<body>
<?php
require '../include/user_search_options.inc';
?>
<div id="content">
<br />
<br />
<br />
<?php
$file_problem = false;
if (isset($_POST['submit'])) {
if ($_FILES['csvfile']['name'] != 'none' and $_FILES['csvfile']['name'] != '') {
if (!move_uploaded_file($_FILES['csvfile']['tmp_name'], $configObject->get('cfg_tmpdir') . $userObject->get_user_ID() . "_cohort_update.csv")) {
echo uploadError($_FILES['csvfile']['error']);
exit;
} else {
?>
<br /><br /><br />
<table class="dialog_border" style="width:600px">
<tr>
<td class="dialog_header"><img src="../artwork/modules_icon.png" width="48" height="48" alt="Icon" /> <?php
echo $string['importmodules'];
?>
</td>
</tr>
<tr>
<td class="dialog_body">
<?php
function processUpload()
{
global $mysqli;
$compo = intval($_POST["compo"]);
if (isset($_POST["token"]) && $_POST["token"] > 0) {
// Remove upload token
$stmt = $mysqli->prepare('DELETE FROM `uploading` WHERE
`idupload` = ? AND
`author` = ? AND
`idcompo` = ?
') or die('query failed');
$stmt->bind_param('isi', intval($_POST["token"]), $_POST["author"], $compo);
$stmt->execute() or die('query failed');
}
$result = $mysqli->query("SELECT * FROM `compos` WHERE (`idcompo` = {$compo}) AND (`active` != 0)") or die('query failed');
$isClosed = $result->num_rows == 0;
$result->free();
if ($isClosed) {
uploadError("Sorry, but uploading for this compo is closed.");
return;
}
if ($_POST["author"] == "") {
uploadError("You forgot to enter your name!");
return;
} else {
if ($_FILES['userfile']['size'] > MAX_UPLOAD_SIZE || $_FILES['userfile']['error'] === UPLOAD_ERR_INI_SIZE) {
uploadError("Your <s>penis</s> file is too big!");
return;
} else {
if ($_FILES['userfile']['size'] < 100) {
uploadError("Your <s>penis</s> file is too small!");
return;
}
}
}
setcookie("author", $_POST["author"], time() + 60 * 60 * 24 * 365, "/");
$arc = new ArchiveFile(UPLOAD_DIR . $compo);
if ($arc->Open() === FALSE) {
echo "<p>Can't update the pack, please contact the technical support!</p>";
return;
}
$safeName = safeFilename($_FILES['userfile']['name']);
$lastDot = strrpos($safeName, '.');
if (strlen($safeName) <= MAX_FILENAME_LENGTH || $lastDot === FALSE) {
$db_filename = substr($safeName, 0, MAX_FILENAME_LENGTH);
} else {
// Need to trim filename
$extension = substr($safeName, $lastDot);
$db_filename = substr($safeName, 0, MAX_FILENAME_LENGTH - strlen($extension)) . $extension;
}
// Get mod title
$modTitle = getModTitle($_FILES['userfile']['tmp_name'], $db_filename);
$insert = TRUE;
// duplicate filename?
$stmt = $mysqli->prepare('SELECT * FROM `entries` WHERE (`idcompo` = ?) AND (`filename` = ?)') or die('query failed');
$stmt->bind_param('is', $compo, $db_filename);
$stmt->execute() or die('query failed');
$result = $stmt->get_result();
if ($result->num_rows > 0) {
$row = $result->fetch_assoc();
//if(isset($_SESSION["upload-" . $row["identry"]]) && $_SESSION["upload-" . $row["identry"]] == $_POST["author"])
if ($row["author"] == $_POST["author"]) {
// replace file
$entryID = $row["identry"];
$stmtRep = $mysqli->prepare('UPDATE `entries` SET
`title` = ?,
`altered` = 1,
`date` = CURRENT_TIMESTAMP
WHERE `identry` = ?') or die('query failed');
$stmtRep->bind_param('si', $modTitle, $entryID);
$stmtRep->execute() or die('query failed');
$stmtRep->close();
@unlink(UPLOAD_DIR . $entryID);
$arc->PrepareReplace($db_filename);
$insert = FALSE;
} else {
// this is not ours, invent new filename
$db_filename = substr(dechex(mt_rand(0, 255)) . '-' . $db_filename, 0, MAX_FILENAME_LENGTH);
}
}
$result->free();
$stmt->close();
if ($insert) {
$stmt = $mysqli->prepare('INSERT INTO `entries` (`author`, `filename`, `title`, `idcompo`, `altered`) VALUES (?, ?, ?, ?, 0)') or die('query failed');
$stmt->bind_param('sssi', $_POST["author"], $db_filename, $modTitle, $compo);
$stmt->execute() or die('query failed');
$entryID = $stmt->insert_id;
$stmt->close();
}
$_SESSION["upload-{$entryID}"] = $_POST["author"];
$_SESSION["compo-{$compo}"] = TRUE;
if (move_uploaded_file($_FILES['userfile']['tmp_name'], UPLOAD_DIR . $db_filename)) {
$arc->Add(UPLOAD_DIR . $db_filename);
$arc->Close();
@unlink(UPLOAD_DIR . $db_filename);
echo '<h2>...go!</h2>';
if ($insert) {
echo '<p>OK, ', htmlspecialchars($_POST["author"]), ', all done. Good luck!</p>';
} else {
echo '<p>OK, ', htmlspecialchars($_POST["author"]), ', your file has been <strong>updated</strong>. Good luck!</p>';
}
echo '<p>If you need to replace your file, upload it using exactly the same file name (', htmlspecialchars($db_filename), ') and handle (', htmlspecialchars($_POST["author"]), ') as this one.</p>';
} else {
$arc->Close();
uploadError("Captain, the machinery failed! Please contact the technical support!");
return;
}
}
*
* @author Simon Wilkinson
* @version 1.0
* @copyright Copyright (c) 2014 The University of Nottingham
* @package
*/
require '../include/staff_auth.inc';
require '../include/errors.inc';
ini_set("auto_detect_line_endings", true);
$modID = check_var('module', 'REQUEST', true, false, true);
if (isset($_POST['submit'])) {
$session = $_POST['session'];
$session_flag = false;
if ($_FILES['txtfile']['name'] != 'none' and $_FILES['txtfile']['name'] != '') {
if (!move_uploaded_file($_FILES['txtfile']['tmp_name'], $configObject->get('cfg_tmpdir') . $userObject->get_user_ID() . '_load_objectives.txt')) {
echo uploadError($_FILES['txtfile']['error']);
exit;
} else {
$result = $mysqli->prepare("SELECT MAX(obj_id) AS largest FROM objectives");
$result->execute();
$result->bind_result($largest);
$i = 0;
while ($result->fetch()) {
$obj_id = $largest + 1;
}
if ($obj_id < 10) {
$obj_id = 123;
}
$result->close();
$identifier = 0;
$result = $mysqli->prepare("SELECT MAX(identifier) AS largest FROM sessions");
/**
* IMPORT: Loads a ZIP file, parses and adds contents to the database.
*/
public function import($paperID = 0)
{
if ($paperID != 0) {
$this->properties = PaperProperties::get_paper_properties_by_id($paperID, $this->db, $this->string);
}
$this->logger = new Logger($this->db);
$this->status_array = QuestionStatus::get_all_statuses_by_name($this->db, $this->string);
$this->get_keyword_ids();
$this->zip_filename = $this->userID . '_raf.zip';
$tmp_path = $this->configObj->get('cfg_tmpdir');
if (!move_uploaded_file($_FILES['raffile']['tmp_name'], $tmp_path . $this->zip_filename)) {
echo uploadError($_FILES['raffile']['error']);
exit;
}
$dest_dir = $tmp_path . $this->userID;
if (!file_exists($dest_dir)) {
mkdir($dest_dir, 0700);
}
$zip = new ZipArchive();
if ($zip->open($tmp_path . $this->zip_filename) === TRUE) {
$zip->extractTo($dest_dir);
if (file_exists($dest_dir . '/raf.json')) {
$this->data = file_get_contents($dest_dir . '/raf.json');
} else {
$zip->close();
$msg = sprintf($this->string['furtherassistance'], $this->configObj->get('support_email'), $this->configObj->get('support_email'));
$this->notice->display_notice_and_exit($this->db, $this->string['invalidraf'], $msg, $this->string['invalidraf'], '../artwork/exclamation_48.png', '#C00000', true, true);
}
$this->copy_images($dest_dir, $tmp_path);
$this->load_raf_data();
unlink($dest_dir . '/raf.json');
$zip->close();
} else {
$msg = sprintf($this->string['furtherassistance'], $this->configObj->get('support_email'), $this->configObj->get('support_email'));
$this->notice->display_notice_and_exit($this->db, $this->string['invalidzip'], $msg, $this->string['invalidzip'], '../artwork/exclamation_48.png', '#C00000', true, true);
}
}
