/** * Implementation of module_content() */ function static_content() { global $ssc_database; // We'll never accept params, so is gonna be a 404 if (!empty($_GET['param'])) { ssc_not_found(); } // Find content $result = $ssc_database->query("SELECT title, created, modified, body FROM #__static WHERE id = %d LIMIT 1", $_GET['path-id']); if ($result && ($data = $ssc_database->fetch_assoc($result))) { if (!ssc_load_library('sscText')) { ssc_not_found(); // Strictly speaking, the library /wasn't/ found... } ssc_set_title($data['title']); return sscText::convert($data['body']); } ssc_not_found(); }
/** * Resize an image to the specified size. Takes an approximate guess at best compression based on file size * Either $width or $height may be -1 to indicate no maximum width/height but not both * @param string Location to store the resized file * @param int Maximum width of the image * @param int Maximum height of the image * @return boolean Whether or not the resize was successful */ function resize($target, $width = -1, $height = -1) { global $ssc_site_path; // Perform checks before passing off to the individual implementation // Can't have both don't-care width AND height if ($width < 1 && $height < 1) { return false; } // Check target location writability $dir = dirname($target); if (!is_dir($dir) || (fileperms($dir) & 0200) == 0) { return false; } // Preliminary checks ok - pass to library implementation $lib = 'sscImage' . ssc_var_get('image_library', 'GD2'); if (!ssc_load_library($lib)) { return false; } if ($imgLib = new $lib($this->file)) { return $imgLib->_resize($target, $width, $height); } else { return false; } }
<?php /** * Dynamic page module. * * Generate an RSS feed for each of the dynamic pages. * @package SSC * @subpackage Module * @copyright Copyright (c) Scott Thomas */ defined('_VALID_SSC') or die('Restricted access'); global $ssc_database, $ssc_site_url, $ssc_site_path; if (!ssc_load_library('sscText')) { echo "Unable to load library"; return; } // Get a list of available "blogs" $result = $ssc_database->query("SELECT id, name, description FROM #__blog"); if (!$result) { return; } // Loop through each while ($data = $ssc_database->fetch_assoc($result)) { $res_posts = $ssc_database->query("SELECT p.id, p.created, p.modified, urltext, title, body, displayname FROM #__blog_post p LEFT JOIN #__user u ON u.id = author_id WHERE blog_id = %d AND p.is_draft = 0 ORDER BY created DESC LIMIT 0,5", $data['id']); // Ignore empty blogs if (!$res_posts || $ssc_database->number_rows() == 0) { return; } // Open file handles $bID = $data['id']; $fp = fopen($ssc_site_path . "/modules/blog/rss-{$bID}.xml", 'w');
/** * Implementation of module_content() * * Results content. At this stage, no arguments so present results for entire regatta. Bracket refers to mouse-over * * - / * No parameters. Should show abbr'd |sail|class|name|skip (crew)|place(corr. time)[|place(corr. time)...] * * - /heat/<num> or /heat-<num * Show detailed version for a heat perhaps? Probably not feasable. */ function sailing_content() { global $ssc_database; ssc_add_js('/modules/sailing/sailing.js'); // See if results exist $result = $ssc_database->query("SELECT name, description, updated, flags, heats FROM #__sailing_series WHERE id = %d LIMIT 1", $_GET['path-id']); if (!($result && ($data = $ssc_database->fetch_assoc($result)))) { ssc_not_found(); return; } // Set up some flags $flags = $data['flags']; $prefix = $flags & SSC_SAILING_PREFIX ? "Division " : ""; $show_class = ($flags & SSC_SAILING_CLASS) > 0; $show_club = ($flags & SSC_SAILING_CLUB) > 0; // Heat numbers $heats = explode(",", $data['heats']); // Description / title ssc_set_title($data['name']); $out = ""; if (strlen($data['description']) > 0) { if (!ssc_load_library('sscText')) { $out .= check_plain($data['description']); } else { $out .= sscText::convert($data['description']); } } // Prepare for table $result = $ssc_database->query("SELECT r.results, r.times, r.points, r.division, e.number, e.skipper, e.crew, e.name AS boatname, e.class, e.club FROM #__sailing_results r LEFT JOIN #__sailing_entries e ON e.id = r.uid WHERE r.series_id = %d ORDER BY r.division ASC, r.points ASC", $_GET['path-id']); if (!$result || $ssc_database->number_rows() < 1) { // Empty or sql failure $out .= "There are no race results available for this series yet"; return $out; } else { // Start outputting $out .= '<table class="sail-table" summary="Race results">'; $col_header = _ssc_sailing_table_header($flags, $heats, $col_count); // Loop through results $div = '-1'; while ($data = $ssc_database->fetch_assoc($result)) { // Re-echo headers for each division if ($div != $data['division']) { if ($div == '-1') { $out .= "<thead><tr><th class=\"div-heading\" colspan=\"{$col_count['total']}\">{$prefix}{$data['division']}</th></tr>"; $out .= "{$col_header}</thead><tbody>"; } else { $out .= '<tr><th class="div-heading" colspan="' . $col_count['total'] . '">' . $prefix . $data['division'] . '</th></tr>'; $out .= $col_header; } $div = $data['division']; } // Row contents $out .= "<tr><td>{$data['number']}</td>" . ($show_class ? "<td>{$data['class']}</td>" : '') . "<td>{$data['boatname']}</td>"; if ($data['crew'] != '') { $out .= "<td><span title=\"{$data['crew']}\">{$data['skipper']}</span></td>"; } else { $out .= "<td>{$data['skipper']}</td>"; } if ($show_club) { $out .= "<td>{$data['club']}</td>"; } // Parse results $heats = explode(",", $data['results']); $times = explode(",", $data['times']); for ($i = 0; $i < $col_count['heats']; $i++) { if ($times[$i] != '') { if ((double) $times[$i] > 0) { $out .= '<td><span title="' . sprintf("%1.1f", (double) $times[$i]) . " min\">{$heats[$i]}</span></td>"; } else { $out .= "<td><span title=\"{$times[$i]}\">{$heats[$i]}</span></td>"; } } else { $out .= "<td>{$heats[$i]}</td>"; } } $out .= '</tr>'; } // Tidy up $out .= '</tbody></table>'; } return $out; }
/** * Forgotten password recovery submission */ function login_fogotten_submit() { global $ssc_site_url, $ssc_database; if (!ssc_load_library('sscMail')) { ssc_add_message(SSC_MSG_CRIT, t("An error resetting your account password has occurred")); return false; } // Retrieve email for user $result = $ssc_database->query("SELECT id, username, email FROM #__user WHERE username = '******' LIMIT 1", $_POST['name']); if (!($data = $ssc_database->fetch_object($result))) { ssc_add_message(SSC_MSG_CRIT, t('The username specified does not exist')); return false; } // Set new password $pass = substr(base64_encode(md5($_POST['name'] . mt_rand() . $_SERVER['SERVER_NAME'])), 0, 16); $hash = new PasswordHash(8, true); $mail = new sscMail($_POST['email'], t("#server password reset", array('#server' => $_SERVER['SERVER_NAME']))); if (!$mail) { ssc_add_message(SSC_MSG_CRIT, t("An error resetting your account password has occurred")); return false; } $message = t("#user,\n\nA password reset was placed at #server for your username,\nand as such, your password has been reset to the following details:\n\n" . " Username: #user\n" . " Password: #pass\n\n" . "You can use these details to log in and then change your password\n" . "from your profile page.\n\n" . "If you did not authorize this, you are still requird to use the password\n" . "above to login.", array("#user" => $_POST['user'], "#server" => $ssc_site_url, "#url" => $ssc_site_url . "user/login", "#pass" => $pass)); $pass = $hash->HashPassword($pass); $result = $ssc_database->query("UPDATE #__user SET password = '******' WHERE id = %d", $pass, $data->id); if ($result) { $sent = $mail->send($message); if ($sent) { ssc_add_message(SSC_MSG_INFO, t("Success. An email has been sent to your nominated address with further details.")); } else { ssc_add_message(SSC_MSG_CRIT, t("An error occurred sending the email. Please contact an administrator.")); } } else { ssc_add_message(SSC_MSG_CRIT, t("An error resetting your account password has occurred")); } }
/** * Comment moderation submission */ function blog_spam_ham_submit() { global $ssc_database, $ssc_site_url; if ($_POST['action'] == 'enable_comments' || $_POST['action'] == 'disable_comments') { if ($_POST['action'] == 'enable_comments') { $ssc_database->query("UPDATE #__blog_post SET commentsdisabled = 0 WHERE id = %d", $_POST['i']); } elseif ($_POST['action'] == 'disable_comments') { $ssc_database->query("UPDATE #__blog_post SET commentsdisabled = 1 WHERE id = %d", $_POST['i']); } } else { $result = $ssc_database->query("SELECT author, email, site, body, status, ip FROM #__blog_comment WHERE id = %d LIMIT 1", $_POST['i']); // Bad sql or comment doesn't exist if (!$result || !($data = $ssc_database->fetch_object($result))) { return; } if ($_POST['action'] == 'spam' && ($data->status & SSC_BLOG_COMMENT_CAN_SPAM) > 0) { // Marking as spam + Akismet submit if (ssc_load_library('sscAkismet')) { $spam = new sscAkismet($ssc_site_url, ssc_var_get('wordpress_api', '')); if ($spam) { $spam->setContent($data->body, 'comment'); $spam->setAuthor($data->author, $data->email, $data->site); $spam->setRemote($data->ip, null); $spam->markIncorrect('markSpam'); } } } elseif ($_POST['action'] == 'ham' && ($data->status & SSC_BLOG_COMMENT_CAN_SPAM) > 0) { // Mark not spam + Akismet submit if (ssc_load_library('sscAkismet')) { $spam = new sscAkismet($ssc_site_url, ssc_var_get('wordpress_api', '')); if ($spam) { $spam->setContent($_POST['c'], 'comment'); $spam->setAuthor($_POST['n'], $_POST['e'], $_POST['s']); $spam->setRemote($data->ip, null); $spam->markIncorrect('markHam'); } } } $data->status = $data->status & ~SSC_BLOG_COMMENT_CAN_SPAM; switch ($_POST['action']) { case 'spam': case 'hide': $data->status = $data->status | SSC_BLOG_COMMENT_SPAM; $ssc_database->query("UPDATE #__blog_comment SET status = %d WHERE id = %d", $data->status, $_POST['i']); break; case 'show': case 'ham': $data->status = $data->status & ~SSC_BLOG_COMMENT_SPAM; $ssc_database->query("UPDATE #__blog_comment SET status = %d WHERE id = %d", $data->status, $_POST['i']); break; } } }