arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Fix PDO and Warnings continued

Browse Source
This commit is contained in:
Armanveer Gill 2024-12-19 22:29:06 -05:00
parent cce7d93023
commit bc588358ee
73 changed files with 308 additions and 252 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
admin/award_awardcreatedivisional.php
View File

@ -32,11 +32,11 @@
'Awards Main' => 'admin/awards.php')
);
if($_GET['sponsors_id']) $sponsors_id=$_GET['sponsors_id'];
else if($_POST['sponsors_id']) $sponsors_id=$_POST['sponsors_id'];
if(get_value_from_array($_GET, 'sponsors_id')) $sponsors_id=$_GET['sponsors_id'];
else if(get_value_from_array($_POST,'sponsors_id')) $sponsors_id=$_POST['sponsors_id'];
if($_GET['award_types_id']) $award_types_id=$_GET['award_types_id'];
else if($_POST['award_types_id']) $award_types_id=$_POST['award_types_id'];
if(get_value_from_array($_GET, 'award_types_id')) $award_types_id=$_GET['award_types_id'];
else if(get_value_from_array($_POST, 'award_types_id')) $award_types_id=$_POST['award_types_id'];
//first, we can only do this if we dont have any type=divisional awards created yet

4
admin/award_awards.php
View File

@ -229,8 +229,6 @@
WHERE id='$id'");
$q->execute();
// echo $q;
// echo mysql_error();
happy_("Prize saved");
exit;
@ -307,8 +305,6 @@
exit;
case 'feeder_save':
// print_r($_POST);
$id = intval($_POST['award_awards_id']);
$dl = is_array($_POST['feeder_dl']) ? $_POST['feeder_dl'] : array();
$ul = is_array($_POST['feeder_ul']) ? $_POST['feeder_ul'] : array();

5
admin/awards.inc.php
View File

@ -28,7 +28,8 @@ function award_delete($award_awards_id)
$q = $pdo->prepare("SELECT id FROM award_prizes WHERE award_awards_id='$award_awards_id'");
$q->execute();
while(($p = $q->fetch(PDO::FETCH_ASSOC))) {
while(($p = $q->fetch(PDO::FETCH_ASSOC))) {
$q = $pdo->prepare();
$q->execute("DELETE FROM winners WHERE award_prizes_id='{$p['id']}'");
@ -54,13 +55,11 @@ function award_delete($award_awards_id)
function award_prize_delete($award_prizes_id)
{
$q = $pdo->prepare("DELETE FROM winners WHERE award_prizes_id='$award_prizes_id'");
$q->execute();
$q = $pdo->prepare("DELETE FROM award_prizes WHERE id='$award_prizes_id'");
$q->execute();
}
?>

54
admin/committees.php
View File

@ -142,7 +142,7 @@ if(get_value_from_array($_POST,'committees_id') && get_value_from_array($_POST,'
$titles=$_POST['title'];
$pords = $_POST['order'];
while($ids[$x]) {
while(get_value_from_array($ids, $x)) {
$cid = intval($ids[$x]);
$q = $pdo->prepare("UPDATE committees SET ord='".intval($ords[$x])."' WHERE id='$cid'");
@ -342,36 +342,36 @@ if(get_value_from_array($_GET, 'unlinkmember') && get_value_from_array($_GET,'un
}
echo "</td></tr>\n";
echo $pdo->errorInfo();
while($r2=$q2->fetch(PDO::FETCH_OBJ)) {
$u = user_load_by_uid($r2->uid);
echo "<tr><td align=\"right\">&nbsp;&nbsp;&nbsp;&nbsp;";
echo "<a title=\"Edit Member\" href=\"#\" onclick=\"openeditor({$u['id']})\"><img src=\"{$config['SFIABDIRECTORY']}/images/16/edit.{$config['icon_extension']}\" border=\"0\" alt=\"Edit\" /></a>";
echo "&nbsp;";
echo "<a title=\"Unlink Member from Committee\" onclick=\"return confirmClick('Are you sure you want to unlink this member from this committee?');\" href=\"committees.php?unlinkmember={$u['uid']}&amp;unlinkcommittee={$r->id}\"><img src=\"{$config['SFIABDIRECTORY']}/images/16/undo.{$config['icon_extension']}\" border=\"0\" alt=\"Unlink\" /></a>";
echo "</td>";
echo "<td valign=\"top\">";
echo "<b>{$u['name']}</b>";
echo "</td><td>";
echo "<input type=\"text\" value=\"{$r2->title}\" name=\"title[{$r->id}][{$u['uid']}]\" size=\"15\">";
echo "</td><td>";
echo "<input type=\"text\" value=\"{$r2->ord}\" name=\"order[{$r->id}][{$u['uid']}]\" size=\"2\">";
if ($u = user_load_by_uid($r2->uid)) {
echo "<tr><td align=\"right\">&nbsp;&nbsp;&nbsp;&nbsp;";
echo "<a title=\"Edit Member\" href=\"#\" onclick=\"openeditor({$u['id']})\"><img src=\"{$config['SFIABDIRECTORY']}/images/16/edit.{$config['icon_extension']}\" border=\"0\" alt=\"Edit\" /></a>";
echo "&nbsp;";
echo "<a title=\"Unlink Member from Committee\" onclick=\"return confirmClick('Are you sure you want to unlink this member from this committee?');\" href=\"committees.php?unlinkmember={$u['uid']}&amp;unlinkcommittee={$r->id}\"><img src=\"{$config['SFIABDIRECTORY']}/images/16/undo.{$config['icon_extension']}\" border=\"0\" alt=\"Unlink\" /></a>";
echo "</td>";
echo "<td valign=\"top\">";
echo "<b>{$u['name']}</b>";
echo "</td><td>";
echo "<input type=\"text\" value=\"{$r2->title}\" name=\"title[{$r->id}][{$u['uid']}]\" size=\"15\">";
echo "</td><td>";
echo "<input type=\"text\" value=\"{$r2->ord}\" name=\"order[{$r->id}][{$u['uid']}]\" size=\"2\">";
echo "</td><td>";
echo "</td><td>";
if(get_value_from_array($u, 'email')) {
print_r($u["email"]);
list($b,$a)=explode("@",$u['email']);
echo "<script language=\"javascript\" type=\"text/javascript\">em('$b','$a')</script>";
if(get_value_from_array($u, 'email')) {
list($b,$a)=explode("@",$u['email']);
echo "<script language=\"javascript\" type=\"text/javascript\">em('$b','$a')</script>";
}
if(get_value_from_array($u, 'emailprivate')) {
if($u['email']) echo " <b>/</b> ";
list($b,$a)=explode("@",$u['emailprivate']);
echo "<script language=\"javascript\" type=\"text/javascript\">em('$b','$a')</script>";
}
echo "</td></tr>\n";
}
if(get_value_from_array($u, 'emailprivate')) {
if($u['email']) echo " <b>/</b> ";
list($b,$a)=explode("@",$u['emailprivate']);
echo "<script language=\"javascript\" type=\"text/javascript\">em('$b','$a')</script>";
}
echo "</td></tr>\n";
}
echo "<tr><td colspan=\"2\">&nbsp;</td></tr>\n";
}

12
admin/communication.php
View File

@ -39,7 +39,7 @@
* select: comm_dialog_choose_select(emails_id)
* cancel: comm_dialog_choose_cancel() */
switch($_GET['action']) {
switch(get_value_from_array($_GET, 'action')) {
case 'dialog_choose_load':
$emails_id = intval($_GET['emails_id']);
$q = $pdo->prepare("SELECT * FROM emails WHERE id='$emails_id'");
@ -677,7 +677,7 @@ case "email_get_list":
}
if($_GET['action']=="sendqueue") {
if(get_value_from_array($_GET, 'action') == "sendqueue") {
$fcid=intval($_POST['fundraising_campaigns_id']);
$emailid=intval($_POST['emails_id']);
@ -785,13 +785,13 @@ case "email_get_list":
</script>
<?
if($_GET['action']=="delete" && $_GET['delete']) {
if(get_value_from_array($_GET, 'action') == "delete" && get_value_from_array($_GET, 'delete')) {
$q = $pdo->prepare("DELETE FROM emails WHERE id='".$_GET['delete']."' AND `type`='user'");
$q->execute();
echo happy("Email successfully deleted");
}
if($_GET['action']=="send" && $_GET['send']) {
if(get_value_from_array($_GET, 'action') == "send" && get_value_from_array($_GET, 'send')) {
echo $pdo->errorInfo();
$q = $pdo->prepare("SELECT * FROM emails WHERE id='".$_GET['send']."'");
@ -860,7 +860,7 @@ case "email_get_list":
}
//echo $str;
}
else if($_POST['action']=="reallysend" && $_POST['reallysend'] && $_POST['to']) {
else if(get_value_from_array($_POST, 'action') == "reallysend" && get_value_from_array($_POST, 'reallysend') && get_value_from_array($_POST, 'to')) {
$emailid=intval($_POST['reallysend']);
$emailq=$pdo->prepare("SELECT * FROM emails WHERE id='$emailid'");
$email=$emailq->fetch(PDO::FETCH_OBJ);
@ -962,7 +962,7 @@ case "email_get_list":
echo "<a href=\"communication_send_status.php\">Click here to see the sending progress</a>";
}
else if($_GET['action']=="restartqueue")
else if(get_value_from_array($_GET, 'action') == "restartqueue")
{
launchQueue();
echo "<br />";

4
admin/cwsfregister.php
View File

@ -129,7 +129,7 @@ include "xml.inc.php";
);
echo "<br />";
if(count(get_value_from_array($_POST,'cwsfdivision', '')))
if(count(get_value_from_array($_POST,'cwsfdivision', [])))
{
foreach($_POST['cwsfdivision'] AS $p=>$d)
{
@ -139,7 +139,7 @@ include "xml.inc.php";
echo happy(i18n("CWSF Project Divisions saved"));
}
if($_POST['action']=="register" && $_POST['xml'])
if(get_value_from_array($_POST,'action')=="register" && $_POST['xml'])
{
if(function_exists('curl_init'))
{

3
admin/donors.php
View File

@ -27,8 +27,9 @@ require_once("../user.inc.php");
user_auth_required('committee', 'admin');
require_once("fundraising_common.inc.php");
global $pdo;
switch(get_value_from_array($_GET, 'action')) {
case 'organizationinfo_load':
$id=intval($_GET['id']);
$q=$pdo->prepare("SELECT * FROM sponsors WHERE id='$id'");

6
admin/donors_search.php
View File

@ -44,7 +44,7 @@
// echo "query=$query";
$q=$pdo->prepare($query);
$q->execute();
$_POST['donortype'];
get_value_from_array($_POST,'donortype');
$thisyear=$config['FISCALYEAR'];
$lastyear=$config['FISCALYEAR']-1;
$rows=array();
@ -66,7 +66,7 @@
$rows[]=array("id"=>$r->id, "name"=>$r->organization, "thisyeartotal"=>$thisyeartotal, "lastyeartotal"=>$lastyeartotal, "change"=>$change);
}
$thisyearsort=array();
if(!$_POST['order']) {
if(!get_value_from_array($_POST, 'order')) {
//if order is not given, lets order by donation amount this year
foreach($rows AS $key=>$val) {
$thisyearsort[$key]=$val['thisyeartotal'];
@ -74,7 +74,7 @@
array_multisort($thisyearsort,SORT_DESC,$rows);
}
if($_POST['limit']) {
if(get_value_from_array($_POST, 'limit')) {
$limit=$_POST['limit'];
}
else {

6
admin/fair_stats.php
View File

@ -88,8 +88,8 @@
if(get_value_from_array($_GET,'year')) $year=intval(get_value_from_array($_GET, 'year'));
else $year=$config['FAIRYEAR'];
if($_GET['id']) $fairs_id=intval($_GET['id']);
else if($_POST['id']) $fairs_id=intval($_POST['id']);
if(get_value_from_array($_GET, 'id')) $fairs_id=intval($_GET['id']);
else if(get_value_from_array($_POST, 'id')) $fairs_id=intval($_POST['id']);
else $fairs_id = -1;
if($fairs_id != -1) {
@ -504,7 +504,7 @@ $q->execute();
}
$keys = array_keys($stats_data);
foreach($keys as $k) {
if($stats_data[$k]['manual'] == true) continue;
if(isset($stats_data[$k]['manual']) && $stats_data[$k]['manual'] == true) continue;
echo "<input type=\"hidden\" name=\"$k\" value=\"{$stats[$k]}\" />";
}

2
admin/fundraising_campaigns.php
View File

@ -26,7 +26,7 @@
user_auth_required('committee', 'admin');
require("fundraising_common.inc.php");
switch($_GET['action']){
switch(get_value_from_array($_GET, 'action')){
case "campaigninfo_save":
save_campaign_info();
exit;

4
admin/fundraising_setup.php
View File

@ -62,7 +62,7 @@
}
switch($_GET['gettab']) {
switch(get_value_from_array($_GET, 'gettab')) {
case "levels":
$q=$pdo->prepare("SELECT * FROM fundraising_donor_levels WHERE fiscalyear='{$config['FISCALYEAR']}' ORDER BY max");
$q->execute();
@ -205,7 +205,7 @@
break;
}
switch($_GET['action']) {
switch(get_value_from_array($_GET, 'action')) {
case "level_save":
$id=$_POST['id'];
if(! ($_POST['level'] && $_POST['min'] && $_POST['max'])) {

45
admin/judges.inc.php
View File

@ -1,9 +1,8 @@
<?
function getJudgingTeams()
{
global $config;
global $pdo;
$q=$pdo->prepare("SELECT judges_teams.id,
global $config, $pdo;
$q=$pdo->prepare("SELECT judges_teams.id,
judges_teams.num,
judges_teams.name
FROM
@ -11,8 +10,7 @@ function getJudgingTeams()
WHERE
judges_teams.year='".$config['FAIRYEAR']."'
ORDER BY
num,name
");
num,name");
$q->execute();
$lastteamid=-1;
@ -35,33 +33,34 @@ function getJudgingTeams()
$tq->execute();
$teams[$r->id]['timeslots'] = array();
$teams[$r->id]['rounds'] = array();
while($ts = $tq->fetch(PDO::FETCH_ASSOC)) {
$teams[$r->id]['timeslots'][] = $ts;
$rounds[$ts['round_id']] = $ts['round_id'];
}
foreach($rounds as $round_id) {
$tq = $pdo->prepare("SELECT * FROM judges_timeslots WHERE id='{$round_id}'");
$tq->execute();
$teams[$r->id]['rounds'][] = $tq->fetch(PDO::FETCH_ASSOC);
}
//get the members for this team
$mq=$pdo->prepare("SELECT
users.id AS judges_id,
users.firstname,
users.lastname,
judges_teams_link.captain
FROM
users,
judges_teams_link
WHERE
judges_teams_link.users_id=users.id AND
judges_teams_link.judges_teams_id='$r->id'
ORDER BY
captain DESC,
lastname,
firstname");
$mq = $pdo->prepare("SELECT
users.id AS judges_id,
users.firstname,
users.lastname,
judges_teams_link.captain
FROM
users,
judges_teams_link
WHERE
judges_teams_link.users_id=users.id AND
judges_teams_link.judges_teams_id='$r->id'
ORDER BY
captain DESC,
lastname,
firstname");
$mq->execute();
show_pdo_errors_if_any($pdo);
@ -255,7 +254,7 @@ function teamMemberToName($member)
function judges_load_all()
{
global $config;
global $config, $pdo;
$ret = array();

14
admin/judges_jdiv.php
View File

@ -101,7 +101,7 @@ function newbuttonclicked(jdivs)
function get_all_divs()
{
global $config;
global $config, $pdo;
global $divshort, $div,$cat, $langr;
global $divcat;
@ -170,7 +170,7 @@ function get_all_divs()
$q->execute();
$r = $q->fetch(PDO::FETCH_OBJ);
echo $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
$c = $r->cnt;
$cdl[$id]['name'] = "$x $y ({$cdl[$id]['lang']}) ($c project".($c==1?'':'s').")";
@ -180,7 +180,7 @@ function get_all_divs()
return $cdl;
}
if($_POST['action']=="add" && $_POST['jdiv_id'] && count($_POST['cdllist'])>0)
if(get_value_from_array($_POST, 'action') == "add" && get_value_from_array($_POST, 'jdiv_id') && count(get_value_from_array($_POST, 'cdllist')) > 0)
{
foreach($_POST['cdllist'] AS $selectedcdl) {
$q=$pdo->prepare("UPDATE judges_jdiv SET jdiv_id='{$_POST['jdiv_id']}' WHERE ".
@ -190,18 +190,18 @@ function get_all_divs()
echo happy(i18n("Judging Division(s) successfully added"));
}
if($_GET['action']=="del" && $_GET['cdl_id']) {
if(get_value_from_array($_GET, 'action') == "del" && get_value_from_array($_GET, 'cdl_id')) {
$stmt = $pdo->prepare("UPDATE judges_jdiv SET jdiv_id=0 WHERE id='{$_GET['cdl_id']}'");
$stmt->execute();
}
if($_GET['action']=="empty" && $_GET['jdiv_id']) {
if(get_value_from_array($_GET, 'action') == "empty" && get_value_from_array($_GET, 'jdiv_id')) {
$stmt = $pdo->prepare("UPDATE judges_jdiv SET jdiv_id=0 WHERE jdiv_id='{$_GET['jdiv_id']}' ");
$stmt->execute();
echo happy(i18n("Emptied all divisions from Judging Division Group %1",array($_GET['jdiv_id'])));
}
if($_GET['action']=="recreate") {
if(get_value_from_array($_GET, 'action') == "recreate") {
//just delete them all, they'll be recreated automagically
$stmt = $pdo->prepare("TRUNCATE TABLE judges_jdiv");
$stmt->execute();
@ -216,7 +216,7 @@ function get_all_divs()
/* Count the divisions, or, use the posted variable so we can create new
* and empty judging divisions */
if($_POST['jdivs'] > 0) {
if(get_value_from_array($_POST, 'jdivs') > 0) {
$jdivs = $_POST['jdivs'];
} else {
$jdivs = 0;

2
admin/judges_schedulerconfig.php
View File

@ -46,7 +46,7 @@ ogram; see the file COPYING. If not, write to
config_editor("Judge Scheduler", $config['FAIRYEAR'], "var", $_SERVER['PHP_SELF']);
echo "<hr />";
if($_GET['action']=="reset")
if(get_value_from_array($_GET, 'action') == "reset")
{
$stmt = $pdo->prepare("UPDATE config SET `val`='-1' WHERE `var`='judge_scheduler_percent' AND `year`=0");
$stmt->execute();

20
admin/judges_schedulerconfig_check.inc.php
View File

@ -1,8 +1,9 @@
<?
function judges_scheduler_check_timeslots()
{
global $config;
global $config, $pdo;
$q=$pdo->prepare("SELECT * FROM judges_timeslots WHERE ".
" year='".$config['FAIRYEAR']."'".
@ -10,7 +11,7 @@ function judges_scheduler_check_timeslots()
$q->execute();
if($q->rowCount()) {
$round=$q->fetch(PDO::FETCH_OBJ);
$q=$stmt->prepare("SELECT * FROM judges_timeslots WHERE round_id='$round->id' AND type='timeslot'");
$q=$pdo->prepare("SELECT * FROM judges_timeslots WHERE round_id='$round->id' AND type='timeslot'");
$q->execute();
return $q->rowCount();
}
@ -20,7 +21,7 @@ function judges_scheduler_check_timeslots()
function judges_scheduler_check_timeslots_sa()
{
global $config;
global $config, $pdo;
$rows = 0;
$q=$pdo->prepare("SELECT * FROM judges_timeslots WHERE ".
@ -39,7 +40,7 @@ function judges_scheduler_check_timeslots_sa()
function judges_scheduler_check_awards()
{
global $config;
global $config, $pdo;
$q=$pdo->prepare("SELECT * FROM projectdivisions WHERE year='".$config['FAIRYEAR']."' ORDER BY id");
$q->execute();
@ -92,7 +93,7 @@ function judges_scheduler_check_awards()
AND award_awards.award_types_id='1'
");
$q->execute();
echo $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
if($q->rowCount()!=1) {
$missing_awards[] = "{$cat[$c]} - {$div[$d]} (".i18n("%1 found",array($q->rowCount())).")";
}
@ -103,7 +104,7 @@ function judges_scheduler_check_awards()
function judges_scheduler_check_jdivs()
{
global $config;
global $config, $pdo;
$q=$pdo->prepare("SELECT DISTINCT jdiv_id FROM judges_jdiv ");
$q->execute();
@ -115,10 +116,13 @@ function judges_scheduler_check_jdivs()
function judges_scheduler_check_judges()
{
global $config;
global $config, $pdo;
$ok = 1;
$jdiv = array();
$projectlanguagetotal = array();
$projecttotal = 0;
$q=$pdo->prepare("SELECT * FROM judges_jdiv ORDER BY jdiv_id");
$q->execute();
while($r=$q->fetch(PDO::FETCH_OBJ)) {
@ -140,8 +144,10 @@ function judges_scheduler_check_judges()
$qp->execute();
$qr = $qp->fetch(PDO::FETCH_OBJ);
$jdiv[$r->jdiv_id]['num_projects']['total'] += $qr->cnt;
$jdiv[$r->jdiv_id]['num_projects'][$l] += $qr->cnt;
$projectlanguagetotal[$l]+=$qr->cnt;
$projecttotal+=$qr->cnt;

4
admin/judges_teams.php
View File

@ -32,7 +32,7 @@
if(get_value_from_array($_GET,'action')) $action=get_value_from_array($_GET,'action');
if(get_value_from_array($_POST,'action')) $action=get_value_from_array($_POST,'action');
if($action=="delete" && $_GET['delete'])
if($action == "delete" && get_value_from_array($_GET, 'delete'))
{
//ALSO DELETE: team members, timeslots, projects, awards
@ -419,8 +419,6 @@ function addclicked()
}
}
//print_r($teams);
echo "<table width=\"95%\">";
echo "<tr><td>";
$q=$pdo->prepare("SELECT COUNT(*) AS c FROM judges_teams WHERE autocreate_type_id!='1' AND year='".$config['FAIRYEAR']."'");

32
admin/judges_teams_members.php
View File

@ -106,11 +106,11 @@ jQuery(document).ready(function(){
</script>
<?
if($_POST['action']=="add" && $_POST['team_num'] && count($_POST['judgelist'])>0) {
if(get_value_from_array($_POST, 'action') == "add" && get_value_from_array($_POST, 'team_num') && count(get_value_from_array($_POST, 'judgelist'))>0) {
//first check if this team exists.
$q=$pdo->prepare("SELECT id,name FROM judges_teams WHERE num='".$_POST['team_num']."' AND year='".$config['FAIRYEAR']."'");
$q->execute();
if($q->rowCount();)
if($q->rowCount())
{
$r=$q->fetch(PDO::FETCH_OBJ);
$team_id=$r->id;
@ -130,7 +130,7 @@ jQuery(document).ready(function(){
$q=$pdo->prepare("SELECT * FROM judges_teams_link WHERE users_id='$selectedjudge' AND judges_teams_id='$team_id'");
$q->execute();
if($q->rowCount();) {
if($q->rowCount()) {
echo notice(i18n("Judge (%1) already belongs to judging team: %2",array($selectedjudge,$team_name)));
}
@ -152,7 +152,7 @@ jQuery(document).ready(function(){
echo happy(i18n("%1 %2 added to team #%3 (%4)",array($added,$j,$_POST['team_num'],$team_name)));
}
if($_GET['action']=="del" && $_GET['team_num'] && $_GET['team_id'] && $_GET['users_id'])
if(get_value_from_array($_GET, 'action') == "del" && get_value_from_array($_GET, 'team_num') && get_value_from_array($_GET, 'team_id') && get_value_from_array($_GET, 'users_id'))
{
$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE users_id='".$_GET['users_id']."' AND judges_teams_id='".$_GET['team_id']."' AND year='".$config['FAIRYEAR']."'");
$stmt->execute();
@ -161,7 +161,7 @@ jQuery(document).ready(function(){
//if there is still members left in the team, make sure we have a captain still
$q = $pdo->prepare("SELECT * FROM judges_teams_link WHERE judges_teams_id='".$_GET['team_id']."' AND year='".$config['FAIRYEAR']."'");
$q->execute();
if($q->rowCount();)
if($q->rowCount())
{
//make sure the team still has a captain!
//FIXME: this might best come from the "i am willing to be a team captain" question under the judges profile
@ -191,14 +191,14 @@ jQuery(document).ready(function(){
}
}
if($_GET['action']=="empty" && $_GET['team_num'] && $_GET['team_id'])
if(get_value_from_array($_GET, 'action') == "empty" && get_value_from_array($_GET, 'team_num') && get_value_from_array($_GET, 'team_id'))
{
$stmt = $pdo->prepare("DELETE FROM judges_teams_link WHERE judges_teams_id='".$_GET['team_id']."' AND year='".$config['FAIRYEAR']."'");
$stmt->execute();
echo happy(i18n("Emptied all judges from team #%1 (%2)",array($_GET['team_num'],$_GET['team_name'])));
}
if($_POST['action']=="saveteamnames")
if(get_value_from_array($_POST, 'action') == "saveteamnames")
{
if(count($_POST['team_names']))
{
@ -212,7 +212,7 @@ jQuery(document).ready(function(){
}
if($_GET['action']=="addcaptain")
if(get_value_from_array($_GET, 'action') == "addcaptain")
{
//teams can have as many captains as they want, so just add it.
@ -221,12 +221,12 @@ jQuery(document).ready(function(){
echo happy(i18n("Team captain assigned"));
}
if($_GET['action']=="removecaptain")
if(get_value_from_array($_GET, 'action') == "removecaptain")
{
//teams must always have at least one captain, so if we only have one, and we are trying to remove it, dont let them!
$q=$pdo->prepare("SELECT * FROM judges_teams_link WHERE captain='yes' AND judges_teams_id='".$_GET['team_id']."'");
$q->execute();
if($q->rowCount();<2)
if($q->rowCount() < 2)
{
echo error(i18n("A judge team must always have at least one captain"));
}
@ -238,7 +238,7 @@ jQuery(document).ready(function(){
}
}
if($_GET['action']=="autoassignspecial") {
if(get_value_from_array($_GET, 'action') == "autoassignspecial") {
/* Load all the judges (judge_complete=yes, deleted=no, year=fairyear) */
$judgelist = judges_load_all();
@ -276,7 +276,7 @@ jQuery(document).ready(function(){
//find the award id linked to a team
$q=$pdo->prepare("SELECT * FROM judges_teams_awards_link WHERE award_awards_id='{$awardid}' AND year='{$config['FAIRYEAR']}'");
$q->execute();
if($q->rowCount();) {
if($q->rowCount()) {
while($r=$q->fetch(PDO::FETCH_OBJ)) {
$stmt = $pdo->prepare("INSERT INTO judges_teams_link (users_id,judges_teams_id,captain,year) VALUES ('$jid','$r->judges_teams_id','yes','{$config['FAIRYEAR']}')");
$stmt->execute();
@ -298,7 +298,7 @@ jQuery(document).ready(function(){
if(!$_SESSION['viewstate']['judges_teams_list_show'])
$_SESSION['viewstate']['judges_teams_list_show']='unassigned';
//now update the judges_teams_list_show viewstate
if($_GET['judges_teams_list_show'])
if(get_value_from_array($_GET, 'judges_teams_list_show'))
$_SESSION['viewstate']['judges_teams_list_show']=$_GET['judges_teams_list_show'];
echo "<form name=\"judges\" method=\"post\" action=\"judges_teams_members.php\">";
@ -354,7 +354,7 @@ jQuery(document).ready(function(){
if($_SESSION['viewstate']['judges_teams_list_show']=='unassigned') {
/* Remove all judges that have a link */
foreach($judgelist as $j) {
if(count($j['teams_links']) == 0) $jlist[] = $j['id'];
if(count(get_value_from_array($j, 'teams_links', [])) == 0) $jlist[] = $j['id'];
}
} else {
$jlist = array_keys($judgelist);
@ -364,7 +364,7 @@ jQuery(document).ready(function(){
echo i18n("Listing %1 judges",array(count($jlist)));
echo "<br />";
echo "</center>";
echo $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
echo "<select name=\"judgelist[]\" onchange=\"switchjudgeinfo()\" multiple=\"multiple\" style=\"width: 250px; height: 600px;\">";
foreach($jlist as $jid) {
@ -406,7 +406,7 @@ jQuery(document).ready(function(){
}
echo "</td></tr>";
if(count($team['members'])) {
if(count(get_value_from_array($team, 'members', []))) {
foreach($team['members'] AS $member) {
$j = &$judgelist[$member['id']];
echo "<tr><td>";

5
admin/judges_teams_projects.php
View File

@ -233,16 +233,17 @@ if( ($action=="edit" || $action=="assign" ) && $edit)
registrations
WHERE
projectnumber is not null
" . getJudgingEligibilityCode(). " AND
' . getJudgingEligibilityCode(). ' AND
projects.registrations_id=registrations.id AND
judges_teams_timeslots_projects_link.projects_id IS NULL AND
projects.year='".$config['FAIRYEAR']."'
ORDER BY
projectnumber";
}
$pq=$pdo->($querystr);
$pq->execute();
echo $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
$eligibleprojects=getProjectsEligibleOrNominatedForAwards($award_ids);
// echo nl2br(print_r($eligibleprojects,true));

6
admin/judges_teams_timeslots.php
View File

@ -38,14 +38,14 @@
$action = $_POST['action'];
if($action == 'delete' && array_key_exists('delete', $_GET)) {
if(get_value_from_array($_GET, 'action') && $action == 'delete') {
$id = intval($_GET['delete']);
$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_link WHERE id='$id'");
$stmt->execute();
message_push(happy(i18n("Judging team timeslot successfully removed")));
}
if($action == 'empty' && array_key_exists('empty',$_GET)) {
if(array_key_exists('empty', $_GET) && $action == 'empty') {
$id = intval($_GET['empty']);
$stmt = $pdo->prepare("DELETE FROM judges_teams_timeslots_link WHERE judges_teams_id='$id'");
$stmt->execute();
@ -191,7 +191,7 @@ function checkinvert(what)
echo "<td>";
echo "<b>".$team['name']." (#".$team['num'].")</b><br />";
$memberlist="";
if(count($team['members']))
if(count(get_value_from_array($team, 'members', [])))
{
foreach($team['members'] AS $member)
{

2
admin/judges_timeslots.php
View File

@ -258,7 +258,7 @@
echo "</select>";
echo "<tr><td>".i18n("Name").":</td><td>";
echo "<input type=\"textbox\" name=\"name\" value=\"{$r['name']}\" width=\"60\" /></td></tr>";
echo "<input type=\"textbox\" name=\"name\" value=\"".get_value_from_array($r, 'name')."\" width=\"60\" /></td></tr>";
echo "<tr><td>".i18n("Date").":</td><td>";
emit_date_selector("date",$r['date']);

6
admin/registration_list.php
View File

@ -33,7 +33,7 @@ $auth_type = user_auth_required(array('fair','committee'), 'admin');
//require_once('../register_participants.inc.php');
if($_GET['year']) $year=$_GET['year'];
if(get_value_from_array($_GET, 'year')) $year=$_GET['year'];
else $year=$config['FAIRYEAR'];
$q = $pdo->prepare("SELECT * FROM projectcategories WHERE year='$year' ORDER BY id");
@ -45,10 +45,10 @@ while($r=$q->fetch(PDO::FETCH_OBJ))
$q = $pdo->prepare("SELECT * FROM projectdivisions WHERE year='$year' ORDER BY id");
$q->execute();
while($q->fetch(PDO::FETCH_OBJ))
while($r=$q->fetch(PDO::FETCH_OBJ))
$divs[$r->id]=$r->division;
$action=$_GET['action'];
$action=get_value_from_array($_GET, 'action');
switch($action) {
case 'load_row':
$id = intval($_GET['id']);

4
admin/registration_receivedforms.php
View File

@ -323,7 +323,7 @@ echo $pdo->errorInfo();
echo "<font size=\"2\" color=\"red\">This button does not keep track of payments</font>";
echo "</td></tr><tr><td>";
echo "<form method=\"post\" action=\"registration_receivedforms.php\">";
echo "<input type=\"hidden\" name=\"action\" value=\"recieve_all\" />";
echo "<input type=\"hidden\" name=\"action\" value=\"receive_all\" />";
echo "<input type=\"submit\" value=\"".i18n("Receive All")."\" onclick=\"return confirmClick('Are you sure you wish to mark all students as has having their $signatureformpermissionform received?')\" />";
echo "</form>";
echo "</tr></td>";
@ -336,7 +336,7 @@ echo $pdo->errorInfo();
}
if ($_POST['action'] == 'recieve_all')
if (get_value_from_array($_POST, 'action') == 'receive_all')
{
// Grab all projects that don't have project numbers. Status should therefor be open or new but not complete
$query_noprojectnumber = $pdo->prepare("SELECT * FROM projects WHERE projectnumber IS NULL AND year =".$config['FAIRYEAR']."");

40
admin/registration_stats.php
View File

@ -129,11 +129,13 @@ else $wherestatus="";
while($r=$q->fetch(PDO::FETCH_OBJ))
{
$stats_totalprojects++;
$stats_divisions[$r->projectdivisions_id]++;
$stats_categories[$r->projectcategories_id]++;
$stats_projects_catdiv[$r->projectcategories_id][$r->projectdivisions_id]++;
$stats_projects_lang[$r->projectcategories_id][$r->projectdivisions_id][$r->language]++;
$languages[$r->language]++;
$stats_divisions[$r->projectdivisions_id] = add_or_initialize($stats_divisions, $r->projectdivisions_id);
$stats_categories[$r->projectcategories_id] = add_or_initialize($stats_categories, $r->projectcategories_id);
$stats_projects_catdiv[$r->projectcategories_id][$r->projectdivisions_id] = add_or_initialize_multi_2($stats_projects_catdiv, $r->projectcategories_id, $r->projectdivisions_id);
$stats_projects_lang[$r->projectcategories_id][$r->projectdivisions_id][$r->language] = add_or_initialize_multi_3($stats_projects_lang, $r->projectcategories_id, $r->projectdivisions_id, $r->language);
$languages[$r->language] = add_or_initialize($languages, $r->language);
switch($r->status)
{
@ -163,6 +165,7 @@ else $wherestatus="";
$studnum=1;
$schools="";
$students="";
$lastschoolid = -1;
while($studentinfo=$sq->fetch(PDO::FETCH_OBJ))
{
$stats_totalstudents++;
@ -173,7 +176,7 @@ else $wherestatus="";
}
//this really isnt right, its only taking the school from the last student in the project to count towards the school's project totals
//but there's really no other way
$stats_projects_schools[$r->projectcategories_id][$lastschoolid]++;
$stats_projects_schools[$r->projectcategories_id][$lastschoolid] = add_or_initialize_multi_2($stats_projects_schools, $r->projectcategories_id, $lastschoolid);
}
echo "<table style=\"margin-left: 50px;\">";
@ -189,19 +192,23 @@ else $wherestatus="";
foreach($divs AS $d=>$dn) {
echo "<tr><td>$dn</td>";
$tstud=0;
$tstudcat = array();
$tproj=0;
$tprojcat = array();
foreach($cats AS $c=>$cn)
{
echo "<td align=\"center\">";
echo ($stats_students_catdiv[$c][$d]?$stats_students_catdiv[$c][$d]:0);
echo ($stats_students_catdiv[$c][$d] ?? 0);
echo "&nbsp;&nbsp;&nbsp;&nbsp;";
echo ($stats_projects_catdiv[$c][$d]?$stats_projects_catdiv[$c][$d]:0);
echo ($stats_projects_catdiv[$c][$d] ?? 0);
echo "</td>";
$tstud+=$stats_students_catdiv[$c][$d];
$tproj+=$stats_projects_catdiv[$c][$d];
$tstudcat[$c]+=$stats_students_catdiv[$c][$d];
$tprojcat[$c]+=$stats_projects_catdiv[$c][$d];
$tstud+=$stats_students_catdiv[$c][$d] ?? 0;
$tproj+=$stats_projects_catdiv[$c][$d] ?? 0;
$tstudcat[$c] = add_or_initialize($tstudcat, $c, $stats_students_catdiv[$c][$d] ?? 0);
$tprojcat[$c] = add_or_initialize($tprojcat, $c, $stats_projects_catdiv[$c][$d] ?? 0);
}
echo "<td align=\"center\"><b>";
echo ($tstud?$tstud:0);
@ -293,11 +300,10 @@ else $wherestatus="";
{
foreach($languages AS $l=>$ln) {
echo "<td align=\"center\">";
echo ($stats_projects_lang[$c][$d][$l]?$stats_projects_lang[$c][$d][$l]:0);
echo ($stats_projects_lang[$c][$d][$l] ?? 0);
echo "</td>";
$tproj[$l]+=$stats_projects_lang[$c][$d][$l];
$tprojcat[$c][$l]+=$stats_projects_lang[$c][$d][$l];
$tproj[$l] = add_or_initialize($tproj, $l, $stats_projects_lang[$c][$d][$l] ?? 0);
$tprojcat[$c][$l] = add_or_initialize_multi_2($tprojcat, $c, $l, $stats_projects_lang[$c][$d][$l] ?? 0);
}
}
foreach($tproj AS $l=>$ln) {
@ -314,7 +320,7 @@ else $wherestatus="";
echo "<td align=\"center\"><b>";
echo ($tprojcat[$c][$l]?$tprojcat[$c][$l]:0);
echo "</b></td>";
$tproj[$l]+=$tprojcat[$c][$l];
$tproj[$l] = add_or_initialize($tproj, $l, $tprojcat[$c][$l] ?? 0);
}
}
foreach($tproj AS $l=>$ln) {

5
admin/registration_webconsent.php
View File

@ -34,7 +34,7 @@
echo "<br />";
if(is_array($_POST['changed']))
if(get_value_from_array($_POST, 'changed'))
{
$numchanged=0;
foreach($_POST['changed'] AS $id=>$val)
@ -92,7 +92,7 @@
ORDER BY projectnumber
");
$sq->execute();
echo $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
echo "<form method=\"post\" action=\"registration_webconsent.php\">";
echo "<table class=\"tableview\">";
@ -103,6 +103,7 @@
echo " <th>".i18n("Last")."</th>";
echo " <th>".i18n("Photo")."</th>";
echo "</tr></thead>";
while($r=$sq->fetch(PDO::FETCH_OBJ))
{
echo "<tr>";

4
admin/reports.inc.php
View File

@ -437,13 +437,13 @@ foreach($report_stock as $n=>$v) {
* ['option'][name] = value; */
if(!in_array($f, $allow_options)) {
// print("Type[$type] Field[$f] not allowed.\n");
continue;
break;
}
$report['option'][$f] = $a['value'];
default:
if(!in_array($f, $allow_fields)) {
// print("Type[$type] Field[$f] not allowed.\n");
continue;
break;
}
/* Pull out all the data */
$val = array();

4
admin/reports.php
View File

@ -32,7 +32,7 @@
$option_keys = array('type','stock');
switch($_GET['action']) {
switch(get_value_from_array($_GET, 'action')) {
case 'remove_report':
$id = intval($_GET['id']);
$stmt = $pdo->prepare("DELETE FROM reports_committee WHERE
@ -260,7 +260,7 @@ $q->execute();
if($last_category != $i->category) {
/* New category */
echo '<tr><td style="border:0px;" colspan="3" style="even"><h3>';
if($edit_mode == true) echo i18n('Category').': ';
if(get_value_or_default($edit_mode) == true) echo i18n('Category').': ';
echo "{$i->category}</h3></td></tr>";
$last_category = $i->category;
}

10
admin/reports_acscript.php
View File

@ -12,14 +12,14 @@
else if($_GET['awardtype']) $awardtype=" AND award_types.type='".$_GET['awardtype']."'";
else $awardtype="";
if($_GET['show_unawarded_awards']=="on") $show_unawarded_awards="yes";
if(get_value_from_array($_GET, 'show_unawarded_awards')=="on") $show_unawarded_awards="yes";
else $show_unawarded_awards="no";
if($_GET['show_unawarded_prizes']=="on") $show_unawarded_prizes="yes";
if(get_value_from_array($_GET, 'show_unawarded_prizes')=="on") $show_unawarded_prizes="yes";
else $show_unawarded_prizes="no";
$show_pronunciation= ($_GET['show_pronunciation'] == 'on') ? TRUE : FALSE;
$group_by_prize= ($_GET['group_by_prize'] == 'on') ? true : false;
$show_pronunciation= get_value_from_array($_GET, 'show_pronunciation' == 'on') ? TRUE : FALSE;
$group_by_prize= (get_value_from_array($_GET, 'group_by_prize') == 'on') ? true : false;
if(is_array($_GET['show_category'])) {
$show_category = array();
@ -35,7 +35,7 @@
$and_categories = '1';
}
$show_criteria = ($_GET['show_criteria']=='on') ? true : false;
$show_criteria = (get_value_from_array($_GET, 'show_criteria')=='on') ? true : false;
$type=$_GET['type'];
if(!$type) $type="pdf";

28
admin/reports_editor.php
View File

@ -80,7 +80,7 @@
{
global $locs;
$ret = array();
if(!is_array($_POST[$f])) return array();
if(!is_array(get_value_from_array($_POST, $f))) return array();
$x = 0;
foreach($_POST[$f] as $o=>$d) {
if(is_array($d)) {
@ -123,7 +123,7 @@
function parse_options($f)
{
$ret = array();
if(!is_array($_POST[$f])) return array();
if(!is_array(get_value_from_array($_POST, $f))) return array();
foreach($_POST[$f] as $c=>$v) {
if(trim($c) == '') continue;
$ret[$c] = stripslashes($v);
@ -133,11 +133,11 @@
/* Decode the report */
$report = array();
$report['id'] = intval($_POST['id']);
$report['name'] = stripslashes($_POST['name']);
$report['creator'] = stripslashes($_POST['creator']);
$report['desc'] = stripslashes($_POST['desc']);
$report['type'] = stripslashes($_POST['type']);
$report['id'] = intval(get_value_from_array($_POST, 'id', ''));
$report['name'] = stripslashes(get_value_from_array($_POST, 'name', ''));
$report['creator'] = stripslashes(get_value_from_array($_POST, 'creator', ''));
$report['desc'] = stripslashes(get_value_from_array($_POST, 'desc', ''));
$report['type'] = stripslashes(get_value_from_array($_POST, 'type', ''));
$report['col'] = parse_fields('col');
$report['group'] = parse_fields('group');
$report['sort'] = parse_fields('sort');
@ -148,10 +148,10 @@
// print("<pre>");print_r($_POST);print("</pre>");
// print("<pre>");print_r($report);print("</pre>");
$reloadaction = $_POST['reloadaction'];
$loadaction = $_POST['loadaction'];
$colaction = $_POST['colaction'];
$repaction = $_POST['repaction'];
$reloadaction = get_value_from_array($_POST, 'reloadaction', '');
$loadaction = get_value_from_array($_POST, 'loadaction', '');
$colaction = get_value_from_array($_POST, 'colaction', '');
$repaction = get_value_from_array($_POST, 'repaction', '');
$repaction_save = $repaction;
@ -371,7 +371,7 @@ function createDataTCPDF(x,y,w,h,align,valign,fontname,fontstyle,fontsize,value)
/* ---- Setup ------ */
$n_columns = intval($_POST['ncolumns']);
$n_columns = intval(get_value_from_array($_POST, 'ncolumns'));
$n = count($report['col']) + 1;
if($n > $n_columns) $n_columns = $n;
if($colaction == 'add') $n_columns+=3;
@ -461,9 +461,11 @@ $doCanvasSample = false;
$doCanvasSampletcpdf = false;
$l_w=$report_stock[$report['option']['stock']]['label_width'];
$l_h=$report_stock[$report['option']['stock']]['label_height'];
if($l_w && $l_h && $report['option']['type']=="label") {
echo "<h4>Label Data Locations</h4>";
pdf_begin_page
$doCanvasSample=true;
$ratio=$l_h/$l_w;
$canvaswidth=600;

2
admin/reports_volunteers.inc.php
View File

@ -112,7 +112,7 @@ $report_volunteers_fields = array(
'name' => 'Fair -- Name',
'header' => 'Fair Name',
'width' => 3,
'table' => "'".$config['fairname'])."'",
'table' => "'".$config['fairname']."'"),
'static_text' => array (
'name' => 'Static Text (useful for labels)',

9
admin/schools.php
View File

@ -197,6 +197,7 @@
$q=$pdo->prepare("SELECT * FROM schools WHERE id='".get_value_from_array($_GET, 'edit', '')."'");
$q->execute();
$r=$q->fetch(PDO::FETCH_OBJ);
print_r($r);
}
else if(get_value_from_array($_GET, 'action') == "add")
{
@ -211,14 +212,14 @@
echo "<input type=\"hidden\" name=\"id\" value=\"".get_value_from_array($_GET,'edit', '')."\">\n";
echo "<table>\n";
echo "<tr><td>".i18n("School Name")."</td><td><input type=\"text\" name=\"school\" value=\"".htmlspecialchars($r->school)."\" size=\"60\" maxlength=\"64\" /></td></tr>\n";
echo "<tr><td>".i18n("School Name")."</td><td><input type=\"text\" name=\"school\" value=\"".htmlspecialchars(get_value_or_default($r->school))."\" size=\"60\" maxlength=\"64\" /></td></tr>\n";
echo "<tr><td>".i18n("School Language")."</td><td>";
echo "<select name=\"schoollang\">";
echo "<option value=\"\">".i18n("Choose")."</option>\n";
foreach($config['languages'] AS $k=>$l)
{
if($r->schoollang==$k) $sel="selected=\"selected\""; else $sel="";
echo "<option $sel value=\"$k\">".i18n($l)."</option>\n";
echo "<option $sel value=\"$k\">".i18n($limportant_dates)."</option>\n";
}
echo "</select>";
@ -250,6 +251,7 @@
else
$pl = array();
/* Don't show autogenerated emails */
$e = $pl['email'][0] == '*' ? '' : $pl['email'];
echo "<tr><td>".i18n("Principal")."</td><td><input type=\"text\" name=\"principal\" value=\"".htmlspecialchars($pl['name'])."\" size=\"60\" maxlength=\"64\" /></td></tr>\n";
echo "<tr><td>".i18n("Principal Email")."</td><td><input type=\"text\" name=\"principalemail\" value=\"".htmlspecialchars($e)."\" size=\"60\" maxlength=\"128\" /></td></tr>\n";
@ -316,6 +318,7 @@
"schools_management"
);
global $notice;
switch($notice) {
case 'added':
echo happy("School successfully added");

2
admin/schoolsimport.php
View File

@ -36,7 +36,7 @@
$showform=true;
if($_POST['action']=="import")
if(get_value_from_array($_POST, 'action')=="import")
{
if(!$_FILES['schools']['error'] && $_FILES['schools']['size']>0)
{

12
admin/translations.php
View File

@ -33,18 +33,20 @@
);
//by default, we will edit the french translations
if($_GET['translang']) $_SESSION['translang']=$_GET['translang'];
if(get_value_from_array($_GET, 'translang')) $_SESSION['translang']=$_GET['translang'];
if(!$_SESSION['translang'])
if(get_value_from_array(!$_SESSION, 'translang'))
$_SESSION['translang']="fr";
$show = false;
if(get_value_from_array($_GET, 'show')) $show=$_GET['show'];
else if(get_value_from_array($_POST, 'show')) $show=$_POST['show'];
if($_GET['show']) $show=$_GET['show'];
else if($_POST['show']) $show=$_POST['show'];
if(!$show) $show="missing";
if($_POST['action']=="save") {
if(get_value_from_array($_POST, 'action') == "save") {
//first, delete anything thats supposed to eb deleted
if(count($_POST['delete'])) {
foreach($_POST['delete'] AS $del) {

4
admin/user_editor_window.php
View File

@ -122,7 +122,7 @@ echo $pdo->errorInfo();
$u = user_load($id);
$selected = $_GET['tab'];
$selected = get_value_from_array($_GET, 'tab');
if(!array_key_exists($selected, $tabs)) {
if(in_array('fair', $u['types']) )
$selected = 'fairinfo';
@ -131,7 +131,7 @@ if(!array_key_exists($selected, $tabs)) {
}
if($_GET['sub'] == 1) {
if(get_value_from_array($_GET, 'sub') == 1) {
$_SESSION['embed'] = true;
$_SESSION['embed_submit_url'] = "{$_SERVER['PHP_SELF']}?id=$id&tab=$selected";
$_SESSION['embed_edit_id'] = $id;

13
admin/user_list.php
View File

@ -149,7 +149,7 @@ function update (id)
<?
// Begin updating user
if($_GET['action']=='update') {
if(get_value_from_array($_GET, 'action') == 'update') {
$id = intval($_GET['id']);
//if no id print error
@ -199,7 +199,7 @@ function update (id)
echo "<div class=\"notice\">";
echo "<a id=\"optionstext\" onclick=\"toggleoptions();return false;\">- ".i18n('Hide Display Options')."</a>";
echo "<form method=\"GET\" action=\"$PHP_SELF\">";
echo "<form method=\"GET\" action=\"\">";
echo "<div id=\"options\" style=\"display: block;\" >";
echo "<table><tr><td>".i18n('Type').":</td>";
@ -275,6 +275,8 @@ function update (id)
}
}
$having_year = '';
if($show_year == 'current')
$having_year = "AND u1.year={$config['FAIRYEAR']}";
@ -304,10 +306,9 @@ function update (id)
$q = $pdo->prepare($querystr);
$q->execute();
echo $pdo->errorInfo();
// echo $querystr;
show_pdo_errors_if_any($pdo);
$num=$q->rowCount();
echo $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
echo i18n("Listing %1 people total. See the table at the bottom for the totals by status <br><br><br>",array($num));
echo i18n(" <lh>Notes:</lh> <ul><li> Deleting users from this list is a permanent operation and cannot be undone. Consider editing the user and deactivating or deleting roles in their account instead.
<li> Updating a user to the current fair year allows you to then complete the user from this list.
@ -380,7 +381,7 @@ function update (id)
echo "<td>{$user_what[$t]}</td>";
echo "<td>";
if($r["{$t}_active"] == 'yes') {
if(get_value_from_array($r, "{$t}_active") == 'yes') {
echo "<div class=\"happy\" align=\"center\">".i18n("yes")."</div>";
$userstate = 'active';
} else {

9
common.inc.php
View File

@ -246,13 +246,12 @@ if(substr($config['version'], -1) % 2 != 0)
if(get_value_from_array($_GET, 'debug')) $_SESSION['debug']=$_GET['debug'];
//if the user has switched languages, go ahead and switch the session variable
if(get_value_from_array($_GET, 'switchlanguage'))
if(array_key_exists('switchlanguage', $_GET))
{
//first, make sure its a valid language:
if($config['languages'][$_GET['switchlanguage']])
{
$_SESSION['lang']=$_GET['switchlanguage'];
}
else
{
@ -1110,7 +1109,7 @@ function output_page_cms($filename)
$r = $q->fetch();
send_header($r['title'],null,null,true);
if(file_exists("data/logo-200.gif") && $r->showlogo==1)
if(file_exists("data/logo-200.gif") && $r['showlogo'] == 1)
echo "<img align=\"right\" src=\"".$config['SFIABDIRECTORY']."/data/logo-200.gif\" border=\"0\">";
//if it looks like we have HTML content, dont do a nl2br, if there's no html, then do the nl2br
@ -1261,7 +1260,7 @@ function format_money($n,$decimals=true)
$n=$n*-1;
}
//get the part before the decimal
$before=floor($n);
$before=floor(get_value_or_default($n, 0));
$out="";
//space it out in blocks of three
@ -1320,7 +1319,7 @@ function error_($str, $i18n_array=array(), $timeout=-1)
function debug_($str)
{
if($_SESSION['debug'] != true) return;
if(get_value_from_array($_SESSION, 'debug') != true) return;
$s = str_replace("\n", "", nl2br(htmlspecialchars($str))).'<br />';
echo "<script type=\"text/javascript\">
$(document).ready(function() {

2
config/categories.php
View File

@ -127,7 +127,7 @@
echo "<th>".i18n("Actions")."</th>\n";
echo "</tr>";
if(get_value_from_array($_GET, 'action') == "edit") || get_value_from_array($_GET, 'action') == "new")
if(get_value_from_array($_GET, 'action') == "edit" || get_value_from_array($_GET, 'action') == "new")
{
echo "<input type=\"hidden\" name=\"action\" value=\"".get_value_from_array($_GET,'action')."\">\n";
if(get_value_from_array($_GET,'action') == "edit")

6
config/divisions.php
View File

@ -126,7 +126,7 @@ if(get_value_from_array($_GET, 'action') == "edit" || get_value_from_array($_GET
}
}
if(get_value_from_array($_GET,'action') == "remove") && get_value_from_array($_GET, 'remove'))
if(get_value_from_array($_GET,'action') == "remove" && get_value_from_array($_GET, 'remove'))
{
//###### Feature Specific - filtering divisions by category - not conditional, cause even if they have the filtering turned off..if any links
//for this division exist they should be deleted
@ -166,7 +166,7 @@ if(get_value_from_array($_GET, 'action') == "edit" || get_value_from_array($_GET
$buttontext="Save";
}
else if(get_vaue_from_array($_GET,'action',"new"))
else if(get_value_from_array($_GET,'action') == "new")
{
$buttontext="Add";
}
@ -215,7 +215,7 @@ if(get_value_from_array($_GET, 'action') == "edit" || get_value_from_array($_GET
AND projectcategories.year='".$config['FAIRYEAR']."'
ORDER BY projectcategories.mingrade");
$c->execute();
echo $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
if(!$c){
$tempcat="&nbsp;";
}else{

2
config/divisions_cwsf.php
View File

@ -33,7 +33,7 @@
);
////// FIX ME!!!!!
if(count(get_value_from_array($_POST, 'cwsfdivision', '')))
if(count(get_value_from_array($_POST, 'cwsfdivision', [])))
{
foreach($_POST['cwsfdivision'] AS $k=>$v)
{

5
config/languagepacks.php
View File

@ -40,7 +40,8 @@
{
$ret=array();
//// FIXME Replace!
if($packs=file("http://www.sfiab.ca/languages/langpacklist.txt"))
//if($packs=file("http://www.sfiab.ca/languages/langpacklist.txt"))
if (false)
{
$num=count($packs);
//format of each line is:
@ -62,7 +63,7 @@
}
if(get_value_from_array($_GET,'action') == "check"))
if(get_value_from_array($_GET,'action') == "check")
{
$packs=loadLanguagePacks();

4
config/pagetexts.php
View File

@ -37,12 +37,12 @@
,"page_texts"
);
$q = $pdo->prepare("SELECT * FROM pagetext WHERE year='-1' ORDER BY textname");
$q = $pdo->prepare("SELECT * FROM pagetext WHERE year='-1' ORDER BY textname");
$q->execute();
while($r=$q->fetch(PDO::FETCH_OBJ))
{
foreach($config['languages'] AS $lang=>$langname) {
$q = $pdo->prepare("INSERT INTO pagetext (textname,textdescription,text,year,lang) VALUES (
$q = $pdo->prepare("INSERT INTO pagetext (`textname`,`textdescription`,`text`,`year`,`lang`) VALUES (
'".$r->textname."',
'".$r->textdescription."',
'".$r->text."',

5
config/safetyquestions.php
View File

@ -107,9 +107,10 @@
}
if($showform)
{
$r = array();
echo "<table class=\"summarytable\">";
echo "<tr><td>".i18n("Question")."</td><td>";
echo "<input size=\"60\" type=\"text\" name=\"question\" value=\"".htmlspecialchars(get_value_or_default($r->question, ""))."\">\n";
echo "<input size=\"60\" type=\"text\" name=\"question\" value=\"".htmlspecialchars(get_value_from_array($r, 'question', ""))."\">\n";
echo "</td></tr>";
echo "<tr><td>".i18n("Type")."</td><td>";
echo "<select name=\"type\">";
@ -128,7 +129,7 @@
echo "</select>";
echo "</td>";
echo "<tr><td>".i18n("Display Order")."</td><td>";
echo "<input size=\"5\" type=\"text\" name=\"ord\" value=\"".htmlspecialchars(get_value_or_default($r->ord, ""))."\">\n";
echo "<input size=\"5\" type=\"text\" name=\"ord\" value=\"".htmlspecialchars(get_value_from_array($r, 'ord', ''))."\">\n";
echo "</td></tr>";
echo "<tr><td colspan=\"2\" align=\"center\">";
echo "<input type=\"submit\" value=\"".i18n($buttontext)."\" />\n";

11
config/subdivisions.php
View File

@ -103,7 +103,7 @@
}
}
if(get_value_from_array($_GET,'action') == "remove") && get_value_from_array($_GET,'remove'))
if(get_value_from_array($_GET,'action') == "remove" && get_value_from_array($_GET,'remove'))
{
$stmt = $pdo->prepare("DELETE FROM projectsubdivisions WHERE id='".$_GET['remove']."'");
$stmt->execute();
@ -125,7 +125,8 @@
if(get_value_from_array($_GET,'action') == "edit" || get_value_from_array($_GET, 'action') == "new")
{
echo "<input type=\"hidden\" name=\"action\" value=\"".get_value_from_array($_GET,'action')."\">\n";
echo "<input type=\"hidden\" name=\"action\" value=\"".get_value_from_array($_GET,'action')."\">\n";
$divisionr = array();
if(get_value_from_array($_GET,'action') == "edit")
{
echo "<input type=\"hidden\" name=\"saveid\" value=\"".get_value_from_array($_GET, 'edit')."\">\n";
@ -150,8 +151,8 @@
}
echo "</select>";
echo "</td>";
echo " <td><input type=\"text\" size=\"3\" name=\"id\" value=\"$divisionr->id\"></td>";
echo " <td><input type=\"text\" size=\"30\" name=\"subdivision\" value=\"$divisionr->subdivision\"></td>";
echo " <td><input type=\"text\" size=\"3\" name=\"id\" value=\"".get_value_from_array($divisionr, 'id', '')."\"></td>";
echo " <td><input type=\"text\" size=\"30\" name=\"subdivision\" value=\"".get_value_from_array($divisionr, 'subdivision', '')."\"></td>";
echo " <td><input type=\"submit\" value=\"".i18n($buttontext)."\"></td>";
$dq->execute();
echo "</tr>";
@ -171,7 +172,7 @@
ORDER BY
division,subdivision");
$q->execute();
echo $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
while($r=$q->fetch(PDO::FETCH_OBJ))
{
echo "<tr>";

3
config/versionchecker.php
View File

@ -42,7 +42,8 @@
{
$ret=array();
// FIXME Replace
if($v=file("http://www.sfiab.ca/version.txt"))
//if($v=file("http://www.sfiab.ca/version.txt"))
if (false)
{
list($version,$date)=explode("\t",trim($v[0]));
$ret['version']=$version;

4
config_editor.inc.php
View File

@ -136,6 +136,7 @@ function config_editor_handle_actions($category, $year, $array_name)
{
global $config;
global $config_editor_actions_done;
global $pdo;
$config_vars = config_editor_load($category, $year);
@ -168,7 +169,7 @@ function config_editor_handle_actions($category, $year, $array_name)
/* Prep for MySQL update */
$stmt = $pdo->prepare("UPDATE config SET val = ? WHERE var = ? AND year = ?");
$stmt->execute([$val, $k, $year]);
print pdo->errorInfo();
show_pdo_errors_if_any($pdo);
// echo "Saving {$v} = $val<br>";
$config_editor_updated = true;
$updated = true;
@ -192,6 +193,7 @@ function config_editor($category, $year, $array_name, $self)
{
global $config;
global $config_editor_actions_done, $config_editor_updated;
global $updated;
if($config_editor_actions_done == false) {
config_editor_handle_actions($category, $year, $array_name);

2
confirmed_participants.php
View File

@ -41,7 +41,7 @@
list($d,$t)=explode(" ",$config['dates']['postparticipants']);
echo i18n("Confirmed participants (that $signatureformpermissionform have been received for) will be posted here on %1 at %2. Please do not contact the fair to inquire about receipt of your $signatureformpermissionform until after this date (and only if you are not listed here after this date).",array($d,$t));
}
else https://marketplace.visualstudio.com/items?itemName=oscarotero.vento-syntax
else
{

BIN
data/logo-100.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 6.3 KiB

BIN
data/logo-100.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 9.1 KiB

BIN
data/logo-100.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 17 KiB

BIN
data/logo-200.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 19 KiB

BIN
data/logo-200.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 26 KiB

BIN
data/logo-200.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 50 KiB

BIN
data/logo-500.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 86 KiB

BIN
data/logo-500.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 105 KiB

BIN
data/logo-500.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 192 KiB

BIN
data/logo.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 49 KiB

BIN
data/logo.jpg Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 84 KiB

BIN
data/logo.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 81 KiB

2
data/logs/.htaccess Normal file
View File

@ -0,0 +1,2 @@
Order Deny,Allow
Deny From All

2
data/logs/judge_scheduler_20241219024052.log Normal file
View File

@ -0,0 +1,2 @@
Parse error: syntax error, unexpected token "=>" in /var/www/html/sfiab/admin/judges_sa.php on line 398

2
data/logs/judge_scheduler_20241219024109.log Normal file
View File

@ -0,0 +1,2 @@
Parse error: syntax error, unexpected token "=>" in /var/www/html/sfiab/admin/judges_sa.php on line 398

2
data/logs/judge_scheduler_20241219030628.log Normal file
View File

@ -0,0 +1,2 @@
Parse error: syntax error, unexpected token "=>" in /var/www/html/sfiab/admin/judges_sa.php on line 398

21
helper.inc.php
View File

@ -10,16 +10,23 @@ function get_value_from_array(array $ar, string $key, mixed $default = null) : m
return isset($ar[$key]) ? $ar[$key] : $default;
}
function get_value_from_2d_array(array $ar, string $key1, string $key2, mixed $default = null) : mixed
{
return isset($ar[$key1][$key2]) ? $ar[$key1][$key2] : $default;
}
function get_value(mixed $var) : mixed
{
return isset($var) ? $var : null;
}
function get_value_or_default(mixed $var, mixed $default = null) : mixed {
return isset($var) ? $var : $default;
}
function show_pdo_errors_if_any($pdo) {// Check for errors after the query execution
function show_pdo_errors_if_any($pdo)
{// Check for errors after the query execution
$errorInfo = $pdo->errorInfo();
if ($errorInfo[0] != '00000') {
// If there's an error (the SQLSTATE isn't '00000', which means no error)
@ -27,4 +34,16 @@ function show_pdo_errors_if_any($pdo) {// Check for errors after the query execu
}
}
function add_or_initialize(mixed $ar, mixed $key, mixed $increment = 1, mixed $initial = 0) : mixed {
return isset($ar[$key]) ? ($ar[$key] += $increment) : $initial;
}
function add_or_initialize_multi_2(mixed $ar, mixed $key1, mixed $key2, mixed $increment = 1, mixed $initial = 0) : mixed {
return isset($ar[$key1][$key2]) ? ($ar[$key1][$key2] += $increment) : $initial;
}
function add_or_initialize_multi_3(mixed $ar, mixed $key1, mixed $key2, mixed $key3, mixed $increment = 1, mixed $initial = 0) : mixed {
return isset($ar[$key1][$key2][$key3]) ? ($ar[$key1][$key2][$key3] += $increment) : $initial;
}
?>

4
judge.inc.php
View File

@ -34,7 +34,7 @@ $preferencechoices=array(
function judge_status_expertise(&$u)
{
global $config;
global $config, $pdo;
/* If the judging special awards are active, and the judge has
* selected "I am a special awards judge", then disable
@ -75,7 +75,7 @@ function judge_status_questions($u){
- count the questions answered by the user which match those id's
- if those counts are not the same, then the user has not answered all required questions
*/
global $config;
global $config, $pdo;
// get the questions we're looking for
$q = $pdo->prepare("SELECT id FROM questions WHERE year=" . $config['FAIRYEAR'] . " AND required='yes'");
$q->execute();

5
judge_expertise.php
View File

@ -27,7 +27,7 @@
require_once('judge.inc.php');
/* Sort out who we're editting */
if($_POST['users_id'])
if(get_value_from_array($_POST, 'users_id'))
$eid = intval($_POST['users_id']); /* From a save form */
else if(array_key_exists('embed_edit_id', $_SESSION))
$eid = $_SESSION['embed_edit_id']; /* From the embedded editor */
@ -42,7 +42,7 @@ if($eid != $_SESSION['users_id']) {
$u = user_load($eid);
switch($_GET['action']) {
switch(get_value_from_array($_GET, 'action')) {
case 'save':
if(!is_array($_POST['division']))
$_POST['division']=array();
@ -175,6 +175,7 @@ echo "<input type=\"hidden\" name=\"users_id\" value=\"{$u['id']}\">\n";
$q=$pdo->prepare("SELECT * FROM projectdivisions WHERE year='{$config['FAIRYEAR']}' ORDER BY division");
$q->execute();
$first = true;
$trclass = '';
while($r=$q->fetch(PDO::FETCH_OBJ)) {
$trclass = ($trclass == 'odd') ? 'even' : 'odd';

8
judge_other.php
View File

@ -33,7 +33,7 @@
require_once("questions.inc.php");
/* Sort out who we're editting */
if($_POST['users_id'])
if(get_value_from_array($_POST, 'users_id'))
$eid = intval($_POST['users_id']); /* From a save form */
else if(array_key_exists('embed_edit_id', $_SESSION))
$eid = $_SESSION['embed_edit_id']; /* From the embedded editor */
@ -48,7 +48,7 @@ if($eid != $_SESSION['users_id']) {
$u = user_load($eid);
switch($_GET['action']) {
switch(get_value_from_array($_GET, 'action')) {
case 'save':
if(!is_array($_POST['languages'])) $_POST['languages']=array();
@ -132,7 +132,7 @@ echo "<div id=\"other_info_status\"></div>\n";
<?
$q=$pdo->prepare("SELECT * FROM languages WHERE active='Y' ORDER BY langname");
$q->execute();
echo $pdo->errorInfo();
show_pdo_errors_if_any($pdo);
while($r=$q->fetch(PDO::FETCH_OBJ))
{
$ch = (in_array($r->lang,$u['languages'])) ? 'checked="checked"' : '';
@ -198,7 +198,7 @@ if ($_SESSION['users_type'] == 'committee' && committee_auth_has_access('admin')
<?
//<td><?=i18n("Private Information")? > </td><td>
//<input onchange="fieldChanged()" type="textarea" name="private_info" size="35" value="<?=$u['private_info']? >"></td></tr>
echo"<tr><td>".i18n("Private Information").": </td><td><textarea cols=\"110\" rows=\"8\" id=\"private_info\" name=\"private_info\">".htmlspecialchars($u['private_info'])."</textarea><br />";
echo"<tr><td>".i18n("Private Information").": </td><td><textarea cols=\"110\" rows=\"8\" id=\"private_info\" name=\"private_info\">".htmlspecialchars(get_value_from_array($u, 'private_info', ''))."</textarea><br />";
?>
</table>
<?

8
judge_special_awards.php
View File

@ -27,7 +27,7 @@
require_once('judge.inc.php');
/* Sort out who we're editting */
if($_POST['users_id'])
if(get_value_from_array($_POST, 'users_id'))
$eid = intval($_POST['users_id']); /* From a save form */
else if(array_key_exists('embed_edit_id', $_SESSION))
$eid = $_SESSION['embed_edit_id']; /* From the embedded editor */
@ -42,7 +42,7 @@ if($eid != $_SESSION['users_id']) {
$u = user_load($eid);
switch($_GET['action']) {
switch(get_value_from_array($_GET, 'action')) {
case 'save':
//first delete all their old associations for this year..
$stmt = $pdo->prepare("DELETE FROM judges_specialaward_sel WHERE users_id='{$u['id']}'");
@ -131,8 +131,8 @@ if($_SESSION['embed'] != true) {
AND award_types.year='{$config['FAIRYEAR']}'
ORDER BY
name");
$q->execute();
echo $pdo->errorInfo();
$q->execute();
show_pdo_errors_if_any($pdo);
while($r=$q->fetch(PDO::FETCH_OBJ))
{
?>

4
lcsv.php
View File

@ -69,7 +69,7 @@ class lcsv
}
//now do the data in the table
if($table['data']) {
if(get_value_from_array($table, 'data')) {
foreach($table['data'] AS $dataline) {
for($c=0;$c<$table_cols;$c++) {
//escape a single " with ""
@ -143,7 +143,7 @@ class lcsv
{
if($this->csvdata)
{
$filename=strtolower($this->page_subheader);
$filename=strtolower(get_value($this->page_subheader));
$filename=preg_replace("[^a-z0-9]","_",$filename);
//header("Content-type: application/csv");
header("Content-type: text/x-csv");

18
questions.inc.php
View File

@ -36,7 +36,7 @@ function questions_load_answers($section, $users_id)
$q=$pdo->prepare("SELECT * FROM question_answers WHERE users_id='$users_id' AND questions_id='$id'");
$q->execute();
$r=$q->fetch(PDO::FETCH_OBJ);
$ans[$id]=$r->answer;
$ans[$id]=get_value_or_default($r, 'answer', '');
}
return $ans;
}
@ -207,7 +207,7 @@ function questions_editor($section, $year, $array_name, $self)
{
global $config;
global $pdo;
if($_POST['action']=="save") {
if(get_value_from_array($_POST, 'action') == "save") {
$qs = questions_parse_from_http_headers('question');
$qs['section'] = $section;
@ -220,7 +220,7 @@ function questions_editor($section, $year, $array_name, $self)
}
}
if($_POST['action']=="new") {
if(get_value_from_array($_POST, 'action') == "new") {
$q = questions_load_questions($section, $year);
$qs = questions_parse_from_http_headers('question');
$qs['section'] = $section;
@ -233,7 +233,7 @@ function questions_editor($section, $year, $array_name, $self)
}
}
if($_GET['action']=="remove" && $_GET['remove'])
if(get_value_from_array($_GET, 'action') == "remove" && get_value_from_array($_GET, 'remove'))
{
$qid = $_GET['remove'];
$qs = questions_load_questions($section, $year);
@ -255,7 +255,7 @@ function questions_editor($section, $year, $array_name, $self)
echo happy(i18n("Question successfully removed"));
}
if($_GET['action']=="import" && $_GET['impyear'])
if(get_value_from_array($_GET, 'action') == "import" && get_value_from_array($_GET, 'impyear'))
{
$x=0;
$q = $pdo->prepare("SELECT * FROM questions WHERE year='{$_GET['impyear']}'");
@ -301,14 +301,14 @@ function questions_editor($section, $year, $array_name, $self)
$qdir = 0;
if($_GET['action']=="up" && $_GET['up']) {
if(get_value_from_array($_GET, 'action') == "up" && get_value_from_array($_GET, 'up')) {
$qid = $_GET['up'];
if($qs[$qid]['ord'] != 1) {
$qdir = -1;
}
}
if($_GET['action']=="down" && $_GET['down']) {
if(get_value_from_array($_GET, 'action') == "down" && get_value_from_array($_GET, 'down')) {
$qid = $_GET['down'];
if($qs[$qid]['ord'] != count($qs)) {
$qdir = 1;
@ -346,7 +346,7 @@ function questions_editor($section, $year, $array_name, $self)
}
if(($_GET['action']=="edit" && $_GET['edit']) || $_GET['action']=="new") {
if((get_value_from_array($_GET, 'action') == "edit" && get_value_from_array($_GET, 'edit')) || get_value_from_array($_GET, 'action') == "new") {
$showform=true;
echo "<form method=\"post\" action=\"$self\">";
@ -370,7 +370,7 @@ function questions_editor($section, $year, $array_name, $self)
}
}
if($showform and headers_sent())
{
{
echo "<table class=\"summarytable\">";
echo "<tr><td>".i18n("Question")."</td><td>";
echo "<input size=\"60\" type=\"text\" name=\"{$array_name}[question]\" value=\"".htmlspecialchars($q['question'])."\">\n";

13
tableeditor.class.php
View File

@ -46,6 +46,8 @@ interface TableEditorInterface {
//cfdc
//$icon_path="/phpscripts/images/16";
//sfiab
global $icon_extension;
$icon_path="{$config['SFIABDIRECTORY']}/images/16";
if(!function_exists("i18n"))
@ -304,6 +306,7 @@ class TableEditor
{
$this->uploadPath=$p;
}
function setDownloadLink($l)
{
$this->downloadLink=$l;
@ -518,12 +521,12 @@ class TableEditor
function execute()
{
if($_GET['TableEditorAction']=="sort" && $_GET['sort'])
if(get_value_from_array($_GET, 'TableEditorAction')=="sort" && $_GET['sort'])
{
$this->setSortField($_GET['sort']);
}
if($_GET['TableEditorAction']=="delete" && $_GET['delete'])
if(get_value_from_array($_GET, 'TableEditorAction')=="delete" && $_GET['delete'])
{
if($this->classname)
$data = new $this->classname($_GET['delete']);
@ -705,7 +708,7 @@ class TableEditor
}
}
if($_GET['TableEditorAction']=="add" || ($_GET['TableEditorAction']=="edit" && $_GET['edit']) )
if(get_value_from_array($_GET, 'TableEditorAction') == "add" || (get_value_from_array($_GET, 'TableEditorAction') =="edit" && get_value_from_array($_GET, 'edit')) )
{
if($this->uploadPath)
echo "<form name=\"TableEditor\" enctype=\"multipart/form-data\" method=\"post\" action=\"{$_SERVER['PHP_SELF']}\">";
@ -1012,6 +1015,7 @@ class TableEditor
$query .= " FROM ";
foreach($from as $f) $query .= "$f ";
$query .= " WHERE 1 ";
if(is_array($where)) {
foreach($where as $w) $query .= "AND $w ";
}
@ -1034,11 +1038,12 @@ class TableEditor
{
echo "<a href=\"{$_SERVER['PHP_SELF']}?TableEditorAction=add\">".i18n("Add new %1",array($this->recordType))."</a><br /><br />";
}
if($this->DEBUG) echo $query;
print("query[$query]");
$q = $pdo->prepare($query);
$q->execute();
if($q == false) {
echo "Sorry, MYSQL query failed: <pre>$query</pre><br />";
echo "Error: ".$pdo->errorInfo();

2
tcpdf/tcpdf.php
View File

@ -19857,7 +19857,7 @@ Putting 1 is equivalent to putting 0 and calling Ln() just after. Default value:
// justify block
if (!$this->empty_string($this->lispacer)) {
$this->lispacer = '';
continue;
break;
}
preg_match('/([0-9\.\+\-]*)[\s]([0-9\.\+\-]*)[\s]([0-9\.\+\-]*)[\s]('.$strpiece[1][0].')[\s](re)([\s]*)/x', $pmid, $xmatches);
$currentxpos = $xmatches[1];

12
user.inc.php
View File

@ -141,6 +141,7 @@ function user_load_volunteer(&$u)
function user_load_sponsor(&$u)
{
global $pdo;
$u['sponsors_id'] = intval($u['sponsors_id']);
$u['sponsor_complete'] = ($u['sponsor_complete'] == 'yes') ? 'yes' : 'no';
$u['sponsor_active'] = ($u['sponsor_active'] == 'yes') ? 'yes' : 'no';
@ -177,7 +178,8 @@ function user_load_alumni(&$u)
}
function user_load($user, $uid = false)
{ global $pdo;
{
global $pdo;
/* So, it turns out that doing one big load is faster than loading just
* from the users table then loading only the specific types the user
* has.. go figure. */
@ -203,9 +205,9 @@ function user_load($user, $uid = false)
$q=$pdo->query($query);
if($q->rowCount()!=1) {
// echo "Query [$query] returned ".$q->rowCount()." rows\n";
// echo "<pre>";
// print_r(debug_backtrace());
echo "Query [$query] returned ".$q->rowCount()." rows\n";
echo "<pre>";
print_r(debug_backtrace());
return false;
}
@ -965,7 +967,7 @@ function user_personal_required_fields($type)
{
global $config, $user_personal_fields_map;
$ret = array('firstname','lastname','email');
$required = $config["{$type}_personal_required"];
$required = get_value_from_array($config, "{$type}_personal_required");
if($required != '') {
$fields = explode(',', $required);
foreach($fields as $f) {

21
user_login.php
View File

@ -27,7 +27,8 @@
require_once("user.inc.php");
function try_login($user, $pass)
{ global $pdo;
{
global $pdo;
/* Ensure sanity of inputs, user should be an email address, but it's stored
* in the username field */
/* FIXME: this should be user_valid_email, but can't be yet, because
@ -79,7 +80,7 @@
/* They're already logged in */
$type = $_SESSION['users_type'];
/* If they're not trying to logout, don't let them see the login page */
if($_GET['action'] != 'logout') {
if(get_value_from_array($_GET, 'action') != 'logout') {
message_push(error(i18n('You are already logged in, please use the [Logout] link in the upper right to logout before logging in as different user')));
header("location: {$type}_main.php");
exit;
@ -90,10 +91,10 @@
if(!in_array($type, $user_types)) $type = false;
}
$notice=$_GET['notice'];
$notice=get_value_from_array($_GET, 'notice');
$redirect = $_GET['redirect'];
$redirect_data = $_GET['redirectdata'];
$redirect = get_value_from_array($_GET, 'redirect');
$redirect_data = get_value_from_array($_GET, 'redirectdata');
switch($redirect) {
case 'roleadd':
@ -135,7 +136,7 @@
$reg_open = 'closed';
break;
}
if($_POST['action'] == "login")
if(get_value_from_array($_POST, 'action') == "login")
{
if($_POST['pass'] && $_POST['user'])
{
@ -177,7 +178,7 @@
* expired. */
$longest_expiry = 0;
foreach($u['types'] as $t) {
$e = $config["{$t}_password_expiry_days"];
$e = get_value_from_array($config, "{$t}_password_expiry_days");
if($e == 0) {
/* Catch a never expire case. */
$longest_expiry = 0;
@ -260,7 +261,7 @@
header("location: user_login.php?type=$type");
exit;
}
else if($_GET['action']=="logout")
else if(get_value_from_array($_GET, 'action') == "logout")
{
/* Session keys to skip on logout */
$skip = array('debug', 'lang', 'messages');
@ -282,7 +283,7 @@
header("Location: user_login.php{$redirect_url}");
exit;
}
else if($_GET['action']=="recover")
else if(get_value_from_array($_GET, 'action') == "recover")
{
send_header("{$user_what[$type]} - Password Recovery",
array("{$user_what[$type]} Login" => "user_login.php?type=$type"));
@ -315,7 +316,7 @@
<?=i18n('If you didn\'t register using an email address and you have lost your password, please contact the committee to have your password reset.')?></div><br />
<?
}
else if($_POST['action'] == "recoverconfirm")
else if(get_value_from_array($_POST, 'action') == "recoverconfirm")
{
/* Process a recover */
$email = $_POST['email'];

2
version.txt
View File

@ -1 +1 @@
2.3.1
3.0.1