<?php
//projeto/delete_categoria.php
session_start();
require_once 'includes/funcoes.php';
require_once 'includes/Classes/Model/Materia.php';
//acesso indevido
protectPage();
$idmateria = (int) (isset($_GET['id']) ? $_GET['id'] : 0);
if ($idmateria) {
$materia = new Materia();
if ($nrows = $materia->delete(compact('idmateria'))) {
addMsg("{$nrows} materia(s) deletada(s) com sucesso.");
} else {
addMsg("Não foi possível deletar a categoria.");
}
} else {
addMsg("Categoria inválida!");
}
header('Location: materias.php');
<?php
require_once "../../lib/init.php";
protectPage(9);
@($id = DB::Safe($_GET['id']));
// Verify...
if (!$id) {
fail("Could not delete permission; please specify a valid ID.");
}
// Load the permission and make sure it belongs in the ward
$p = Permission::Load($id);
if (!$p->InWard($MEMBER->WardID)) {
fail("That permission is not within your own ward...");
}
// Delete this permission.
$p->Delete(true);
Response::Send(200);
<?php
require_once "lib/init.php";
protectPage(0, true);
if (!isset($_GET['id'])) {
header("Location: /directory");
}
$mem = Member::Load($_GET['id']);
if (!$mem) {
header("Location: /directory");
}
// No member with given ID number, or member is not in the same ward
$memInWard = $mem->WardID != $WARD->ID();
$memInLeaderStake = false;
if ($LEADER != null) {
$r = DB::Run("SELECT StakeID FROM Wards WHERE ID='{$mem->WardID}'");
$row = mysql_fetch_object($r);
if ($row->StakeID == $LEADER->StakeID) {
$memInLeaderStake = true;
}
}
if (!$memInWard && !$memInLeaderStake) {
header("Location: /directory");
}
$isCurrent = $MEMBER && $MEMBER->ID() == $mem->ID();
// Get parts of the birth date
$bdate = strtotime($mem->Birthday);
$mm = date("F", $bdate);
$dd = date("j", $bdate);
$ordinal = date("S", $bdate);
// Load survey questions in order to get the answers
<?php
require_once "../../lib/init.php";
protectPage(11);
@($id = DB::Safe($_GET['id']));
$c = Calling::Load($id);
if (!is_object($c)) {
fail("Bad calling ID.");
}
if ($c->Preset()) {
fail("Can't delete a pre-defined calling.");
}
if ($c->WardID() != $MEMBER->WardID) {
Response::Send(403, "Can't delete a calling which does not belong to your ward.");
}
if ($c->Delete(true)) {
Response::Send(200);
} else {
fail("Oops, something went wrong. Please report this error.");
}
<?php
require_once "../../lib/init.php";
protectPage(13);
if (!$_GET['id'] == $_SESSION['userID']) {
fail("Please specify a user ID to delete");
}
if ($_GET['id'] == $_SESSION['userID']) {
fail("ERROR > Sorry; you can't delete your own account (yet...)");
}
@($mem = Member::Load($_GET['id']));
if (!$mem) {
fail("That user couldn't be loaded. Are you sure the account exists?");
}
if ($mem->WardID != $MEMBER->WardID) {
fail("You can only delete accounts of members in your own ward.");
}
if (!$mem->Delete(true)) {
fail("Could not delete member; probably forgot to be set confirmation flag to 'true', or bad ID was supplied.");
}
header("Location: ../../directory");
<?php
require_once "../../lib/init.php";
protectPage(12);
// Grab the variables from the form
@($memberID = $_GET['member']);
if (!$memberID) {
fail("No member was specified; nothing to do.");
}
$mem = Member::Load($memberID);
if (!$mem) {
fail("Could not load member with ID " . $memberID . " - please report this.");
}
if ($mem->WardID != $MEMBER->WardID) {
fail("Member " . $memberID . " is not in your ward.");
}
if ($mem->DeletePictureFile()) {
Response::Send(200, $memberID);
} else {
fail("Could not delete profile picture, probably because the user doesn't have a picture, or it is already the default one.");
}
<?php
require_once "../../lib/init.php";
protectPage(8);
// Grab the variables from the form
@($question = $_POST['question']);
@($qtype = $_POST['qtype']);
$ansArray = isset($_POST['ans']) ? $_POST['ans'] : null;
$req = isset($_POST['req']) ? true : false;
$visible = isset($_POST['visible']) ? true : false;
// Validation
if (!$question || strlen(trim($question)) < 3) {
Response::Send(401, "Oops - did you type a question (at least 3 characters long)? Go BACK and try again.");
}
// Ready the answer options array; is it empty?
$ansEmpty = true;
if ($ansArray) {
foreach ($ansArray as &$opt) {
$opt = trim($opt);
if ($opt != '') {
$ansEmpty = false;
break;
}
}
}
// Is this question designed to have answer choices/options?
$multAns = $qtype == QuestionType::MultipleChoice || $qtype == QuestionType::MultipleAnswer;
// Make sure that multiple-answer/choice questions have at least one
// to choose from
if ($multAns && $ansEmpty) {
Response::Send(401, "Oops - for that type of question, it requires at least one possible answer (you have to add one). Go BACK and try again.");
<?php
require_once "../../lib/init.php";
protectPage(7);
// Find out what we're expecting to do here:
// create, delete, assign a leader, or edit the group.
$action = "";
if (isset($_GET['new'])) {
$action = "new";
} elseif (isset($_GET['del'])) {
$action = "del";
} elseif (isset($_GET['assign'])) {
$action = "assign";
} elseif (isset($_GET['edit'])) {
$action = "edit";
} else {
Response::Send(400, "Not sure what to do.");
}
if ($action == "new") {
@($name = $_POST['groupname']);
@($ldr1 = $_POST['ldr1']);
@($ldr2 = $_POST['ldr2']);
@($ldr3 = $_POST['ldr3']);
if (!$name) {
Response::Send(400, "Can't create a group unless there's a name for it.");
}
if ($ldr1 == $ldr2 && $ldr1 != 0 || $ldr2 == $ldr3 && $ldr2 != 0 || $ldr1 == $ldr3 && $ldr3 != 0) {
Response::Send(400, "Each leader of the group must be different.");
}
$fhe = new FheGroup();
$fhe->GroupName = $name;
<?php
require_once "../lib/init.php";
protectPage(10);
$r1 = DB::Run("SELECT ID FROM Privileges ORDER BY Privilege ASC");
$r2 = DB::Run("SELECT ID FROM Members WHERE WardID='{$MEMBER->WardID}' ORDER BY FirstName ASC, LastName ASC");
$r3 = DB::Run("SELECT ID FROM Callings WHERE WardID='{$MEMBER->WardID}' ORDER BY Name ASC");
$maxLen = 65;
// Maximum display length of a calling name
?>
<!DOCTYPE html>
<html>
<head>
<title>Manage site privileges — <?php
echo $WARD ? $WARD->Name . " Ward" : SITE_NAME;
?>
</title>
<?php
include "../includes/head.php";
?>
<style>
.privlist {
width: 100%;
}
form, label {
font-size: 12px;
line-height: 1.75em;
}
.privList td, .privList th {
<?php
// Include common functions and declarations
require_once "../../include/common.php";
require_once "../include/config.php";
// Create blog object
$blog = new Blog(!empty($_GET["blogId"]) ? $_GET["blogId"] : 0);
if (!empty($blog->id)) {
// Include language
include scriptPath . "/" . folderBlog . "/include/language/" . $blog->language . "/general.php";
// Protect page
if (!empty($blog->userlevel)) {
protectPage($blog->userlevel);
}
// Get the post list
$items = array();
$result = $dbi->query("SELECT id FROM " . blogPostTableName . " WHERE blogId=" . $blog->id . " AND draft=0 ORDER BY posted DESC LIMIT 15");
for ($i = 0; list($id) = $result->fetchrow_array(); $i++) {
$post = new Post($id);
// Get categories
$categories = array();
for ($i = 0; $i < sizeof($post->categories); $i++) {
$categories[] = $post->categories[$i][1];
}
// Create new item
$item = new RSSItem($post->id, $post->user->name, $categories, $post->getPostLink() . "#comments", scriptUrl . "/" . folderBlog . "/" . fileBlogCommentRSS . "?postId=" . $post->id, $post->getPostLink(), stripHtml(!empty($post->text) ? $post->text : $post->summary), $post->printRSSPostSummary(), $post->posted, $post->subject);
$items[] = $item;
}
// Print feed
$rss = new RSS($blog->title, $blog->description, $blog->getBlogLink(), scriptUrl . "/" . folderBlog . "/" . fileBlogPostRSS . "?blogId=" . $blog->id, $items);
$rss->printRSSFeed();