function choose_page($page) { if ($page !== "" && $page[0] === "~") { $xpage = Navigation::path_component(0, true); Navigation::set_path("/" . $page . Navigation::path_suffix(1)); $page = Navigation::set_page($xpage ?: "index"); } $i = strlen($page) - 4; if ($i > 0 && substr($page, $i) === ".php") { $page = substr($page, 0, $i); } if ($page === "index") { return null; } if (is_readable($page . ".php") && strpos($page, "/") === false) { return $page . ".php"; } else { if (preg_match(',\\A(?:images|scripts|stylesheets)\\z,', $page)) { $_REQUEST["file"] = $page . Navigation::path(); return "cacheable.php"; } else { Navigation::redirect_site("index"); } } }
<?php // resetpassword.php -- HotCRP password reset page // HotCRP and Peteramati are Copyright (c) 2006-2016 Eddie Kohler and others // See LICENSE for open-source distribution terms require_once "src/initweb.php"; if ($Conf->external_login()) { error_go(false, "Password reset links aren’t used for this conference. Contact your system administrator if you’ve forgotten your password."); } $resetcap = req("resetcap"); if ($resetcap === null && preg_match(',\\A/(U?1[-\\w]+)(?:/|\\z),i', Navigation::path(), $m)) { $resetcap = $m[1]; } if (!$resetcap) { error_go(false, "You didn’t enter the full password reset link into your browser. Make sure you include the reset code (the string of letters, numbers, and other characters at the end)."); } $iscdb = substr($resetcap, 0, 1) === "U"; $capmgr = $Conf->capability_manager($resetcap); $capdata = $capmgr->check($resetcap); if (!$capdata || $capdata->capabilityType != CAPTYPE_RESETPASSWORD) { error_go(false, "That password reset code has expired, or you didn’t enter it correctly."); } if ($iscdb) { $Acct = Contact::contactdb_find_by_id($capdata->contactId); } else { $Acct = Contact::find_by_id($capdata->contactId); } if (!$Acct) { error_go(false, "That password reset code refers to a user who no longer exists. Either create a new account or contact the conference administrator."); } // don't show information about the current user, if there is one
* apply CSS to with the `breadcrumb` class, for example: * * .breadcrumb { * list-style-type: none; * margin: 0; * padding: 0; * } * * .breadcrumb li { * list-style-type: none; * margin: 0; * padding: 0; * display: inline; * } */ $n = new Navigation(); $path = $n->path($page->id, true); $home = array('index' => i18n_get('Home')); $path = $path ? $path : $home; if (!in_array('index', array_keys($path))) { $path = array_merge($home, $path); } echo "<ul class=\"breadcrumb\">\n"; foreach ($path as $id => $title) { if ($id != $page->id) { printf("<li><a href=\"/%s\">%s</a> <span class=\"divider\">/</span></li>\n", $id, $title); } else { printf("<li class=\"active\">%s</li>\n", $title); } } echo '</ul>';
<?php // index.php -- HotCRP home page // HotCRP is Copyright (c) 2006-2016 Eddie Kohler and Regents of the UC // Distributed under an MIT-like license; see LICENSE require_once "lib/navigation.php"; if (Navigation::page() !== "index") { $page = Navigation::page(); if (is_readable("{$page}.php") && strpos($page, "/") === false) { include "{$page}.php"; exit; } else { if ($page == "images" || $page == "scripts" || $page == "stylesheets") { $_REQUEST["file"] = $page . Navigation::path(); include "cacheable.php"; exit; } else { Navigation::redirect_site("index"); } } } require_once "pages/home.php";
function escape() { global $Conf; if (get($_REQUEST, "ajax")) { if ($this->is_empty()) { $Conf->ajaxExit(array("ok" => 0, "loggedout" => 1)); } else { $Conf->ajaxExit(array("ok" => 0, "error" => "You don’t have permission to access that page.")); } } if ($this->is_empty()) { // Preserve post values across session expiration. $x = array(); if (Navigation::path()) { $x["__PATH__"] = preg_replace(",^/+,", "", Navigation::path()); } if (get($_REQUEST, "anchor")) { $x["anchor"] = $_REQUEST["anchor"]; } $url = selfHref($x, array("raw" => true, "site_relative" => true)); $_SESSION["login_bounce"] = array($Conf->dsn, $url, Navigation::page(), $_POST); if (check_post()) { error_go(false, "You’ve been logged out due to inactivity, so your changes have not been saved. After logging in, you may submit them again."); } else { error_go(false, "You must sign in to access that page."); } } else { error_go(false, "You don’t have permission to access that page."); } }
function choose_setting_group() { global $Conf; $Group = get($_REQUEST, "group"); if (!$Group && preg_match(',\\A/(\\w+)\\z,i', Navigation::path())) { $Group = substr(Navigation::path(), 1); } if (isset(SettingGroup::$map[$Group])) { $Group = SettingGroup::$map[$Group]; } if (!isset(SettingGroup::$all[$Group])) { if ($Conf->timeAuthorViewReviews()) { $Group = "decisions"; } else { if ($Conf->deadlinesAfter("sub_sub") || $Conf->time_review_open()) { $Group = "reviews"; } else { $Group = "sub"; } } } return $Group; }
function document_download() { global $Conf, $Me, $Opt; $documentType = HotCRPDocument::parse_dtype(@$_REQUEST["dt"]); if ($documentType === null) { $documentType = @$_REQUEST["final"] ? DTYPE_FINAL : DTYPE_SUBMISSION; } $attachment_filename = false; $docid = null; if (isset($_REQUEST["p"])) { $paperId = cvtint(@$_REQUEST["p"]); } else { if (isset($_REQUEST["paperId"])) { $paperId = cvtint(@$_REQUEST["paperId"]); } else { $s = $orig_s = preg_replace(',\\A/*,', "", Navigation::path()); $documentType = $dtname = null; if (str_starts_with($s, $Opt["downloadPrefix"])) { $s = substr($s, strlen($Opt["downloadPrefix"])); } if (preg_match(',\\Ap(?:aper)?(\\d+)/+(.*)\\z,', $s, $m)) { $paperId = intval($m[1]); if (preg_match(',\\A([^/]+)\\.[^/]+\\z,', $m[2], $mm)) { $dtname = $mm[1]; } else { if (preg_match(',\\A([^/]+)/+(.*)\\z,', $m[2], $mm)) { list($dtype, $attachment_filename) = array($m[1], $m[2]); } } } else { if (preg_match(',\\A(?:paper)?(\\d+)-?([-A-Za-z0-9_]*)(?:\\.[^/]+|/+(.*))\\z,', $s, $m)) { list($paperId, $dtname, $attachment_filename) = array(intval($m[1]), $m[2], @$m[3]); } else { if (preg_match(',\\A([A-Za-z_][-A-Za-z0-9_]*?)?-?(\\d+)(?:\\.[^/]+|/+(.*))\\z,', $s, $m)) { list($paperId, $dtname, $attachment_filename) = array(intval($m[2]), $m[1], @$m[3]); } } } if ($dtname !== null) { $documentType = HotCRPDocument::parse_dtype($dtname ?: "paper"); } if ($documentType !== null && $attachment_filename) { $o = PaperOption::find($documentType); if (!$o || $o->type != "attachments") { $documentType = null; } } } } if ($documentType === null) { document_error("404 Not Found", "Unknown document “" . htmlspecialchars($orig_s) . "”."); } $prow = $Conf->paperRow($paperId, $Me, $whyNot); if (!$prow) { document_error("404 Not Found", whyNotText($whyNot, "view")); } else { if ($whyNot = $Me->perm_view_pdf($prow)) { document_error("403 Forbidden", whyNotText($whyNot, "view")); } else { if ($documentType > 0 && !$Me->can_view_paper_option($prow, $documentType, true)) { document_error("403 Forbidden", "You don’t have permission to view this document."); } } } if ($attachment_filename) { $oa = $prow->option($documentType); foreach ($oa ? $oa->documents($prow) : array() as $doc) { if ($doc->unique_filename == $attachment_filename) { $docid = $doc; } } if (!$docid) { document_error("404 Not Found", "No such attachment “" . htmlspecialchars($orig_s) . "”."); } } // Actually download paper. session_write_close(); // to allow concurrent clicks if ($Conf->downloadPaper($prow, cvtint(@$_REQUEST["save"]) > 0, $documentType, $docid)) { exit; } document_error("500 Server Error", null); }
<?php // graph.php -- HotCRP review preference graph drawing page // HotCRP is Copyright (c) 2006-2016 Eddie Kohler and Regents of the UC // Distributed under an MIT-like license; see LICENSE require_once "src/initweb.php"; require_once "src/papersearch.php"; $Graph = @$_REQUEST["g"]; if (!$Graph && preg_match(',\\A/(\\w+)(/|\\z),', Navigation::path(), $m)) { $Graph = $_REQUEST["g"] = $m[1]; } // collect allowed graphs $Graphs = array(); if ($Me->isPC) { $Graphs["procrastination"] = "Procrastination"; $Graphs["formula"] = "Formula"; } if (!count($Graphs)) { $Me->escape(); } reset($Graphs); $GraphSynonym = array("reviewerlameness" => "procrastination"); if ($Graph && isset($GraphSynonym[$Graph])) { $Graph = $GraphSynonym[$Graph]; } if (!$Graph || !isset($Graphs[$Graph])) { redirectSelf(array("g" => key($Graphs))); } // Header and body $Conf->header("Graphs", "graphbody", actionBar()); $Conf->echoScript("");
$useRequest = isset($_REQUEST["after_login"]); foreach (array("emailNote", "reason") as $x) { if (isset($_REQUEST[$x]) && $_REQUEST[$x] == "Optional explanation") { unset($_REQUEST[$x], $_GET[$x], $_POST[$x]); } } if (!isset($_REQUEST["p"]) && !isset($_REQUEST["paperId"]) && preg_match(',\\A(?:new|\\d+)\\z,i', Navigation::path_component(0))) { $_REQUEST["p"] = $_GET["p"] = Navigation::path_component(0); if (!isset($_REQUEST["m"]) && ($x = Navigation::path_component(1))) { $_REQUEST["m"] = $_GET["m"] = $x; } if (isset($_REQUEST["m"]) && $_REQUEST["m"] === "api" && !isset($_REQUEST["fn"]) && ($x = Navigation::path_component(2))) { $_REQUEST["fn"] = $_GET["fn"] = $x; } } else { if (!Navigation::path() && isset($_REQUEST["p"]) && $_REQUEST["p"] && ctype_digit($_REQUEST["p"]) && !check_post()) { go(selfHref()); } } // header function confHeader() { global $paperTable; $mode = $paperTable ? $paperTable->mode : "p"; PaperTable::do_header($paperTable, "paper_" . ($mode == "edit" ? "edit" : "view"), $mode); } function errorMsgExit($msg) { global $Conf; if (@$_REQUEST["ajax"]) { Conf::msg_error($msg);
<?php /** * Displays contextual navigation, opening and closing * sections based on the currently active page. Shows * All parents and children of the current page. */ $n = new Navigation(); $path = $n->path($page->id); $path = $path ? $path : array(); require_once 'apps/navigation/lib/Functions.php'; navigation_print_context($n->tree, $path);
public static function set_path($path) { return self::$path = $path; }
<?php // resetpassword.php -- HotCRP password reset page // HotCRP is Copyright (c) 2006-2016 Eddie Kohler and Regents of the UC // Distributed under an MIT-like license; see LICENSE require_once "src/initweb.php"; if (!isset($_REQUEST["resetcap"]) && preg_match(',\\A/(U?1[-\\w]+)(?:/|\\z),i', Navigation::path(), $m)) { $_REQUEST["resetcap"] = $m[1]; } if (Contact::external_login()) { error_go(false, "This HotCRP installation does not store passwords. Contact your administrator to reset your password."); } if (!isset($_REQUEST["resetcap"])) { error_go(false, "You didn’t enter the full password reset link into your browser. Make sure you include the reset code (the string of letters, numbers, and other characters at the end)."); } $iscdb = substr($_REQUEST["resetcap"], 0, 1) === "U"; $capmgr = $Conf->capability_manager($_REQUEST["resetcap"]); $capdata = $capmgr->check($_REQUEST["resetcap"]); if (!$capdata || $capdata->capabilityType != CAPTYPE_RESETPASSWORD) { error_go(false, "That password reset code has expired, or you didn’t enter it correctly."); } if ($iscdb) { $Acct = Contact::contactdb_find_by_id($capdata->contactId); } else { $Acct = Contact::find_by_id($capdata->contactId); } if (!$Acct) { error_go(false, "That password reset code refers to a user who no longer exists. Either create a new account or contact the conference administrator."); } if (isset($Opt["ldapLogin"]) || isset($Opt["httpAuthLogin"])) { error_go(false, "Password reset links aren’t used for this conference. Contact your system administrator if you’ve forgotten your password.");
change_email_by_capability(); } if (!$Me->has_email()) { $Me->escape(); } $newProfile = false; $useRequest = false; $UserStatus = new UserStatus(); if (!isset($_REQUEST["u"]) && isset($_REQUEST["user"])) { $_REQUEST["u"] = $_REQUEST["user"]; } if (!isset($_REQUEST["u"]) && isset($_REQUEST["contact"])) { $_REQUEST["u"] = $_REQUEST["contact"]; } if (!isset($_REQUEST["u"]) && preg_match(',\\A/(?:new|[^\\s/]+)\\z,i', Navigation::path())) { $_REQUEST["u"] = substr(Navigation::path(), 1); } if ($Me->privChair && @$_REQUEST["new"]) { $_REQUEST["u"] = "new"; } // Load user. $Acct = $Me; if ($Me->privChair && @$_REQUEST["u"]) { if ($_REQUEST["u"] === "new") { $Acct = new Contact(); $newProfile = true; } else { if (($id = cvtint($_REQUEST["u"])) > 0) { $Acct = Contact::find_by_id($id); } else { $Acct = Contact::find_by_email($_REQUEST["u"]);
static function set_path_request($paths) { global $Conf; $path = Navigation::path(); if ($path === "") { return; } $x = explode("/", $path); if (count($x) && $x[count($x) - 1] == "") { array_pop($x); } foreach ($paths as $p) { $ppos = $xpos = 0; $commitsuf = ""; $settings = array(); while ($ppos < strlen($p) && $xpos < count($x)) { if ($p[$ppos] == "/") { ++$xpos; } else { if ($p[$ppos] == "p" && $Conf->pset_by_key(get($x, $xpos))) { $settings["pset"] = $x[$xpos]; } else { if ($p[$ppos] == "H" && strlen($x[$xpos]) == 40 && ctype_xdigit($x[$xpos])) { $settings["commit" . $commitsuf] = $x[$xpos]; $commitsuf = (int) $commitsuf + 1; } else { if ($p[$ppos] == "h" && strlen($x[$xpos]) >= 6 && ctype_xdigit($x[$xpos])) { $settings["commit" . $commitsuf] = $x[$xpos]; $commitsuf = (int) $commitsuf + 1; } else { if ($p[$ppos] == "u" && strlen($x[$xpos])) { if ($x[$xpos][0] != "@" && $x[$xpos][0] != "~") { $settings["u"] = $x[$xpos]; } else { if (strlen($x[$xpos]) > 1) { $settings["u"] = substr($x[$xpos], 1); } } } else { if ($p[$ppos] == "@" && strlen($x[$xpos]) && ($x[$xpos][0] == "@" || $x[$xpos][0] == "~")) { if (strlen($x[$xpos]) > 1) { $settings["u"] = substr($x[$xpos], 1); } } else { if ($p[$ppos] == "f") { $settings["file"] = join("/", array_slice($x, $xpos)); $xpos = count($x) - 1; } else { if ($p[$ppos] == "*") { $xpos = count($x) - 1; } else { $settings = null; break; } } } } } } } } ++$ppos; } if ($settings && $xpos == count($x) - 1) { foreach ($settings as $k => $v) { if (!isset($_GET[$k]) && !isset($_POST[$k])) { $_GET[$k] = $_REQUEST[$k] = $v; } } break; } } }