arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Revert Dennis's commit - improper line endings caused the whole files to be replaced

Browse Source
This commit is contained in:
james 2011-02-16 16:59:33 +00:00
parent ce35d4ccee
commit 4ac3a8f974
6 changed files with 1837 additions and 2000 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1047
account.inc.php
View File

File diff suppressed because it is too large Load Diff

777
common.inc.bootstrap.php
View File

@ -1,397 +1,380 @@
<? <?
/* /*
This file is part of the 'Science Fair In A Box' project This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org> Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005-2010 James Grant <james@lightbox.org> Copyright (C) 2005-2010 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2. License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details. General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330, the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. Boston, MA 02111-1307, USA.
*/ */
//if we dont set the charset any page that doesnt call send_header() (where it used to be set) would defualt to the server's encoding, //if we dont set the charset any page that doesnt call send_header() (where it used to be set) would defualt to the server's encoding,
//which in many cases (like ysf-fsj.ca/sfiab) is UTF-8. This was causing a lot of the newly AJAX'd editors to fail on french characters, //which in many cases (like ysf-fsj.ca/sfiab) is UTF-8. This was causing a lot of the newly AJAX'd editors to fail on french characters,
//becuase they were being encoded improperly. Ideally, all the databases will be switched to UTF-8, but thats not a near-term possibility, //becuase they were being encoded improperly. Ideally, all the databases will be switched to UTF-8, but thats not a near-term possibility,
//so this is kind of a band-aid solution until we can make everything UTF8. Hope it doesnt break anything anywhere else! //so this is kind of a band-aid solution until we can make everything UTF8. Hope it doesnt break anything anywhere else!
header("Content-Type: text/html; charset=UTF-8"); header("Content-Type: text/html; charset=UTF-8");
//set error reporting to not show notices, for some reason some people's installation dont set this by default //set error reporting to not show notices, for some reason some people's installation dont set this by default
//so we will set it in the code instead just to make sure //so we will set it in the code instead just to make sure
//error_reporting(E_ALL & ~E_DEPRECATED ); //error_reporting(E_ALL & ~E_DEPRECATED );
define('REQUIREDFIELD','<span class="requiredfield">*</span>'); define('REQUIREDFIELD','<span class="requiredfield">*</span>');
//figure out the directory to prepend to directoroy names, depending on if we are in a subdirectory or not //figure out the directory to prepend to directoroy names, depending on if we are in a subdirectory or not
// DES dspanogle 2011-02-04 Windows based servers use '\' in directories. This code works for WIN servers and or *nix servers. if(substr(getcwd(),-6)=="/admin")
if (stristr(getcwd(), '\\')) { // must look at whole directory because we do no know the SFIABDIRECTORY length $prependdir="../";
// Win else if(substr(getcwd(),-6)=="/super")
if(substr(getcwd(),-6)=="\\admin") $prependdir="../";
$prependdir="..\\"; else if(substr(getcwd(),-7)=="/config")
else if(substr(getcwd(),-6)=="\\super") $prependdir="../";
$prependdir="..\\"; else if(substr(getcwd(),-3)=="/db")
else if(substr(getcwd(),-7)=="\\config") $prependdir="../";
$prependdir="..\\"; else if(substr(getcwd(),-8)=="/scripts")
else if(substr(getcwd(),-3)=="\\db") $prependdir="../";
$prependdir="..\\"; else
else if(substr(getcwd(),-8)=="\\scripts") $prependdir="";
$prependdir="..\\";
else $sfiabversion=@file($prependdir."version.txt");
$prependdir=""; $config['version']=trim($sfiabversion[0]);
} else {
// Other //make sure the data subdirectory is writable, if its not, then we're screwed, so make sure it is!
if(substr(getcwd(),-6)=="/admin") if(!is_writable($prependdir."data")) {
$prependdir="../"; echo "<html><head><title>SFIAB ERROR</title></head><body>";
else if(substr(getcwd(),-6)=="/super") echo "<h1>Science Fair In A Box - ERROR</h1>";
$prependdir="../"; echo "data/ subdirectory is not writable by the web server";
else if(substr(getcwd(),-7)=="/config") echo "<br>";
$prependdir="../"; echo "<h2>Details</h2>";
else if(substr(getcwd(),-3)=="/db") echo "The data/ subdirectory is used to store files uploaded through the SFIAB software. The web server must have write access to this directory in order to function properly. Please contact your system administrator (if you are the system administrator, chown/chmod the data directory appropriately).";
$prependdir="../"; echo "<br>";
else if(substr(getcwd(),-8)=="/scripts") echo "</body></html>";
$prependdir="../"; exit;
else }
$prependdir="";
} if(file_exists($prependdir."data/config.inc.php")) {
$sfiabversion=@file($prependdir."version.txt"); require_once($prependdir."data/config.inc.php");
$config['version']=trim($sfiabversion[0]); }
else {
//make sure the data subdirectory is writable, if its not, then we're screwed, so make sure it is! echo "<html><head><title>SFIAB</title></head><body>";
if(!is_writable($prependdir."data")) { echo "<h1>Science Fair In A Box - Installation</h1>";
echo "<html><head><title>SFIAB ERROR</title></head><body>"; echo "It looks like this is a new installation of SFIAB, and the database has not yet been configured. Please choose from the following options: <br />";
echo "<h1>Science Fair In A Box - ERROR</h1>"; echo "<br />";
echo "data/ subdirectory is not writable by the web server"; echo "<a href=\"install.php\">Proceed with Fresh SFIAB Installation</a>";
echo "<br>"; echo "<br />";
echo "<h2>Details</h2>"; echo "</body></html>";
echo "The data/ subdirectory is used to store files uploaded through the SFIAB software. The web server must have write access to this directory in order to function properly. Please contact your system administrator (if you are the system administrator, chown/chmod the data directory appropriately)."; exit;
echo "<br>"; }
echo "</body></html>"; /*
exit; difference between MySQL <5.1 and 5.1:
} in <5.1 in must have internall truncated it at 16 before comparing with the hard-coded 16 character database limit
in 5.1 it doesnt truncate and compares the full string with the hardcoded 16 character limit, so all our very long usernames
if(file_exists($prependdir."data/config.inc.php")) { are now failing
require_once($prependdir."data/config.inc.php"); James - Dec 30 2010
} */
else { $DBUSER=substr($DBUSER,0,16);
echo "<html><head><title>SFIAB</title></head><body>";
echo "<h1>Science Fair In A Box - Installation</h1>"; if(!mysql_connect($DBHOST,$DBUSER,$DBPASS)) {
echo "It looks like this is a new installation of SFIAB, and the database has not yet been configured. Please choose from the following options: <br />"; echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<br />"; echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "<a href=\"install.php\">Proceed with Fresh SFIAB Installation</a>"; echo "Cannot connect to database!";
echo "<br />"; echo "</body></html>";
echo "</body></html>"; exit;
exit; }
}
/* if(!mysql_select_db($DBNAME)) {
difference between MySQL <5.1 and 5.1: echo "<html><head><title>SFIAB ERROR</title></head><body>";
in <5.1 in must have internall truncated it at 16 before comparing with the hard-coded 16 character database limit echo "<h1>Science Fair In A Box - ERROR</h1>";
in 5.1 it doesnt truncate and compares the full string with the hardcoded 16 character limit, so all our very long usernames echo "Cannot select database!";
are now failing echo "</body></html>";
James - Dec 30 2010 exit;
*/ }
$DBUSER=substr($DBUSER,0,16);
//this will silently fail on mysql 4.x, but is needed on mysql5.x to ensure we're only using utf8 encodings
if(!mysql_connect($DBHOST,$DBUSER,$DBPASS)) { @mysql_query("SET NAMES utf8");
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>"; //find out the fair year and any other 'year=0' configuration parameters (things that dont change as the years go on)
echo "Cannot connect to database!"; $q=@mysql_query("SELECT * FROM config WHERE conferences_id=0 OR year=0");
echo "</body></html>";
exit; //we might get an error if installation step 2 is not done (ie, the config table doesnt even exist)
} if(mysql_error()) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
if(!mysql_select_db($DBNAME)) { echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "<html><head><title>SFIAB ERROR</title></head><body>"; echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
echo "<h1>Science Fair In A Box - ERROR</h1>"; echo "<br>";
echo "Cannot select database!"; echo "</body></html>";
echo "</body></html>"; exit;
exit; }
} //if we have 0 (<1) then install2 is not done, which would get caught above,
//if we have 1 (<2) then insatll3 is not done (no entries for FAIRYEAR and SFIABDIRECTORY)
//this will silently fail on mysql 4.x, but is needed on mysql5.x to ensure we're only using utf8 encodings if(mysql_num_rows($q)<2) {
@mysql_query("SET NAMES utf8"); echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
//find out the fair year and any other 'year=0' configuration parameters (things that dont change as the years go on) echo "SFIAB installation is not complete. Please go to <A href=\"install3.php\">Installer Step 3</a> to complete the installation process";
$q=@mysql_query("SELECT * FROM config WHERE conferences_id=0 OR year=0"); echo "<br>";
echo "</body></html>";
//we might get an error if installation step 2 is not done (ie, the config table doesnt even exist) exit;
if(mysql_error()) {
echo "<html><head><title>SFIAB ERROR</title></head><body>"; }
echo "<h1>Science Fair In A Box - ERROR</h1>"; else {
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process"; while($r=mysql_fetch_object($q)) {
echo "<br>"; $config[$r->var]=$r->val;
echo "</body></html>"; }
exit; }
} //doh! we cant do it all, becuase it continains things like registration passwords! lets just add things as we need them i guess
//if we have 0 (<1) then install2 is not done, which would get caught above, //this gets turned into a 'config' object that is accessible in javascript (and output directly to the browser, so dont put
//if we have 1 (<2) then insatll3 is not done (no entries for FAIRYEAR and SFIABDIRECTORY) //anything in it that shouldnt be available to the public!
if(mysql_num_rows($q)<2) { $configjs['SFIABDIRECTORY']=$config['SFIABDIRECTORY'];
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>"; $dbdbversion=$config['DBVERSION'];
echo "SFIAB installation is not complete. Please go to <A href=\"install3.php\">Installer Step 3</a> to complete the installation process"; $dbcodeversion=@file($prependdir."db/db.code.version.txt");
echo "<br>"; $dbcodeversion=trim($dbcodeversion[0]);
echo "</body></html>";
exit; if(!$dbdbversion) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
} echo "<h1>Science Fair In A Box - ERROR</h1>";
else { echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
while($r=mysql_fetch_object($q)) { echo "<br>";
$config[$r->var]=$r->val; echo "</body></html>";
} exit;
} }
//doh! we cant do it all, becuase it continains things like registration passwords! lets just add things as we need them i guess
//this gets turned into a 'config' object that is accessible in javascript (and output directly to the browser, so dont put if($dbcodeversion!=$dbdbversion) {
//anything in it that shouldnt be available to the public! echo "<html><head><title>SFIAB ERROR</title></head><body>";
$configjs['SFIABDIRECTORY']=$config['SFIABDIRECTORY']; echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB database and code are mismatched";
$dbdbversion=$config['DBVERSION']; echo "<br>";
$dbcodeversion=@file($prependdir."db/db.code.version.txt"); echo "Please run the db_update.php script in order to update";
$dbcodeversion=trim($dbcodeversion[0]); echo "<br>";
echo "your database to the same version as the code";
if(!$dbdbversion) { echo "<br>";
echo "<html><head><title>SFIAB ERROR</title></head><body>"; echo "<br>";
echo "<h1>Science Fair In A Box - ERROR</h1>"; echo "<br>";
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process"; echo "<h2>Details</h2>";
echo "<br>"; echo "Current SFIAB codebase requires DB version: ".$dbcodeversion;
echo "</body></html>"; echo "<br>";
exit; echo "Current SFIAB database is detected as version: ".$dbdbversion;
} echo "<br>";
echo "</body></html>";
if($dbcodeversion!=$dbdbversion) { exit;
echo "<html><head><title>SFIAB ERROR</title></head><body>"; }
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB database and code are mismatched"; /* Check that magic_quotes is OFF */
echo "<br>"; if(get_magic_quotes_gpc()) {
echo "Please run the db_update.php script in order to update"; ?>
echo "<br>"; <html><head><title>SFIAB ERROR</title></head><body>
echo "your database to the same version as the code"; <h1>Science Fair In A Box - ERROR</h1>
echo "<br>"; <p>Your PHP configuration has magic_quotes ENABLED. They should be
echo "<br>"; disabled, and are disabled in the .htaccess file, so your server is
echo "<br>"; ignoring the .htaccess file or overriding it.
echo "<h2>Details</h2>"; <p>Magic quotes is DEPRECATED as of PHP 5.3.0, REMOVE as of 6.0, but ON
echo "Current SFIAB codebase requires DB version: ".$dbcodeversion; by default for any PHP &lt; 5.3.0.
echo "<br>"; <p>Add <pre>php_flag magic_quotes_gpc off</pre> to the .htacces, or add
echo "Current SFIAB database is detected as version: ".$dbdbversion; <pre>php_flag magic_quotes_gpc=off</pre> to php.ini
echo "<br>"; <br></body></html>
echo "</body></html>"; <?
exit; exit;
} }
/* Check that magic_quotes is OFF */ if($config['SFIABDIRECTORY'] == '') {
if(get_magic_quotes_gpc()) { session_name("SFIABSESSID");
?> session_set_cookie_params(0,'/');
<html><head><title>SFIAB ERROR</title></head><body> } else {
<h1>Science Fair In A Box - ERROR</h1> session_name("SFIABSESSID".ereg_replace("[^A-Za-z]","_",$config['SFIABDIRECTORY']));
<p>Your PHP configuration has magic_quotes ENABLED. They should be session_set_cookie_params(0,$config['SFIABDIRECTORY']);
disabled, and are disabled in the .htaccess file, so your server is }
ignoring the .htaccess file or overriding it. session_start();
<p>Magic quotes is DEPRECATED as of PHP 5.3.0, REMOVE as of 6.0, but ON
by default for any PHP &lt; 5.3.0. if(!$_SESSION['conferences_id']) {
<p>Add <pre>php_flag magic_quotes_gpc off</pre> to the .htacces, or add $q=mysql_query("SELECT * FROM conferences WHERE status='running' ORDER BY name LIMIT 1");
<pre>php_flag magic_quotes_gpc=off</pre> to php.ini if($r=mysql_fetch_object($q)) {
<br></body></html> $_SESSION['conferences_id']=$r->id;
<? }
exit; /*
} else {
echo "No conferences defined!";
if($config['SFIABDIRECTORY'] == '') { }*/
session_name("SFIABSESSID"); }
session_set_cookie_params(0,'/');
} else { function switchConference($cid) {
session_name("SFIABSESSID".ereg_replace("[^A-Za-z]","_",$config['SFIABDIRECTORY'])); $cid=intval($cid);
session_set_cookie_params(0,$config['SFIABDIRECTORY']); // echo "cid=$cid";
} $q=mysql_query("SELECT * FROM conferences WHERE id='$cid' AND status='running'");
session_start(); if($r=mysql_fetch_object($q)) {
$_SESSION['conferences_id']=$cid;
if(!$_SESSION['conferences_id']) { }
$q=mysql_query("SELECT * FROM conferences WHERE status='running' ORDER BY name LIMIT 1"); }
if($r=mysql_fetch_object($q)) { //move the conference stuff before the configuration loading, so we can load the right configuration for the conference :)
$_SESSION['conferences_id']=$r->id; if(isset($_GET['switchconference'])) {
} //make sure its good
/* switchConference($_GET['switchconference']);
else { unset($_SESSION['nav']);
echo "No conferences defined!"; }
}*/
} if(intval($_SESSION['conferences_id'])>0) {
$q=mysql_query("SELECT * FROM conferences WHERE id='{$_SESSION['conferences_id']}'");
function switchConference($cid) { $conference=mysql_fetch_assoc($q);
$cid=intval($cid);
// echo "cid=$cid"; /*
$q=mysql_query("SELECT * FROM conferences WHERE id='$cid' AND status='running'"); ******* THIS IS TEMPORARY.. probably remove it in a year or so ********
if($r=mysql_fetch_object($q)) { if the conference year is set, this is temporary for migratory purposes, so set the FAIRYEAR = confierence year - this will
$_SESSION['conferences_id']=$cid; gracefully handle the science fair parts that still rely on FAIRYEAR
}
} if conference year is NOT set, then make sure config['FAIRYEAR'] is NOT set, so we can weed out any code that relies on
//move the conference stuff before the configuration loading, so we can load the right configuration for the conference :) FAIRYEAR from the conference system
if(isset($_GET['switchconference'])) { */
//make sure its good if($conference['year'])
switchConference($_GET['switchconference']); $config['FAIRYEAR']=$conference['year'];
unset($_SESSION['nav']); else
} $config['FAIRYEAR']=NULL;
}
if(intval($_SESSION['conferences_id'])>0) {
$q=mysql_query("SELECT * FROM conferences WHERE id='{$_SESSION['conferences_id']}'"); //now pull the rest of the configuration
$conference=mysql_fetch_assoc($q); $q=mysql_query("SELECT * FROM config WHERE conferences_id='".$conference['id']."'");
while($r=mysql_fetch_object($q)) {
/* $config[$r->var]=$r->val;
******* THIS IS TEMPORARY.. probably remove it in a year or so ******** }
if the conference year is set, this is temporary for migratory purposes, so set the FAIRYEAR = confierence year - this will
gracefully handle the science fair parts that still rely on FAIRYEAR //now pull the dates
if($conference['id'])
if conference year is NOT set, then make sure config['FAIRYEAR'] is NOT set, so we can weed out any code that relies on $q=mysql_query("SELECT * FROM dates WHERE conferences_id='".$conference['id']."'");
FAIRYEAR from the conference system else
*/ $config['dates']=array();
if($conference['year'])
$config['FAIRYEAR']=$conference['year']; while($r=mysql_fetch_object($q)) {
else $config['dates'][$r->name]=$r->date;
$config['FAIRYEAR']=NULL; }
}
//load roles
//now pull the rest of the configuration $roles=array();
$q=mysql_query("SELECT * FROM config WHERE conferences_id='".$conference['id']."'"); $q = mysql_query("SELECT * FROM roles");
while($r=mysql_fetch_object($q)) { while(($r = mysql_fetch_assoc($q))) {
$config[$r->var]=$r->val; $roles[$r['type']] = $r;
} $roles_by_id[$r['id']]=$r;
}
//now pull the dates
if($conference['id']) //and now pull the theme
$q=mysql_query("SELECT * FROM dates WHERE conferences_id='".$conference['id']."'"); require_once("theme/{$config['theme']}/theme.php");
else require_once("theme/{$config['theme_icons']}/icons.php");
$config['dates']=array();
//detect the browser first, so we know what icons to use - we store this in the config array as well
while($r=mysql_fetch_object($q)) { //even though its not configurable by the fair
$config['dates'][$r->name]=$r->date; if(stristr($_SERVER['HTTP_USER_AGENT'],"MSIE"))
} $config['icon_extension']="gif";
else
//load roles $config['icon_extension']="png";
$roles=array();
$q = mysql_query("SELECT * FROM roles"); //now get the languages, and make sure we have at least one active language
while(($r = mysql_fetch_assoc($q))) { $q=mysql_query("SELECT * FROM languages WHERE active='Y' ORDER BY langname");
$roles[$r['type']] = $r; if(mysql_num_rows($q)==0) {
$roles_by_id[$r['id']]=$r; echo "No active languages defined, defaulting to English";
} $config['languages']['en']="English";
}
//and now pull the theme else {
require_once("theme/{$config['theme']}/theme.php"); while($r=mysql_fetch_object($q)) {
require_once("theme/{$config['theme_icons']}/icons.php"); $config['languages'][$r->lang]=$r->langname;
}
//detect the browser first, so we know what icons to use - we store this in the config array as well }
//even though its not configurable by the fair //now if no language has been set yet, lets set it to the default language
if(stristr($_SERVER['HTTP_USER_AGENT'],"MSIE")) if(!$_SESSION['lang']) {
$config['icon_extension']="gif"; //first try the default language, if that doesnt work, use "en"
else if($config['default_language'])
$config['icon_extension']="png"; $_SESSION['lang']=$config['default_language'];
else
//now get the languages, and make sure we have at least one active language $_SESSION['lang']="en";
$q=mysql_query("SELECT * FROM languages WHERE active='Y' ORDER BY langname"); }
if(mysql_num_rows($q)==0) {
echo "No active languages defined, defaulting to English"; //only allow debug to get set if we're using a development version (odd numbered ending)
$config['languages']['en']="English"; if(substr($config['version'], -1) % 2 != 0)
} if($_GET['debug']) $_SESSION['debug']=$_GET['debug'];
else {
while($r=mysql_fetch_object($q)) { //if the user has switched languages, go ahead and switch the session variable
$config['languages'][$r->lang]=$r->langname; if($_GET['switchlanguage']) {
} //first, make sure its a valid language:
} if($config['languages'][$_GET['switchlanguage']]) {
//now if no language has been set yet, lets set it to the default language $_SESSION['lang']=$_GET['switchlanguage'];
if(!$_SESSION['lang']) { }
//first try the default language, if that doesnt work, use "en" else {
if($config['default_language']) //invalid language, dont do anything
$_SESSION['lang']=$config['default_language']; }
else }
$_SESSION['lang']="en";
} $CWSFDivisions=array(
1=>"Automotive",
//only allow debug to get set if we're using a development version (odd numbered ending) 2=>"Biotechnology & Pharmaceutical Sciences",
if(substr($config['version'], -1) % 2 != 0) 3=>"Computing & Information Technology",
if($_GET['debug']) $_SESSION['debug']=$_GET['debug']; 4=>"Earth & Environmental Sciences",
5=>"Engineering",
//if the user has switched languages, go ahead and switch the session variable 6=>"Environmental Innovation",
if($_GET['switchlanguage']) { 7=>"Health Sciences",
//first, make sure its a valid language: 8=>"Life Sciences",
if($config['languages'][$_GET['switchlanguage']]) { 9=>"Physical & Mathematical Sciences"
$_SESSION['lang']=$_GET['switchlanguage']; );
}
else { $conference_types = array(
//invalid language, dont do anything 'sciencefair' => 'Science Fair',
} 'scienceolympics' => 'Science Olympics'
} );
$CWSFDivisions=array( //take SFIABDIRECTORY off of the current URL
1=>"Automotive", $pageurl=substr($_SERVER['PHP_SELF'],strlen($config['SFIABDIRECTORY']));
2=>"Biotechnology & Pharmaceutical Sciences",
3=>"Computing & Information Technology", //this code figures out if the page we're on is in the navigation structure, and if so, where, and properly sets the primary, secondary and tertiary navigation variables
4=>"Earth & Environmental Sciences", $q=mysql_query("SELECT * FROM rolestasks WHERE
5=>"Engineering", ( link='".mysql_real_escape_string($pageurl)."'
6=>"Environmental Innovation", OR link LIKE '".mysql_real_escape_string($pageurl)."?%')
7=>"Health Sciences", AND conferencetype='{$conference['type']}'");
8=>"Life Sciences",
9=>"Physical & Mathematical Sciences" if(mysql_num_rows($q)) {
); if(mysql_num_rows($q)==1) {
$r=mysql_fetch_object($q);
$conference_types = array( }
'sciencefair' => 'Science Fair', else {
'scienceolympics' => 'Science Olympics' //take the first one for now
); while($r=mysql_fetch_object($q)) {
if($NAV_IDENT==$r->navident)
//take SFIABDIRECTORY off of the current URL break;
$pageurl=substr($_SERVER['PHP_SELF'],strlen($config['SFIABDIRECTORY'])); }
//we have more than one, we need to rely on the $navident now
//this code figures out if the page we're on is in the navigation structure, and if so, where, and properly sets the primary, secondary and tertiary navigation variables }
$q=mysql_query("SELECT * FROM rolestasks WHERE //okay we found it, now get its full tree above it
( link='".mysql_real_escape_string($pageurl)."'
OR link LIKE '".mysql_real_escape_string($pageurl)."?%') //set things to 0 to start
AND conferencetype='{$conference['type']}'"); $_SESSION['nav']['primary']=0;
$_SESSION['nav']['secondary']=0;
if(mysql_num_rows($q)) { $_SESSION['nav']['tertiary']=0;
if(mysql_num_rows($q)==1) {
$r=mysql_fetch_object($q); $navTree=array();
} upTree($r->id,&$navTree);
else {
//take the first one for now //go through each one, and set the SESSION vars
while($r=mysql_fetch_object($q)) { foreach($navTree AS $t) {
if($NAV_IDENT==$r->navident) switch($t['level']) {
break; case 0: //primary nav
} $_SESSION['nav']['primary']=$t['id'];
//we have more than one, we need to rely on the $navident now break;
} case 1: //secondary nav
//okay we found it, now get its full tree above it $_SESSION['nav']['secondary']=$t['id'];
break;
//set things to 0 to start case 2: //tertiary nav
$_SESSION['nav']['primary']=0; $_SESSION['nav']['tertiary']=$t['id'];
$_SESSION['nav']['secondary']=0; break;
$_SESSION['nav']['tertiary']=0; }
}
$navTree=array(); }
upTree($r->id,&$navTree); else {
//if we didnt find it, we only set the tertiary to 0, because we probably want to keep our primary and secondary navs if they exist
//go through each one, and set the SESSION vars $_SESSION['nav']['tertiary']=0;
foreach($navTree AS $t) { }
switch($t['level']) {
case 0: //primary nav
$_SESSION['nav']['primary']=$t['id'];
break;
case 1: //secondary nav
$_SESSION['nav']['secondary']=$t['id'];
break;
case 2: //tertiary nav
$_SESSION['nav']['tertiary']=$t['id'];
break;
}
}
}
else {
//if we didnt find it, we only set the tertiary to 0, because we probably want to keep our primary and secondary navs if they exist
$_SESSION['nav']['tertiary']=0;
}

1063
common.inc.php
View File

File diff suppressed because it is too large Load Diff

285
db/db_update.php
View File

@ -1,163 +1,122 @@
<? <?
// DES dspanogle 2011-02-06 moved to before system call as test for windows server with alternate code. if(!function_exists("system")) {
/* echo "DB Update requires php's system() function to be available\n";
if(!function_exists("system")) { exit;
echo "DB Update requires php's system() function to be available\n"; }
exit;
} //include the config.inc.php
*/ //so we have the db connection info
//include the config.inc.php require_once('../data/config.inc.php');
//so we have the db connection info echo "<pre>\n";
require_once('../data/config.inc.php'); if(file_exists("db.code.version.txt")) {
echo "<pre>\n"; $dbcodeversion_file=file("db.code.version.txt");
if(file_exists("db.code.version.txt")) { $dbcodeversion=trim($dbcodeversion_file[0]);
$dbcodeversion_file=file("db.code.version.txt"); }
$dbcodeversion=trim($dbcodeversion_file[0]); else {
} echo "Couldnt load current db.code.version.txt\n";
else { exit;
echo "Couldnt load current db.code.version.txt\n"; }
exit;
} $skip_dbversion_update = array_key_exists('skip_dbversion_update', $_GET);
$skip_dbversion_update = array_key_exists('skip_dbversion_update', $_GET); mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME);
mysql_connect($DBHOST,$DBUSER,$DBPASS); @mysql_query("SET NAMES utf8");
mysql_select_db($DBNAME); $q=mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND year='0'");
@mysql_query("SET NAMES utf8"); $r=mysql_fetch_object($q);
$q=mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND year='0'"); $dbdbversion=$r->val;
$r=mysql_fetch_object($q); if(!$dbdbversion) {
$dbdbversion=$r->val; echo "Couldnt get current db version. Is SFIAB properly installed?\n";
if(!$dbdbversion) { exit;
echo "Couldnt get current db version. Is SFIAB properly installed?\n"; }
exit;
} if($dbdbversion>=190) {
//we can only load in the 'system', because when running from here we have no clue what
if($dbdbversion>=190) { //conference the script is interested in
//we can only load in the 'system', because when running from here we have no clue what //also, FAIRYEAR doesnt exist anymore
//conference the script is interested in
//also, FAIRYEAR doesnt exist anymore /* Load config just in case there's a PHP script that wants it */
$q=mysql_query("SELECT * FROM config WHERE section='system' AND conferences_id=0");
/* Load config just in case there's a PHP script that wants it */ while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
$q=mysql_query("SELECT * FROM config WHERE section='system' AND conferences_id=0"); }
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val; else {
} /* Get the fair year */
else { $q=mysql_query("SELECT val FROM config WHERE var='FAIRYEAR' AND year='0'");
/* Get the fair year */ $r=mysql_fetch_object($q);
$q=mysql_query("SELECT val FROM config WHERE var='FAIRYEAR' AND year='0'"); $config = array('FAIRYEAR' => $r->val);
$r=mysql_fetch_object($q);
$config = array('FAIRYEAR' => $r->val); /* Load config just in case there's a PHP script that wants it */
$q=mysql_query("SELECT * FROM config WHERE year='{$config['FAIRYEAR']}'");
/* Load config just in case there's a PHP script that wants it */ while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
$q=mysql_query("SELECT * FROM config WHERE year='{$config['FAIRYEAR']}'"); }
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
}
require_once("../config_editor.inc.php"); // For config_update_variables()
require_once("../config_editor.inc.php"); // For config_update_variables() if($dbcodeversion && $dbdbversion) {
//lets see if they match
if($dbcodeversion && $dbdbversion) { if($dbcodeversion == $dbdbversion) {
//lets see if they match echo "DB and CODE are all up-to-date. Version: $dbdbversion\n";
if($dbcodeversion == $dbdbversion) { exit;
echo "DB and CODE are all up-to-date. Version: $dbdbversion\n"; }
exit; else if($dbcodeversion<$dbdbversion) {
} echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!";
else if($dbcodeversion<$dbdbversion) { exit;
echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!";
exit; }
else if($dbcodeversion>$dbdbversion) {
} echo "DB update requirements detected\n";
else if($dbcodeversion>$dbdbversion) { echo "Current DB Version: $dbdbversion\n";
echo "DB update requirements detected\n"; echo "Current CODE Version: $dbcodeversion\n";
echo "Current DB Version: $dbdbversion\n";
echo "Current CODE Version: $dbcodeversion\n"; echo "Updating database from $dbdbversion to $dbcodeversion\n";
echo "Updating database from $dbdbversion to $dbcodeversion\n"; for($ver=$dbdbversion+1;$ver<=$dbcodeversion;$ver++) {
if(file_exists("db.update.$ver.php")) {
for($ver=$dbdbversion+1;$ver<=$dbcodeversion;$ver++) { include("db.update.$ver.php");
if(file_exists("db.update.$ver.php")) { }
include("db.update.$ver.php"); if(is_callable("db_update_{$ver}_pre")) {
} echo "db.update.$ver.php::db_update_{$ver}_pre() exists - running...\n";
if(is_callable("db_update_{$ver}_pre")) { call_user_func("db_update_{$ver}_pre");
echo "db.update.$ver.php::db_update_{$ver}_pre() exists - running...\n"; echo "db.update.$ver.php::db_update_{$ver}_pre() done.\n";
call_user_func("db_update_{$ver}_pre"); }
echo "db.update.$ver.php::db_update_{$ver}_pre() done.\n"; if(file_exists("db.update.$ver.sql")) {
} echo "db.update.$ver.sql detected - running...\n";
if(file_exists("db.update.$ver.sql")) { readfile("db.update.$ver.sql");
echo "db.update.$ver.sql detected - running...\n"; echo "\n";
readfile("db.update.$ver.sql"); system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db.update.$ver.sql", $exit_code);
echo "\n"; if($exit_code != 0) {
// DES dspanogle 2011-02-05 Test to see if can use system call /* mysql failed!, what now? */
// if *nix then '/' in working directory. If not then windows - do not even try system
if(function_exists("system") and (stristr(substr(getcwd(),-9), '/') ) ) { }
// Use System call this assumes mysql.exe exists on the server. it may not. }
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db.update.$ver.sql", $exit_code); else {
} echo "Version $ver SQL update file not found - skipping over\n";
else{ }
// Probably a Windows server. use alternate code. if(is_callable("db_update_{$ver}_post")) {
// dspanogle 2011-02-05 Use each section of the sql file instead of using system("sql" ... echo "db.update.$ver.php::db_update_{$ver}_post() exists - running...\n";
// For windows ISP servers that do not provide "sql: executable - replace system call. call_user_func("db_update_{$ver}_post");
$exit_code = 0; // assume no errors for now echo "db.update.$ver.php::db_update_{$ver}_post() done.\n";
$filename = 'db.update.'.$ver.'.sql'; }
// Temporary variable, used to store current query }
$templine = ''; if($db_update_skip_variables != true) {
// Read in entire file echo "\nUpdating Configuration Variables...\n";
$lines = file($filename); config_update_variables();
// Loop through each line }
foreach ($lines as $line)
{
// Skip it if it's a comment if($skip_dbversion_update) {
if (substr($line, 0, 2) == '--' || $line == '') echo "\nAll done - skip_dbversion_update specified, NOT updating to DB version to $dbcodeversion\n";
continue; } else {
// Add this line to the current segment echo "\nAll done - updating new DB version to $dbcodeversion\n";
$templine .= $line; mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'");
// If it has a semicolon at the end, it's the end of the query }
if (substr(trim($line), -1, 1) == ';') }
{ }
// Perform the query else {
if(!mysql_query($templine)){ echo "ERROR: dbcodeversion and dbdbversion are not defined\n";
echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />'); }
$exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors
} echo "</pre>\n";
// Reset temp variable to empty
$templine = ''; ?>
}
}
echo "<br />";
}
if($exit_code != 0) {
/* mysql failed!, what now? */
echo "<br/><b>mysql failed to execute query(s) without error!<br/>";
echo "Update scripts bad or *nix server system('mysql' .. ) call failed!<br/>";
echo "This installation is not complete!</b><br/>";
}
}
else {
echo "Version $ver SQL update file not found - skipping over\n";
}
if(is_callable("db_update_{$ver}_post")) {
echo "db.update.$ver.php::db_update_{$ver}_post() exists - running...\n";
call_user_func("db_update_{$ver}_post");
echo "db.update.$ver.php::db_update_{$ver}_post() done.\n";
}
}
if($db_update_skip_variables != true) {
echo "\nUpdating Configuration Variables...\n";
config_update_variables();
}
if($skip_dbversion_update) {
echo "\nAll done - skip_dbversion_update specified, NOT updating to DB version to $dbcodeversion\n";
} else {
echo "\nAll done - updating new DB version to $dbcodeversion\n";
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'");
}
}
}
else {
echo "ERROR: dbcodeversion and dbdbversion are not defined\n";
}
echo "</pre>\n";
?>

354
install2.php
View File

@ -1,216 +1,138 @@
<? <?
/* /*
This file is part of the 'Science Fair In A Box' project This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org> Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org> Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2. License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details. General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330, the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. Boston, MA 02111-1307, USA.
*/ */
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n"; echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?> ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" > <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title>SFIAB Installation</title> <head><title>SFIAB Installation</title>
<link rel="stylesheet" href="sfiab.css" type="text/css" /> <link rel="stylesheet" href="sfiab.css" type="text/css" />
</head> </head>
<body> <body>
<h1>SFIAB Installation - Step 2</h1> <h1>SFIAB Installation - Step 2</h1>
<? <?
// DES dspanogle 2011-02-05 Can do without system! Do tests below.
/* if(!function_exists("system")) {
if(!function_exists("system")) { echo "<div class=\"error\">Installation requires php's system() function to be available</div>\n";
echo "<div class=\"error\">Installation requires php's system() function to be available</div>\n"; echo "</body></html>";
echo "</body></html>"; exit;
exit; }
}
*/ if(!file_exists("data/config.inc.php")) {
if(!file_exists("data/config.inc.php")) { echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>";
echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>"; echo "<a href=\"install.php\">Go back to installation step 1</a><br />";
echo "<a href=\"install.php\">Go back to installation step 1</a><br />"; echo "</body></html>";
echo "</body></html>"; exit;
exit; }
}
require_once("data/config.inc.php");
require_once("data/config.inc.php"); mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_connect($DBHOST,$DBUSER,$DBPASS); mysql_select_db($DBNAME);
mysql_select_db($DBNAME);
echo "Getting database version requirements for code... "; echo "Getting database version requirements for code... ";
if(file_exists("db/db.code.version.txt")) { if(file_exists("db/db.code.version.txt")) {
$dbcodeversion_file=file("db/db.code.version.txt"); $dbcodeversion_file=file("db/db.code.version.txt");
$dbcodeversion=trim($dbcodeversion_file[0]); $dbcodeversion=trim($dbcodeversion_file[0]);
} }
else { else {
echo "<b>ERROR: Couldnt load current db/db.code.version.txt</b><br />"; echo "<b>ERROR: Couldnt load current db/db.code.version.txt</b><br />";
exit; exit;
} }
echo "<b>version $dbcodeversion</b><br />"; echo "<b>version $dbcodeversion</b><br />";
echo "Checking for existing SFIAB database... "; echo "Checking for existing SFIAB database... ";
$q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'"); $q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'");
$r=@mysql_fetch_object($q); $r=@mysql_fetch_object($q);
$dbdbversion=$r->val; $dbdbversion=$r->val;
if($dbdbversion) { if($dbdbversion) {
echo "<b>ERROR: found version $dbdbversion</b><br />"; echo "<b>ERROR: found version $dbdbversion</b><br />";
//lets see if they match //lets see if they match
if($dbcodeversion == $dbdbversion) if($dbcodeversion == $dbdbversion)
echo "Your SFIAB database is already setup with the required version\n"; echo "Your SFIAB database is already setup with the required version\n";
else if($dbcodeversion<$dbdbversion) else if($dbcodeversion<$dbdbversion)
echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!"; echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!";
else if($dbcodeversion>$dbdbversion) else if($dbcodeversion>$dbdbversion)
echo "Your SFIAB database needs to be updated. You should run the update script instead of this installer!\n"; echo "Your SFIAB database needs to be updated. You should run the update script instead of this installer!\n";
exit; exit;
} }
else { else {
echo "<b>Not found (good!)</b><br />"; echo "<b>Not found (good!)</b><br />";
} }
echo "Checking for database installer for version $dbcodeversion... "; echo "Checking for database installer for version $dbcodeversion... ";
if(file_exists("db/db.full.$dbcodeversion.sql")) { if(file_exists("db/db.full.$dbcodeversion.sql")) {
echo "<b>db/db.full.$dbcodeversion.sql found</b><br />"; echo "<b>db/db.full.$dbcodeversion.sql found</b><br />";
echo "Setting up database tables... "; echo "Setting up database tables... ";
// dspanogle 2011-02-05 if system does not exist use each section of the sql file instead of using system("sql" ... system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$dbcodeversion.sql");
// For windows ISP servers that do not provide system or sql.exe executable - replace system call.
// If '/' in working directory then is *nix if not do not even try to call system. echo "<b>Done! installed database version $dbcodeversion</b><br />\n";
if(function_exists("system") and (stristr(substr(getcwd(),-9), '/')) ) {
// assume mysql.exe exists //now update the db version in the database
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$dbcodeversion.sql",$exit_code); mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'");
}
else // system is not available or is windows server. try to break up the query and just do each part. echo "<br />";
{ echo "<b>Done!</b><br />";
$exit_code = 0; echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
$filename = 'db/db.full.'.$dbcodeversion.'.sql'; }
// Temporary variable, used to store current query else {
$templine = ''; echo "<b>Couldnt find db/db.full.$dbcodeversion.sql</b><br />";
// Read in entire file echo "Trying to find an older version... <br />";
$lines = file($filename);
// Loop through each line for($x=$dbcodeversion;$x>0;$x--) {
foreach ($lines as $line) if(file_exists("db/db.full.$x.sql")) {
{ echo "<b>db/db.full.$x.sql found</b><br />";
// Skip it if it's a comment echo "Setting up database tables... ";
if (substr($line, 0, 2) == '--' || $line == '')
continue; system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$x.sql");
// Add this line to the current segment
$templine .= $line; echo "<b>Done! installed database version $x</b><br />\n";
// If it has a semicolon at the end, it's the end of the query
if (substr(trim($line), -1, 1) == ';') //now update the db version in the database
{ mysql_query("UPDATE config SET val='$x' WHERE var='DBVERSION' AND conferences_id='0'");
// Perform the query
if(!mysql_query($templine)){ echo "<b>Attempting to update database using standard update script to update from $x to $dbcodeversion<br />";
echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />'); echo "<br />Please scroll to the bottom of this page for the link to the next step of the installation process.<br /></b>";
$exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors chdir ("db");
} /* Update the database, but don't update the config variables yet, because
// Reset temp variable to empty * We haven't set the conference id */
$templine = ''; $db_update_skip_variables = true;
} include "db_update.php";
} chdir ("../");
echo "<br/><br />";
} echo "<br />";
if($exit_code != 0) { echo "<b>Done!</b><br />";
/* mysql failed!, what now? */ echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
echo "<br/><b>mysql failed to execute query(s) without error!<b><br/>"; break;
} }
}
echo "<b>Done! installed database version $dbcodeversion</b><br />\n"; }
//only if this file was created will we go ahead with the rest
//now update the db version in the database //creating all the tables and such..
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'"); ?>
echo "<br />"; </body></html>
echo "<b>Done!</b><br />";
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
}
else {
echo "<b>Couldnt find db/db.full.$dbcodeversion.sql</b><br />";
echo "Trying to find an older version... <br />";
for($x=$dbcodeversion;$x>0;$x--) {
if(file_exists("db/db.full.$x.sql")) {
echo "<b>db/db.full.$x.sql found</b><br />";
echo "Setting up database tables... ";
// dspanogle 2011-02-05 if system does not exist use each section of the sql file instead of using system("sql" ...
// For windows ISP servers that do not provide system or sql.exe executable - replace system call.
// If '/' in working directory then is *nix if not do not even try to call system.
if(function_exists("system") and (stristr(substr(getcwd(),-9), '/'))) {
// assume mysql.exe exists
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$x.sql",$exit_code);
}
else { // system is not available. try to break up the query and just do each part.
$exit_code = 0;
$filename = 'db/db.full.'.$x.'.sql';
// Temporary variable, used to store current query
$templine = '';
// Read in entire file
$lines = file($filename);
// Loop through each line
foreach ($lines as $line)
{
// Skip it if it's a comment
if (substr($line, 0, 2) == '--' || $line == '')
continue;
// Add this line to the current segment
$templine .= $line;
// If it has a semicolon at the end, it's the end of the query
if (substr(trim($line), -1, 1) == ';')
{
// Perform the query
if(!mysql_query($templine)){
echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />');
$exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors
}
// Reset temp variable to empty
$templine = '';
}
}
echo "<br/><br />";
}
if($exit_code != 0) {
/* mysql failed!, what now? */
echo "<br/><b>mysql failed to execute query(s) without error!<b><br/>";
}
echo "<b>Done! installed database version $x</b><br />\n";
//now update the db version in the database
mysql_query("UPDATE config SET val='$x' WHERE var='DBVERSION' AND conferences_id='0'");
echo "<b>Attempting to update database using standard update script to update from $x to $dbcodeversion<br />";
echo "<br />Please scroll to the bottom of this page for the link to the next step of the installation process.<br /></b>";
chdir ("db");
/* Update the database, but don't update the config variables yet, because
* We haven't set the conference id */
$db_update_skip_variables = true;
include "db_update.php";
chdir ("../");
echo "<br />";
echo "<b>Done!</b><br />";
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
break;
}
}
}
//only if this file was created will we go ahead with the rest
//creating all the tables and such..
?>
</body></html>

311
install3.php
View File

@ -1,159 +1,152 @@
<? <?
/* /*
This file is part of the 'Science Fair In A Box' project This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org> Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org> Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2. License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details. General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330, the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. Boston, MA 02111-1307, USA.
*/ */
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n"; echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?> ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" > <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title>SFIAB Installation</title> <head><title>SFIAB Installation</title>
<link rel="stylesheet" href="sfiab.css" type="text/css" /> <link rel="stylesheet" href="sfiab.css" type="text/css" />
</head> </head>
<body> <body>
<h1>SFIAB Installation - Step 3</h1> <h1>SFIAB Installation - Step 3</h1>
<? <?
if(!file_exists("data/config.inc.php")) { if(!file_exists("data/config.inc.php")) {
echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>"; echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>";
echo "<a href=\"install.php\">Go back to installation step 1</a><br />"; echo "<a href=\"install.php\">Go back to installation step 1</a><br />";
echo "</body></html>"; echo "</body></html>";
exit; exit;
} }
require_once("data/config.inc.php"); require_once("data/config.inc.php");
require_once("config_editor.inc.php"); require_once("config_editor.inc.php");
require_once("user.inc.php"); require_once("user.inc.php");
require_once("committee.inc.php"); require_once("committee.inc.php");
mysql_connect($DBHOST,$DBUSER,$DBPASS); mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME); mysql_select_db($DBNAME);
echo "Checking for SFIAB database... "; echo "Checking for SFIAB database... ";
$q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'"); $q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'");
$r=@mysql_fetch_object($q); $r=@mysql_fetch_object($q);
$dbdbversion=$r->val; $dbdbversion=$r->val;
if(!$dbdbversion) { if(!$dbdbversion) {
echo "<div class=\"error\">SFIAB Installation Step 2 is not yet complete.</div>"; echo "<div class=\"error\">SFIAB Installation Step 2 is not yet complete.</div>";
echo "<a href=\"install2.php\">Go back to installation step 2</a><br />"; echo "<a href=\"install2.php\">Go back to installation step 2</a><br />";
echo "</body></html>"; echo "</body></html>";
exit; exit;
} }
//a fresh install should ONLY have DBVERSION defined in the config table. If there are others (SFIABDIRECTORY) then this is NOT fresh //a fresh install should ONLY have DBVERSION defined in the config table. If there are others (SFIABDIRECTORY) then this is NOT fresh
$q=mysql_query("SELECT * FROM config WHERE conferences_id='0' AND ( var='DBVERSION' OR var='SFIABDIRECTORY') "); $q=mysql_query("SELECT * FROM config WHERE conferences_id='0' AND ( var='DBVERSION' OR var='SFIABDIRECTORY') ");
//we might get an error if the config table does not exist (ie, installer step 2 failed) //we might get an error if the config table does not exist (ie, installer step 2 failed)
if(mysql_error()) { if(mysql_error()) {
//we say all tables, but really only we check for config where conferences_id=0; //we say all tables, but really only we check for config where conferences_id=0;
echo "<div class=\"error\">ERROR: No SFIAB tables detected, It seems like step 2 failed. Please go <a href=\"install2.php\">Back to Installation Step 2</a> and try again.</div>"; echo "<div class=\"error\">ERROR: No SFIAB tables detected, It seems like step 2 failed. Please go <a href=\"install2.php\">Back to Installation Step 2</a> and try again.</div>";
echo "</body></html>"; echo "</body></html>";
exit; exit;
} }
//1 is okay (DBVERSION). More than 1 is bad (already isntalled) //1 is okay (DBVERSION). More than 1 is bad (already isntalled)
if(mysql_num_rows($q)>1) { if(mysql_num_rows($q)>1) {
//we say all tables, but really only we check for config where conferences_id=0; //we say all tables, but really only we check for config where conferences_id=0;
echo "<div class=\"error\">ERROR: Detected existing table data, SFIAB Installation Step 3 requires a clean SFIAB database installation.</div>"; echo "<div class=\"error\">ERROR: Detected existing table data, SFIAB Installation Step 3 requires a clean SFIAB database installation.</div>";
echo "</body></html>"; echo "</body></html>";
exit; exit;
} }
echo "<b>Found!</b><br />"; echo "<b>Found!</b><br />";
if($_POST['action']=="save") { if($_POST['action']=="save") {
$err=false; $err=false;
if(!$_POST['email']) { if(!$_POST['email']) {
echo "Superuser email address is required"; echo "Superuser email address is required";
$err=true; $err=true;
} }
if(!( $_POST['pass1'] && $_POST['pass2'])) { if(!( $_POST['pass1'] && $_POST['pass2'])) {
echo "Superuser password and password confirmation are required"; echo "Superuser password and password confirmation are required";
$err=true; $err=true;
} }
if($_POST['pass1'] != $_POST['pass2']) { if($_POST['pass1'] != $_POST['pass2']) {
echo "Password and Password confirmation do not match"; echo "Password and Password confirmation do not match";
$err=true; $err=true;
} }
if(!$err) { if(!$err) {
echo "Creating configuration settings... "; echo "Creating configuration settings... ";
// mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FAIRYEAR','".$_POST['fairyear']."','Special','0','0')"); // mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FAIRYEAR','".$_POST['fairyear']."','Special','0','0')");
mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FISCALYEAR','".$_POST['fiscalyear']."','Special','0','0')"); mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FISCALYEAR','".$_POST['fiscalyear']."','Special','0','0')");
mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('SFIABDIRECTORY','".$_POST['sfiabdirectory']."','Special','','0')"); mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('SFIABDIRECTORY','".$_POST['sfiabdirectory']."','Special','','0')");
/* /*
$year = intval($_POST['fairyear']); $year = intval($_POST['fairyear']);
$config['FAIRYEAR']=$year; $config['FAIRYEAR']=$year;
*/ */
echo "Creating superuser account... "; echo "Creating superuser account... ";
// The next line returned $account = false instead of a query result when installing on windows server. $account = account_create($_POST['email'], $_POST['pass1']);
// DES dspanogle 2011-02-05 so of course the UPDATE fails Failed on account load.. mysql_query("UPDATE accounts SET superuser = 'yes' WHERE id = " . $account['id']);
// the problem was in account_load - had SELECT parameter not in the account table.
// I did a temporary fix by removing pendingemail parameter from the SELECT . echo "<b>Done!</b><br />";
// ALSO... email was not set for the supper user not sure if it should be so I set = to username in the echo "Installation is now complete! You can now proceed to the following location: <br />";
// database accounts entry for superuser. echo "&nbsp; &nbsp; <a href=\"".$_POST['sfiabdirectory']."\">Your SFIAB main page</a><br />";
$account = account_create($_POST['email'], $_POST['pass1']); echo "</body></html>";
mysql_query("UPDATE accounts SET superuser = 'yes' WHERE id = " . $account['id']); exit;
}
echo "<b>Done!</b><br />";
echo "Installation is now complete! You can now proceed to the following location: <br />"; }
echo "&nbsp; &nbsp; <a href=\"".$_POST['sfiabdirectory']."\">Your SFIAB main page</a><br />";
echo "</body></html>"; echo "<br />";
exit; echo "Please enter the following options <br />";
} echo "<br />";
} $month=date("m");
if($month>6) $fiscalyearsuggest=date("Y")+1;
echo "<br />"; else $fiscalyearsuggest=date("Y");
echo "Please enter the following options <br />";
echo "<br />"; $directorysuggest=substr($_SERVER['REQUEST_URI'],0,-13);
echo "<h3>Options</h3>";
$month=date("m"); echo "<form method=\"post\" action=\"install3.php\">";
if($month>6) $fiscalyearsuggest=date("Y")+1; echo "<input type=\"hidden\" name=\"action\" value=\"save\" />";
else $fiscalyearsuggest=date("Y");
// DES dspanogle 2011-02-05 $_SERVER['REQUEST_URI'] is not available on many Windows servers echo "<table>";
//$directorysuggest = substr($_SERVER['REQUEST_URI'],0,-13); echo "<tr><td>Fiscal Year</td><td><input size=\"8\" type=\"text\" name=\"fiscalyear\" value=\"$fiscalyearsuggest\"></td><td>The current fiscal year (for fundraising/accounting purposes)</td></tr>";
$directorysuggest = substr(getenv("SCRIPT_NAME"),0,-13); echo "<tr><td>Directory</td><td><input size=\"25\" type=\"text\" name=\"sfiabdirectory\" value=\"$directorysuggest\"></td><td>The directory of this SFIAB installation as seen by the web browser</td></tr>";
echo "<h3>Options</h3>";
echo "<form method=\"post\" action=\"install3.php\">"; echo "</table>";
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />"; echo "<br />";
echo "<h3>Superuser Account</h3>";
echo "<table>"; echo "Please choose your superuser account which is required to login to SFIAB and configure the system, as well as to add other users. <br />";
echo "<tr><td>Fiscal Year</td><td><input size=\"8\" type=\"text\" name=\"fiscalyear\" value=\"$fiscalyearsuggest\"></td><td>The current fiscal year (for fundraising/accounting purposes)</td></tr>"; echo "<table>";
echo "<tr><td>Directory</td><td><input size=\"25\" type=\"text\" name=\"sfiabdirectory\" value=\"$directorysuggest\"></td><td>The directory of this SFIAB installation as seen by the web browser</td></tr>"; echo "<tr><td>Superuser Email Address</td><td><input size=\"40\" type=\"text\" name=\"email\"></td></tr>";
echo "<tr><td>Superuser Password</td><td><input size=\"15\" type=\"password\" name=\"pass1\"></td></tr>";
echo "</table>"; echo "<tr><td>Superuser Password (Confirm)</td><td><input size=\"15\" type=\"password\" name=\"pass2\"></td></tr>";
echo "<br />"; echo "</table>";
echo "<h3>Superuser Account</h3>"; echo "<br />";
echo "Please choose your superuser account which is required to login to SFIAB and configure the system, as well as to add other users. <br />"; echo "<input type=\"submit\" value=\"Complete Installation\">";
echo "<table>"; echo "</form>";
echo "<tr><td>Superuser Email Address</td><td><input size=\"40\" type=\"text\" name=\"email\"></td></tr>";
echo "<tr><td>Superuser Password</td><td><input size=\"15\" type=\"password\" name=\"pass1\"></td></tr>"; ?>
echo "<tr><td>Superuser Password (Confirm)</td><td><input size=\"15\" type=\"password\" name=\"pass2\"></td></tr>";
echo "</table>"; </body></html>
echo "<br />";
echo "<input type=\"submit\" value=\"Complete Installation\">";
echo "</form>";
?>
</body></html>