function display_s_item_type_insert_form($HTTP_VARS)
{
$sat_results = fetch_sfieldtype_attribute_type_rs(array('TITLE', 'CATEGORY', 'STATUSTYPE', 'STATUSCMNT', 'DURATION'));
while ($attribute_type_r = db_fetch_assoc($sat_results)) {
$s_attribute_type_list_rs[] = $attribute_type_r;
}
db_free_result($sat_results);
echo get_s_attribute_type_tooltip_array($s_attribute_type_list_rs);
echo "\n<table>";
// s_item_type
echo get_input_field("s_item_type", NULL, "Item Type", "text(10,10)", "Y", $HTTP_VARS['s_item_type']);
//description
echo get_input_field("description", NULL, "Description", "text(30,60)", "Y", $HTTP_VARS['description']);
//image
echo get_input_field("image", NULL, "Image", "url(15,*,\"gif,jpg,png\",N)", "N", $HTTP_VARS['image']);
echo "\n</table>";
echo "<h4>Field Type Attributes</h4>";
echo "\n<table>";
display_item_type_insert_field('Title', 'TITLE');
display_item_type_insert_field('Category', 'CATEGORY');
display_item_type_insert_field('Status Type', 'STATUSTYPE');
display_item_type_insert_field('Status Comment', 'STATUSCMNT');
if (get_opendb_config_var('borrow', 'enable') !== FALSE && get_opendb_config_var('borrow', 'duration_support') !== FALSE) {
display_item_type_insert_field('Borrow Duration', 'DURATION');
}
echo "\n</table>";
}
function get_announcements_block()
{
$buffer = '';
if (is_user_granted_permission(PERM_ADMIN_ANNOUNCEMENTS)) {
// include a login warning if user password and email are still the defaults
if (get_opendb_session_var('user_id') == 'admin') {
$announcements_rs = get_admin_announcements_rs();
while (list(, $announcement_r) = each($announcements_rs)) {
$buffer .= "<li><h4>" . $announcement_r['heading'] . "</h4>\n\t\t\t\t\t<p class=\"content\">" . $announcement_r['message'] . "<a class=\"adminLink\" href=\"" . $announcement_r['link'] . "\">" . $announcement_r['link_text'] . "</a></p>";
}
}
}
if (get_opendb_config_var('welcome.announcements', 'enable') !== FALSE && is_user_granted_permission(PERM_VIEW_ANNOUNCEMENTS)) {
$results = fetch_announcement_rs('submit_on', 'DESC', 0, get_opendb_config_var('welcome.announcements', 'display_count'), 'Y', 'Y');
if ($results) {
while ($announcement_r = db_fetch_assoc($results)) {
$buffer .= "<li><h4>" . $announcement_r['title'] . "</h4>";
$buffer .= "<small class=\"submitDate\">" . get_localised_timestamp(get_opendb_config_var('welcome.announcements', 'datetime_mask'), $announcement_r['submit_on']) . "</small>";
$buffer .= "<p class=\"content\">" . nl2br($announcement_r['content']) . "</p></li>";
}
db_free_result($results);
}
}
if (strlen($buffer) > 0) {
return "\n<div id=\"announcements\">" . "<h3>" . get_opendb_lang_var('announcements') . "</h3>" . "\n<ul>" . $buffer . "\n</ul></div>";
} else {
return NULL;
}
}
function check_item_type_structure($s_item_type, &$error)
{
if (is_exists_item_type($s_item_type)) {
$missing_s_field_types = NULL;
if (!fetch_sfieldtype_item_attribute_type($s_item_type, 'TITLE')) {
$missing_s_field_types[] = 'TITLE';
}
if (!fetch_sfieldtype_item_attribute_type($s_item_type, 'STATUSTYPE')) {
$missing_s_field_types[] = 'STATUSTYPE';
}
if (!fetch_sfieldtype_item_attribute_type($s_item_type, 'STATUSCMNT')) {
$missing_s_field_types[] = 'STATUSCMNT';
}
if (!fetch_sfieldtype_item_attribute_type($s_item_type, 'CATEGORY')) {
$missing_s_field_types[] = 'CATEGORY';
}
if (get_opendb_config_var('borrow', 'enable') !== FALSE && get_opendb_config_var('borrow', 'duration_support') !== FALSE) {
if (!fetch_sfieldtype_item_attribute_type($s_item_type, 'DURATION')) {
$missing_s_field_types[] = 'DURATION';
}
}
if (is_not_empty_array($missing_s_field_types)) {
$error = array('error' => 'The following Field Type attribute relationships are missing.', 'detail' => $missing_s_field_types);
return FALSE;
} else {
// No errors so no problem.
return TRUE;
}
} else {
// no message if s_item_type does not even exist.
return FALSE;
}
}
function output_cache_file($url)
{
// no point streaming a local URI
if (is_url_absolute($url) && get_opendb_config_var('http.stream_external_images', 'enable') !== FALSE && is_uri_domain_in_list($url, get_opendb_config_var('http.stream_external_images', 'domain_list'))) {
$snoopy = new OpenDbSnoopy();
$dataBuffer =& $snoopy->fetchURI($url, FALSE);
if ($dataBuffer !== FALSE) {
if (is_array($snoopy->headers)) {
for ($i = 0; $i < count($snoopy->headers); $i++) {
header($snoopy->headers[$i]);
}
}
echo $dataBuffer;
flush();
} else {
opendb_redirect($url);
}
unset($snoopy);
} else {
if (($file = get_item_input_file_upload_url($url)) !== FALSE) {
// file upload - that is not cached
opendb_redirect($file);
} else {
opendb_redirect($url);
}
}
}
function get_edit_announcement_input_form($announcement_r, $HTTP_VARS = NULL)
{
global $PHP_SELF;
$buffer .= "<form action=\"{$PHP_SELF}\" method=\"POST\">";
$buffer .= "\n<input type=\"hidden\" name=\"type\" value=\"announcements\">";
if (is_array($announcement_r)) {
$buffer .= "\n<input type=\"hidden\" name=\"op\" value=\"update\">" . "\n<input type=\"hidden\" name=\"announcement_id\" value=\"" . $announcement_r['announcement_id'] . "\">";
} else {
$buffer .= "\n<input type=\"hidden\" name=\"op\" value=\"insert\">";
}
$buffer .= "<table>";
$buffer .= get_input_field("title", NULL, 'Title', "text(50,500)", "Y", ifempty($announcement_r['title'], $HTTP_VARS['title']), TRUE);
$buffer .= get_input_field("content", NULL, 'Announcement', "htmlarea(60,15)", "Y", ifempty($announcement_r['content'], $HTTP_VARS['content']), TRUE);
$buffer .= get_input_field("display_days", NULL, 'Display Days', "number(10,10)", "Y", ifempty($announcement_r['display_days'], $HTTP_VARS['display_days']), TRUE);
if (is_array($announcement_r)) {
$buffer .= get_input_field("closed_ind", NULL, 'Closed', "checkbox(Y,N)", "N", ifempty($announcement_r['closed_ind'], $HTTP_VARS['closed_ind']), TRUE);
}
$buffer .= "</table>";
$help_r[] = array('img' => 'compulsory.gif', 'text' => get_opendb_lang_var('compulsory_field'), id => 'compulsory');
$help_r[] = array('text' => 'A zero in Display Days indicates the announcment will never expire.');
$help_r[] = array('text' => 'No validation is performed on HTML entered in the Announcement text field.');
$buffer .= format_help_block($help_r);
if (get_opendb_config_var('widgets', 'enable_javascript_validation') !== FALSE) {
$onclick_event = "if(!checkForm(this.form)){return false;}else{this.form.submit();}";
} else {
$onclick_event = "this.form.submit();";
}
$buffer .= "<input type=\"button\" class=\"button\" onclick=\"{$onclick_event}\" value=\"Save\">";
$buffer .= "\n</form>";
return $buffer;
}
function is_valid_item_type_structure($s_item_type)
{
if (is_exists_item_type($s_item_type)) {
if (fetch_sfieldtype_item_attribute_type($s_item_type, 'TITLE')) {
if (fetch_sfieldtype_item_attribute_type($s_item_type, 'STATUSTYPE')) {
if (fetch_sfieldtype_item_attribute_type($s_item_type, 'STATUSCMNT')) {
if (fetch_sfieldtype_item_attribute_type($s_item_type, 'CATEGORY')) {
if (get_opendb_config_var('borrow', 'enable') !== FALSE && get_opendb_config_var('borrow', 'duration_support') !== FALSE) {
if (fetch_sfieldtype_item_attribute_type($s_item_type, 'DURATION')) {
// At this point all the required s_field_type mappings have been provided.
return TRUE;
}
} else {
// At this point $borrow functionality is not enabled, so we do not
// have to do anymore testing.
return TRUE;
}
}
}
}
}
}
//else
return FALSE;
}
function isAvailable($userid)
{
if (($this->getConfigId() == NULL || get_opendb_config_var($this->getConfigId(), 'enable') === TRUE) && ($this->getPermId() == NULL || is_user_granted_permission($this->getPermId(), $userid))) {
return TRUE;
} else {
return FALSE;
}
}
/**
* TODO - note that date is used as part of the generated code, so if someone tries to
* register just before a date change, the registration may fail - but its a fairly
* unlikely occurence.
*
* @param unknown_type $random_num
* @return unknown
*/
function get_secret_image_code($random_num)
{
$security_hash = get_opendb_config_var('site', 'security_hash');
$datekey = date("F j");
$rcode = hexdec(md5(get_http_env('HTTP_USER_AGENT') . $security_hash . $random_num . $datekey));
$code = substr($rcode, 2, 6);
return $code;
}
function get_content_type_charset()
{
$contentType = "text/html";
$charSet = get_opendb_config_var('themes', 'charset');
if (strlen($charSet) > 0) {
$contentType .= ";charset=" . $charSet;
}
return $contentType;
}
/**
* @param $sql
*/
function opendb_pre_query($sql)
{
$dbserver_conf_r = get_opendb_config_var('db_server');
if (strlen($dbserver_conf_r['table_prefix']) > 0) {
$sql = parse_sql_statement($sql, $dbserver_conf_r['table_prefix']);
}
if ($dbserver_conf_r['debug-sql'] === TRUE) {
echo '<p class="debug-sql">SQL: ' . $sql . '</p>';
}
return $sql;
}
function validate_review_input($HTTP_VARS, &$errors)
{
$errors = NULL;
if (get_opendb_config_var('item_review', 'comment_compulsory') == TRUE && strlen($HTTP_VARS['comment']) == 0) {
$errors[] = array(error => get_opendb_lang_var('prompt_must_be_specified', 'prompt', get_opendb_lang_var('review')));
}
if (get_opendb_config_var('item_review', 'rating_compulsory') == TRUE && strlen($HTTP_VARS['rating']) == 0) {
$errors[] = array(error => get_opendb_lang_var('prompt_must_be_specified', 'prompt', get_opendb_lang_var('rating')));
}
if (is_array($errors)) {
return FALSE;
} else {
return TRUE;
}
}
function build_announcements_feed($URL, $datemask)
{
$rssout = '';
$last_items_list_conf_r = get_opendb_config_var('feeds.announcements');
// TODO - make the options here configurable
$result = fetch_announcement_rs(NULL, "DESC", 0, $last_items_list_conf_r['total_num_items'], "N", "Y");
//$limit_closed
// Create the RSS item tags
if ($result && db_num_rows($result) > 0) {
while ($item_instance_r = db_fetch_assoc($result)) {
$rssout .= "\n\t<item>" . "\n\t\t<title>" . rss_encoded($item_instance_r['title']) . "</title>" . "\n\t\t<link>" . rss_encoded($URL) . "</link>" . "\n\t\t<pubDate>" . get_localised_timestamp($datemask, $item_instance_r['submit_on']) . " " . date('T') . "</pubDate>" . "\n\t\t<guid>" . rss_encoded($URL) . "</guid>" . "\n\t\t<description>" . rss_encoded(nl2br($item_instance_r['content'])) . "</description>" . "\n\t</item>";
}
db_free_result($result);
}
return $rssout;
}
function getItemsPerPageControl($PHP_SELF, $HTTP_VARS)
{
$buffer = '';
$items_per_page_options_r = get_opendb_config_var('listings', 'items_per_page_options');
if (is_not_empty_array($items_per_page_options_r)) {
$items_per_page_rs = array();
while (list(, $items_per_page) = each($items_per_page_options_r)) {
if ($items_per_page == '0') {
$display = get_opendb_lang_var('all');
} else {
$display = $items_per_page;
}
$items_per_page_rs[] = array('value' => $items_per_page, 'display' => $display);
}
$buffer .= "<form class=\"itemsPerPageControl\" id=\"form-items_per_page\" action=\"" . $PHP_SELF . "\" method=\"GET\">" . get_url_fields($HTTP_VARS) . "<label for=\"select-items_per_page\">" . get_opendb_lang_var('items_per_page') . '</label>' . "<select id=\"select-items_per_page\" name=\"items_per_page\" class=\"footer\" onChange=\"this.form.submit()\">" . custom_select('items_per_page', $items_per_page_rs, '%display%', 'NA', ifempty($HTTP_VARS['items_per_page'], get_opendb_config_var('listings', 'items_per_page')), 'value') . "\n</select></form>";
}
return $buffer;
}
/**
Get the content of $table as a series of INSERT statements.
*/
function get_table_content($table, $crlf)
{
$result = db_query("SELECT * FROM {$table}");
//prefix if required to table name before exporting.
if (strlen(get_opendb_config_var('db_server', 'table_prefix')) > 0) {
$table = get_opendb_config_var('db_server', 'table_prefix') . $table;
}
$i = 0;
while ($row = db_fetch_row($result)) {
$table_list = "";
for ($j = 0; $j < db_num_fields($result); $j++) {
if (strlen($table_list) > 0) {
$table_list .= ", ";
}
$table_list .= db_field_name($result, $j);
}
$table_list = "(" . $table_list . ")";
$schema_insert = "";
for ($j = 0; $j < db_num_fields($result); $j++) {
if (strlen($schema_insert) > 0) {
$schema_insert .= ", ";
}
if (!isset($row[$j])) {
$schema_insert .= "NULL";
} else {
if ($row[$j] != "") {
$row[$j] = replace_newlines($row[$j]);
// Escape normal addslashes: \', \", \\, \0 add to that \n
$row[$j] = addcslashes($row[$j], "\\'\"\\\n");
$schema_insert .= "'" . $row[$j] . "'";
} else {
$schema_insert .= "''";
}
}
}
$schema_insert = "INSERT INTO {$table} {$table_list} VALUES (" . $schema_insert . ")";
// Get rid of newlines.
$schema_insert = str_replace("\n", "", $schema_insert);
$schema_insert = str_replace("\r", "", $schema_insert);
echo trim($schema_insert) . ";" . $crlf;
$i++;
}
return TRUE;
}
function OpenDbSnoopy($debug = FALSE)
{
// if file cache table is not installed, we cannot use file cache.
$this->_file_cache_enabled = get_opendb_config_var('http.cache', 'enable');
//override user agent.
$this->agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8.0.4) Gecko/20060508 Firefox/1.5.0.4';
// in how many cases is this going to work?
$this->passcookies = FALSE;
$this->_debug = $debug;
$proxy_server_config_r = get_opendb_config_var('http.proxy_server');
if ($proxy_server_config_r['enable'] == TRUE) {
$this->proxy_host = $proxy_server_config_r['host'];
$this->proxy_port = $proxy_server_config_r['port'];
$this->proxy_user = $proxy_server_config_r['userid'];
$this->proxy_pass = $proxy_server_config_r['password'];
}
// the default curl path for snoopy is /usr/local/bin/curl - often however, it will reside in another path
if (!empty($this->curl_path) || !@is_executable($this->curl_path)) {
$curlpaths = array();
// variable for test-paths
// let's do something depending on whether we're using windows or linux (windows lookup not tested)
if (strncasecmp(PHP_OS, 'WIN', 3) == 0) {
// This is a server using Windows!
$curlpaths[] = 'C:\\Windows\\System32\\curl.exe';
} else {
// assuming a unix system, first try detection and then some other standard paths
$whichcurl = @exec("which curl");
if ($whichcurl != NULL) {
$curlpaths[] = $whichcurl;
}
$curlpaths[] = '/usr/bin/curl';
$curlpaths[] = '/usr/local/sbin/curl';
$curlpaths[] = '/usr/sbin/curl';
}
foreach ($curlpaths as $curlpath) {
if (@is_executable($curlpath)) {
$this->curl_path = $curlpath;
break;
// once found, break out of the loop
}
}
}
}
function OpenDbMailer($mailer)
{
$this->PluginDir = './lib/phpmailer/';
if (get_opendb_config_var('email', 'windows_smtp_server') === TRUE) {
$this->LE = "\r\n";
} else {
$this->LE = "\n";
}
$this->Mailer = $mailer;
$this->Priority = "3";
// in case we want to change it
$this->Sender = get_opendb_config_var('email', 'noreply_address');
if ($this->Mailer == 'smtp') {
$email_smtp_r = get_opendb_config_var('email.smtp');
// at least host should be defined.
if (is_not_empty_array($email_smtp_r) && strlen($email_smtp_r['host']) > 0) {
$this->Host = $email_smtp_r['host'];
if (strlen($email_smtp_r['port']) > 0) {
$this->Port = $email_smtp_r['port'];
}
if ($email_smtp_r['secure'] != 'none') {
$this->SMTPSecure = $email_smtp_r['secure'];
// sets the prefix to the server
}
if (strlen($email_smtp_r['username']) > 0 && strlen($email_smtp_r['password']) > 0) {
$this->Username = $email_smtp_r['username'];
$this->Password = $email_smtp_r['password'];
$this->SMTPAuth = TRUE;
}
} else {
// set to 'mail' mailer as default, and log configuration error.
opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, 'Email SMTP Configuration missing', array($mailer));
// override, because mailer smtp is misconfigured.
$this->Mailer = 'mail';
}
}
}
/**
* taken from phpMyAdmin
*
* @param unknown_type $db
* @return unknown
*/
function fetch_opendb_database_collation()
{
$dbname = get_opendb_config_var('db_server', 'dbname');
$query = "SHOW CREATE DATABASE `{$dbname}`";
$result = db_query($query);
if ($result && db_num_rows($result) > 0) {
$record_r = db_fetch_assoc($result);
db_free_result($result);
$tokenized = explode(' ', $record_r['Create Database']);
for ($i = 1; $i + 3 < count($tokenized); $i++) {
if ($tokenized[$i] == 'DEFAULT' && $tokenized[$i + 1] == 'CHARACTER' && $tokenized[$i + 2] == 'SET') {
// We've found the character set!
if (isset($tokenized[$i + 5]) && $tokenized[$i + 4] == 'COLLATE') {
return $tokenized[$i + 5];
// We found the collation!
} else {
// We did not find the collation
return NULL;
}
}
}
}
return FALSE;
}
function start_element($xpath, $name, $attribs, $pcdata)
{
if (strcmp($name, 'Item') === 0) {
$this->startItem($attribs['ItemType']);
} else {
if (strcmp($name, 'Title') === 0) {
$this->setTitle(html_entity_decode($pcdata), ENT_COMPAT, get_opendb_config_var('themes', 'charset') == 'utf-8' ? 'UTF-8' : 'ISO-8859-1');
} else {
if (strcmp($name, 'Instance') === 0) {
$this->startItemInstance();
$this->setInstanceStatusType($attribs['StatusType']);
$this->setInstanceBorrowDuration($attribs['BorrowDuration']);
} else {
if (strcmp($name, 'StatusComment') === 0) {
$this->setInstanceStatusComment(html_entity_decode($pcdata), ENT_COMPAT, get_opendb_config_var('themes', 'charset') == 'utf-8' ? 'UTF-8' : 'ISO-8859-1');
} else {
if (strcmp($name, 'Attribute') === 0) {
$this->addAttribute($attribs['AttributeType'], NULL, html_entity_decode($pcdata), ENT_COMPAT, get_opendb_config_var('themes', 'charset') == 'utf-8' ? 'UTF-8' : 'ISO-8859-1');
}
}
}
}
}
}
function is_newinstance_status_type_valid($item_id, $owner_id, $new_status_type_r, &$errors)
{
if ($new_status_type_r['closed_ind'] != 'Y') {
if ((get_opendb_config_var('item_input', 'item_instance_support') !== FALSE || !is_exists_item_instance($item_id)) && (get_opendb_config_var('item_input', 'new_instance_owner_only') !== TRUE || is_user_owner_of_item($item_id, NULL, $owner_id))) {
return TRUE;
} else {
$errors = array('error' => get_opendb_lang_var('operation_not_avail_new_instance'), 'detail' => '');
return FALSE;
}
} else {
$errors = array('error' => get_opendb_lang_var('s_status_type_not_supported', 's_status_type_desc', $new_status_type_r['description']), 'detail' => '');
return FALSE;
}
}
function perform_newpassword($HTTP_VARS, &$errors)
{
if (!is_user_valid($HTTP_VARS['uid'])) {
opendb_logger(OPENDB_LOG_WARN, __FILE__, __FUNCTION__, 'New password request failure: User does not exist', array($HTTP_VARS['uid']));
// make user look successful to prevent mining for valid userids
return TRUE;
} else {
if (!is_user_active($HTTP_VARS['uid'])) {
// Do not allow new password operation for 'deactivated' user.
opendb_logger(OPENDB_LOG_WARN, __FILE__, __FUNCTION__, 'New password request failure: User is not active', array($HTTP_VARS['uid']));
return FALSE;
} else {
if (!is_user_granted_permission(PERM_CHANGE_PASSWORD, $HTTP_VARS['uid'])) {
opendb_logger(OPENDB_LOG_WARN, __FILE__, __FUNCTION__, 'New password request failure: User does not have permission to change password', array($HTTP_VARS['uid']));
return FALSE;
} else {
if (get_opendb_config_var('user_admin', 'user_passwd_change_allowed') === FALSE && !is_user_granted_permission(PERM_ADMIN_CHANGE_PASSWORD)) {
opendb_logger(OPENDB_LOG_WARN, __FILE__, __FUNCTION__, 'New password request failure: Password change is disabled', array($HTTP_VARS['uid']));
return FALSE;
} else {
opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, 'User requested to be emailed a new password', array($HTTP_VARS['uid']));
$user_r = fetch_user_r($HTTP_VARS['uid']);
$user_passwd = generate_password(8);
// only send if valid user (email)
if (strlen($user_r['email_addr']) > 0) {
$pass_result = update_user_passwd($HTTP_VARS['uid'], $user_passwd);
if ($pass_result === TRUE) {
$subject = get_opendb_lang_var('lost_password');
$message = get_opendb_lang_var('to_user_email_intro', 'fullname', $user_r['fullname']) . "\n\n" . get_opendb_lang_var('new_passwd_email') . "\n\n" . get_opendb_lang_var('userid') . ": " . $HTTP_VARS['uid'] . "\n" . get_opendb_lang_var('password') . ": " . $user_passwd;
if (opendb_user_email($user_r['user_id'], NULL, $subject, $message, $errors)) {
return TRUE;
} else {
return "EMAIL_NOT_SENT";
}
}
} else {
$errors[] = "User '" . $HTTP_VARS['uid'] . "' does not have a valid email address.";
return FALSE;
}
}
}
}
}
}
/**
* local stub to make it easier to access
*/
function fetchURI($uri, $utf8 = false)
{
$page = $this->_httpClient->fetchURI($uri);
if ($page !== FALSE) {
if (get_opendb_config_var('themes', 'charset') == 'utf-8') {
return $utf8 === true ? $page : utf8_encode($page);
} else {
return $utf8 === true ? utf8_decode($page) : $page;
}
} else {
$this->setError($this->_httpClient->error);
}
}
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'check_out', link => get_opendb_lang_var('check_out_item(s)'));
$checkbox_action_rs[] = array('action' => 'item_borrow.php', 'op' => 'cancel_reserve', link => get_opendb_lang_var('cancel_reservation(s)'));
}
}
}
}
echo format_checkbox_action_links('sequence_number', get_opendb_lang_var('no_items_checked'), $checkbox_action_rs);
}
echo format_help_block($listingObject->getHelpEntries());
echo "<ul class=\"listingControls\">";
if (get_opendb_config_var('listings', 'allow_override_show_item_image') !== FALSE) {
echo "<li>" . getToggleControl($PHP_SELF, $HTTP_VARS, get_opendb_lang_var('show_item_image'), 'show_item_image', ifempty($HTTP_VARS['show_item_image'], get_opendb_config_var('listings', 'show_item_image') == TRUE ? 'Y' : 'N')) . "</li>";
}
echo "<li>" . getItemsPerPageControl($PHP_SELF, $HTTP_VARS) . "</li>";
echo "</ul>";
echo "<p class=\"listingDate\">" . get_opendb_lang_var('listing_generated', 'datetime', get_localised_timestamp(get_opendb_config_var('listings', 'print_listing_datetime_mask'))) . "</p>";
echo format_footer_links($footer_links_r);
echo _theme_footer();
}
//end if($show_listings)
} else {
//no guests allowed!
opendb_not_authorised_page(PERM_USER_BORROWER, $HTTP_VARS);
}
} else {
//borrow functionality disabled.
echo _theme_header(get_opendb_lang_var('borrow_not_supported'));
echo "<p class=\"error\">" . get_opendb_lang_var('borrow_not_supported') . "</p>";
echo _theme_footer();
}
} else {
/**
@param to
@param toname
@param from
@param fromname
@param subject
@param message
@returns TRUE on success, or array of errors on failure.
*/
function sendEmail($to, $toname, $from, $fromname, $subject, $message, &$errors)
{
$mailer = new OpenDbMailer(ifempty(get_opendb_config_var('email', 'mailer'), 'mail'));
$mailer->From = $from;
$mailer->FromName = $fromname;
$mailer->AddAddress($to, $toname);
$mailer->Subject = $subject;
$mailer->Body = $message;
if ($mailer->Send()) {
// No errors returned indicates correct execution.
opendb_logger(OPENDB_LOG_INFO, __FILE__, __FUNCTION__, 'Email sent', array($to, $toname, $from, $fromname, $subject));
return TRUE;
} else {
// No errors returned indicates correct execution.
opendb_logger(OPENDB_LOG_ERROR, __FILE__, __FUNCTION__, $mailer->ErrorInfo, array($to, $toname, $from, $fromname, $subject));
$errors[] = $mailer->ErrorInfo;
return FALSE;
}
}
echo "\n<h3>New Attribute type</h3>";
$save_op = 'insert';
$save_button = 'Insert';
}
if (is_not_empty_array($errors)) {
echo format_error_block($errors);
}
echo "\n<form name=\"s_attribute_type\" action=\"{$PHP_SELF}\" method=\"POST\">";
echo "\n<input type=\"hidden\" name=\"type\" value=\"" . $HTTP_VARS['type'] . "\">";
echo "\n<input type=\"hidden\" name=\"op\" value=\"{$save_op}\">";
echo "\n<input type=\"hidden\" name=\"active_tab\" value=\"" . $HTTP_VARS['active_tab'] . "\">";
echo "\n<table>";
display_edit_form($attribute_type_r, $HTTP_VARS);
echo "\n</table>";
echo format_help_block(array('img' => 'compulsory.gif', 'text' => get_opendb_lang_var('compulsory_field'), id => 'compulsory'));
if (get_opendb_config_var('widgets', 'enable_javascript_validation') !== FALSE) {
echo "\n<input type=\"button\" class=\"button\" value=\"{$save_button}\" onclick=\"if(!checkForm(this.form)){return false;}else{this.form.submit();}\">";
} else {
echo "\n<input type=\"button\" class=\"button\" value=\"{$save_button}\" onclick=\"this.form.submit();\">";
}
echo "\n</form>";
} else {
if ($HTTP_VARS['op'] == 'edit-lookups') {
// ################################################################
// Do for both 'update' and 'edit'
// ################################################################
echo "<p>[<a href=\"{$PHP_SELF}?type={$ADMIN_TYPE}&active_tab=" . $HTTP_VARS['active_tab'] . "\">Back to Main</a>]</p>";
echo "<script language=\"JavaScript1.2\">\n\t\tfunction toggleChecked(element, name)\n\t\t{\n\t\t\tvar form = element.form;\n\n\t\t\t// then we have to uncheck everything else.\n\t\t\tfor (var i=0; i < form.length; i++)\n\t\t\t{\n\t\t if (form.elements[i].type.toLowerCase() == 'checkbox' && form.elements[i].name.substring(0, name.length+1) == name+'[')\n\t\t\t\t{\n\t\t\t\t\tif(element.checked && form.elements[i].name != element.name)\n\t\t form.elements[i].checked = false;\n\t\t\t\t}\n\t\t\t}\n\t\t}</script>";
echo "\n<h3>Edit " . $HTTP_VARS['s_attribute_type'] . " Attribute Type Lookups</h3>";
if (is_not_empty_array($errors)) {
echo format_error_block($errors);
$language = substr($help_page, 0, $index);
// ensure someone is not trying to download the /etc/passwd file or something by basename it back to a simple filename
$page = basename(substr($help_page, $index + 1));
}
// make sure it ends in html
if (is_exists_language($language) && ends_with($page, ".html") && @file_exists("./help/{$language}/{$page}")) {
return "./help/{$language}/{$page}";
}
// else
return NULL;
}
if (is_site_enabled()) {
if (is_opendb_valid_session() || is_site_public_access()) {
echo _theme_header(get_opendb_lang_var('help'), FALSE);
if (($page_location = validate_opendb_lang_help_page_url($HTTP_VARS['page'])) != NULL) {
$page_title = get_opendb_lang_var('site_help', 'site', get_opendb_config_var('site', 'title'));
echo "<h2>" . $page_title . "</h2>";
// TODO: Add support for topic and subtopic
include $page_location;
} else {
echo _theme_header(get_opendb_lang_var('no_help_available'), FALSE);
echo "<p class=\"error\">" . get_opendb_lang_var('no_help_available') . "</p>";
}
echo _theme_footer();
} else {
//not a valid session.
// invalid login, so login instead.
redirect_login($PHP_SELF, $HTTP_VARS);
}
} else {
//if(is_site_enabled())
function get_new_altid_item_instance_rs($alt_item_id, $attribute_type_r, $altid_item_instance_rs)
{
$alt_item_id = trim($alt_item_id);
if (strlen($alt_item_id)) {
$attribute_type = ifempty(get_opendb_config_var('borrow.checkout', 'alt_id_attribute_type'), 'S_ITEM_ID');
if ($attribute_type_r['s_field_type'] != 'ITEM_ID') {
$results = fetch_item_instance_for_attribute_val_rs($alt_item_id, $attribute_type);
if ($results) {
$item_instance_rs = array();
while ($item_instance_r = db_fetch_assoc($results)) {
if (!is_item_instance_in_array($item_instance_r, $altid_item_instance_rs)) {
$item_instance_rs[] = $item_instance_r;
}
}
db_free_result($results);
return $item_instance_rs;
}
} else {
if (preg_match("/([0-9]+)\\.([0-9]+)/", $alt_item_id, $matches) || preg_match("/([0-9]+)/", $alt_item_id, $matches)) {
$item_id = $matches[1];
$instance_no = ifempty($matches[2], '1');
$item_instance_r = array('item_id' => $item_id, 'instance_no' => $instance_no);
if (!is_item_instance_in_array($item_instance_r, $altid_item_instance_rs)) {
$item_instance_r = fetch_item_instance_r($item_instance_r['item_id'], $item_instance_r['instance_no']);
if (is_array($item_instance_r)) {
$item_instance_rs[] = $item_instance_r;
return $item_instance_rs;
}
}
}
}
// item not found
return FALSE;
} else {
return array();
}
}
}
}
}
if (is_exists_language($_OVRD_OPENDB_LANGUAGE)) {
$_OPENDB_LANGUAGE = $_OVRD_OPENDB_LANGUAGE;
} else {
unset($_OPENDB_LANGUAGE);
if (strlen(get_opendb_session_var('user_id')) > 0 && get_opendb_config_var('user_admin', 'user_language_support') !== FALSE) {
$user_language = fetch_user_language(get_opendb_session_var('user_id'));
if (is_exists_language($user_language)) {
$_OPENDB_LANGUAGE = $user_language;
}
}
if (strlen($_OPENDB_LANGUAGE) == 0) {
if (is_exists_language(get_opendb_config_var('site', 'language'))) {
$_OPENDB_LANGUAGE = strtoupper(get_opendb_config_var('site', 'language'));
} else {
$_OPENDB_LANGUAGE = fetch_default_language();
}
}
}
}
}
if ($HTTP_VARS['mode'] == 'job') {
$_OPENDB_THEME = '';
}
if (strlen($_OPENDB_THEME) > 0) {
include_once "./theme/{$_OPENDB_THEME}/theme.php";
}
} else {
die('MySQL extension is not available');
/**
Will return an array of the following structure.
array(
"year"=>year,
"age_rating"=>age_rating,
"dvd_region"=>dvd_region, // not applicable for VHS,DIVX,etc
"ratio"=>ration,
"audio_lang"=>spoken languages,
"subtitles"=>subtitles,
"run_time"=>runtime,
"director"=>director,
"actors"=>actors,
);
If nothing parsed correctly, then this function will returned
unitialised array.
*/
function parse_amazon_video_data($search_attributes_r, $s_item_type, $pageBuffer)
{
// FIXME - this is used for more than just US site now, so this is invalid
//$this->addItemAttribute('vid_format', 'NTSC');
// genre extraction block.
$startidx = strpos($pageBuffer, "<li><b>Genres:</b>");
if ($startidx !== FALSE) {
// Move past start text.
$startidx += 18;
//"Genres:</b>"
$endidx = strpos($pageBuffer, "</li>", $startidx);
if ($endidx !== FALSE) {
// Get rid of all the html - a quick hack!
$genre = trim(substr($pageBuffer, $startidx, $endidx - $startidx));
$genre = strip_tags($genre);
// If composite genre, get rid of / as we do not need it.
$genre = str_replace(" / ", " ", $genre);
// Expand Sci-Fi to OpenDb matching value.
$genre = str_replace("Sci-Fi", "ScienceFiction", $genre);
// Match all whitespace and convert to a comma.
$genre = preg_replace("/[\\s]+/", ",", $genre);
$genre = str_replace("(more)", "", $genre);
$this->addItemAttribute('genre', explode(",", $genre));
}
}
$this->addItemAttribute('actors', parse_amazon_video_people("Actors", $pageBuffer));
$this->addItemAttribute('director', parse_amazon_video_people("Directors", $pageBuffer));
// Region extraction block
//<li><b>Region: </b>Region 1
if (preg_match("/<li><b>Region:[\\s]*<\\/b>Region ([0-6])/", $pageBuffer, $regs)) {
$this->addItemAttribute('dvd_region', $regs[1]);
}
// Ratio
//<li><b>Aspect Ratio:</b> 1.85:1</li>
if (preg_match("!<li><b>Aspect Ratio:</b>(.*?)<\\/li>!", $pageBuffer, $regs)) {
if (preg_match_all("/([0-9]{1}\\.[0-9]+):1/", $regs[1], $matches)) {
$this->addItemAttribute('ratio', $matches[1]);
}
}
if (preg_match("/<li><b>Number of discs:[\\s]*<\\/b>[\\s]*([0-9]+)/", $pageBuffer, $regs2)) {
$this->addItemAttribute('no_discs', $regs2[1]);
}
//<b>Rating</b> <img src="http://ec1.images-amazon.com/images/G/01/detail/r._V46905301_.gif" alt="R" align="absmiddle" border="0" height="11" width="12"></li>
if (preg_match("!Rated:</span> (.*?) !mis", $pageBuffer, $regs)) {
$this->addItemAttribute('age_rating', $regs[1]);
} else {
if (preg_match("!Rated:.*?<span>\\s*(.*?)\\s!ms", $pageBuffer, $regs)) {
$this->addItemAttribute('age_rating', $regs[1]);
}
}
if (preg_match("!<b>Studio:[\\s]*</b>[\\s]*([^<]+)</li>!i", $pageBuffer, $regs)) {
$this->addItemAttribute('studio', $regs[1]);
}
//<li><b>DVD Release Date:</b> April 27, 2004</li>
if (preg_match("/<b>DVD Release Date:<\\/b>([^<]+)<\\/li>/i", $pageBuffer, $regs)) {
$timestamp = strtotime($regs[1]);
// if year not defined, use dvd_rel_dt
if ($this->getItemAttribute('year') === FALSE) {
$this->addItemAttribute('year', date('Y', $timestamp));
}
$this->addItemAttribute('dvd_rel_dt', date('d/m/Y', $timestamp));
}
// Duration extraction block
//<li><b>Run Time:</b> 125 minutes </li>
if (preg_match("/<li><b>Run Time:<\\/b>[\\s]*([0-9]+) minutes/i", $pageBuffer, $regs)) {
$this->addItemAttribute('run_time', $regs[1]);
}
// Get the anamorphic format attribute - Thanks to André Monz <amonz@users.sourceforge.net
if (preg_match("/anamorphic/", $pageBuffer)) {
$this->addItemAttribute('anamorphic', 'Y');
}
if (preg_match("/THX Certified/i", $pageBuffer)) {
$this->addItemAttribute('audio_lang', 'ENGLISH_THX');
}
if (preg_match("!<li><b>Language:</b>[\\s]*(.*?)</li>!i", $pageBuffer, $regs)) {
$audio_lang_r = explode(',', $regs[1]);
$amazon_dvd_audio_map = array(array("English", "2.0"), array("English", "5.0"), array("English", "5.1"), array("English", "6.1", "EX"), array("English", "6.1", "DTS", "ES"), array("English", "6.1"), array("English", "DTS"));
$amazon_audio_lang_map = array(array("French"), array("Spanish"), array("German"));
while (list(, $audio_lang) = @each($audio_lang_r)) {
$key = parse_language_info($audio_lang, $amazon_dvd_audio_map);
if ($key !== NULL) {
$this->addItemAttribute('audio_lang', $key);
}
$key = parse_language_info($audio_lang, $amazon_audio_lang_map);
if ($key !== NULL) {
$this->addItemAttribute('audio_lang', $key);
}
}
}
if (preg_match("!<li><b>Subtitles:</b>[\\s]*(.*?)</li>!i", $pageBuffer, $regs)) {
$amazon_video_subtitle_map = array(array("English"), array("French"), array("Spanish"), array("German"));
$audio_lang_r = explode(',', $regs[1]);
while (list(, $audio_lang) = @each($audio_lang_r)) {
$key = parse_language_info($audio_lang, $amazon_video_subtitle_map);
if ($key !== NULL) {
$this->addItemAttribute('subtitles', $key);
}
}
}
// Edition details block - 'dvd_extras' attribute
if (preg_match("!<b>DVD Features:<\\/b><ul>(.*?)<\\/ul>!", $pageBuffer, $regs)) {
$dvdFeaturesBlock = $regs[1];
if (preg_match_all("/<li>(.*)<\\/li>/mUi", $dvdFeaturesBlock, $matches)) {
$dvd_extras = NULL;
while (list(, $item) = @each($matches[1])) {
$item = html_entity_decode(strip_tags($item), ENT_COMPAT, get_opendb_config_var('themes', 'charset') == 'utf-8' ? 'UTF-8' : 'ISO-8859-1');
// We may have a hard space here, so get rid of it.
$item = trim(strtr($item, chr(160), ' '));
if (strpos($item, "anamorphic") === FALSE && strpos($item, "Available Subtitles") === FALSE && strpos($item, "Available Audio Tracks") === FALSE) {
//Commentary by: director George Cosmatos
if (strpos($item, "Commentary by") !== FALSE && ends_with($item, "Unknown Format")) {
$item = substr($item, 0, strlen($item) - strlen("Unknown Format"));
} else {
if (preg_match("/\"([^\"]+)\"/", $item, $reg2)) {
$item = $reg2[1];
}
}
$dvd_extras[] = $item;
}
}
if (is_array($dvd_extras)) {
$this->addItemAttribute('dvd_extras', implode("\n", $dvd_extras));
}
}
}
// IMDB ID block
//<A HREF="http://amazon.imdb.com/title/tt0319061/">
//http://www.amazon.com/gp/redirect.html/103-0177494-1143005?location=http://amazon.imdb.com/title/tt0319061&token=F5BF95E1B869FD4EB1192434BA5B7FECBA8B3718
//http://amazon.imdb.com/title/tt0319061
if (preg_match("!http://amazon.imdb.com/title/tt([0-9]+)!is", $pageBuffer, $regs)) {
$this->addItemAttribute('imdb_id', $regs[1]);
}
// Attempt to include data from IMDB if available - but only for DVD, VHS, etc
// as IMDB does not work with BOOKS or CD's.
if (is_numeric($this->getItemAttribute('imdb_id'))) {
$sitePlugin =& get_site_plugin_instance('imdb');
if ($sitePlugin !== FALSE) {
if ($sitePlugin->queryItem(array('imdb_id' => $this->getItemAttribute('imdb_id')), $s_item_type)) {
// no mapping process is performed here, as no $s_item_type was provided.
$itemData = $sitePlugin->getItemData();
if (is_array($itemData)) {
// merge data in here.
while (list($key, $value) = each($itemData)) {
if ($key == 'actors') {
$this->replaceItemAttribute('actors', $value);
} else {
if ($key == 'director') {
$this->replaceItemAttribute('director', $value);
} else {
if ($key == 'year') {
$this->replaceItemAttribute('year', $value);
} else {
if ($key == 'actors') {
$this->replaceItemAttribute('actors', $value);
} else {
if ($key == 'genre') {
$this->replaceItemAttribute('genre', $value);
} else {
if ($key == 'plot') {
//have to map from imdb to amazon attribute type.
$this->addItemAttribute('blurb', $value);
} else {
if ($key != 'age_rating' && $key != 'run_time') {
$this->addItemAttribute($key, $value);
}
}
}
}
}
}
}
}
}
}
}
}
}
function send_signup_info_to_admin($HTTP_VARS, &$errors)
{
global $PHP_SELF;
$role_r = fetch_role_r($HTTP_VARS['user_role']);
$user_info_lines = get_opendb_lang_var('userid') . ": " . $HTTP_VARS['user_id'] . "\n" . get_opendb_lang_var('fullname') . ": " . $HTTP_VARS['fullname'] . "\n" . get_opendb_lang_var('user_role') . ": " . $role_r['description'] . "\n" . get_opendb_lang_var('user_theme') . ": " . $HTTP_VARS['uid_theme'] . "\n" . get_opendb_lang_var('email') . ": " . $HTTP_VARS['email_addr'];
$addr_results = fetch_address_type_rs(TRUE);
if ($addr_results) {
while ($address_type_r = db_fetch_assoc($addr_results)) {
$address_type = strtolower($address_type_r['s_address_type']);
$attr_results = fetch_address_type_attribute_type_rs($address_type_r['s_address_type'], 'update', TRUE);
if ($attr_results) {
while ($addr_attribute_type_r = db_fetch_assoc($attr_results)) {
$fieldname = get_field_name($addr_attribute_type_r['s_attribute_type'], $addr_attribute_type_r['order_no']);
// may have to change this if statement, if fieldname will contain array, instead of scalar value
if (is_not_empty_array($HTTP_VARS[$address_type][$fieldname]) || !is_array($HTTP_VARS[$address_type][$fieldname]) && strlen($HTTP_VARS[$address_type][$fieldname]) > 0) {
if (is_not_empty_array($HTTP_VARS[$address_type][$fieldname])) {
$value = '';
for ($i = 0; $i < count($HTTP_VARS[$address_type][$fieldname]); $i++) {
if (strlen($value) > 0) {
$value .= ',';
}
$value .= $HTTP_VARS[$address_type][$fieldname][$i];
}
} else {
$value = $HTTP_VARS[$address_type][$fieldname];
}
$user_info_lines .= "\n" . $addr_attribute_type_r['prompt'] . ": " . $value;
}
}
db_free_result($attr_results);
}
//if($attr_results)
}
db_free_result($addr_results);
}
//if($addr_results)
$activate_url = get_site_url() . 'user_admin.php?op=activate&user_id=' . $HTTP_VARS['user_id'];
$delete_url = get_site_url() . 'user_admin.php?op=delete&user_id=' . $HTTP_VARS['user_id'];
$message = get_opendb_lang_var('new_account_email', array('admin_name' => get_opendb_lang_var('site_administrator', 'site', get_opendb_config_var('site', 'title')), 'user_info' => $user_info_lines, 'site' => get_opendb_config_var('site', 'title'), 'activate_url' => $activate_url, 'delete_url' => $delete_url));
return send_email_to_site_admins(PERM_ADMIN_CREATE_USER, $HTTP_VARS['email_addr'], get_opendb_lang_var('new_account'), $message, $errors);
}
function get_site_path()
{
$path = get_opendb_config_var('site.url', 'path');
if (strlen($path)) {
return $path;
} else {
// It seems that Win32 uses PATH_INFO instead of SCRIPT_NAME
$path = ifempty(get_http_env("PATH_INFO"), ifempty(get_http_env("PHP_SELF"), get_http_env("SCRIPT_NAME")));
// Now process path to get rid of anything after last /
$index = strrpos($path, "/");
if ($index !== FALSE) {
$path = substr($path, 0, $index + 1);
}
//include last slash!
// if path does not end in /, at this character.
if (substr($path, -1, 1) != '/') {
$path .= '/';
}
return $path;
}
}
