arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Revert Dennis's commit - improper line endings caused the whole files to be replaced

Browse Source
This commit is contained in:
james 2011-02-16 16:59:33 +00:00
parent ce35d4ccee
commit 4ac3a8f974
6 changed files with 1837 additions and 2000 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1047
account.inc.php
View File

File diff suppressed because it is too large Load Diff

777
common.inc.bootstrap.php
View File

@ -1,397 +1,380 @@
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005-2010 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
//if we dont set the charset any page that doesnt call send_header() (where it used to be set) would defualt to the server's encoding,
//which in many cases (like ysf-fsj.ca/sfiab) is UTF-8. This was causing a lot of the newly AJAX'd editors to fail on french characters,
//becuase they were being encoded improperly. Ideally, all the databases will be switched to UTF-8, but thats not a near-term possibility,
//so this is kind of a band-aid solution until we can make everything UTF8. Hope it doesnt break anything anywhere else!
header("Content-Type: text/html; charset=UTF-8");
//set error reporting to not show notices, for some reason some people's installation dont set this by default
//so we will set it in the code instead just to make sure
//error_reporting(E_ALL & ~E_DEPRECATED );
define('REQUIREDFIELD','<span class="requiredfield">*</span>');
//figure out the directory to prepend to directoroy names, depending on if we are in a subdirectory or not
// DES dspanogle 2011-02-04 Windows based servers use '\' in directories. This code works for WIN servers and or *nix servers.
if (stristr(getcwd(), '\\')) { // must look at whole directory because we do no know the SFIABDIRECTORY length
// Win
if(substr(getcwd(),-6)=="\\admin")
$prependdir="..\\";
else if(substr(getcwd(),-6)=="\\super")
$prependdir="..\\";
else if(substr(getcwd(),-7)=="\\config")
$prependdir="..\\";
else if(substr(getcwd(),-3)=="\\db")
$prependdir="..\\";
else if(substr(getcwd(),-8)=="\\scripts")
$prependdir="..\\";
else
$prependdir="";
} else {
// Other
if(substr(getcwd(),-6)=="/admin")
$prependdir="../";
else if(substr(getcwd(),-6)=="/super")
$prependdir="../";
else if(substr(getcwd(),-7)=="/config")
$prependdir="../";
else if(substr(getcwd(),-3)=="/db")
$prependdir="../";
else if(substr(getcwd(),-8)=="/scripts")
$prependdir="../";
else
$prependdir="";
}
$sfiabversion=@file($prependdir."version.txt");
$config['version']=trim($sfiabversion[0]);
//make sure the data subdirectory is writable, if its not, then we're screwed, so make sure it is!
if(!is_writable($prependdir."data")) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "data/ subdirectory is not writable by the web server";
echo "<br>";
echo "<h2>Details</h2>";
echo "The data/ subdirectory is used to store files uploaded through the SFIAB software. The web server must have write access to this directory in order to function properly. Please contact your system administrator (if you are the system administrator, chown/chmod the data directory appropriately).";
echo "<br>";
echo "</body></html>";
exit;
}
if(file_exists($prependdir."data/config.inc.php")) {
require_once($prependdir."data/config.inc.php");
}
else {
echo "<html><head><title>SFIAB</title></head><body>";
echo "<h1>Science Fair In A Box - Installation</h1>";
echo "It looks like this is a new installation of SFIAB, and the database has not yet been configured. Please choose from the following options: <br />";
echo "<br />";
echo "<a href=\"install.php\">Proceed with Fresh SFIAB Installation</a>";
echo "<br />";
echo "</body></html>";
exit;
}
/*
difference between MySQL <5.1 and 5.1:
in <5.1 in must have internall truncated it at 16 before comparing with the hard-coded 16 character database limit
in 5.1 it doesnt truncate and compares the full string with the hardcoded 16 character limit, so all our very long usernames
are now failing
James - Dec 30 2010
*/
$DBUSER=substr($DBUSER,0,16);
if(!mysql_connect($DBHOST,$DBUSER,$DBPASS)) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "Cannot connect to database!";
echo "</body></html>";
exit;
}
if(!mysql_select_db($DBNAME)) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "Cannot select database!";
echo "</body></html>";
exit;
}
//this will silently fail on mysql 4.x, but is needed on mysql5.x to ensure we're only using utf8 encodings
@mysql_query("SET NAMES utf8");
//find out the fair year and any other 'year=0' configuration parameters (things that dont change as the years go on)
$q=@mysql_query("SELECT * FROM config WHERE conferences_id=0 OR year=0");
//we might get an error if installation step 2 is not done (ie, the config table doesnt even exist)
if(mysql_error()) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
echo "<br>";
echo "</body></html>";
exit;
}
//if we have 0 (<1) then install2 is not done, which would get caught above,
//if we have 1 (<2) then insatll3 is not done (no entries for FAIRYEAR and SFIABDIRECTORY)
if(mysql_num_rows($q)<2) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install3.php\">Installer Step 3</a> to complete the installation process";
echo "<br>";
echo "</body></html>";
exit;
}
else {
while($r=mysql_fetch_object($q)) {
$config[$r->var]=$r->val;
}
}
//doh! we cant do it all, becuase it continains things like registration passwords! lets just add things as we need them i guess
//this gets turned into a 'config' object that is accessible in javascript (and output directly to the browser, so dont put
//anything in it that shouldnt be available to the public!
$configjs['SFIABDIRECTORY']=$config['SFIABDIRECTORY'];
$dbdbversion=$config['DBVERSION'];
$dbcodeversion=@file($prependdir."db/db.code.version.txt");
$dbcodeversion=trim($dbcodeversion[0]);
if(!$dbdbversion) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
echo "<br>";
echo "</body></html>";
exit;
}
if($dbcodeversion!=$dbdbversion) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB database and code are mismatched";
echo "<br>";
echo "Please run the db_update.php script in order to update";
echo "<br>";
echo "your database to the same version as the code";
echo "<br>";
echo "<br>";
echo "<br>";
echo "<h2>Details</h2>";
echo "Current SFIAB codebase requires DB version: ".$dbcodeversion;
echo "<br>";
echo "Current SFIAB database is detected as version: ".$dbdbversion;
echo "<br>";
echo "</body></html>";
exit;
}
/* Check that magic_quotes is OFF */
if(get_magic_quotes_gpc()) {
?>
<html><head><title>SFIAB ERROR</title></head><body>
<h1>Science Fair In A Box - ERROR</h1>
<p>Your PHP configuration has magic_quotes ENABLED. They should be
disabled, and are disabled in the .htaccess file, so your server is
ignoring the .htaccess file or overriding it.
<p>Magic quotes is DEPRECATED as of PHP 5.3.0, REMOVE as of 6.0, but ON
by default for any PHP &lt; 5.3.0.
<p>Add <pre>php_flag magic_quotes_gpc off</pre> to the .htacces, or add
<pre>php_flag magic_quotes_gpc=off</pre> to php.ini
<br></body></html>
<?
exit;
}
if($config['SFIABDIRECTORY'] == '') {
session_name("SFIABSESSID");
session_set_cookie_params(0,'/');
} else {
session_name("SFIABSESSID".ereg_replace("[^A-Za-z]","_",$config['SFIABDIRECTORY']));
session_set_cookie_params(0,$config['SFIABDIRECTORY']);
}
session_start();
if(!$_SESSION['conferences_id']) {
$q=mysql_query("SELECT * FROM conferences WHERE status='running' ORDER BY name LIMIT 1");
if($r=mysql_fetch_object($q)) {
$_SESSION['conferences_id']=$r->id;
}
/*
else {
echo "No conferences defined!";
}*/
}
function switchConference($cid) {
$cid=intval($cid);
// echo "cid=$cid";
$q=mysql_query("SELECT * FROM conferences WHERE id='$cid' AND status='running'");
if($r=mysql_fetch_object($q)) {
$_SESSION['conferences_id']=$cid;
}
}
//move the conference stuff before the configuration loading, so we can load the right configuration for the conference :)
if(isset($_GET['switchconference'])) {
//make sure its good
switchConference($_GET['switchconference']);
unset($_SESSION['nav']);
}
if(intval($_SESSION['conferences_id'])>0) {
$q=mysql_query("SELECT * FROM conferences WHERE id='{$_SESSION['conferences_id']}'");
$conference=mysql_fetch_assoc($q);
/*
******* THIS IS TEMPORARY.. probably remove it in a year or so ********
if the conference year is set, this is temporary for migratory purposes, so set the FAIRYEAR = confierence year - this will
gracefully handle the science fair parts that still rely on FAIRYEAR
if conference year is NOT set, then make sure config['FAIRYEAR'] is NOT set, so we can weed out any code that relies on
FAIRYEAR from the conference system
*/
if($conference['year'])
$config['FAIRYEAR']=$conference['year'];
else
$config['FAIRYEAR']=NULL;
}
//now pull the rest of the configuration
$q=mysql_query("SELECT * FROM config WHERE conferences_id='".$conference['id']."'");
while($r=mysql_fetch_object($q)) {
$config[$r->var]=$r->val;
}
//now pull the dates
if($conference['id'])
$q=mysql_query("SELECT * FROM dates WHERE conferences_id='".$conference['id']."'");
else
$config['dates']=array();
while($r=mysql_fetch_object($q)) {
$config['dates'][$r->name]=$r->date;
}
//load roles
$roles=array();
$q = mysql_query("SELECT * FROM roles");
while(($r = mysql_fetch_assoc($q))) {
$roles[$r['type']] = $r;
$roles_by_id[$r['id']]=$r;
}
//and now pull the theme
require_once("theme/{$config['theme']}/theme.php");
require_once("theme/{$config['theme_icons']}/icons.php");
//detect the browser first, so we know what icons to use - we store this in the config array as well
//even though its not configurable by the fair
if(stristr($_SERVER['HTTP_USER_AGENT'],"MSIE"))
$config['icon_extension']="gif";
else
$config['icon_extension']="png";
//now get the languages, and make sure we have at least one active language
$q=mysql_query("SELECT * FROM languages WHERE active='Y' ORDER BY langname");
if(mysql_num_rows($q)==0) {
echo "No active languages defined, defaulting to English";
$config['languages']['en']="English";
}
else {
while($r=mysql_fetch_object($q)) {
$config['languages'][$r->lang]=$r->langname;
}
}
//now if no language has been set yet, lets set it to the default language
if(!$_SESSION['lang']) {
//first try the default language, if that doesnt work, use "en"
if($config['default_language'])
$_SESSION['lang']=$config['default_language'];
else
$_SESSION['lang']="en";
}
//only allow debug to get set if we're using a development version (odd numbered ending)
if(substr($config['version'], -1) % 2 != 0)
if($_GET['debug']) $_SESSION['debug']=$_GET['debug'];
//if the user has switched languages, go ahead and switch the session variable
if($_GET['switchlanguage']) {
//first, make sure its a valid language:
if($config['languages'][$_GET['switchlanguage']]) {
$_SESSION['lang']=$_GET['switchlanguage'];
}
else {
//invalid language, dont do anything
}
}
$CWSFDivisions=array(
1=>"Automotive",
2=>"Biotechnology & Pharmaceutical Sciences",
3=>"Computing & Information Technology",
4=>"Earth & Environmental Sciences",
5=>"Engineering",
6=>"Environmental Innovation",
7=>"Health Sciences",
8=>"Life Sciences",
9=>"Physical & Mathematical Sciences"
);
$conference_types = array(
'sciencefair' => 'Science Fair',
'scienceolympics' => 'Science Olympics'
);
//take SFIABDIRECTORY off of the current URL
$pageurl=substr($_SERVER['PHP_SELF'],strlen($config['SFIABDIRECTORY']));
//this code figures out if the page we're on is in the navigation structure, and if so, where, and properly sets the primary, secondary and tertiary navigation variables
$q=mysql_query("SELECT * FROM rolestasks WHERE
( link='".mysql_real_escape_string($pageurl)."'
OR link LIKE '".mysql_real_escape_string($pageurl)."?%')
AND conferencetype='{$conference['type']}'");
if(mysql_num_rows($q)) {
if(mysql_num_rows($q)==1) {
$r=mysql_fetch_object($q);
}
else {
//take the first one for now
while($r=mysql_fetch_object($q)) {
if($NAV_IDENT==$r->navident)
break;
}
//we have more than one, we need to rely on the $navident now
}
//okay we found it, now get its full tree above it
//set things to 0 to start
$_SESSION['nav']['primary']=0;
$_SESSION['nav']['secondary']=0;
$_SESSION['nav']['tertiary']=0;
$navTree=array();
upTree($r->id,&$navTree);
//go through each one, and set the SESSION vars
foreach($navTree AS $t) {
switch($t['level']) {
case 0: //primary nav
$_SESSION['nav']['primary']=$t['id'];
break;
case 1: //secondary nav
$_SESSION['nav']['secondary']=$t['id'];
break;
case 2: //tertiary nav
$_SESSION['nav']['tertiary']=$t['id'];
break;
}
}
}
else {
//if we didnt find it, we only set the tertiary to 0, because we probably want to keep our primary and secondary navs if they exist
$_SESSION['nav']['tertiary']=0;
}
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005-2010 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
//if we dont set the charset any page that doesnt call send_header() (where it used to be set) would defualt to the server's encoding,
//which in many cases (like ysf-fsj.ca/sfiab) is UTF-8. This was causing a lot of the newly AJAX'd editors to fail on french characters,
//becuase they were being encoded improperly. Ideally, all the databases will be switched to UTF-8, but thats not a near-term possibility,
//so this is kind of a band-aid solution until we can make everything UTF8. Hope it doesnt break anything anywhere else!
header("Content-Type: text/html; charset=UTF-8");
//set error reporting to not show notices, for some reason some people's installation dont set this by default
//so we will set it in the code instead just to make sure
//error_reporting(E_ALL & ~E_DEPRECATED );
define('REQUIREDFIELD','<span class="requiredfield">*</span>');
//figure out the directory to prepend to directoroy names, depending on if we are in a subdirectory or not
if(substr(getcwd(),-6)=="/admin")
$prependdir="../";
else if(substr(getcwd(),-6)=="/super")
$prependdir="../";
else if(substr(getcwd(),-7)=="/config")
$prependdir="../";
else if(substr(getcwd(),-3)=="/db")
$prependdir="../";
else if(substr(getcwd(),-8)=="/scripts")
$prependdir="../";
else
$prependdir="";
$sfiabversion=@file($prependdir."version.txt");
$config['version']=trim($sfiabversion[0]);
//make sure the data subdirectory is writable, if its not, then we're screwed, so make sure it is!
if(!is_writable($prependdir."data")) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "data/ subdirectory is not writable by the web server";
echo "<br>";
echo "<h2>Details</h2>";
echo "The data/ subdirectory is used to store files uploaded through the SFIAB software. The web server must have write access to this directory in order to function properly. Please contact your system administrator (if you are the system administrator, chown/chmod the data directory appropriately).";
echo "<br>";
echo "</body></html>";
exit;
}
if(file_exists($prependdir."data/config.inc.php")) {
require_once($prependdir."data/config.inc.php");
}
else {
echo "<html><head><title>SFIAB</title></head><body>";
echo "<h1>Science Fair In A Box - Installation</h1>";
echo "It looks like this is a new installation of SFIAB, and the database has not yet been configured. Please choose from the following options: <br />";
echo "<br />";
echo "<a href=\"install.php\">Proceed with Fresh SFIAB Installation</a>";
echo "<br />";
echo "</body></html>";
exit;
}
/*
difference between MySQL <5.1 and 5.1:
in <5.1 in must have internall truncated it at 16 before comparing with the hard-coded 16 character database limit
in 5.1 it doesnt truncate and compares the full string with the hardcoded 16 character limit, so all our very long usernames
are now failing
James - Dec 30 2010
*/
$DBUSER=substr($DBUSER,0,16);
if(!mysql_connect($DBHOST,$DBUSER,$DBPASS)) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "Cannot connect to database!";
echo "</body></html>";
exit;
}
if(!mysql_select_db($DBNAME)) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "Cannot select database!";
echo "</body></html>";
exit;
}
//this will silently fail on mysql 4.x, but is needed on mysql5.x to ensure we're only using utf8 encodings
@mysql_query("SET NAMES utf8");
//find out the fair year and any other 'year=0' configuration parameters (things that dont change as the years go on)
$q=@mysql_query("SELECT * FROM config WHERE conferences_id=0 OR year=0");
//we might get an error if installation step 2 is not done (ie, the config table doesnt even exist)
if(mysql_error()) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
echo "<br>";
echo "</body></html>";
exit;
}
//if we have 0 (<1) then install2 is not done, which would get caught above,
//if we have 1 (<2) then insatll3 is not done (no entries for FAIRYEAR and SFIABDIRECTORY)
if(mysql_num_rows($q)<2) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install3.php\">Installer Step 3</a> to complete the installation process";
echo "<br>";
echo "</body></html>";
exit;
}
else {
while($r=mysql_fetch_object($q)) {
$config[$r->var]=$r->val;
}
}
//doh! we cant do it all, becuase it continains things like registration passwords! lets just add things as we need them i guess
//this gets turned into a 'config' object that is accessible in javascript (and output directly to the browser, so dont put
//anything in it that shouldnt be available to the public!
$configjs['SFIABDIRECTORY']=$config['SFIABDIRECTORY'];
$dbdbversion=$config['DBVERSION'];
$dbcodeversion=@file($prependdir."db/db.code.version.txt");
$dbcodeversion=trim($dbcodeversion[0]);
if(!$dbdbversion) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
echo "<br>";
echo "</body></html>";
exit;
}
if($dbcodeversion!=$dbdbversion) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB database and code are mismatched";
echo "<br>";
echo "Please run the db_update.php script in order to update";
echo "<br>";
echo "your database to the same version as the code";
echo "<br>";
echo "<br>";
echo "<br>";
echo "<h2>Details</h2>";
echo "Current SFIAB codebase requires DB version: ".$dbcodeversion;
echo "<br>";
echo "Current SFIAB database is detected as version: ".$dbdbversion;
echo "<br>";
echo "</body></html>";
exit;
}
/* Check that magic_quotes is OFF */
if(get_magic_quotes_gpc()) {
?>
<html><head><title>SFIAB ERROR</title></head><body>
<h1>Science Fair In A Box - ERROR</h1>
<p>Your PHP configuration has magic_quotes ENABLED. They should be
disabled, and are disabled in the .htaccess file, so your server is
ignoring the .htaccess file or overriding it.
<p>Magic quotes is DEPRECATED as of PHP 5.3.0, REMOVE as of 6.0, but ON
by default for any PHP &lt; 5.3.0.
<p>Add <pre>php_flag magic_quotes_gpc off</pre> to the .htacces, or add
<pre>php_flag magic_quotes_gpc=off</pre> to php.ini
<br></body></html>
<?
exit;
}
if($config['SFIABDIRECTORY'] == '') {
session_name("SFIABSESSID");
session_set_cookie_params(0,'/');
} else {
session_name("SFIABSESSID".ereg_replace("[^A-Za-z]","_",$config['SFIABDIRECTORY']));
session_set_cookie_params(0,$config['SFIABDIRECTORY']);
}
session_start();
if(!$_SESSION['conferences_id']) {
$q=mysql_query("SELECT * FROM conferences WHERE status='running' ORDER BY name LIMIT 1");
if($r=mysql_fetch_object($q)) {
$_SESSION['conferences_id']=$r->id;
}
/*
else {
echo "No conferences defined!";
}*/
}
function switchConference($cid) {
$cid=intval($cid);
// echo "cid=$cid";
$q=mysql_query("SELECT * FROM conferences WHERE id='$cid' AND status='running'");
if($r=mysql_fetch_object($q)) {
$_SESSION['conferences_id']=$cid;
}
}
//move the conference stuff before the configuration loading, so we can load the right configuration for the conference :)
if(isset($_GET['switchconference'])) {
//make sure its good
switchConference($_GET['switchconference']);
unset($_SESSION['nav']);
}
if(intval($_SESSION['conferences_id'])>0) {
$q=mysql_query("SELECT * FROM conferences WHERE id='{$_SESSION['conferences_id']}'");
$conference=mysql_fetch_assoc($q);
/*
******* THIS IS TEMPORARY.. probably remove it in a year or so ********
if the conference year is set, this is temporary for migratory purposes, so set the FAIRYEAR = confierence year - this will
gracefully handle the science fair parts that still rely on FAIRYEAR
if conference year is NOT set, then make sure config['FAIRYEAR'] is NOT set, so we can weed out any code that relies on
FAIRYEAR from the conference system
*/
if($conference['year'])
$config['FAIRYEAR']=$conference['year'];
else
$config['FAIRYEAR']=NULL;
}
//now pull the rest of the configuration
$q=mysql_query("SELECT * FROM config WHERE conferences_id='".$conference['id']."'");
while($r=mysql_fetch_object($q)) {
$config[$r->var]=$r->val;
}
//now pull the dates
if($conference['id'])
$q=mysql_query("SELECT * FROM dates WHERE conferences_id='".$conference['id']."'");
else
$config['dates']=array();
while($r=mysql_fetch_object($q)) {
$config['dates'][$r->name]=$r->date;
}
//load roles
$roles=array();
$q = mysql_query("SELECT * FROM roles");
while(($r = mysql_fetch_assoc($q))) {
$roles[$r['type']] = $r;
$roles_by_id[$r['id']]=$r;
}
//and now pull the theme
require_once("theme/{$config['theme']}/theme.php");
require_once("theme/{$config['theme_icons']}/icons.php");
//detect the browser first, so we know what icons to use - we store this in the config array as well
//even though its not configurable by the fair
if(stristr($_SERVER['HTTP_USER_AGENT'],"MSIE"))
$config['icon_extension']="gif";
else
$config['icon_extension']="png";
//now get the languages, and make sure we have at least one active language
$q=mysql_query("SELECT * FROM languages WHERE active='Y' ORDER BY langname");
if(mysql_num_rows($q)==0) {
echo "No active languages defined, defaulting to English";
$config['languages']['en']="English";
}
else {
while($r=mysql_fetch_object($q)) {
$config['languages'][$r->lang]=$r->langname;
}
}
//now if no language has been set yet, lets set it to the default language
if(!$_SESSION['lang']) {
//first try the default language, if that doesnt work, use "en"
if($config['default_language'])
$_SESSION['lang']=$config['default_language'];
else
$_SESSION['lang']="en";
}
//only allow debug to get set if we're using a development version (odd numbered ending)
if(substr($config['version'], -1) % 2 != 0)
if($_GET['debug']) $_SESSION['debug']=$_GET['debug'];
//if the user has switched languages, go ahead and switch the session variable
if($_GET['switchlanguage']) {
//first, make sure its a valid language:
if($config['languages'][$_GET['switchlanguage']]) {
$_SESSION['lang']=$_GET['switchlanguage'];
}
else {
//invalid language, dont do anything
}
}
$CWSFDivisions=array(
1=>"Automotive",
2=>"Biotechnology & Pharmaceutical Sciences",
3=>"Computing & Information Technology",
4=>"Earth & Environmental Sciences",
5=>"Engineering",
6=>"Environmental Innovation",
7=>"Health Sciences",
8=>"Life Sciences",
9=>"Physical & Mathematical Sciences"
);
$conference_types = array(
'sciencefair' => 'Science Fair',
'scienceolympics' => 'Science Olympics'
);
//take SFIABDIRECTORY off of the current URL
$pageurl=substr($_SERVER['PHP_SELF'],strlen($config['SFIABDIRECTORY']));
//this code figures out if the page we're on is in the navigation structure, and if so, where, and properly sets the primary, secondary and tertiary navigation variables
$q=mysql_query("SELECT * FROM rolestasks WHERE
( link='".mysql_real_escape_string($pageurl)."'
OR link LIKE '".mysql_real_escape_string($pageurl)."?%')
AND conferencetype='{$conference['type']}'");
if(mysql_num_rows($q)) {
if(mysql_num_rows($q)==1) {
$r=mysql_fetch_object($q);
}
else {
//take the first one for now
while($r=mysql_fetch_object($q)) {
if($NAV_IDENT==$r->navident)
break;
}
//we have more than one, we need to rely on the $navident now
}
//okay we found it, now get its full tree above it
//set things to 0 to start
$_SESSION['nav']['primary']=0;
$_SESSION['nav']['secondary']=0;
$_SESSION['nav']['tertiary']=0;
$navTree=array();
upTree($r->id,&$navTree);
//go through each one, and set the SESSION vars
foreach($navTree AS $t) {
switch($t['level']) {
case 0: //primary nav
$_SESSION['nav']['primary']=$t['id'];
break;
case 1: //secondary nav
$_SESSION['nav']['secondary']=$t['id'];
break;
case 2: //tertiary nav
$_SESSION['nav']['tertiary']=$t['id'];
break;
}
}
}
else {
//if we didnt find it, we only set the tertiary to 0, because we probably want to keep our primary and secondary navs if they exist
$_SESSION['nav']['tertiary']=0;
}

1063
common.inc.php
View File

File diff suppressed because it is too large Load Diff

285
db/db_update.php
View File

@ -1,163 +1,122 @@
<?
// DES dspanogle 2011-02-06 moved to before system call as test for windows server with alternate code.
/*
if(!function_exists("system")) {
echo "DB Update requires php's system() function to be available\n";
exit;
}
*/
//include the config.inc.php
//so we have the db connection info
require_once('../data/config.inc.php');
echo "<pre>\n";
if(file_exists("db.code.version.txt")) {
$dbcodeversion_file=file("db.code.version.txt");
$dbcodeversion=trim($dbcodeversion_file[0]);
}
else {
echo "Couldnt load current db.code.version.txt\n";
exit;
}
$skip_dbversion_update = array_key_exists('skip_dbversion_update', $_GET);
mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME);
@mysql_query("SET NAMES utf8");
$q=mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND year='0'");
$r=mysql_fetch_object($q);
$dbdbversion=$r->val;
if(!$dbdbversion) {
echo "Couldnt get current db version. Is SFIAB properly installed?\n";
exit;
}
if($dbdbversion>=190) {
//we can only load in the 'system', because when running from here we have no clue what
//conference the script is interested in
//also, FAIRYEAR doesnt exist anymore
/* Load config just in case there's a PHP script that wants it */
$q=mysql_query("SELECT * FROM config WHERE section='system' AND conferences_id=0");
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
}
else {
/* Get the fair year */
$q=mysql_query("SELECT val FROM config WHERE var='FAIRYEAR' AND year='0'");
$r=mysql_fetch_object($q);
$config = array('FAIRYEAR' => $r->val);
/* Load config just in case there's a PHP script that wants it */
$q=mysql_query("SELECT * FROM config WHERE year='{$config['FAIRYEAR']}'");
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
}
require_once("../config_editor.inc.php"); // For config_update_variables()
if($dbcodeversion && $dbdbversion) {
//lets see if they match
if($dbcodeversion == $dbdbversion) {
echo "DB and CODE are all up-to-date. Version: $dbdbversion\n";
exit;
}
else if($dbcodeversion<$dbdbversion) {
echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!";
exit;
}
else if($dbcodeversion>$dbdbversion) {
echo "DB update requirements detected\n";
echo "Current DB Version: $dbdbversion\n";
echo "Current CODE Version: $dbcodeversion\n";
echo "Updating database from $dbdbversion to $dbcodeversion\n";
for($ver=$dbdbversion+1;$ver<=$dbcodeversion;$ver++) {
if(file_exists("db.update.$ver.php")) {
include("db.update.$ver.php");
}
if(is_callable("db_update_{$ver}_pre")) {
echo "db.update.$ver.php::db_update_{$ver}_pre() exists - running...\n";
call_user_func("db_update_{$ver}_pre");
echo "db.update.$ver.php::db_update_{$ver}_pre() done.\n";
}
if(file_exists("db.update.$ver.sql")) {
echo "db.update.$ver.sql detected - running...\n";
readfile("db.update.$ver.sql");
echo "\n";
// DES dspanogle 2011-02-05 Test to see if can use system call
// if *nix then '/' in working directory. If not then windows - do not even try system
if(function_exists("system") and (stristr(substr(getcwd(),-9), '/') ) ) {
// Use System call this assumes mysql.exe exists on the server. it may not.
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db.update.$ver.sql", $exit_code);
}
else{
// Probably a Windows server. use alternate code.
// dspanogle 2011-02-05 Use each section of the sql file instead of using system("sql" ...
// For windows ISP servers that do not provide "sql: executable - replace system call.
$exit_code = 0; // assume no errors for now
$filename = 'db.update.'.$ver.'.sql';
// Temporary variable, used to store current query
$templine = '';
// Read in entire file
$lines = file($filename);
// Loop through each line
foreach ($lines as $line)
{
// Skip it if it's a comment
if (substr($line, 0, 2) == '--' || $line == '')
continue;
// Add this line to the current segment
$templine .= $line;
// If it has a semicolon at the end, it's the end of the query
if (substr(trim($line), -1, 1) == ';')
{
// Perform the query
if(!mysql_query($templine)){
echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />');
$exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors
}
// Reset temp variable to empty
$templine = '';
}
}
echo "<br />";
}
if($exit_code != 0) {
/* mysql failed!, what now? */
echo "<br/><b>mysql failed to execute query(s) without error!<br/>";
echo "Update scripts bad or *nix server system('mysql' .. ) call failed!<br/>";
echo "This installation is not complete!</b><br/>";
}
}
else {
echo "Version $ver SQL update file not found - skipping over\n";
}
if(is_callable("db_update_{$ver}_post")) {
echo "db.update.$ver.php::db_update_{$ver}_post() exists - running...\n";
call_user_func("db_update_{$ver}_post");
echo "db.update.$ver.php::db_update_{$ver}_post() done.\n";
}
}
if($db_update_skip_variables != true) {
echo "\nUpdating Configuration Variables...\n";
config_update_variables();
}
if($skip_dbversion_update) {
echo "\nAll done - skip_dbversion_update specified, NOT updating to DB version to $dbcodeversion\n";
} else {
echo "\nAll done - updating new DB version to $dbcodeversion\n";
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'");
}
}
}
else {
echo "ERROR: dbcodeversion and dbdbversion are not defined\n";
}
echo "</pre>\n";
?>
<?
if(!function_exists("system")) {
echo "DB Update requires php's system() function to be available\n";
exit;
}
//include the config.inc.php
//so we have the db connection info
require_once('../data/config.inc.php');
echo "<pre>\n";
if(file_exists("db.code.version.txt")) {
$dbcodeversion_file=file("db.code.version.txt");
$dbcodeversion=trim($dbcodeversion_file[0]);
}
else {
echo "Couldnt load current db.code.version.txt\n";
exit;
}
$skip_dbversion_update = array_key_exists('skip_dbversion_update', $_GET);
mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME);
@mysql_query("SET NAMES utf8");
$q=mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND year='0'");
$r=mysql_fetch_object($q);
$dbdbversion=$r->val;
if(!$dbdbversion) {
echo "Couldnt get current db version. Is SFIAB properly installed?\n";
exit;
}
if($dbdbversion>=190) {
//we can only load in the 'system', because when running from here we have no clue what
//conference the script is interested in
//also, FAIRYEAR doesnt exist anymore
/* Load config just in case there's a PHP script that wants it */
$q=mysql_query("SELECT * FROM config WHERE section='system' AND conferences_id=0");
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
}
else {
/* Get the fair year */
$q=mysql_query("SELECT val FROM config WHERE var='FAIRYEAR' AND year='0'");
$r=mysql_fetch_object($q);
$config = array('FAIRYEAR' => $r->val);
/* Load config just in case there's a PHP script that wants it */
$q=mysql_query("SELECT * FROM config WHERE year='{$config['FAIRYEAR']}'");
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
}
require_once("../config_editor.inc.php"); // For config_update_variables()
if($dbcodeversion && $dbdbversion) {
//lets see if they match
if($dbcodeversion == $dbdbversion) {
echo "DB and CODE are all up-to-date. Version: $dbdbversion\n";
exit;
}
else if($dbcodeversion<$dbdbversion) {
echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!";
exit;
}
else if($dbcodeversion>$dbdbversion) {
echo "DB update requirements detected\n";
echo "Current DB Version: $dbdbversion\n";
echo "Current CODE Version: $dbcodeversion\n";
echo "Updating database from $dbdbversion to $dbcodeversion\n";
for($ver=$dbdbversion+1;$ver<=$dbcodeversion;$ver++) {
if(file_exists("db.update.$ver.php")) {
include("db.update.$ver.php");
}
if(is_callable("db_update_{$ver}_pre")) {
echo "db.update.$ver.php::db_update_{$ver}_pre() exists - running...\n";
call_user_func("db_update_{$ver}_pre");
echo "db.update.$ver.php::db_update_{$ver}_pre() done.\n";
}
if(file_exists("db.update.$ver.sql")) {
echo "db.update.$ver.sql detected - running...\n";
readfile("db.update.$ver.sql");
echo "\n";
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db.update.$ver.sql", $exit_code);
if($exit_code != 0) {
/* mysql failed!, what now? */
}
}
else {
echo "Version $ver SQL update file not found - skipping over\n";
}
if(is_callable("db_update_{$ver}_post")) {
echo "db.update.$ver.php::db_update_{$ver}_post() exists - running...\n";
call_user_func("db_update_{$ver}_post");
echo "db.update.$ver.php::db_update_{$ver}_post() done.\n";
}
}
if($db_update_skip_variables != true) {
echo "\nUpdating Configuration Variables...\n";
config_update_variables();
}
if($skip_dbversion_update) {
echo "\nAll done - skip_dbversion_update specified, NOT updating to DB version to $dbcodeversion\n";
} else {
echo "\nAll done - updating new DB version to $dbcodeversion\n";
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'");
}
}
}
else {
echo "ERROR: dbcodeversion and dbdbversion are not defined\n";
}
echo "</pre>\n";
?>

354
install2.php
View File

@ -1,216 +1,138 @@
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title>SFIAB Installation</title>
<link rel="stylesheet" href="sfiab.css" type="text/css" />
</head>
<body>
<h1>SFIAB Installation - Step 2</h1>
<?
// DES dspanogle 2011-02-05 Can do without system! Do tests below.
/*
if(!function_exists("system")) {
echo "<div class=\"error\">Installation requires php's system() function to be available</div>\n";
echo "</body></html>";
exit;
}
*/
if(!file_exists("data/config.inc.php")) {
echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>";
echo "<a href=\"install.php\">Go back to installation step 1</a><br />";
echo "</body></html>";
exit;
}
require_once("data/config.inc.php");
mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME);
echo "Getting database version requirements for code... ";
if(file_exists("db/db.code.version.txt")) {
$dbcodeversion_file=file("db/db.code.version.txt");
$dbcodeversion=trim($dbcodeversion_file[0]);
}
else {
echo "<b>ERROR: Couldnt load current db/db.code.version.txt</b><br />";
exit;
}
echo "<b>version $dbcodeversion</b><br />";
echo "Checking for existing SFIAB database... ";
$q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'");
$r=@mysql_fetch_object($q);
$dbdbversion=$r->val;
if($dbdbversion) {
echo "<b>ERROR: found version $dbdbversion</b><br />";
//lets see if they match
if($dbcodeversion == $dbdbversion)
echo "Your SFIAB database is already setup with the required version\n";
else if($dbcodeversion<$dbdbversion)
echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!";
else if($dbcodeversion>$dbdbversion)
echo "Your SFIAB database needs to be updated. You should run the update script instead of this installer!\n";
exit;
}
else {
echo "<b>Not found (good!)</b><br />";
}
echo "Checking for database installer for version $dbcodeversion... ";
if(file_exists("db/db.full.$dbcodeversion.sql")) {
echo "<b>db/db.full.$dbcodeversion.sql found</b><br />";
echo "Setting up database tables... ";
// dspanogle 2011-02-05 if system does not exist use each section of the sql file instead of using system("sql" ...
// For windows ISP servers that do not provide system or sql.exe executable - replace system call.
// If '/' in working directory then is *nix if not do not even try to call system.
if(function_exists("system") and (stristr(substr(getcwd(),-9), '/')) ) {
// assume mysql.exe exists
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$dbcodeversion.sql",$exit_code);
}
else // system is not available or is windows server. try to break up the query and just do each part.
{
$exit_code = 0;
$filename = 'db/db.full.'.$dbcodeversion.'.sql';
// Temporary variable, used to store current query
$templine = '';
// Read in entire file
$lines = file($filename);
// Loop through each line
foreach ($lines as $line)
{
// Skip it if it's a comment
if (substr($line, 0, 2) == '--' || $line == '')
continue;
// Add this line to the current segment
$templine .= $line;
// If it has a semicolon at the end, it's the end of the query
if (substr(trim($line), -1, 1) == ';')
{
// Perform the query
if(!mysql_query($templine)){
echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />');
$exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors
}
// Reset temp variable to empty
$templine = '';
}
}
echo "<br/><br />";
}
if($exit_code != 0) {
/* mysql failed!, what now? */
echo "<br/><b>mysql failed to execute query(s) without error!<b><br/>";
}
echo "<b>Done! installed database version $dbcodeversion</b><br />\n";
//now update the db version in the database
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'");
echo "<br />";
echo "<b>Done!</b><br />";
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
}
else {
echo "<b>Couldnt find db/db.full.$dbcodeversion.sql</b><br />";
echo "Trying to find an older version... <br />";
for($x=$dbcodeversion;$x>0;$x--) {
if(file_exists("db/db.full.$x.sql")) {
echo "<b>db/db.full.$x.sql found</b><br />";
echo "Setting up database tables... ";
// dspanogle 2011-02-05 if system does not exist use each section of the sql file instead of using system("sql" ...
// For windows ISP servers that do not provide system or sql.exe executable - replace system call.
// If '/' in working directory then is *nix if not do not even try to call system.
if(function_exists("system") and (stristr(substr(getcwd(),-9), '/'))) {
// assume mysql.exe exists
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$x.sql",$exit_code);
}
else { // system is not available. try to break up the query and just do each part.
$exit_code = 0;
$filename = 'db/db.full.'.$x.'.sql';
// Temporary variable, used to store current query
$templine = '';
// Read in entire file
$lines = file($filename);
// Loop through each line
foreach ($lines as $line)
{
// Skip it if it's a comment
if (substr($line, 0, 2) == '--' || $line == '')
continue;
// Add this line to the current segment
$templine .= $line;
// If it has a semicolon at the end, it's the end of the query
if (substr(trim($line), -1, 1) == ';')
{
// Perform the query
if(!mysql_query($templine)){
echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />');
$exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors
}
// Reset temp variable to empty
$templine = '';
}
}
echo "<br/><br />";
}
if($exit_code != 0) {
/* mysql failed!, what now? */
echo "<br/><b>mysql failed to execute query(s) without error!<b><br/>";
}
echo "<b>Done! installed database version $x</b><br />\n";
//now update the db version in the database
mysql_query("UPDATE config SET val='$x' WHERE var='DBVERSION' AND conferences_id='0'");
echo "<b>Attempting to update database using standard update script to update from $x to $dbcodeversion<br />";
echo "<br />Please scroll to the bottom of this page for the link to the next step of the installation process.<br /></b>";
chdir ("db");
/* Update the database, but don't update the config variables yet, because
* We haven't set the conference id */
$db_update_skip_variables = true;
include "db_update.php";
chdir ("../");
echo "<br />";
echo "<b>Done!</b><br />";
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
break;
}
}
}
//only if this file was created will we go ahead with the rest
//creating all the tables and such..
?>
</body></html>
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title>SFIAB Installation</title>
<link rel="stylesheet" href="sfiab.css" type="text/css" />
</head>
<body>
<h1>SFIAB Installation - Step 2</h1>
<?
if(!function_exists("system")) {
echo "<div class=\"error\">Installation requires php's system() function to be available</div>\n";
echo "</body></html>";
exit;
}
if(!file_exists("data/config.inc.php")) {
echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>";
echo "<a href=\"install.php\">Go back to installation step 1</a><br />";
echo "</body></html>";
exit;
}
require_once("data/config.inc.php");
mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME);
echo "Getting database version requirements for code... ";
if(file_exists("db/db.code.version.txt")) {
$dbcodeversion_file=file("db/db.code.version.txt");
$dbcodeversion=trim($dbcodeversion_file[0]);
}
else {
echo "<b>ERROR: Couldnt load current db/db.code.version.txt</b><br />";
exit;
}
echo "<b>version $dbcodeversion</b><br />";
echo "Checking for existing SFIAB database... ";
$q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'");
$r=@mysql_fetch_object($q);
$dbdbversion=$r->val;
if($dbdbversion) {
echo "<b>ERROR: found version $dbdbversion</b><br />";
//lets see if they match
if($dbcodeversion == $dbdbversion)
echo "Your SFIAB database is already setup with the required version\n";
else if($dbcodeversion<$dbdbversion)
echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!";
else if($dbcodeversion>$dbdbversion)
echo "Your SFIAB database needs to be updated. You should run the update script instead of this installer!\n";
exit;
}
else {
echo "<b>Not found (good!)</b><br />";
}
echo "Checking for database installer for version $dbcodeversion... ";
if(file_exists("db/db.full.$dbcodeversion.sql")) {
echo "<b>db/db.full.$dbcodeversion.sql found</b><br />";
echo "Setting up database tables... ";
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$dbcodeversion.sql");
echo "<b>Done! installed database version $dbcodeversion</b><br />\n";
//now update the db version in the database
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'");
echo "<br />";
echo "<b>Done!</b><br />";
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
}
else {
echo "<b>Couldnt find db/db.full.$dbcodeversion.sql</b><br />";
echo "Trying to find an older version... <br />";
for($x=$dbcodeversion;$x>0;$x--) {
if(file_exists("db/db.full.$x.sql")) {
echo "<b>db/db.full.$x.sql found</b><br />";
echo "Setting up database tables... ";
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$x.sql");
echo "<b>Done! installed database version $x</b><br />\n";
//now update the db version in the database
mysql_query("UPDATE config SET val='$x' WHERE var='DBVERSION' AND conferences_id='0'");
echo "<b>Attempting to update database using standard update script to update from $x to $dbcodeversion<br />";
echo "<br />Please scroll to the bottom of this page for the link to the next step of the installation process.<br /></b>";
chdir ("db");
/* Update the database, but don't update the config variables yet, because
* We haven't set the conference id */
$db_update_skip_variables = true;
include "db_update.php";
chdir ("../");
echo "<br />";
echo "<b>Done!</b><br />";
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
break;
}
}
}
//only if this file was created will we go ahead with the rest
//creating all the tables and such..
?>
</body></html>

311
install3.php
View File

@ -1,159 +1,152 @@
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title>SFIAB Installation</title>
<link rel="stylesheet" href="sfiab.css" type="text/css" />
</head>
<body>
<h1>SFIAB Installation - Step 3</h1>
<?
if(!file_exists("data/config.inc.php")) {
echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>";
echo "<a href=\"install.php\">Go back to installation step 1</a><br />";
echo "</body></html>";
exit;
}
require_once("data/config.inc.php");
require_once("config_editor.inc.php");
require_once("user.inc.php");
require_once("committee.inc.php");
mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME);
echo "Checking for SFIAB database... ";
$q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'");
$r=@mysql_fetch_object($q);
$dbdbversion=$r->val;
if(!$dbdbversion) {
echo "<div class=\"error\">SFIAB Installation Step 2 is not yet complete.</div>";
echo "<a href=\"install2.php\">Go back to installation step 2</a><br />";
echo "</body></html>";
exit;
}
//a fresh install should ONLY have DBVERSION defined in the config table. If there are others (SFIABDIRECTORY) then this is NOT fresh
$q=mysql_query("SELECT * FROM config WHERE conferences_id='0' AND ( var='DBVERSION' OR var='SFIABDIRECTORY') ");
//we might get an error if the config table does not exist (ie, installer step 2 failed)
if(mysql_error()) {
//we say all tables, but really only we check for config where conferences_id=0;
echo "<div class=\"error\">ERROR: No SFIAB tables detected, It seems like step 2 failed. Please go <a href=\"install2.php\">Back to Installation Step 2</a> and try again.</div>";
echo "</body></html>";
exit;
}
//1 is okay (DBVERSION). More than 1 is bad (already isntalled)
if(mysql_num_rows($q)>1) {
//we say all tables, but really only we check for config where conferences_id=0;
echo "<div class=\"error\">ERROR: Detected existing table data, SFIAB Installation Step 3 requires a clean SFIAB database installation.</div>";
echo "</body></html>";
exit;
}
echo "<b>Found!</b><br />";
if($_POST['action']=="save") {
$err=false;
if(!$_POST['email']) {
echo "Superuser email address is required";
$err=true;
}
if(!( $_POST['pass1'] && $_POST['pass2'])) {
echo "Superuser password and password confirmation are required";
$err=true;
}
if($_POST['pass1'] != $_POST['pass2']) {
echo "Password and Password confirmation do not match";
$err=true;
}
if(!$err) {
echo "Creating configuration settings... ";
// mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FAIRYEAR','".$_POST['fairyear']."','Special','0','0')");
mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FISCALYEAR','".$_POST['fiscalyear']."','Special','0','0')");
mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('SFIABDIRECTORY','".$_POST['sfiabdirectory']."','Special','','0')");
/*
$year = intval($_POST['fairyear']);
$config['FAIRYEAR']=$year;
*/
echo "Creating superuser account... ";
// The next line returned $account = false instead of a query result when installing on windows server.
// DES dspanogle 2011-02-05 so of course the UPDATE fails Failed on account load..
// the problem was in account_load - had SELECT parameter not in the account table.
// I did a temporary fix by removing pendingemail parameter from the SELECT .
// ALSO... email was not set for the supper user not sure if it should be so I set = to username in the
// database accounts entry for superuser.
$account = account_create($_POST['email'], $_POST['pass1']);
mysql_query("UPDATE accounts SET superuser = 'yes' WHERE id = " . $account['id']);
echo "<b>Done!</b><br />";
echo "Installation is now complete! You can now proceed to the following location: <br />";
echo "&nbsp; &nbsp; <a href=\"".$_POST['sfiabdirectory']."\">Your SFIAB main page</a><br />";
echo "</body></html>";
exit;
}
}
echo "<br />";
echo "Please enter the following options <br />";
echo "<br />";
$month=date("m");
if($month>6) $fiscalyearsuggest=date("Y")+1;
else $fiscalyearsuggest=date("Y");
// DES dspanogle 2011-02-05 $_SERVER['REQUEST_URI'] is not available on many Windows servers
//$directorysuggest = substr($_SERVER['REQUEST_URI'],0,-13);
$directorysuggest = substr(getenv("SCRIPT_NAME"),0,-13);
echo "<h3>Options</h3>";
echo "<form method=\"post\" action=\"install3.php\">";
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />";
echo "<table>";
echo "<tr><td>Fiscal Year</td><td><input size=\"8\" type=\"text\" name=\"fiscalyear\" value=\"$fiscalyearsuggest\"></td><td>The current fiscal year (for fundraising/accounting purposes)</td></tr>";
echo "<tr><td>Directory</td><td><input size=\"25\" type=\"text\" name=\"sfiabdirectory\" value=\"$directorysuggest\"></td><td>The directory of this SFIAB installation as seen by the web browser</td></tr>";
echo "</table>";
echo "<br />";
echo "<h3>Superuser Account</h3>";
echo "Please choose your superuser account which is required to login to SFIAB and configure the system, as well as to add other users. <br />";
echo "<table>";
echo "<tr><td>Superuser Email Address</td><td><input size=\"40\" type=\"text\" name=\"email\"></td></tr>";
echo "<tr><td>Superuser Password</td><td><input size=\"15\" type=\"password\" name=\"pass1\"></td></tr>";
echo "<tr><td>Superuser Password (Confirm)</td><td><input size=\"15\" type=\"password\" name=\"pass2\"></td></tr>";
echo "</table>";
echo "<br />";
echo "<input type=\"submit\" value=\"Complete Installation\">";
echo "</form>";
?>
</body></html>
<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title>SFIAB Installation</title>
<link rel="stylesheet" href="sfiab.css" type="text/css" />
</head>
<body>
<h1>SFIAB Installation - Step 3</h1>
<?
if(!file_exists("data/config.inc.php")) {
echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>";
echo "<a href=\"install.php\">Go back to installation step 1</a><br />";
echo "</body></html>";
exit;
}
require_once("data/config.inc.php");
require_once("config_editor.inc.php");
require_once("user.inc.php");
require_once("committee.inc.php");
mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME);
echo "Checking for SFIAB database... ";
$q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'");
$r=@mysql_fetch_object($q);
$dbdbversion=$r->val;
if(!$dbdbversion) {
echo "<div class=\"error\">SFIAB Installation Step 2 is not yet complete.</div>";
echo "<a href=\"install2.php\">Go back to installation step 2</a><br />";
echo "</body></html>";
exit;
}
//a fresh install should ONLY have DBVERSION defined in the config table. If there are others (SFIABDIRECTORY) then this is NOT fresh
$q=mysql_query("SELECT * FROM config WHERE conferences_id='0' AND ( var='DBVERSION' OR var='SFIABDIRECTORY') ");
//we might get an error if the config table does not exist (ie, installer step 2 failed)
if(mysql_error()) {
//we say all tables, but really only we check for config where conferences_id=0;
echo "<div class=\"error\">ERROR: No SFIAB tables detected, It seems like step 2 failed. Please go <a href=\"install2.php\">Back to Installation Step 2</a> and try again.</div>";
echo "</body></html>";
exit;
}
//1 is okay (DBVERSION). More than 1 is bad (already isntalled)
if(mysql_num_rows($q)>1) {
//we say all tables, but really only we check for config where conferences_id=0;
echo "<div class=\"error\">ERROR: Detected existing table data, SFIAB Installation Step 3 requires a clean SFIAB database installation.</div>";
echo "</body></html>";
exit;
}
echo "<b>Found!</b><br />";
if($_POST['action']=="save") {
$err=false;
if(!$_POST['email']) {
echo "Superuser email address is required";
$err=true;
}
if(!( $_POST['pass1'] && $_POST['pass2'])) {
echo "Superuser password and password confirmation are required";
$err=true;
}
if($_POST['pass1'] != $_POST['pass2']) {
echo "Password and Password confirmation do not match";
$err=true;
}
if(!$err) {
echo "Creating configuration settings... ";
// mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FAIRYEAR','".$_POST['fairyear']."','Special','0','0')");
mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FISCALYEAR','".$_POST['fiscalyear']."','Special','0','0')");
mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('SFIABDIRECTORY','".$_POST['sfiabdirectory']."','Special','','0')");
/*
$year = intval($_POST['fairyear']);
$config['FAIRYEAR']=$year;
*/
echo "Creating superuser account... ";
$account = account_create($_POST['email'], $_POST['pass1']);
mysql_query("UPDATE accounts SET superuser = 'yes' WHERE id = " . $account['id']);
echo "<b>Done!</b><br />";
echo "Installation is now complete! You can now proceed to the following location: <br />";
echo "&nbsp; &nbsp; <a href=\"".$_POST['sfiabdirectory']."\">Your SFIAB main page</a><br />";
echo "</body></html>";
exit;
}
}
echo "<br />";
echo "Please enter the following options <br />";
echo "<br />";
$month=date("m");
if($month>6) $fiscalyearsuggest=date("Y")+1;
else $fiscalyearsuggest=date("Y");
$directorysuggest=substr($_SERVER['REQUEST_URI'],0,-13);
echo "<h3>Options</h3>";
echo "<form method=\"post\" action=\"install3.php\">";
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />";
echo "<table>";
echo "<tr><td>Fiscal Year</td><td><input size=\"8\" type=\"text\" name=\"fiscalyear\" value=\"$fiscalyearsuggest\"></td><td>The current fiscal year (for fundraising/accounting purposes)</td></tr>";
echo "<tr><td>Directory</td><td><input size=\"25\" type=\"text\" name=\"sfiabdirectory\" value=\"$directorysuggest\"></td><td>The directory of this SFIAB installation as seen by the web browser</td></tr>";
echo "</table>";
echo "<br />";
echo "<h3>Superuser Account</h3>";
echo "Please choose your superuser account which is required to login to SFIAB and configure the system, as well as to add other users. <br />";
echo "<table>";
echo "<tr><td>Superuser Email Address</td><td><input size=\"40\" type=\"text\" name=\"email\"></td></tr>";
echo "<tr><td>Superuser Password</td><td><input size=\"15\" type=\"password\" name=\"pass1\"></td></tr>";
echo "<tr><td>Superuser Password (Confirm)</td><td><input size=\"15\" type=\"password\" name=\"pass2\"></td></tr>";
echo "</table>";
echo "<br />";
echo "<input type=\"submit\" value=\"Complete Installation\">";
echo "</form>";
?>
</body></html>