 * 60 * 24 * 60, '/');
}
}
}
if ($f_ok and $idsuccess == 0) {
// Unknown callsign
echo "<div class=error><CENTER>Wrong callsign or password</div>";
$gmnow = gmdate("Y-m-d H:i:s");
sqlQuery("INSERT INTO l_badpass (gmtime, ip, name) VALUES ('{$gmnow}', '{$_SERVER['REMOTE_ADDR']}', '{$f_call}')");
sleep(2);
// deter script-kiddies
}
if (isAuthenticated()) {
echo '<center>Welcome back, <a href="index.php?link=playerinfo&id=' . $_SESSION['playerid'] . '&' . SID . '">' . $_SESSION['callsign'] . '</a><br><br>';
if ($_SESSION['teamid'] == 0) {
echo "You don't belong to any team. What are you waiting for? ;-)";
} else {
// Get team name
$obj = mysql_fetch_object(mysql_query("select name from l_team where id=" . $_SESSION['teamid']));
echo 'You are a member of the magnificent <a href="index.php?link=teaminfo&id=' . $_SESSION['teamid'] . '&' . SID . '">' . $obj->name . '</a> team.';
}
echo '<br><br><form method=post>' . SID_FORM . htmlFormButton("Log Out", 'logout_x') . '
</form></center>';
} else {
echo '<form name="login" method=post>' . SID_FORM . '
<table align=center border=0 cellspacing=0 cellpadding=1>
<input type=hidden name=link value=' . $link . '>';
echo '<tr><td>Callsign:</td><td><input type=text name=f_call value="' . $f_call . '" size=40 maxlength=40></td></tr>
<tr><td>Password:</td><td><input type=password name=f_pass size=8 maxlength=8></td></tr>
<tr><td colspan=2 align=center><BR>
' . htmlFormButton("Login", 'f_ok') . '
</td></tr>
</table></form>';
echo '<script type="text/javascript">
if(document.login.f_call.value.length == 0)
document.login.f_call.focus();
else
document.login.f_pass.focus();
now = new Date();
document.write ("<input type=hidden name=tzoffset value=" + now.getTimezoneOffset() +">");
</script>';
}
}
