Пример #1
0
function _compo2_preview_comments($params, $uid, $form = true)
{
    if ($form) {
        if ($params["uid"]) {
            $comments = trim(compo2_strip($_REQUEST["comments"]));
            if (strlen($comments)) {
                $user = compo2_get_user($params["uid"]);
                compo2_insert("c2_comments", array("cid" => $params["cid"], "to_uid" => $uid, "from_uid" => $params["uid"], "ts" => date("Y-m-d H:i:s"), "content" => $comments, "get_user" => serialize(array("display_name" => $user->display_name, "user_nicename" => $user->user_nicename, "user_email" => $user->user_email))));
                header("Location: ?action=preview&uid={$uid}");
                die;
            }
        }
    }
    $r = compo2_query("select * from c2_comments where cid = ? and to_uid = ? order by ts asc", array($params["cid"], $uid));
    echo "<h2>Comments</h2>";
    $pe = array();
    foreach ($r as $e) {
        if (strlen(trim($e["content"]))) {
            // get rid of double posts.
            if (strcmp($e["from_uid"], $pe["from_uid"]) == 0 && strcmp($e["content"], $pe["content"]) == 0) {
                continue;
            }
            $pe = $e;
            $user = unserialize($e["get_user"]);
            echo "<div class = 'comment'>";
            echo get_gravatar($user["user_email"], 48, 'mm', 'g', true, array("align" => "right", "class" => "gravatar"));
            $cuid = intval($e["from_uid"]);
            echo "<div><strong><a href=\"?action=preview&uid={$cuid}\">{$user["display_name"]}</a> says ...</strong></div>";
            echo "<div><small>" . date("M j, Y @ g:ia", strtotime($e["ts"])) . "</small></div>";
            echo "<p>" . str_replace("\n", "<br/>", htmlentities(trim($e["content"]))) . "</p>";
            echo "</div>";
        }
    }
    if ($form) {
        if ($params["uid"]) {
            echo "<form method='post' action='?action=preview&uid={$uid}'>";
            echo "<textarea name='comments' rows=4 cols=60></textarea>";
            echo "<p><input type='submit' value='Submit Comment'></p>";
        } else {
            echo "<p>You must sign in to comment.</p>";
        }
    }
}
Пример #2
0
function _compo2_rate_submit($params)
{
    //     print_r($_REQUEST); die;
    $uid = intval($_REQUEST["uid"]);
    $ce = compo2_entry_load($params["cid"], $uid);
    if (!$ce["id"]) {
        compo2_error("Invalid Entry: uid={$uid}");
    }
    if ($uid == $params["uid"]) {
        compo2_error("You can't vote on your own Entry!");
    }
    $data = array();
    $total = 0;
    foreach ($_REQUEST["data"] as $k => $v) {
        //         $data[$k] = strlen($v)?intval($v):""; // worked for old method
        $data[$k] = intval($v) ? intval($v) : "";
        // works for new javascript starry
        $total += $data[$k];
    }
    $comments = trim(compo2_strip($_REQUEST["comments"]));
    //    $comments2 = trim(compo2_strip($_REQUEST["comments2"]));
    //    if ( strlen($comments2) > 0 ) {
    //   		$comments = $comments2;
    //   	}
    $e = array("cid" => $params["cid"], "to_uid" => $ce["uid"], "from_uid" => $params["uid"], "data" => serialize($data), "ts" => date("Y-m-d H:i:s"));
    $total += strlen($comments);
    if (strlen($comments)) {
        $user = compo2_get_user($params["uid"]);
        compo2_insert("c2_comments", array("cid" => $params["cid"], "to_uid" => $uid, "from_uid" => $params["uid"], "ts" => date("Y-m-d H:i:s"), "content" => $comments, "get_user" => serialize(array("display_name" => $user->display_name, "user_nicename" => $user->user_nicename, "user_email" => $user->user_email))));
    }
    $r = compo2_query("select * from c2_comments where cid = ? and to_uid = ? and from_uid = ?", array("cid" => $params["cid"], "to_uid" => $uid, "from_uid" => $params["uid"]));
    $e["comments"] = intval(count($r) != 0);
    if ($total) {
        compo2_query("delete from c2_rate where cid = ? and to_uid = ? and from_uid = ?", array($params["cid"], $ce["uid"], $params["uid"]));
        compo2_insert("c2_rate", $e);
    }
    _compo2_rate_recalc($params, $ce["uid"]);
    _compo2_rate_io_calc($params, $ce["uid"]);
    _compo2_rate_io_calc($params, $params["uid"]);
    header("Location: ?action=default");
    die;
}
Пример #3
0
function _compo2_active_save($params, $uid = "", $is_admin = 0)
{
    if (!$uid) {
        $uid = $params["uid"];
    }
    $ce = compo2_entry_load($params["cid"], $uid);
    if (isset($params["locked"]) && !isset($ce["id"]) && !$is_admin) {
        echo "<p class='warning'>This competition is locked.  No new entries are being accepted.</p>";
        return;
    }
    /*	
    	if ( current_user_can('edit_others_posts') ) {
    		echo "Hey team. Just ignore this for now. Only you can see it. Thanks!<br /><br />";
    		var_dump( $_REQUEST );
    		echo "<br /><br />";
    		var_dump( $ce );
    	}
    */
    $active = true;
    $msg = "";
    if (!$_REQUEST["formdata"]) {
        $active = false;
        $msg .= "ERROR: Entry not updated. Bad formdata. Something is wrong.<br />";
    } else {
        $ce["title"] = compo2_strip($_REQUEST["title"]);
        if (!strlen(trim($ce["title"]))) {
            $active = false;
            $msg .= "Name is required.<br />";
        }
        if (isset($_REQUEST["etype"]) && $_REQUEST["etype"] !== "") {
            $ce["etype"] = $_REQUEST["etype"];
        }
        if ($params["init"] == 0) {
            $ce["is_judged"] = intval(strcmp($ce["etype"], "compo") == 0);
        } else {
            $ce["is_judged"] = 1;
            // now we judge all entries
        }
        if (!strlen($ce["etype"])) {
            $active = false;
            $msg .= "Submission Type is required.<br />";
        }
        $ce["notes"] = compo2_strip($_REQUEST["notes"]);
        $shots = unserialize($ce["shots"]);
        if ($shots == null) {
            $shots = array();
        }
        // For loop, because we're looking for File IDs of the same generated name (shot0, shot1, etc) //
        for ($i = 0; $i < 9; $i++) {
            $k = "shot{$i}";
            $fe = $_FILES[$k];
            // Reject empty filename (i.e. no change) //
            if (!trim($fe["tmp_name"])) {
                continue;
            }
            list($w, $h, $type) = getimagesize($fe["tmp_name"]);
            if (current_user_can('edit_others_posts')) {
                $msg .= "Debug: Shot " . ($i + 1) . ": [{$w},{$h},{$type}]<br />";
            }
            // Reject Bad Dimensions (0 or less, or bigger than 4k) //
            if (intval($w) <= 0 || intval($h) <= 0) {
                $msg .= "Problem with Screenshot " . ($i + 1) . "! [{$w},{$h},{$type}]<br />";
                continue;
            }
            if ($w > 4096 || $h > 2160) {
                $msg .= "Screenshot " . ($i + 1) . " is too big! Should be 4096x2160 or less. [{$w},{$h},{$type}]<br />";
                continue;
            }
            // Reject Bad File Size (greater than 8 MB) //
            $image_size = filesize($fe["tmp_name"]);
            if ($image_size > 8 * 1024 * 1024) {
                $msg .= "Screenshot " . ($i + 1) . " file is too large! Images should be 8 MB or less. [{$image_size}]<br />";
                continue;
            }
            $ext = array_pop(explode(".", $fe["name"]));
            // Reject File Formats //
            if (!in_array(strtolower($ext), array("png", "gif", "jpg", "jpeg"))) {
                $msg .= "Screenshot " . ($i + 1) . ": Invalid Type \"{$ext}\". Should be PNG, JPEG or GIF.<br />";
                continue;
            }
            $cid = $params["cid"];
            $ts = time();
            $fname = "{$cid}/{$uid}-{$k}-{$ts}.{$ext}";
            $dname = dirname(__FILE__) . "/../../compo2";
            @mkdir("{$dname}/{$cid}");
            $dest = "{$dname}/{$fname}";
            $old_file = $dname . '/' . $shots[$k];
            if (trim($shots[$k]) !== "" && file_exists($old_file)) {
                //unlink( $old_file ); // Delete One File //
                array_map('unlink', glob($old_file . "*"));
                // Delete all files with same base //
            }
            move_uploaded_file($fe["tmp_name"], $dest);
            $shots[$k] = $fname;
        }
        $ce["shots"] = serialize($shots);
        if (!count($shots)) {
            $active = false;
            $msg .= "You must include at least one screenshot.<br />";
        }
        foreach ($_REQUEST["links"] as $k => $le) {
            $_REQUEST["links"][$k] = array("title" => compo2_strip($le["title"]), "link" => compo2_strip($le["link"]));
        }
        $ce["links"] = serialize($_REQUEST["links"]);
        $ok = false;
        foreach ($_REQUEST["links"] as $le) {
            if (strlen(trim($le["title"])) && strlen(trim($le["link"]))) {
                $ok = true;
            }
        }
        if (!$ok) {
            $active = false;
            $msg .= "You must include at least one link.<br />";
        }
        if ($is_admin) {
            $ce["disabled"] = $_REQUEST["disabled"];
        }
        if ($ce["disabled"]) {
            $active = false;
            $msg .= "This Entry has been disabled.<br />";
        }
        //     $ce["data"] = serialize($_REQUEST["data"]);
        $ce["active"] = intval($active);
        $user = compo2_get_user($uid);
        $ce["get_user"] = serialize(array("display_name" => $user->display_name, "user_nicename" => $user->user_nicename, "user_email" => $user->user_email));
        // MK START //
        // Build Settings //
        $settings = [];
        // Opt-Outs //
        foreach ($params["divs"] as $div) {
            foreach ($params[$div . "_cats"] as $cat) {
                if (!isset($_REQUEST["OPTOUT"][$div][$cat])) {
                    $settings["OPTOUT"][$div][$cat] = 1;
                }
            }
        }
        // Parental Settings and other Settings //
        $settings["NSFW"] = isset($_REQUEST["SETTING"]["NSFW"]) ? 1 : 0;
        $settings["NSFL"] = isset($_REQUEST["SETTING"]["NSFL"]) ? 1 : 0;
        $settings["ANONYMOUS"] = isset($_REQUEST["SETTING"]["ANONYMOUS"]) ? 1 : 0;
        // Embedded Game Player //
        $embed_width = 800;
        $embed_height = 450;
        $embed_url = "";
        $embed_fullscreen = false;
        $embed_nocontrols = false;
        if (isset($_REQUEST["SETTING"]["EMBED"]["width"])) {
            $width = intval($_REQUEST["SETTING"]["EMBED"]["width"]);
            if ($width > 900) {
                $width = 900;
            }
            if ($width < 16) {
                $width = 16;
            }
            $embed_width = $width;
        }
        if (isset($_REQUEST["SETTING"]["EMBED"]["height"])) {
            $height = intval($_REQUEST["SETTING"]["EMBED"]["height"]);
            if ($height > 600) {
                $height = 600;
            }
            if ($height < 9) {
                $height = 9;
            }
            $embed_height = $height;
        }
        if (isset($_REQUEST["SETTING"]["EMBED"]["url"])) {
            $embed_url = esc_url($_REQUEST["SETTING"]["EMBED"]["url"]);
        }
        if (isset($_REQUEST["SETTING"]["EMBED"]["fullscreen"])) {
            $embed_fullscreen = intval($_REQUEST["SETTING"]["EMBED"]["fullscreen"]) ? true : false;
        }
        if (isset($_REQUEST["SETTING"]["EMBED"]["nocontrols"])) {
            $embed_nocontrols = intval($_REQUEST["SETTING"]["EMBED"]["nocontrols"]) ? true : false;
        }
        $settings["EMBED"]["width"] = $embed_width;
        $settings["EMBED"]["height"] = $embed_height;
        $settings["EMBED"]["url"] = $embed_url;
        $settings["EMBED"]["fullscreen"] = $embed_fullscreen;
        $settings["EMBED"]["nocontrols"] = $embed_nocontrols;
        $ce["settings"] = serialize($settings);
        $ce["stamp"] = date("Y-m-d H:i:s");
        // MK END //
        unset($ce["results"]);
        if (!$ce["id"]) {
            $ce["cid"] = $params["cid"];
            $ce["uid"] = $uid;
            $ce["ts"] = date("Y-m-d H:i:s");
            compo2_insert("c2_entry", $ce);
        } else {
            compo2_update("c2_entry", $ce);
        }
        echo "<h3>Entry Saved</h3>";
    }
    if (!$active) {
        $msg .= "<br />Entry is inactive due to errors. <a href='?action=edit'>Edit Entry</a>.";
    }
    if ($msg) {
        echo "<p class='error'>{$msg}</p>";
    }
    if (!$is_admin) {
        echo "<p><a href='?action=edit'>Edit Entry</a> | <a href='?action=default'>Browse entries</a> | <a href='?action=preview&uid={$params["uid"]}'>View Entry</a></p>";
    } else {
        echo "<p><a href='?action=default&admin=1'>Browse entries</a></p>";
    }
    //     header("Location: ?action=default"); die;
}