function validate_input($valid, &$p, &$error)
{
$error = null;
if ($valid['type'] != 'func') {
if (is_array($p)) {
$val =& $p[$valid['_input']];
} else {
$val =& $p;
}
}
switch ($valid['type']) {
case 'address':
$val = string_check($val);
if (empty($valid['blank']) and strlen($val) < 4) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid address.';
}
if (!empty($valid['lines']) and !empty($val) and substr_count($val, "\n") < $valid['lines'] - 1) {
$error = 'This address must contain at least ' . $valid['lines'] . ' lines.';
}
if (!empty($valid['format'])) {
$val = str_replace(array("\r", "\n", "\r\n", ', '), ',', $val);
}
break;
case 'array':
case 'choice':
case 'select':
// $val can't be an array at this point as that's sorted higher up by validate_input_array()
if (!is_array($valid['options']) and function_exists($valid['options'])) {
$valid['options'] = $valid['options']();
}
if (is_array($valid['options'])) {
if (is_assoc($valid['options'])) {
$err = !@isset($valid['options'][$val]);
} else {
$err = !in_array($val, $valid['options']);
}
} elseif (isset($valid['no-opts'])) {
$val = '';
} else {
$err = true;
$valid['msg'] = 'The options could not be found for this field.';
}
if (isset($valid['not-empty']) and empty($val)) {
$err = true;
}
if (!empty($err)) {
if (!empty($valid['blank'])) {
$val = '';
} elseif (!empty($valid['msg'])) {
$error = $valid['msg'];
} else {
$error = 'You must select one of the available options.';
}
}
break;
case 'bool':
case 'boolean':
if (!empty($val)) {
$val = !empty($valid['set']) ? $valid['set'] : 1;
} elseif (!empty($valid['mandatory'])) {
$error = 'You must tick this box to continue.';
} else {
$val = !empty($valid['empty']) ? $valid['empty'] : 0;
}
break;
case 'clear':
$val = false;
break;
// we can't do this because of the isset check in valid; use the func method to point to valid_copy instead
// case 'copy':
// $val=$p[$valid['copy']];
// break;
// we can't do this because of the isset check in valid; use the func method to point to valid_copy instead
// case 'copy':
// $val=$p[$valid['copy']];
// break;
case 'currency':
if (!make_currency($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid currency value';
}
if (!empty($valid['positive']) and $val < 0) {
$val *= -1;
}
break;
case 'dat':
case 'date':
// we had to be careful here, as when we moved to a function with &$error
// it started adding the error even if we planned to ignore it
// use $err in these cases but might be better to pass on the blank flag
// to sub functions of the validator
$func = 'sql_' . $valid['type'];
$val = $func($val, $err);
$today_date = date('Y-m-d');
if (empty($val)) {
if (!empty($valid['blank'])) {
$val = $valid['blank'] == 'today' ? $today_date : '';
} else {
$error = !empty($err) ? $err : 'The date you entered was not recognised';
}
} else {
if (!empty($valid['past'])) {
$valid['max'] = $today_date;
}
if (!empty($valid['future'])) {
$valid['min'] = $today_date;
}
if (!empty($valid['max']) and $val > $valid['max']) {
$error = 'The date specified is greater than the maximum allowed.';
}
if (!empty($valid['min']) and $val < $valid['min']) {
$error = 'The date specified is less than the minimum allowed.';
}
}
break;
case 'dob':
if (!empty($val)) {
$val = date_from_dob($val);
}
if (empty($val) and empty($valid['blank'])) {
if (!empty($valid['msg'])) {
$error = $valid['msg'];
} else {
$error = 'You must enter a valid date of birth, try ' . (defined(DATE_USA) ? 'mm/dd/yy' : 'dd/mm/yy') . '.';
}
}
if (isset($valid['max']) or isset($valid['min'])) {
$age = age_from_dob($val);
if (!empty($valid['max']) and $age > $valid['max']) {
$error = 'This date of birth indicates an age of ' . $age . '. It is required that the age is ' . $valid['max'] . ' or less.';
}
if (!empty($valid['min']) and $age < $valid['min']) {
$error = 'This date of birth indicates an age of ' . $age . '. It is required that the age is ' . $valid['min'] . ' or more.';
}
}
if ($val > date('Y-m-d')) {
$error = 'A date of birth may not be in the future. If time travel has been invented, please let us know last year.';
}
break;
case 'email':
if (!make_email($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid email address.';
}
break;
case 'equal':
if (!string_compare($val, $valid['equal'])) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter the exact value.';
}
break;
// this isn't really a data type, could be removed now that we can accept arrays
// this isn't really a data type, could be removed now that we can accept arrays
case 'extra':
$extra = array();
if (is_array($val['key'])) {
foreach ($val['key'] as $n => $key) {
$extra[string_check($key)] = string_check($val['val'][$n]);
}
}
$val = serialize($extra);
break;
case 'html':
$val = make_html($val, $valid['tags'], !empty($valid['multi_byte']) ? true : false);
if ($valid['length'] > 0) {
if (strlen($val) < $valid['length']) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a value at least ' . ($valid['length'] == 1 ? '1 character' : $valid['length'] . ' characters.') . ' long';
}
}
break;
case 'image':
break;
case 'keygen':
if (empty($val) and empty($valid['regen'])) {
$val = rand_pass();
}
break;
case 'name':
$val = make_name($val);
if (empty($valid['blank']) and empty($val)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid name.';
}
break;
case 'num':
case 'number':
if (!is_number($val, $valid['blank'] ? 1 : false)) {
if (!empty($valid['default'])) {
$val = $valid['default'];
} else {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid number.';
}
}
if (!empty($val)) {
// for legacy support
if (isset($valid['ulimit'])) {
$valid['max'] = $valid['ulimit'];
}
if (isset($valid['dlimit'])) {
$valid['min'] = $valid['dlimit'];
}
//
if (isset($valid['max']) and $val > $valid['max']) {
$error = 'You must enter a number no greater than ' . $valid['max'] . '.';
}
if (isset($valid['min']) and $val < $valid['min']) {
$error = 'You must enter a number no lower than ' . $valid['min'] . '.';
}
if (isset($valid['max-other']) and $val > $p[$valid['max-other']]) {
$error = 'You must enter a number no greater than ' . $p[$valid['max-other']] . '.';
}
}
break;
case 'phone':
if (isset($valid['other'])) {
$error = !make_phones($val, $p[$valid['other']]);
} else {
$error = !make_phone($val, $valid['blank'] ? 1 : false);
}
if (!empty($error)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid phone number.';
}
break;
case 'postcode':
if (!make_postcode($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid postcode.';
}
break;
case 'time':
if (!make_time($val, $valid['blank'] ? 1 : false, $valid['format'] ? $valid['format'] : null)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid time.';
}
break;
case 'url':
case 'website':
if (!make_website($val, $valid['blank'] ? 1 : false)) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a valid website address.';
}
if (is_array($valid['unique'])) {
$check = query("SELECT " . $valid['unique']['id'] . " FROM " . $valid['unique']['table'] . " WHERE website='{$val}'", 'single');
if ($check > 0) {
$error = 'The website address you entered is already registered.';
}
}
break;
case 'func':
$func = $valid['func'];
if (function_exists($func)) {
if (!$func($p, $err, $valid)) {
$error = !empty($valid['msg']) ? $valid['msg'] : $err;
}
break;
}
default:
if (!empty($val)) {
$val = string_check($val, $valid['strip']);
}
if (!empty($valid['length'])) {
if (strlen($val) < $valid['length']) {
$error = !empty($valid['msg']) ? $valid['msg'] : 'You must enter a value at least ' . ($valid['length'] == 1 ? '1 character' : $valid['length'] . ' characters.') . ' long';
}
} elseif (!empty($valid['default']) and empty($val)) {
$val = $valid['default'];
}
if (!empty($valid['max']) and $strlen > $valid['max']) {
$error = 'You may not enter a value longer than ' . $valid['max'] . ' characters.';
}
}
validate_unique($valid, $val, $error);
if ($error) {
return false;
}
return true;
}
?>
<input MaxLength="10" class="required date" id="stpartdate" name="stpartdate" style="padding-left:2px;width:90px;" type="text" value="<?php
echo isset($event) ? make_date($sarr[0]) : "";
?>
" />
<input MaxLength="5" class="required time" id="stparttime" name="stparttime" style="width:40px;" type="text" value="<?php
echo isset($event) ? make_time($sarr[1]) : "";
?>
" /> Jusqu'au
<input MaxLength="10" class="required date" id="etpartdate" name="etpartdate" style="padding-left:2px;width:90px;" type="text" value="<?php
echo isset($event) ? make_date($earr[0]) : "";
?>
" />
<input MaxLength="50" class="required time" id="etparttime" name="etparttime" style="width:40px;" type="text" value="<?php
echo isset($event) ? make_time($earr[1]) : "";
?>
" />
<label class="checkp">
<input id="IsAllDayEvent" name="IsAllDayEvent" type="checkbox" value="1" <?php
if (isset($event) && $event->IsAllDayEvent != 0) {
echo "checked";
}
?>
/> Toute la journée
</label>
</div>
</label>
<label>
<span> *Motif:
function previewArticle($article)
{
if (!$article) {
h3("Fant ikke artikkelen.");
} else {
table_open();
tr_open();
td_open(1);
h1_link($article['title'], url_to_article($article['articleid']));
articleMetaInfo($article['author'], $article['author_username'], make_date($article['date_posted']), make_time($article['time_posted']), $article['language']);
div_open("textbody", "");
$paragraph = makeReadyForPrint(nl2br($article['body']));
echo $paragraph;
div_close();
td_close();
tr_close();
table_close();
}
}
function module_articles_frontpage()
{
echo "<!-- start articles frontpage -->";
global $article_author;
global $no_articles_text;
global $jokes, $layout, $chars_showing_articles, $chars_showing_first_article;
$query = "select * from articles WHERE is_deleted IS NULL AND comment_to IS NULL AND is_draft IS NULL ORDER BY date_posted DESC, time_posted DESC LIMIT 8";
$result = DB_get_table($query);
?>
<!-- start articles frontpage -->
<?php
if ($layout == "newspaper") {
echo '<table class="frontpage_table_2columns">';
} else {
echo '<table class="frontpage_table">';
}
if (!$result || DB_rows_affected($result) < 1) {
// hvis noe er feil, vis en vits.
echo '<tr>';
echo '<td colspan="2" class=\\"articles_frontpage\\">';
echo $no_articles_text . ' Vi presenterer i stedet en vits.<br/><br/>';
echo $jokes[array_rand($jokes, 1)];
echo '</td>';
echo '</tr>';
} else {
$num_results = DB_rows_affected();
// øverste artikkel, spenner over begge kolonnene.
echo "<tr>";
echo '<td colspan="2" class="articles_frontpage">';
$row = DB_next_row($result);
echo '<div class="header2 articletitlefront"><a href="index.php?m_c=m_va&articleid=' . $row['articleid'] . '">' . stripslashes($row['title']) . '</a></div>';
echo '<div class="metatext">' . $article_author;
echo '<span class="author">: ';
if (isset($row['author_username'])) {
echo '<a href="index.php?m_c=mvp&username='******'author_username'] . '">' . stripslashes($row['author']) . '</a>';
} else {
echo stripslashes($row['author']);
}
echo '</span>';
echo ', postet <span class="date">' . make_date($row['date_posted']) . ' </span><span class="time">' . make_time($row['time_posted']) . '</span></div>';
echo '<div class="textbody">';
if (strlen($row['body']) < $chars_showing_first_article * 2) {
echo stripslashes(nl2br($row['body']));
} else {
echo closeUnclosedTags(stripslashes(substr(nl2br($row['body']), 0, $chars_showing_first_article)));
echo " ...";
$chars_left = strlen($row['body']) - $chars_showing_first_article;
}
echo '</div>';
$number_of_comments = number_of_comments($row['articleid']);
echo '<div class="showarticlelink">';
if (strlen($row['body']) < $chars_showing_first_article * 2) {
echo '<a href="index.php?m_c=m_va&articleid=' . $row['articleid'] . '">Vis artikkelside</a> ';
} else {
echo '<a href="index.php?c=' . $chars_showing_first_article . '&m_c=m_va&articleid=' . $row['articleid'] . '#continue">Les hele artikkelen <span class="notice">(' . $chars_left . ' flere tegn)</span></a> ';
}
// Give link to comments if any, else link to the commenting form
if ($number_of_comments > 0) {
echo '<a href="index.php?m_c=m_va&articleid=' . $row['articleid'] . '#comments">Les kommentarer (' . $number_of_comments . ')</a> ';
} else {
global $anyone_comments;
if ($anyone_comments || isset($_SESSION['valid_user'])) {
echo '<a href="index.php?m_c=m_va&articleid=' . $row['articleid'] . '#commentform">Skriv kommentar</a> ';
} else {
echo "<span id='loginlink'><a href=\"javascript:showDiv('loginform', 'errorandlogout')\">Logg inn og kommenter</a></span>";
}
}
echo '</div>';
echo '</td>';
echo '</tr>';
// resten av artiklene
if ($layout == "newspaper") {
$chars_showing_first_article = $chars_showing_first_article / 4;
}
for ($i = 1; $i < $num_results; $i++) {
// sjekker layout og hvilken 'side' man er på, siden man kan velge mellom 1 eller 2 kolonner.
if (!($i % 2 == 0) || $layout == "weblog") {
echo "<tr>";
if ($layout == "weblog") {
echo '<td colspan="2" class="articles_frontpage">';
} else {
echo '<td class="articles_frontpage_2column">';
}
} else {
if ($layout == "weblog") {
echo '<td colspan="2" class="articles_frontpage">';
} else {
echo '<td class="articles_frontpage_2column">';
}
}
$row = DB_next_row($result);
echo '<div class="header2 articletitlefront"><a href="index.php?m_c=m_va&articleid=' . $row['articleid'] . '">' . stripslashes($row['title']) . '</a></div>';
echo '<div class="metatext">' . $article_author;
echo '<span class="author">: ';
if (isset($row['author_username'])) {
echo '<a href="index.php?m_c=mvp&username='******'author_username'] . '">' . stripslashes($row['author']) . '</a>';
} else {
echo stripslashes($row['author']);
}
echo '</span>';
echo ', postet <span class="date">' . make_date($row['date_posted']) . ' </span><span class="time">' . make_time($row['time_posted']) . '</span></div>';
echo '<div class="textbody">';
if (strlen($row['body']) < $chars_showing_first_article * 2) {
echo stripslashes(nl2br($row['body']));
} else {
echo stripslashes(substr(nl2br($row['body']), 0, $chars_showing_first_article));
echo " ...";
$chars_left = strlen($row['body']) - $chars_showing_first_article;
}
echo '</div>';
$number_of_comments = number_of_comments($row['articleid']);
echo "<div class=\"showarticlelink\">";
if (strlen($row['body']) < $chars_showing_first_article * 2) {
echo '<a href="index.php?m_c=m_va&articleid=' . $row['articleid'] . '">Vis artikkelside</a> ';
} else {
echo '<a href="index.php?c=' . $chars_showing_first_article . '&m_c=m_va&articleid=' . $row['articleid'] . '#continue">Les hele artikkelen <span class="notice">(' . $chars_left . ' flere tegn)</span></a> ';
}
if ($number_of_comments > 0) {
echo '<a href="index.php?m_c=m_va&articleid=' . $row['articleid'] . '#comments">Les kommentarer (' . $number_of_comments . ')</a> ';
} else {
echo '<a href="index.php?m_c=m_va&articleid=' . $row['articleid'] . '#commentform">Skriv kommentar</a> ';
}
echo '</div>';
echo '</td>';
if (!($i % 2 != 0) || $layout == "weblog") {
echo "</tr>";
}
}
// slutt for-løkke
// helt til slutt, hvis antall artikler på forsiden er et partall,
// og dette ikke er weblog (en artikkel pr rad)
// vil vi bare ha en artikkel på slutten, og må huske å avslutte raden.
if ($num_results % 2 == 0 && $layout != "weblog") {
echo "</tr>";
}
}
echo "</table>";
}
?>
>PM</option>
</select>
<input type="submit" name="gen_timestamp" value="Generate Timestamp" />
<?php
if (isset($_POST['gen_timestamp'])) {
$time['mm'] = $_POST['join_mm'];
$time['dd'] = $_POST['join_dd'];
$time['yy'] = $_POST['join_yy'];
$time['time_hh'] = $_POST['join_time_hh'];
$time['time_mm'] = $_POST['join_time_mm'];
$time['time_ss'] = $_POST['join_time_ss'];
$time['time_ap'] = $_POST['join_time_ap'];
if (!($time = make_time($time))) {
foreach ($_SESSION['errors']['make_time'] as $error) {
$time = $error;
}
unset($_SESSION['errors']['make_time']);
}
echo '<br /><br />Timestamp: <b>' . $time . '</b><br /> ';
}
?>
</td>
</form>
</tr>
function list_articles($result, $num_results)
{
global $article_author;
for ($i = 0; $i < $num_results; $i++) {
echo "<tr><td colspan=2>";
$row = DB_next_row($result);
echo "<div class=\"default_header\">" . stripslashes($row['title']) . "</div><div class=\"metatext\">";
echo "<span class=\"author\">" . $article_author . ": ";
echo stripslashes($row['author']) . ' (' . $row['author_username'] . ')';
echo ',</span> <span class="time">postet ';
echo make_date($row['date_posted']) . " ";
echo make_time($row['time_posted']);
echo '</span><div> ';
echo substr(nl2br(stripslashes($row['body'])), 0, 240);
if (strlen($row['body']) > 240) {
echo "...";
}
echo '</div><div class="editarticle">';
if (isset($_SESSION['valid_user']) || isset($_SESSION['valid_admin'])) {
if ($row['author_username'] == $_SESSION['valid_user']) {
echo '<a href="index.php?articleid=' . $row['articleid'] . '&m_c=module_delete_article">Slett</a>';
echo ' <a href="index.php?articleid=' . $row['articleid'] . '&m_c=module_enter_article&edit=1">Rediger</a>';
}
}
if ($row['comment_to'] > 0) {
echo ' <a href="index.php?articleid=' . $row['comment_to'] . '&m_c=m_va">Vis artikkelen denne kommentaren tilhører</a></div>';
} else {
echo ' <a href="index.php?articleid=' . $row['articleid'] . '&m_c=m_va">Vis</a></div>';
}
echo '</td></tr>';
}
}
?>
" alt="<?php
echo "{$ud['nick_name']}'s avatar";
?>
" /><br />
<?php
echo "<a class='logout-a' href='index.php?a=logout&hash=" . base64_encode(time()) . "'>logout [ {$_SESSION['user_row_data']['nick_name']} ]</a><br />";
if ($ud['user_type'] == 'su') {
echo "<a class='mainmenu-admin-link' href='index.php?a=su&hash=" . base64_encode(time()) . "'>control panel</a>";
}
?>
</td>
<td valign="top">
<?php
echo "<a class='user-view-profile' href='index.php?a=profile&do=viewProfile&nick_name={$ud['nick_name']}'><span class='" . ($su ? get_user_class(0, true) : get_user_class($ud['ranking_pts'])) . "'>{$ud['nick_name']} ({$ud['registration_no']})</span></a><br />";
echo "<span class='users'>Last visited on: </span><span class='user-last-visit'>" . ($ud['last_visit_date'] == '0000-00-00 00:00:00' ? 'never' : date("j \\of\f F Y, \\a\\t g:i:s a", make_time($ud['last_visit_date']))) . "</span><br />";
if (!$su) {
$rank = get_coders_rank($ud['registration_no']);
echo "<span class='users'>Rank: </span><span class='" . get_user_class($ud['ranking_pts']) . "'>{$rank[0]} / {$rank[1]}</span><br />";
echo "<span class='users'>Points: </span><span class='" . get_user_class($ud['ranking_pts']) . "'>{$ud['ranking_pts']}</span><br />";
}
echo "<a class='user-view-profile' href='index.php?a=profile&do=updateProfile'>Edit profile</a>";
?>
</td>
</tr>
</table>
</div>
<?php
}
function testStringToTime24hPm()
{
$time = '14:24pm';
make_time($time);
$this->assertEquals($time, '14:24:00');
}
/**
* Save edited match details
*/
function valEditMatch()
{
global $db, $_pre;
list($title, $duration, $start_date, $start_time, $difficulty, $match_points, $match_ranked, $analysis, $unused_1, $unused_2, $match_id, $action) = assoc_to_indexed($_POST);
$match_id = base64_decode($match_id);
settype($match_id, 'integer');
//If action is delete, do and return
if ($action == 'Delete this match?') {
//Get match table name first
$query = "SELECT match_table_name FROM {$_pre}matches WHERE id={$match_id}";
$db->setQuery($query);
$row = $db->fetch_assoc();
$match_table_name = $row['match_table_name'];
//Delete records from matches table
$query = "DELETE FROM {$_pre}matches WHERE id={$match_id}";
$db->setQuery($query);
//Drop the match table
$query = "DROP TABLE {$_pre}{$match_table_name}";
$db->setQuery($query);
//Remove logs with this match ID
$query = "DELETE FROM {$_pre}user_match_log WHERE match_id={$match_id}";
$db->setQuery($query);
//Rename this match's table to have suffix ".old" so it can be deleted later with a script or manually
rename("competition_uploads" . DS . $match_table_name, "competition_uploads" . DS . $match_table_name . ".old");
system_messages(1, "Match number {$match_id} successfully deleted");
return;
}
$errmsg = "";
//Validate match name
if (strlen($title) < 2) {
$errmsg .= "Match name too short";
}
//Validate duration
settype($duration, 'integer');
if ($duration < 600) {
$errmsg .= ", Duration invalid";
}
//Validate start date
if (!check_date($start_date)) {
$errmsg .= ", Invalid date";
}
//Validate start time
if (!check_time($start_time)) {
$errmsg .= ", Invalid time";
}
//Join start date and start time
$full_date = $start_date . " " . $start_time;
//Validate match difficulty : scale of 0-100, but min is 10
settype($difficulty, 'integer');
if ($difficulty < 10 || $difficulty > 100) {
$errmsg .= ", Difficulty invalid";
}
//Validate match points
settype($match_points, 'integer');
if ($match_points < 100 || $match_points > 999) {
$errmsg .= ", Match points invalid";
}
//Validate match ranked
$match_ranked = $match_ranked != '0' && $match_ranked != '1' ? '0' : $match_ranked;
//Validate match analysis
$analysis_text = strip_tags($analysis, "<p><a><strong><i><br><div><pre>");
//Strip HTML tags
if (strlen($errmsg) > 0) {
system_messages(0, $errmsg, 'true');
return;
}
//Update match details
$query = "UPDATE {$_pre}matches SET title='{$title}',duration={$duration},start_time=" . make_time($full_date) . ",difficulty={$difficulty},match_points={$match_points},match_ranked={$match_ranked},analysis='{$analysis}' WHERE id={$match_id}";
$db->setQuery($query);
//We also need to update user_match_log table match_date column to the new changes
$query = "UPDATE {$_pre}user_match_log SET match_date=" . make_time($full_date) . " WHERE match_id={$match_id}";
$db->setQuery($query);
//Echo success message
system_messages(1, 'Match details saved');
}
