<?php
// Allow authorized users to set/remove holds on a project.
$relPath = "./../pinc/";
include_once $relPath . 'base.inc';
include_once $relPath . 'misc.inc';
// surround_and_join
include_once $relPath . 'Project.inc';
// validate_projectID() project_get_hold_states()
include_once $relPath . 'project_events.inc';
// log_project_event
require_login();
$projectid = validate_projectID('projectid', @$_POST['projectid']);
$return_uri = urldecode($_POST['return_uri']);
$project = new Project($projectid);
if (!$project->can_be_managed_by_current_user) {
echo "<p>", _('You are not authorized to manage this project.'), "</p>\n";
exit;
}
// --------------------------------------------------------------------
// Compute the difference between the requested set of hold-states
// and the current set. (Put each holdable state into one of 4 groups:)
$delta_ = array('remove' => array(), 'keep' => array(), 'add' => array(), 'keepout' => array());
$old_hold_states = $project->get_hold_states();
foreach ($Round_for_round_id_ as $round) {
foreach (array('project_waiting_state', 'project_available_state') as $s) {
$state = $round->{$s};
$old_hold = in_array($state, $old_hold_states);
// In $_POST keys, dots get converted to underscores.
$new_hold = @$_POST[str_replace('.', '_', $state)] == 'on';
if ($old_hold) {
<?php
$relPath = "./../../pinc/";
include_once $relPath . 'base.inc';
include_once $relPath . 'project_states.inc';
include_once $relPath . 'stages.inc';
include_once $relPath . 'Project.inc';
include_once './post_files.inc';
require_login();
$valid_round_ids = array_keys($Round_for_round_id_);
array_unshift($valid_round_ids, '[OCR]');
if (@$_REQUEST['projectid'] == 'many') {
$projectid = 'many';
} else {
$projectid = validate_projectID('projectid', @$_REQUEST['projectid']);
}
$round_id = get_enumerated_param($_REQUEST, 'round_id', null, $valid_round_ids);
$which_text = get_enumerated_param($_REQUEST, 'which_text', null, array('EQ', 'LE'));
$include_proofers = get_integer_param($_REQUEST, 'include_proofers', 0, 0, 1);
$save_files = get_integer_param($_REQUEST, 'save_files', 0, 0, 1);
// only sitemanagers are allowed to save files
if ($save_files && !user_is_a_sitemanager()) {
echo _('You are not authorized to invoke this script.');
exit;
}
// only people who can see names on the page details page
// can see names here.
$project = new Project($projectid);
if ($include_proofers && !$project->names_can_be_seen_by_current_user) {
echo _('You are not authorized to invoke this script.');
exit;
function set_from_post()
{
if (get_magic_quotes_gpc()) {
// Values in $_POST come with backslashes added.
// We want the fields of $this to be unescaped strings,
// so we strip the slashes.
$_POST = array_map('stripslashes', $_POST);
}
$errors = '';
if (isset($_POST['projectid'])) {
$projectid = validate_projectID('projectid', @$_POST['projectid']);
$this->projectid = $projectid;
$ucep_result = user_can_edit_project($this->projectid);
if ($ucep_result == PROJECT_DOES_NOT_EXIST) {
return _("parameter 'projectid' is invalid: no such project") . ": '{$this->projectid}'";
} else {
if ($ucep_result == USER_CANNOT_EDIT_PROJECT) {
return _("You are not authorized to manage this project.") . ": '{$this->projectid}'";
} else {
if ($ucep_result == USER_CAN_EDIT_PROJECT) {
// fine
} else {
return _("unexpected return value from user_can_edit_project") . ": '{$ucep_result}'";
}
}
}
} else {
if (isset($_POST['clone_projectid'])) {
// we're creating a clone
$clone_projectid = validate_projectID('clone_projectid', @$_POST['clone_projectid']);
$this->clone_projectid = $clone_projectid;
}
}
$this->nameofwork = @$_POST['nameofwork'];
// we're using preg_match as this field will be space-normalised later
if (preg_match('/^\\s*$/', $this->nameofwork)) {
$errors .= "Name of work is required.<br>";
}
$this->authorsname = @$_POST['authorsname'];
if (preg_match('/^\\s*$/', $this->authorsname)) {
$errors .= "Author is required.<br>";
}
if (user_is_a_sitemanager()) {
$this->projectmanager = @$_POST['username'];
if ($this->projectmanager == '') {
$errors .= _("Project manager is required.") . "<br>";
} else {
$errors .= check_user_exists($this->projectmanager, 'Project manager');
}
if (empty($errors) && !that_user_is_PM($this->projectmanager)) {
$errors .= sprintf(_("%s is not a PM."), $this->projectmanager) . "<br>";
}
} else {
$this->projectmanager = '';
}
$pri_language = @$_POST['pri_language'];
if ($pri_language == '') {
$errors .= _("Primary Language is required.") . "<br>";
}
$sec_language = @$_POST['sec_language'];
$this->language = $sec_language != '' ? "{$pri_language} with {$sec_language}" : $pri_language;
$this->genre = @$_POST['genre'];
if ($this->genre == '') {
$errors .= _("Genre is required.") . "<br>";
}
$this->image_source = @$_POST['image_source'];
if ($this->image_source == '') {
$errors .= _("Image Source is required. If the one you want isn't in list, you can propose to add it.") . "<br>";
$this->image_source = '_internal';
}
/*
else
{
if ($this->image_source == 'OTHER')
{
if (empty($_POST['imso_other']))
{
$errors .= "When Image Source is OTHER, details must be supplied.<br>";
}
else
{
$imso_other = $_POST['imso_other'];
$this->image_source = "O:".$imso_other;
}
}
}
*/
$this->special_code = @$_POST['special_code'];
if ($this->special_code != '') {
if (startswith($this->special_code, 'Birthday') || startswith($this->special_code, 'Otherday')) {
if (empty($_POST['bdayday']) or empty($_POST['bdaymonth'])) {
$errors .= _("Month and Day are required for Birthday or Otherday Specials.") . "<br>";
} else {
$bdaymonth = $_POST['bdaymonth'];
$bdayday = $_POST['bdayday'];
if (!checkdate($bdaymonth, $bdayday, 2000)) {
$errors .= _("Invalid date supplied for Birthday or Otherday Special.") . "<br>";
} else {
if (strlen($this->special_code) == 8) {
$this->special_code .= " " . $bdaymonth . $bdayday;
}
}
}
}
}
$this->checkedoutby = @$_POST['checkedoutby'];
// if it's an existing project, we want to know its state
if (isset($this->projectid)) {
// Somewhat kludgey to have to do this query here.
$res = mysql_query("\n SELECT state, checkedoutby, username\n FROM projects\n WHERE projectid='{$this->projectid}'\n ") or die(mysql_error());
list($state, $PPer, $PM) = mysql_fetch_row($res);
$this->state = $state;
// don't allow an empty PPer/PPVer if the project is checked out
if (($this->state == PROJ_POST_FIRST_CHECKED_OUT || $this->state == PROJ_POST_SECOND_CHECKED_OUT) && $this->checkedoutby == '') {
$errors .= _("This project is checked out: you must specify a PPer/PPVer");
$this->checkedoutby = $PPer;
}
if ($this->projectmanager == '') {
$this->projectmanager = $PM;
}
} else {
$this->state = '';
}
if ($this->checkedoutby != '') {
// make sure the named PPer/PPVer actually exists
$errors .= check_user_exists($this->checkedoutby, 'PPer/PPVer');
}
$this->image_preparer = @$_POST['image_preparer'];
if ($this->image_preparer != '') {
$errors .= check_user_exists($this->image_preparer, 'Image Preparer');
}
$this->text_preparer = @$_POST['text_preparer'];
if ($this->text_preparer != '') {
$errors .= check_user_exists($this->text_preparer, 'Text Preparer');
}
$this->posted = @$_POST['posted'];
$this->postednum = @$_POST['postednum'];
if ($this->posted) {
// We are in the process of marking this project as posted.
if ($this->postednum == '') {
$errors .= _("Posted Number is required.") . "<br>";
} else {
if (!preg_match('/^[1-9][0-9]*$/', $this->postednum)) {
$errors .= sprintf(_("Posted Number \"%s\" is not of the correct format."), $this->postednum) . "<br>";
// You'll sometimes see PG etext numbers with a 'C' appended.
// The 'C' is not part of the etext number
// (e.g., it does not appear in PG's RDF catalog),
// rather it's a bit of information about the identified text,
// namely that it's still under (US) copyright.
// Anyhow, the 'C' should not be included here.
}
}
}
$this->scannercredit = @$_POST['scannercredit'];
$this->comments = @$_POST['comments'];
$this->clearance = @$_POST['clearance'];
$this->difficulty_level = @$_POST['difficulty_level'];
$this->up_projectid = intval(@$_POST['up_projectid']);
$this->original_marc_array_encd = @$_POST['rec'];
$this->extra_credits = @$_POST['extra_credits'];
$this->deletion_reason = @$_POST['deletion_reason'];
if ($this->difficulty_level == '') {
global $pguser;
$this->difficulty_level = $pguser == "BEGIN" ? "beginner" : "average";
}
return $errors;
}
<?php
$relPath = "./../../pinc/";
include_once $relPath . 'base.inc';
include_once $relPath . 'misc.inc';
include_once $relPath . 'theme.inc';
include_once $relPath . 'Project.inc';
include_once 'page_table.inc';
require_login();
$projectid = validate_projectID('project', @$_GET['project']);
$show_image_size = get_integer_param($_GET, 'show_image_size', 0, 0, 1);
$project = new Project($projectid);
if (isset($_GET['select_by_user'])) {
$sbu = $_GET['select_by_user'];
if (empty($sbu)) {
// Show just the current user's pages.
$username_for_page_selection = $pguser;
} else {
// Explicitly specify a particular user.
// This is only available to PFs & SAs.
// (Yes, even though it merely filters
// information that is available to all.)
if (user_is_a_sitemanager() || user_is_proj_facilitator()) {
$username_for_page_selection = $sbu;
} else {
// Just show the current user's pages.
$username_for_page_selection = $pguser;
}
}
} else {
// No 'select_by_user' parameter, so show all pages.
// TRANSLATORS: This is a strftime-formatted string for the date with year and time
$datetime_format = _("%A, %B %e, %Y at %X");
// TRANSLATORS: This is a strftime-formatted string for the date and time
$date_format = _("%A, %B %e, %Y");
// TRANSLATORS: This is a strftime-formatted string for the time
$time_format = _("%X");
error_reporting(E_ALL);
// XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
// Usually, the user arrives here by clicking on the title of a project
// in a list of projects.
// But there are lots of other less-used pages that link here.
$MIN_DETAIL_LEVEL = 1;
$MAX_DETAIL_LEVEL = 4;
$DEFAULT_DETAIL_LEVEL = 3;
// Validate all the input
$projectid = validate_projectID('id', @$_GET['id']);
$expected_state = get_enumerated_param($_GET, 'expected_state', null, $PROJECT_STATES_IN_ORDER, true);
$detail_level = get_integer_param($_GET, 'detail_level', $DEFAULT_DETAIL_LEVEL, $MIN_DETAIL_LEVEL, $MAX_DETAIL_LEVEL);
// -----------------------------------------------------------------------------
$project = new Project($projectid);
// TRANSLATORS: this is the project page title.
// In a tabbed browser, the page-title passed to output_header() will appear
// in the tab, which tends to be small, as soon as you have a few of them.
// So, put the distinctive part of the page-title (i.e. the name of the
// project) first.
$title_for_theme = sprintf(_('"%s" project page'), $project->nameofwork);
$title = sprintf(_("Project Page for '%s'"), $project->nameofwork);
// -----------------------------------------------------------------------------
if (!$user_is_logged_in) {
// Guests see a reduced version of the project page.
output_header($title_for_theme, NO_STATSBAR);
<?php
$relPath = "../../pinc/";
include_once $relPath . 'base.inc';
include_once $relPath . 'Project.inc';
include_once '../../stats/jpgraph_files/common.inc';
require_login();
$projectid = validate_projectID("projectid", @$_GET["projectid"]);
// data for this graph is generated in show_wordcheck_page_stats.php
draw_simple_bar_graph(init_simple_bar_graph(600, 300, -1), $_SESSION["graph_pages_per_number_of_flags"][$projectid]["graph_x"], $_SESSION["graph_pages_per_number_of_flags"][$projectid]["graph_y"], ceil(count($_SESSION["graph_pages_per_number_of_flags"][$projectid]["graph_x"]) / 40), _("Number of flags on a page"), _("Pages with that many flags"));
// unsetting graph_pages_per_number_of_flags variable in the session
// to prevent it from getting large
// consider keeping this data if calling this
// image multiple times is needed in future code changes
unset($_SESSION["graph_pages_per_number_of_flags"][$projectid]);
// vim: sw=4 ts=4 expandtab
$relPath = "./../../pinc/";
include_once $relPath . 'base.inc';
include_once $relPath . 'Project.inc';
include_once $relPath . 'user_is.inc';
include_once $relPath . 'theme.inc';
require_login();
output_header("Copyright Approval");
if (!$site_supports_metadata) {
die('$site_supports_metadata is false, so exiting.');
}
if (!user_is_a_sitemanager()) {
die('You are not authorized to invoke this script.');
}
//----------------------------------------------------------------------------------
$projectid = validate_projectID('projectid', @$_GET['projectid'], true);
if (isset($projectid)) {
//update project approval status
if ($_GET['metadata'] == 'approved') {
$statuschange = 'project_new_app';
} else {
$statuschange = 'project_new_unapp';
}
$result = mysql_query("\n UPDATE projects\n SET state = '{$statuschange}'\n WHERE projectid = '{$projectid}'\n ");
}
echo "<table border=1>\n";
// Header row
echo "\n <tr>\n <td align='center' colspan='4'><b>Books Waiting for Copyright Approval</b></td>\n </tr>\n <tr>\n <td align='center' colspan='4'>The following books need to be approved/disapproved for copyright clearance.</td>\n </tr>\n <tr>\n <td align='center' colspan='1'><b>Title</b></td>\n <td align='center' colspan='1'><b>Author</b></td>\n <td align='center' colspan='1'><b>Clearance Line</b></td>\n <td align='center' colspan='1'><b>Approved/Disapproved</b></td>\n </tr>\n ";
$result = mysql_query("\n SELECT projectid, nameofwork, authorsname, clearance, state\n FROM projects\n WHERE state = 'project_new_waiting_app'\n ");
$numrows = mysql_num_rows($result);
$rownum = 0;
<?php
$relPath = '../../pinc/';
include_once $relPath . 'base.inc';
include_once $relPath . 'project_edit.inc';
include_once $relPath . 'project_trans.inc';
include_once $relPath . 'Project.inc';
include_once 'projectmgr.inc';
require_login();
abort_if_not_manager();
$curr_state = get_enumerated_param($_GET, 'curr_state', null, $PROJECT_STATES_IN_ORDER);
$new_state = get_enumerated_param($_GET, 'new_state', null, $PROJECT_STATES_IN_ORDER);
$projectids = array();
foreach (explode(',', @$_GET['projects']) as $projectid) {
$projectids[] = validate_projectID('projects', $projectid);
}
echo "<pre>\n";
echo sprintf(_("Moving projects from '%1\$s' to '%2\$s'..."), $curr_state, $new_state);
echo "\n\n";
foreach ($projectids as $projectid) {
echo "\n";
echo "{$projectid} ...\n";
try {
$project = new Project($projectid);
} catch (NonexistentProjectException $exception) {
echo " " . _("does not exist.") . "\n";
continue;
}
$result = user_can_edit_project($projectid);
if ($result == USER_CANNOT_EDIT_PROJECT) {
echo " " . _("You are not authorize to manage this project.") . "\n";
require_login();
if (!user_is_a_sitemanager()) {
die("You are not authorized to invoke this script.");
}
$copy_pages_url = "{$code_url}/tools/site_admin/copy_pages.php";
$extra_args["css_data"] = "\n table.copy { margin-left: 3em;}\n table.copy th { text-align: left;}\n input[type=text] { font-family: monospace; }\n";
$title = _("Copy Pages from One Project to Another");
output_header($title, NO_STATSBAR, $extra_args);
echo "<br>\n";
echo "<h1>" . $title . "</h1>\n";
echo "<hr>\n";
// Validate the $projectid_ and $from_image_ 'by hand'
$projectid_ = array_get($_POST, 'projectid_', NULL);
if (is_array($projectid_)) {
foreach ($projectid_ as $which => $projectid) {
$projectid_[$which] = validate_projectID("projectid_[{$which}]", $projectid);
}
}
$from_image_ = array_get($_POST, 'from_image_', NULL);
if (is_array($from_image_)) {
foreach ($from_image_ as $which => $filename) {
if ($filename) {
validate_page_image_filename("from_image_[{$which}]", $filename);
}
}
}
$action = get_enumerated_param($_POST, 'action', 'showform', array('showform', 'showagain', 'check', 'docopy'));
$page_name_handling = get_enumerated_param($_POST, 'page_name_handling', null, array('PRESERVE_PAGE_NAMES', 'RENUMBER_PAGES'), true);
$transfer_notifications = get_integer_param($_POST, 'transfer_notifications', 0, 0, 1);
$add_deletion_reason = get_integer_param($_POST, 'add_deletion_reason', 0, 0, 1);
$merge_wordcheck_files = get_integer_param($_POST, 'merge_wordcheck_files', 0, 0, 1);
// - Promote Level: If a project is ready to be promoted, it sends it to round 2
// - Complete Project: If a project has completed round 2, it sends it to post-processing or assign to the project manager
// - Release Projects: If there are not enough projects available to end users, it will release projects waiting to be released
$relPath = "./../../pinc/";
include_once $relPath . 'base.inc';
include_once $relPath . 'stages.inc';
include_once $relPath . 'projectinfo.inc';
include_once $relPath . 'project_trans.inc';
include_once $relPath . 'DPage.inc';
include_once $relPath . 'project_states.inc';
include_once $relPath . 'Project.inc';
// project_get_auto_PPer
include_once $relPath . 'misc.inc';
// requester_is_localhost()
include_once 'autorelease.inc';
$one_project = validate_projectID('project', @$_GET['project'], true);
$refresh_url = @$_GET['return_uri'];
// The following users are authorized to run this script:
// 1) localhost (eg: run from crontab) - can operate on all projects
// 2) SA and PFs - can operates on all projects
// 3) PMs - can operate only on their own projects
if (!requester_is_localhost()) {
require_login();
if (!user_is_a_sitemanager() && !user_is_proj_facilitator()) {
if ($one_project) {
$project = new Project($one_project);
if (!$project->can_be_managed_by_user($pguser)) {
die('You are not authorized to invoke this script.');
}
} else {
die('You are not authorized to invoke this script.');
function set_from_post()
{
if (get_magic_quotes_gpc()) {
// Values in $_POST come with backslashes added.
// We want the fields of $this to be unescaped strings,
// so we strip the slashes.
$_POST = array_map('stripslashes', $_POST);
}
if (isset($_POST['projectid'])) {
$this->projectid = validate_projectID('projectid', @$_POST['projectid']);
$ucep_result = user_can_edit_project($this->projectid);
if ($ucep_result == PROJECT_DOES_NOT_EXIST) {
return array(_("parameter 'projectid' is invalid: no such project") . ": '{$this->projectid}'");
} else {
if ($ucep_result == USER_CANNOT_EDIT_PROJECT) {
return array(_("You are not authorized to manage this project.") . ": '{$this->projectid}'");
} else {
if ($ucep_result == USER_CAN_EDIT_PROJECT) {
// fine
} else {
return array(_("unexpected return value from user_can_edit_project") . ": '{$ucep_result}'");
}
}
}
}
$this->projectid = validate_projectID('projectid', @$_POST['projectid']);
$this->good_words = @$_POST['good_words'];
$this->bad_words = @$_POST['bad_words'];
$this->gwl_timestamp = get_integer_param($_POST, 'gwl_timestamp', null, null, null);
$this->bwl_timestamp = get_integer_param($_POST, 'bwl_timestamp', null, null, null);
return array();
}