Exemplo n.º 1
0
            $author = $songs[intval($doot) - 1]['author'];
            print "--=> " . $author . " <=- Did not vote\n";
        }
    }
    print "\n\n";
    print "-----<O>-----\n";
    print "This results were generated with LazyVote. (c) 2010 coda and Saga Musix. http://wiki.s3m.us";
    $text = ob_get_clean();
    $outFileName = UPLOAD_DIR . $compo . '.txt';
    file_put_contents($outFileName, $text);
    @chmod($outFileName, 0755);
    $arc = new ArchiveFile(UPLOAD_DIR . $compo);
    $resultsTxt = UPLOAD_DIR . 'results.txt';
    $arc->PrepareReplace($resultsTxt);
    if (copy($outFileName, $resultsTxt)) {
        $arc->Add($resultsTxt);
    }
    @unlink($resultsTxt);
    $arc->Close();
    redirect(BASEDIR . "results/{$compo}.txt");
}
?>
  <script src="https://code.jquery.com/jquery-1.12.4.min.js" integrity="sha384-nvAa0+6Qg9clwYCGGPpDQLVpLNn0fRaROjHqs13t4Ggj3Ez50XnGQqc/r8MhnRDZ" crossorigin="anonymous"></script>
  <script src="https://code.jquery.com/ui/1.12.1/jquery-ui.min.js" integrity="sha384-Dziy8F2VlJQLMShA6FHWNul/veM9bCkRUaLqr199K94ntO5QUrLJBEbYegdSkkqX" crossorigin="anonymous"></script>
  <script type="text/javascript">var BASEDIR = "{{BASE}}";</script>
  <script src="{{BASE}}js/lazyvote.js" type="text/javascript"></script>
    <h2>Entries</h2>
<?php 
if ($isActive) {
    echo '<p>Warning: Uploading is still active for this compo! First disable uploading before processing votes!</p>';
}
Exemplo n.º 2
0
function processUpload()
{
    global $mysqli;
    $compo = intval($_POST["compo"]);
    if (isset($_POST["token"]) && $_POST["token"] > 0) {
        // Remove upload token
        $stmt = $mysqli->prepare('DELETE FROM `uploading` WHERE
            `idupload` = ? AND
            `author` = ? AND
            `idcompo` = ?
        ') or die('query failed');
        $stmt->bind_param('isi', intval($_POST["token"]), $_POST["author"], $compo);
        $stmt->execute() or die('query failed');
    }
    $result = $mysqli->query("SELECT * FROM `compos` WHERE (`idcompo` = {$compo}) AND (`active` != 0)") or die('query failed');
    $isClosed = $result->num_rows == 0;
    $result->free();
    if ($isClosed) {
        uploadError("Sorry, but uploading for this compo is closed.");
        return;
    }
    if ($_POST["author"] == "") {
        uploadError("You forgot to enter your name!");
        return;
    } else {
        if ($_FILES['userfile']['size'] > MAX_UPLOAD_SIZE || $_FILES['userfile']['error'] === UPLOAD_ERR_INI_SIZE) {
            uploadError("Your <s>penis</s> file is too big!");
            return;
        } else {
            if ($_FILES['userfile']['size'] < 100) {
                uploadError("Your <s>penis</s> file is too small!");
                return;
            }
        }
    }
    setcookie("author", $_POST["author"], time() + 60 * 60 * 24 * 365, "/");
    $arc = new ArchiveFile(UPLOAD_DIR . $compo);
    if ($arc->Open() === FALSE) {
        echo "<p>Can't update the pack, please contact the technical support!</p>";
        return;
    }
    $safeName = safeFilename($_FILES['userfile']['name']);
    $lastDot = strrpos($safeName, '.');
    if (strlen($safeName) <= MAX_FILENAME_LENGTH || $lastDot === FALSE) {
        $db_filename = substr($safeName, 0, MAX_FILENAME_LENGTH);
    } else {
        // Need to trim filename
        $extension = substr($safeName, $lastDot);
        $db_filename = substr($safeName, 0, MAX_FILENAME_LENGTH - strlen($extension)) . $extension;
    }
    // Get mod title
    $modTitle = getModTitle($_FILES['userfile']['tmp_name'], $db_filename);
    $insert = TRUE;
    // duplicate filename?
    $stmt = $mysqli->prepare('SELECT * FROM `entries` WHERE (`idcompo` = ?) AND (`filename` = ?)') or die('query failed');
    $stmt->bind_param('is', $compo, $db_filename);
    $stmt->execute() or die('query failed');
    $result = $stmt->get_result();
    if ($result->num_rows > 0) {
        $row = $result->fetch_assoc();
        //if(isset($_SESSION["upload-" . $row["identry"]]) && $_SESSION["upload-" . $row["identry"]] == $_POST["author"])
        if ($row["author"] == $_POST["author"]) {
            // replace file
            $entryID = $row["identry"];
            $stmtRep = $mysqli->prepare('UPDATE `entries` SET
                `title` = ?,
                `altered` = 1,
                `date` = CURRENT_TIMESTAMP
                WHERE `identry` = ?') or die('query failed');
            $stmtRep->bind_param('si', $modTitle, $entryID);
            $stmtRep->execute() or die('query failed');
            $stmtRep->close();
            @unlink(UPLOAD_DIR . $entryID);
            $arc->PrepareReplace($db_filename);
            $insert = FALSE;
        } else {
            // this is not ours, invent new filename
            $db_filename = substr(dechex(mt_rand(0, 255)) . '-' . $db_filename, 0, MAX_FILENAME_LENGTH);
        }
    }
    $result->free();
    $stmt->close();
    if ($insert) {
        $stmt = $mysqli->prepare('INSERT INTO `entries` (`author`, `filename`, `title`, `idcompo`, `altered`) VALUES (?, ?, ?, ?, 0)') or die('query failed');
        $stmt->bind_param('sssi', $_POST["author"], $db_filename, $modTitle, $compo);
        $stmt->execute() or die('query failed');
        $entryID = $stmt->insert_id;
        $stmt->close();
    }
    $_SESSION["upload-{$entryID}"] = $_POST["author"];
    $_SESSION["compo-{$compo}"] = TRUE;
    if (move_uploaded_file($_FILES['userfile']['tmp_name'], UPLOAD_DIR . $db_filename)) {
        $arc->Add(UPLOAD_DIR . $db_filename);
        $arc->Close();
        @unlink(UPLOAD_DIR . $db_filename);
        echo '<h2>...go!</h2>';
        if ($insert) {
            echo '<p>OK, ', htmlspecialchars($_POST["author"]), ', all done. Good luck!</p>';
        } else {
            echo '<p>OK, ', htmlspecialchars($_POST["author"]), ', your file has been <strong>updated</strong>. Good luck!</p>';
        }
        echo '<p>If you need to replace your file, upload it using exactly the same file name (', htmlspecialchars($db_filename), ') and handle (', htmlspecialchars($_POST["author"]), ') as this one.</p>';
    } else {
        $arc->Close();
        uploadError("Captain, the machinery failed! Please contact the technical support!");
        return;
    }
}