arman/science-ation
1
1
Fork 0
forked from science-ation/science-ation
Code Pull Requests Activity

Changes by Dennis. Required to provide for a clean install on Windows server ISPs (also my Windows xp workstation with PHP and mySQL). There should be NO changes to functionality.

Browse Source
This commit is contained in:
dennis 2011-02-10 14:46:58 +00:00
parent 221213e1d8
commit ce35d4ccee
6 changed files with 2000 additions and 1837 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1047
account.inc.php
View File

File diff suppressed because it is too large Load Diff

777
common.inc.bootstrap.php
View File

@ -1,380 +1,397 @@
<? <?
/* /*
This file is part of the 'Science Fair In A Box' project This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org> Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005-2010 James Grant <james@lightbox.org> Copyright (C) 2005-2010 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2. License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details. General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330, the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. Boston, MA 02111-1307, USA.
*/ */
//if we dont set the charset any page that doesnt call send_header() (where it used to be set) would defualt to the server's encoding, //if we dont set the charset any page that doesnt call send_header() (where it used to be set) would defualt to the server's encoding,
//which in many cases (like ysf-fsj.ca/sfiab) is UTF-8. This was causing a lot of the newly AJAX'd editors to fail on french characters, //which in many cases (like ysf-fsj.ca/sfiab) is UTF-8. This was causing a lot of the newly AJAX'd editors to fail on french characters,
//becuase they were being encoded improperly. Ideally, all the databases will be switched to UTF-8, but thats not a near-term possibility, //becuase they were being encoded improperly. Ideally, all the databases will be switched to UTF-8, but thats not a near-term possibility,
//so this is kind of a band-aid solution until we can make everything UTF8. Hope it doesnt break anything anywhere else! //so this is kind of a band-aid solution until we can make everything UTF8. Hope it doesnt break anything anywhere else!
header("Content-Type: text/html; charset=UTF-8"); header("Content-Type: text/html; charset=UTF-8");
//set error reporting to not show notices, for some reason some people's installation dont set this by default //set error reporting to not show notices, for some reason some people's installation dont set this by default
//so we will set it in the code instead just to make sure //so we will set it in the code instead just to make sure
//error_reporting(E_ALL & ~E_DEPRECATED ); //error_reporting(E_ALL & ~E_DEPRECATED );
define('REQUIREDFIELD','<span class="requiredfield">*</span>'); define('REQUIREDFIELD','<span class="requiredfield">*</span>');
//figure out the directory to prepend to directoroy names, depending on if we are in a subdirectory or not //figure out the directory to prepend to directoroy names, depending on if we are in a subdirectory or not
if(substr(getcwd(),-6)=="/admin") // DES dspanogle 2011-02-04 Windows based servers use '\' in directories. This code works for WIN servers and or *nix servers.
$prependdir="../"; if (stristr(getcwd(), '\\')) { // must look at whole directory because we do no know the SFIABDIRECTORY length
else if(substr(getcwd(),-6)=="/super") // Win
$prependdir="../"; if(substr(getcwd(),-6)=="\\admin")
else if(substr(getcwd(),-7)=="/config") $prependdir="..\\";
$prependdir="../"; else if(substr(getcwd(),-6)=="\\super")
else if(substr(getcwd(),-3)=="/db") $prependdir="..\\";
$prependdir="../"; else if(substr(getcwd(),-7)=="\\config")
else if(substr(getcwd(),-8)=="/scripts") $prependdir="..\\";
$prependdir="../"; else if(substr(getcwd(),-3)=="\\db")
else $prependdir="..\\";
$prependdir=""; else if(substr(getcwd(),-8)=="\\scripts")
$prependdir="..\\";
$sfiabversion=@file($prependdir."version.txt"); else
$config['version']=trim($sfiabversion[0]); $prependdir="";
} else {
//make sure the data subdirectory is writable, if its not, then we're screwed, so make sure it is! // Other
if(!is_writable($prependdir."data")) { if(substr(getcwd(),-6)=="/admin")
echo "<html><head><title>SFIAB ERROR</title></head><body>"; $prependdir="../";
echo "<h1>Science Fair In A Box - ERROR</h1>"; else if(substr(getcwd(),-6)=="/super")
echo "data/ subdirectory is not writable by the web server"; $prependdir="../";
echo "<br>"; else if(substr(getcwd(),-7)=="/config")
echo "<h2>Details</h2>"; $prependdir="../";
echo "The data/ subdirectory is used to store files uploaded through the SFIAB software. The web server must have write access to this directory in order to function properly. Please contact your system administrator (if you are the system administrator, chown/chmod the data directory appropriately)."; else if(substr(getcwd(),-3)=="/db")
echo "<br>"; $prependdir="../";
echo "</body></html>"; else if(substr(getcwd(),-8)=="/scripts")
exit; $prependdir="../";
} else
$prependdir="";
if(file_exists($prependdir."data/config.inc.php")) { }
require_once($prependdir."data/config.inc.php"); $sfiabversion=@file($prependdir."version.txt");
} $config['version']=trim($sfiabversion[0]);
else {
echo "<html><head><title>SFIAB</title></head><body>"; //make sure the data subdirectory is writable, if its not, then we're screwed, so make sure it is!
echo "<h1>Science Fair In A Box - Installation</h1>"; if(!is_writable($prependdir."data")) {
echo "It looks like this is a new installation of SFIAB, and the database has not yet been configured. Please choose from the following options: <br />"; echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<br />"; echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "<a href=\"install.php\">Proceed with Fresh SFIAB Installation</a>"; echo "data/ subdirectory is not writable by the web server";
echo "<br />"; echo "<br>";
echo "</body></html>"; echo "<h2>Details</h2>";
exit; echo "The data/ subdirectory is used to store files uploaded through the SFIAB software. The web server must have write access to this directory in order to function properly. Please contact your system administrator (if you are the system administrator, chown/chmod the data directory appropriately).";
} echo "<br>";
/* echo "</body></html>";
difference between MySQL <5.1 and 5.1: exit;
in <5.1 in must have internall truncated it at 16 before comparing with the hard-coded 16 character database limit }
in 5.1 it doesnt truncate and compares the full string with the hardcoded 16 character limit, so all our very long usernames
are now failing if(file_exists($prependdir."data/config.inc.php")) {
James - Dec 30 2010 require_once($prependdir."data/config.inc.php");
*/ }
$DBUSER=substr($DBUSER,0,16); else {
echo "<html><head><title>SFIAB</title></head><body>";
if(!mysql_connect($DBHOST,$DBUSER,$DBPASS)) { echo "<h1>Science Fair In A Box - Installation</h1>";
echo "<html><head><title>SFIAB ERROR</title></head><body>"; echo "It looks like this is a new installation of SFIAB, and the database has not yet been configured. Please choose from the following options: <br />";
echo "<h1>Science Fair In A Box - ERROR</h1>"; echo "<br />";
echo "Cannot connect to database!"; echo "<a href=\"install.php\">Proceed with Fresh SFIAB Installation</a>";
echo "</body></html>"; echo "<br />";
exit; echo "</body></html>";
} exit;
}
if(!mysql_select_db($DBNAME)) { /*
echo "<html><head><title>SFIAB ERROR</title></head><body>"; difference between MySQL <5.1 and 5.1:
echo "<h1>Science Fair In A Box - ERROR</h1>"; in <5.1 in must have internall truncated it at 16 before comparing with the hard-coded 16 character database limit
echo "Cannot select database!"; in 5.1 it doesnt truncate and compares the full string with the hardcoded 16 character limit, so all our very long usernames
echo "</body></html>"; are now failing
exit; James - Dec 30 2010
} */
$DBUSER=substr($DBUSER,0,16);
//this will silently fail on mysql 4.x, but is needed on mysql5.x to ensure we're only using utf8 encodings
@mysql_query("SET NAMES utf8"); if(!mysql_connect($DBHOST,$DBUSER,$DBPASS)) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
//find out the fair year and any other 'year=0' configuration parameters (things that dont change as the years go on) echo "<h1>Science Fair In A Box - ERROR</h1>";
$q=@mysql_query("SELECT * FROM config WHERE conferences_id=0 OR year=0"); echo "Cannot connect to database!";
echo "</body></html>";
//we might get an error if installation step 2 is not done (ie, the config table doesnt even exist) exit;
if(mysql_error()) { }
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>"; if(!mysql_select_db($DBNAME)) {
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process"; echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<br>"; echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "</body></html>"; echo "Cannot select database!";
exit; echo "</body></html>";
} exit;
//if we have 0 (<1) then install2 is not done, which would get caught above, }
//if we have 1 (<2) then insatll3 is not done (no entries for FAIRYEAR and SFIABDIRECTORY)
if(mysql_num_rows($q)<2) { //this will silently fail on mysql 4.x, but is needed on mysql5.x to ensure we're only using utf8 encodings
echo "<html><head><title>SFIAB ERROR</title></head><body>"; @mysql_query("SET NAMES utf8");
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install3.php\">Installer Step 3</a> to complete the installation process"; //find out the fair year and any other 'year=0' configuration parameters (things that dont change as the years go on)
echo "<br>"; $q=@mysql_query("SELECT * FROM config WHERE conferences_id=0 OR year=0");
echo "</body></html>";
exit; //we might get an error if installation step 2 is not done (ie, the config table doesnt even exist)
if(mysql_error()) {
} echo "<html><head><title>SFIAB ERROR</title></head><body>";
else { echo "<h1>Science Fair In A Box - ERROR</h1>";
while($r=mysql_fetch_object($q)) { echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
$config[$r->var]=$r->val; echo "<br>";
} echo "</body></html>";
} exit;
//doh! we cant do it all, becuase it continains things like registration passwords! lets just add things as we need them i guess }
//this gets turned into a 'config' object that is accessible in javascript (and output directly to the browser, so dont put //if we have 0 (<1) then install2 is not done, which would get caught above,
//anything in it that shouldnt be available to the public! //if we have 1 (<2) then insatll3 is not done (no entries for FAIRYEAR and SFIABDIRECTORY)
$configjs['SFIABDIRECTORY']=$config['SFIABDIRECTORY']; if(mysql_num_rows($q)<2) {
echo "<html><head><title>SFIAB ERROR</title></head><body>";
$dbdbversion=$config['DBVERSION']; echo "<h1>Science Fair In A Box - ERROR</h1>";
$dbcodeversion=@file($prependdir."db/db.code.version.txt"); echo "SFIAB installation is not complete. Please go to <A href=\"install3.php\">Installer Step 3</a> to complete the installation process";
$dbcodeversion=trim($dbcodeversion[0]); echo "<br>";
echo "</body></html>";
if(!$dbdbversion) { exit;
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>"; }
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process"; else {
echo "<br>"; while($r=mysql_fetch_object($q)) {
echo "</body></html>"; $config[$r->var]=$r->val;
exit; }
} }
//doh! we cant do it all, becuase it continains things like registration passwords! lets just add things as we need them i guess
if($dbcodeversion!=$dbdbversion) { //this gets turned into a 'config' object that is accessible in javascript (and output directly to the browser, so dont put
echo "<html><head><title>SFIAB ERROR</title></head><body>"; //anything in it that shouldnt be available to the public!
echo "<h1>Science Fair In A Box - ERROR</h1>"; $configjs['SFIABDIRECTORY']=$config['SFIABDIRECTORY'];
echo "SFIAB database and code are mismatched";
echo "<br>"; $dbdbversion=$config['DBVERSION'];
echo "Please run the db_update.php script in order to update"; $dbcodeversion=@file($prependdir."db/db.code.version.txt");
echo "<br>"; $dbcodeversion=trim($dbcodeversion[0]);
echo "your database to the same version as the code";
echo "<br>"; if(!$dbdbversion) {
echo "<br>"; echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<br>"; echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "<h2>Details</h2>"; echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
echo "Current SFIAB codebase requires DB version: ".$dbcodeversion; echo "<br>";
echo "<br>"; echo "</body></html>";
echo "Current SFIAB database is detected as version: ".$dbdbversion; exit;
echo "<br>"; }
echo "</body></html>";
exit; if($dbcodeversion!=$dbdbversion) {
} echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
/* Check that magic_quotes is OFF */ echo "SFIAB database and code are mismatched";
if(get_magic_quotes_gpc()) { echo "<br>";
?> echo "Please run the db_update.php script in order to update";
<html><head><title>SFIAB ERROR</title></head><body> echo "<br>";
<h1>Science Fair In A Box - ERROR</h1> echo "your database to the same version as the code";
<p>Your PHP configuration has magic_quotes ENABLED. They should be echo "<br>";
disabled, and are disabled in the .htaccess file, so your server is echo "<br>";
ignoring the .htaccess file or overriding it. echo "<br>";
<p>Magic quotes is DEPRECATED as of PHP 5.3.0, REMOVE as of 6.0, but ON echo "<h2>Details</h2>";
by default for any PHP &lt; 5.3.0. echo "Current SFIAB codebase requires DB version: ".$dbcodeversion;
<p>Add <pre>php_flag magic_quotes_gpc off</pre> to the .htacces, or add echo "<br>";
<pre>php_flag magic_quotes_gpc=off</pre> to php.ini echo "Current SFIAB database is detected as version: ".$dbdbversion;
<br></body></html> echo "<br>";
<? echo "</body></html>";
exit; exit;
} }
if($config['SFIABDIRECTORY'] == '') { /* Check that magic_quotes is OFF */
session_name("SFIABSESSID"); if(get_magic_quotes_gpc()) {
session_set_cookie_params(0,'/'); ?>
} else { <html><head><title>SFIAB ERROR</title></head><body>
session_name("SFIABSESSID".ereg_replace("[^A-Za-z]","_",$config['SFIABDIRECTORY'])); <h1>Science Fair In A Box - ERROR</h1>
session_set_cookie_params(0,$config['SFIABDIRECTORY']); <p>Your PHP configuration has magic_quotes ENABLED. They should be
} disabled, and are disabled in the .htaccess file, so your server is
session_start(); ignoring the .htaccess file or overriding it.
<p>Magic quotes is DEPRECATED as of PHP 5.3.0, REMOVE as of 6.0, but ON
if(!$_SESSION['conferences_id']) { by default for any PHP &lt; 5.3.0.
$q=mysql_query("SELECT * FROM conferences WHERE status='running' ORDER BY name LIMIT 1"); <p>Add <pre>php_flag magic_quotes_gpc off</pre> to the .htacces, or add
if($r=mysql_fetch_object($q)) { <pre>php_flag magic_quotes_gpc=off</pre> to php.ini
$_SESSION['conferences_id']=$r->id; <br></body></html>
} <?
/* exit;
else { }
echo "No conferences defined!";
}*/ if($config['SFIABDIRECTORY'] == '') {
} session_name("SFIABSESSID");
session_set_cookie_params(0,'/');
function switchConference($cid) { } else {
$cid=intval($cid); session_name("SFIABSESSID".ereg_replace("[^A-Za-z]","_",$config['SFIABDIRECTORY']));
// echo "cid=$cid"; session_set_cookie_params(0,$config['SFIABDIRECTORY']);
$q=mysql_query("SELECT * FROM conferences WHERE id='$cid' AND status='running'"); }
if($r=mysql_fetch_object($q)) { session_start();
$_SESSION['conferences_id']=$cid;
} if(!$_SESSION['conferences_id']) {
} $q=mysql_query("SELECT * FROM conferences WHERE status='running' ORDER BY name LIMIT 1");
//move the conference stuff before the configuration loading, so we can load the right configuration for the conference :) if($r=mysql_fetch_object($q)) {
if(isset($_GET['switchconference'])) { $_SESSION['conferences_id']=$r->id;
//make sure its good }
switchConference($_GET['switchconference']); /*
unset($_SESSION['nav']); else {
} echo "No conferences defined!";
}*/
if(intval($_SESSION['conferences_id'])>0) { }
$q=mysql_query("SELECT * FROM conferences WHERE id='{$_SESSION['conferences_id']}'");
$conference=mysql_fetch_assoc($q); function switchConference($cid) {
$cid=intval($cid);
/* // echo "cid=$cid";
******* THIS IS TEMPORARY.. probably remove it in a year or so ******** $q=mysql_query("SELECT * FROM conferences WHERE id='$cid' AND status='running'");
if the conference year is set, this is temporary for migratory purposes, so set the FAIRYEAR = confierence year - this will if($r=mysql_fetch_object($q)) {
gracefully handle the science fair parts that still rely on FAIRYEAR $_SESSION['conferences_id']=$cid;
}
if conference year is NOT set, then make sure config['FAIRYEAR'] is NOT set, so we can weed out any code that relies on }
FAIRYEAR from the conference system //move the conference stuff before the configuration loading, so we can load the right configuration for the conference :)
*/ if(isset($_GET['switchconference'])) {
if($conference['year']) //make sure its good
$config['FAIRYEAR']=$conference['year']; switchConference($_GET['switchconference']);
else unset($_SESSION['nav']);
$config['FAIRYEAR']=NULL; }
}
if(intval($_SESSION['conferences_id'])>0) {
//now pull the rest of the configuration $q=mysql_query("SELECT * FROM conferences WHERE id='{$_SESSION['conferences_id']}'");
$q=mysql_query("SELECT * FROM config WHERE conferences_id='".$conference['id']."'"); $conference=mysql_fetch_assoc($q);
while($r=mysql_fetch_object($q)) {
$config[$r->var]=$r->val; /*
} ******* THIS IS TEMPORARY.. probably remove it in a year or so ********
if the conference year is set, this is temporary for migratory purposes, so set the FAIRYEAR = confierence year - this will
//now pull the dates gracefully handle the science fair parts that still rely on FAIRYEAR
if($conference['id'])
$q=mysql_query("SELECT * FROM dates WHERE conferences_id='".$conference['id']."'"); if conference year is NOT set, then make sure config['FAIRYEAR'] is NOT set, so we can weed out any code that relies on
else FAIRYEAR from the conference system
$config['dates']=array(); */
if($conference['year'])
while($r=mysql_fetch_object($q)) { $config['FAIRYEAR']=$conference['year'];
$config['dates'][$r->name]=$r->date; else
} $config['FAIRYEAR']=NULL;
}
//load roles
$roles=array(); //now pull the rest of the configuration
$q = mysql_query("SELECT * FROM roles"); $q=mysql_query("SELECT * FROM config WHERE conferences_id='".$conference['id']."'");
while(($r = mysql_fetch_assoc($q))) { while($r=mysql_fetch_object($q)) {
$roles[$r['type']] = $r; $config[$r->var]=$r->val;
$roles_by_id[$r['id']]=$r; }
}
//now pull the dates
//and now pull the theme if($conference['id'])
require_once("theme/{$config['theme']}/theme.php"); $q=mysql_query("SELECT * FROM dates WHERE conferences_id='".$conference['id']."'");
require_once("theme/{$config['theme_icons']}/icons.php"); else
$config['dates']=array();
//detect the browser first, so we know what icons to use - we store this in the config array as well
//even though its not configurable by the fair while($r=mysql_fetch_object($q)) {
if(stristr($_SERVER['HTTP_USER_AGENT'],"MSIE")) $config['dates'][$r->name]=$r->date;
$config['icon_extension']="gif"; }
else
$config['icon_extension']="png"; //load roles
$roles=array();
//now get the languages, and make sure we have at least one active language $q = mysql_query("SELECT * FROM roles");
$q=mysql_query("SELECT * FROM languages WHERE active='Y' ORDER BY langname"); while(($r = mysql_fetch_assoc($q))) {
if(mysql_num_rows($q)==0) { $roles[$r['type']] = $r;
echo "No active languages defined, defaulting to English"; $roles_by_id[$r['id']]=$r;
$config['languages']['en']="English"; }
}
else { //and now pull the theme
while($r=mysql_fetch_object($q)) { require_once("theme/{$config['theme']}/theme.php");
$config['languages'][$r->lang]=$r->langname; require_once("theme/{$config['theme_icons']}/icons.php");
}
} //detect the browser first, so we know what icons to use - we store this in the config array as well
//now if no language has been set yet, lets set it to the default language //even though its not configurable by the fair
if(!$_SESSION['lang']) { if(stristr($_SERVER['HTTP_USER_AGENT'],"MSIE"))
//first try the default language, if that doesnt work, use "en" $config['icon_extension']="gif";
if($config['default_language']) else
$_SESSION['lang']=$config['default_language']; $config['icon_extension']="png";
else
$_SESSION['lang']="en"; //now get the languages, and make sure we have at least one active language
} $q=mysql_query("SELECT * FROM languages WHERE active='Y' ORDER BY langname");
if(mysql_num_rows($q)==0) {
//only allow debug to get set if we're using a development version (odd numbered ending) echo "No active languages defined, defaulting to English";
if(substr($config['version'], -1) % 2 != 0) $config['languages']['en']="English";
if($_GET['debug']) $_SESSION['debug']=$_GET['debug']; }
else {
//if the user has switched languages, go ahead and switch the session variable while($r=mysql_fetch_object($q)) {
if($_GET['switchlanguage']) { $config['languages'][$r->lang]=$r->langname;
//first, make sure its a valid language: }
if($config['languages'][$_GET['switchlanguage']]) { }
$_SESSION['lang']=$_GET['switchlanguage']; //now if no language has been set yet, lets set it to the default language
} if(!$_SESSION['lang']) {
else { //first try the default language, if that doesnt work, use "en"
//invalid language, dont do anything if($config['default_language'])
} $_SESSION['lang']=$config['default_language'];
} else
$_SESSION['lang']="en";
$CWSFDivisions=array( }
1=>"Automotive",
2=>"Biotechnology & Pharmaceutical Sciences", //only allow debug to get set if we're using a development version (odd numbered ending)
3=>"Computing & Information Technology", if(substr($config['version'], -1) % 2 != 0)
4=>"Earth & Environmental Sciences", if($_GET['debug']) $_SESSION['debug']=$_GET['debug'];
5=>"Engineering",
6=>"Environmental Innovation", //if the user has switched languages, go ahead and switch the session variable
7=>"Health Sciences", if($_GET['switchlanguage']) {
8=>"Life Sciences", //first, make sure its a valid language:
9=>"Physical & Mathematical Sciences" if($config['languages'][$_GET['switchlanguage']]) {
); $_SESSION['lang']=$_GET['switchlanguage'];
}
$conference_types = array( else {
'sciencefair' => 'Science Fair', //invalid language, dont do anything
'scienceolympics' => 'Science Olympics' }
); }
//take SFIABDIRECTORY off of the current URL $CWSFDivisions=array(
$pageurl=substr($_SERVER['PHP_SELF'],strlen($config['SFIABDIRECTORY'])); 1=>"Automotive",
2=>"Biotechnology & Pharmaceutical Sciences",
//this code figures out if the page we're on is in the navigation structure, and if so, where, and properly sets the primary, secondary and tertiary navigation variables 3=>"Computing & Information Technology",
$q=mysql_query("SELECT * FROM rolestasks WHERE 4=>"Earth & Environmental Sciences",
( link='".mysql_real_escape_string($pageurl)."' 5=>"Engineering",
OR link LIKE '".mysql_real_escape_string($pageurl)."?%') 6=>"Environmental Innovation",
AND conferencetype='{$conference['type']}'"); 7=>"Health Sciences",
8=>"Life Sciences",
if(mysql_num_rows($q)) { 9=>"Physical & Mathematical Sciences"
if(mysql_num_rows($q)==1) { );
$r=mysql_fetch_object($q);
} $conference_types = array(
else { 'sciencefair' => 'Science Fair',
//take the first one for now 'scienceolympics' => 'Science Olympics'
while($r=mysql_fetch_object($q)) { );
if($NAV_IDENT==$r->navident)
break; //take SFIABDIRECTORY off of the current URL
} $pageurl=substr($_SERVER['PHP_SELF'],strlen($config['SFIABDIRECTORY']));
//we have more than one, we need to rely on the $navident now
} //this code figures out if the page we're on is in the navigation structure, and if so, where, and properly sets the primary, secondary and tertiary navigation variables
//okay we found it, now get its full tree above it $q=mysql_query("SELECT * FROM rolestasks WHERE
( link='".mysql_real_escape_string($pageurl)."'
//set things to 0 to start OR link LIKE '".mysql_real_escape_string($pageurl)."?%')
$_SESSION['nav']['primary']=0; AND conferencetype='{$conference['type']}'");
$_SESSION['nav']['secondary']=0;
$_SESSION['nav']['tertiary']=0; if(mysql_num_rows($q)) {
if(mysql_num_rows($q)==1) {
$navTree=array(); $r=mysql_fetch_object($q);
upTree($r->id,&$navTree); }
else {
//go through each one, and set the SESSION vars //take the first one for now
foreach($navTree AS $t) { while($r=mysql_fetch_object($q)) {
switch($t['level']) { if($NAV_IDENT==$r->navident)
case 0: //primary nav break;
$_SESSION['nav']['primary']=$t['id']; }
break; //we have more than one, we need to rely on the $navident now
case 1: //secondary nav }
$_SESSION['nav']['secondary']=$t['id']; //okay we found it, now get its full tree above it
break;
case 2: //tertiary nav //set things to 0 to start
$_SESSION['nav']['tertiary']=$t['id']; $_SESSION['nav']['primary']=0;
break; $_SESSION['nav']['secondary']=0;
} $_SESSION['nav']['tertiary']=0;
}
} $navTree=array();
else { upTree($r->id,&$navTree);
//if we didnt find it, we only set the tertiary to 0, because we probably want to keep our primary and secondary navs if they exist
$_SESSION['nav']['tertiary']=0; //go through each one, and set the SESSION vars
} foreach($navTree AS $t) {
switch($t['level']) {
case 0: //primary nav
$_SESSION['nav']['primary']=$t['id'];
break;
case 1: //secondary nav
$_SESSION['nav']['secondary']=$t['id'];
break;
case 2: //tertiary nav
$_SESSION['nav']['tertiary']=$t['id'];
break;
}
}
}
else {
//if we didnt find it, we only set the tertiary to 0, because we probably want to keep our primary and secondary navs if they exist
$_SESSION['nav']['tertiary']=0;
}

1063
common.inc.php
View File

File diff suppressed because it is too large Load Diff

285
db/db_update.php
View File

@ -1,122 +1,163 @@
<? <?
if(!function_exists("system")) { // DES dspanogle 2011-02-06 moved to before system call as test for windows server with alternate code.
echo "DB Update requires php's system() function to be available\n"; /*
exit; if(!function_exists("system")) {
} echo "DB Update requires php's system() function to be available\n";
exit;
//include the config.inc.php }
//so we have the db connection info */
require_once('../data/config.inc.php'); //include the config.inc.php
echo "<pre>\n"; //so we have the db connection info
if(file_exists("db.code.version.txt")) { require_once('../data/config.inc.php');
$dbcodeversion_file=file("db.code.version.txt"); echo "<pre>\n";
$dbcodeversion=trim($dbcodeversion_file[0]); if(file_exists("db.code.version.txt")) {
} $dbcodeversion_file=file("db.code.version.txt");
else { $dbcodeversion=trim($dbcodeversion_file[0]);
echo "Couldnt load current db.code.version.txt\n"; }
exit; else {
} echo "Couldnt load current db.code.version.txt\n";
exit;
$skip_dbversion_update = array_key_exists('skip_dbversion_update', $_GET); }
mysql_connect($DBHOST,$DBUSER,$DBPASS); $skip_dbversion_update = array_key_exists('skip_dbversion_update', $_GET);
mysql_select_db($DBNAME);
@mysql_query("SET NAMES utf8"); mysql_connect($DBHOST,$DBUSER,$DBPASS);
$q=mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND year='0'"); mysql_select_db($DBNAME);
$r=mysql_fetch_object($q); @mysql_query("SET NAMES utf8");
$dbdbversion=$r->val; $q=mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND year='0'");
if(!$dbdbversion) { $r=mysql_fetch_object($q);
echo "Couldnt get current db version. Is SFIAB properly installed?\n"; $dbdbversion=$r->val;
exit; if(!$dbdbversion) {
} echo "Couldnt get current db version. Is SFIAB properly installed?\n";
exit;
if($dbdbversion>=190) { }
//we can only load in the 'system', because when running from here we have no clue what
//conference the script is interested in if($dbdbversion>=190) {
//also, FAIRYEAR doesnt exist anymore //we can only load in the 'system', because when running from here we have no clue what
//conference the script is interested in
/* Load config just in case there's a PHP script that wants it */ //also, FAIRYEAR doesnt exist anymore
$q=mysql_query("SELECT * FROM config WHERE section='system' AND conferences_id=0");
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val; /* Load config just in case there's a PHP script that wants it */
} $q=mysql_query("SELECT * FROM config WHERE section='system' AND conferences_id=0");
else { while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
/* Get the fair year */ }
$q=mysql_query("SELECT val FROM config WHERE var='FAIRYEAR' AND year='0'"); else {
$r=mysql_fetch_object($q); /* Get the fair year */
$config = array('FAIRYEAR' => $r->val); $q=mysql_query("SELECT val FROM config WHERE var='FAIRYEAR' AND year='0'");
$r=mysql_fetch_object($q);
/* Load config just in case there's a PHP script that wants it */ $config = array('FAIRYEAR' => $r->val);
$q=mysql_query("SELECT * FROM config WHERE year='{$config['FAIRYEAR']}'");
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val; /* Load config just in case there's a PHP script that wants it */
} $q=mysql_query("SELECT * FROM config WHERE year='{$config['FAIRYEAR']}'");
while($r=mysql_fetch_object($q)) $config[$r->var]=$r->val;
}
require_once("../config_editor.inc.php"); // For config_update_variables()
if($dbcodeversion && $dbdbversion) { require_once("../config_editor.inc.php"); // For config_update_variables()
//lets see if they match
if($dbcodeversion == $dbdbversion) { if($dbcodeversion && $dbdbversion) {
echo "DB and CODE are all up-to-date. Version: $dbdbversion\n"; //lets see if they match
exit; if($dbcodeversion == $dbdbversion) {
} echo "DB and CODE are all up-to-date. Version: $dbdbversion\n";
else if($dbcodeversion<$dbdbversion) { exit;
echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!"; }
exit; else if($dbcodeversion<$dbdbversion) {
echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!";
} exit;
else if($dbcodeversion>$dbdbversion) {
echo "DB update requirements detected\n"; }
echo "Current DB Version: $dbdbversion\n"; else if($dbcodeversion>$dbdbversion) {
echo "Current CODE Version: $dbcodeversion\n"; echo "DB update requirements detected\n";
echo "Current DB Version: $dbdbversion\n";
echo "Updating database from $dbdbversion to $dbcodeversion\n"; echo "Current CODE Version: $dbcodeversion\n";
for($ver=$dbdbversion+1;$ver<=$dbcodeversion;$ver++) { echo "Updating database from $dbdbversion to $dbcodeversion\n";
if(file_exists("db.update.$ver.php")) {
include("db.update.$ver.php"); for($ver=$dbdbversion+1;$ver<=$dbcodeversion;$ver++) {
} if(file_exists("db.update.$ver.php")) {
if(is_callable("db_update_{$ver}_pre")) { include("db.update.$ver.php");
echo "db.update.$ver.php::db_update_{$ver}_pre() exists - running...\n"; }
call_user_func("db_update_{$ver}_pre"); if(is_callable("db_update_{$ver}_pre")) {
echo "db.update.$ver.php::db_update_{$ver}_pre() done.\n"; echo "db.update.$ver.php::db_update_{$ver}_pre() exists - running...\n";
} call_user_func("db_update_{$ver}_pre");
if(file_exists("db.update.$ver.sql")) { echo "db.update.$ver.php::db_update_{$ver}_pre() done.\n";
echo "db.update.$ver.sql detected - running...\n"; }
readfile("db.update.$ver.sql"); if(file_exists("db.update.$ver.sql")) {
echo "\n"; echo "db.update.$ver.sql detected - running...\n";
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db.update.$ver.sql", $exit_code); readfile("db.update.$ver.sql");
if($exit_code != 0) { echo "\n";
/* mysql failed!, what now? */ // DES dspanogle 2011-02-05 Test to see if can use system call
// if *nix then '/' in working directory. If not then windows - do not even try system
} if(function_exists("system") and (stristr(substr(getcwd(),-9), '/') ) ) {
} // Use System call this assumes mysql.exe exists on the server. it may not.
else { system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db.update.$ver.sql", $exit_code);
echo "Version $ver SQL update file not found - skipping over\n"; }
} else{
if(is_callable("db_update_{$ver}_post")) { // Probably a Windows server. use alternate code.
echo "db.update.$ver.php::db_update_{$ver}_post() exists - running...\n"; // dspanogle 2011-02-05 Use each section of the sql file instead of using system("sql" ...
call_user_func("db_update_{$ver}_post"); // For windows ISP servers that do not provide "sql: executable - replace system call.
echo "db.update.$ver.php::db_update_{$ver}_post() done.\n"; $exit_code = 0; // assume no errors for now
} $filename = 'db.update.'.$ver.'.sql';
} // Temporary variable, used to store current query
if($db_update_skip_variables != true) { $templine = '';
echo "\nUpdating Configuration Variables...\n"; // Read in entire file
config_update_variables(); $lines = file($filename);
} // Loop through each line
foreach ($lines as $line)
{
if($skip_dbversion_update) { // Skip it if it's a comment
echo "\nAll done - skip_dbversion_update specified, NOT updating to DB version to $dbcodeversion\n"; if (substr($line, 0, 2) == '--' || $line == '')
} else { continue;
echo "\nAll done - updating new DB version to $dbcodeversion\n"; // Add this line to the current segment
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'"); $templine .= $line;
} // If it has a semicolon at the end, it's the end of the query
} if (substr(trim($line), -1, 1) == ';')
} {
else { // Perform the query
echo "ERROR: dbcodeversion and dbdbversion are not defined\n"; if(!mysql_query($templine)){
} echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />');
$exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors
echo "</pre>\n"; }
// Reset temp variable to empty
?> $templine = '';
}
}
echo "<br />";
}
if($exit_code != 0) {
/* mysql failed!, what now? */
echo "<br/><b>mysql failed to execute query(s) without error!<br/>";
echo "Update scripts bad or *nix server system('mysql' .. ) call failed!<br/>";
echo "This installation is not complete!</b><br/>";
}
}
else {
echo "Version $ver SQL update file not found - skipping over\n";
}
if(is_callable("db_update_{$ver}_post")) {
echo "db.update.$ver.php::db_update_{$ver}_post() exists - running...\n";
call_user_func("db_update_{$ver}_post");
echo "db.update.$ver.php::db_update_{$ver}_post() done.\n";
}
}
if($db_update_skip_variables != true) {
echo "\nUpdating Configuration Variables...\n";
config_update_variables();
}
if($skip_dbversion_update) {
echo "\nAll done - skip_dbversion_update specified, NOT updating to DB version to $dbcodeversion\n";
} else {
echo "\nAll done - updating new DB version to $dbcodeversion\n";
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'");
}
}
}
else {
echo "ERROR: dbcodeversion and dbdbversion are not defined\n";
}
echo "</pre>\n";
?>

354
install2.php
View File

@ -1,138 +1,216 @@
<? <?
/* /*
This file is part of the 'Science Fair In A Box' project This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org> Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org> Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2. License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details. General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330, the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. Boston, MA 02111-1307, USA.
*/ */
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n"; echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?> ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" > <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title>SFIAB Installation</title> <head><title>SFIAB Installation</title>
<link rel="stylesheet" href="sfiab.css" type="text/css" /> <link rel="stylesheet" href="sfiab.css" type="text/css" />
</head> </head>
<body> <body>
<h1>SFIAB Installation - Step 2</h1> <h1>SFIAB Installation - Step 2</h1>
<? <?
// DES dspanogle 2011-02-05 Can do without system! Do tests below.
if(!function_exists("system")) { /*
echo "<div class=\"error\">Installation requires php's system() function to be available</div>\n"; if(!function_exists("system")) {
echo "</body></html>"; echo "<div class=\"error\">Installation requires php's system() function to be available</div>\n";
exit; echo "</body></html>";
} exit;
}
if(!file_exists("data/config.inc.php")) { */
echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>"; if(!file_exists("data/config.inc.php")) {
echo "<a href=\"install.php\">Go back to installation step 1</a><br />"; echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>";
echo "</body></html>"; echo "<a href=\"install.php\">Go back to installation step 1</a><br />";
exit; echo "</body></html>";
} exit;
}
require_once("data/config.inc.php");
mysql_connect($DBHOST,$DBUSER,$DBPASS); require_once("data/config.inc.php");
mysql_select_db($DBNAME); mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME);
echo "Getting database version requirements for code... "; echo "Getting database version requirements for code... ";
if(file_exists("db/db.code.version.txt")) { if(file_exists("db/db.code.version.txt")) {
$dbcodeversion_file=file("db/db.code.version.txt"); $dbcodeversion_file=file("db/db.code.version.txt");
$dbcodeversion=trim($dbcodeversion_file[0]); $dbcodeversion=trim($dbcodeversion_file[0]);
} }
else { else {
echo "<b>ERROR: Couldnt load current db/db.code.version.txt</b><br />"; echo "<b>ERROR: Couldnt load current db/db.code.version.txt</b><br />";
exit; exit;
} }
echo "<b>version $dbcodeversion</b><br />"; echo "<b>version $dbcodeversion</b><br />";
echo "Checking for existing SFIAB database... "; echo "Checking for existing SFIAB database... ";
$q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'"); $q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'");
$r=@mysql_fetch_object($q); $r=@mysql_fetch_object($q);
$dbdbversion=$r->val; $dbdbversion=$r->val;
if($dbdbversion) { if($dbdbversion) {
echo "<b>ERROR: found version $dbdbversion</b><br />"; echo "<b>ERROR: found version $dbdbversion</b><br />";
//lets see if they match //lets see if they match
if($dbcodeversion == $dbdbversion) if($dbcodeversion == $dbdbversion)
echo "Your SFIAB database is already setup with the required version\n"; echo "Your SFIAB database is already setup with the required version\n";
else if($dbcodeversion<$dbdbversion) else if($dbcodeversion<$dbdbversion)
echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!"; echo "ERROR: dbcodeversion<dbdbversion ($dbcodeversion<$dbdbversion). This should not happen!";
else if($dbcodeversion>$dbdbversion) else if($dbcodeversion>$dbdbversion)
echo "Your SFIAB database needs to be updated. You should run the update script instead of this installer!\n"; echo "Your SFIAB database needs to be updated. You should run the update script instead of this installer!\n";
exit; exit;
} }
else { else {
echo "<b>Not found (good!)</b><br />"; echo "<b>Not found (good!)</b><br />";
} }
echo "Checking for database installer for version $dbcodeversion... "; echo "Checking for database installer for version $dbcodeversion... ";
if(file_exists("db/db.full.$dbcodeversion.sql")) { if(file_exists("db/db.full.$dbcodeversion.sql")) {
echo "<b>db/db.full.$dbcodeversion.sql found</b><br />"; echo "<b>db/db.full.$dbcodeversion.sql found</b><br />";
echo "Setting up database tables... "; echo "Setting up database tables... ";
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$dbcodeversion.sql"); // dspanogle 2011-02-05 if system does not exist use each section of the sql file instead of using system("sql" ...
// For windows ISP servers that do not provide system or sql.exe executable - replace system call.
echo "<b>Done! installed database version $dbcodeversion</b><br />\n"; // If '/' in working directory then is *nix if not do not even try to call system.
if(function_exists("system") and (stristr(substr(getcwd(),-9), '/')) ) {
//now update the db version in the database // assume mysql.exe exists
mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'"); system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$dbcodeversion.sql",$exit_code);
}
echo "<br />"; else // system is not available or is windows server. try to break up the query and just do each part.
echo "<b>Done!</b><br />"; {
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />"; $exit_code = 0;
} $filename = 'db/db.full.'.$dbcodeversion.'.sql';
else { // Temporary variable, used to store current query
echo "<b>Couldnt find db/db.full.$dbcodeversion.sql</b><br />"; $templine = '';
echo "Trying to find an older version... <br />"; // Read in entire file
$lines = file($filename);
for($x=$dbcodeversion;$x>0;$x--) { // Loop through each line
if(file_exists("db/db.full.$x.sql")) { foreach ($lines as $line)
echo "<b>db/db.full.$x.sql found</b><br />"; {
echo "Setting up database tables... "; // Skip it if it's a comment
if (substr($line, 0, 2) == '--' || $line == '')
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$x.sql"); continue;
// Add this line to the current segment
echo "<b>Done! installed database version $x</b><br />\n"; $templine .= $line;
// If it has a semicolon at the end, it's the end of the query
//now update the db version in the database if (substr(trim($line), -1, 1) == ';')
mysql_query("UPDATE config SET val='$x' WHERE var='DBVERSION' AND conferences_id='0'"); {
// Perform the query
echo "<b>Attempting to update database using standard update script to update from $x to $dbcodeversion<br />"; if(!mysql_query($templine)){
echo "<br />Please scroll to the bottom of this page for the link to the next step of the installation process.<br /></b>"; echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />');
chdir ("db"); $exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors
/* Update the database, but don't update the config variables yet, because }
* We haven't set the conference id */ // Reset temp variable to empty
$db_update_skip_variables = true; $templine = '';
include "db_update.php"; }
chdir ("../"); }
echo "<br/><br />";
echo "<br />"; }
echo "<b>Done!</b><br />"; if($exit_code != 0) {
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />"; /* mysql failed!, what now? */
break; echo "<br/><b>mysql failed to execute query(s) without error!<b><br/>";
} }
}
} echo "<b>Done! installed database version $dbcodeversion</b><br />\n";
//only if this file was created will we go ahead with the rest
//creating all the tables and such.. //now update the db version in the database
?> mysql_query("UPDATE config SET val='$dbcodeversion' WHERE var='DBVERSION' AND conferences_id='0'");
</body></html> echo "<br />";
echo "<b>Done!</b><br />";
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
}
else {
echo "<b>Couldnt find db/db.full.$dbcodeversion.sql</b><br />";
echo "Trying to find an older version... <br />";
for($x=$dbcodeversion;$x>0;$x--) {
if(file_exists("db/db.full.$x.sql")) {
echo "<b>db/db.full.$x.sql found</b><br />";
echo "Setting up database tables... ";
// dspanogle 2011-02-05 if system does not exist use each section of the sql file instead of using system("sql" ...
// For windows ISP servers that do not provide system or sql.exe executable - replace system call.
// If '/' in working directory then is *nix if not do not even try to call system.
if(function_exists("system") and (stristr(substr(getcwd(),-9), '/'))) {
// assume mysql.exe exists
system("mysql --default-character-set=utf8 -h$DBHOST -u$DBUSER -p$DBPASS $DBNAME <db/db.full.$x.sql",$exit_code);
}
else { // system is not available. try to break up the query and just do each part.
$exit_code = 0;
$filename = 'db/db.full.'.$x.'.sql';
// Temporary variable, used to store current query
$templine = '';
// Read in entire file
$lines = file($filename);
// Loop through each line
foreach ($lines as $line)
{
// Skip it if it's a comment
if (substr($line, 0, 2) == '--' || $line == '')
continue;
// Add this line to the current segment
$templine .= $line;
// If it has a semicolon at the end, it's the end of the query
if (substr(trim($line), -1, 1) == ';')
{
// Perform the query
if(!mysql_query($templine)){
echo('<br/>Error performing query!<br/>'.$templine.'<br/> mysqlerror: '.mysql_error().'<br /><br />');
$exit_code = -1; // do we bail out here or keep going? keep going for now, get all errors
}
// Reset temp variable to empty
$templine = '';
}
}
echo "<br/><br />";
}
if($exit_code != 0) {
/* mysql failed!, what now? */
echo "<br/><b>mysql failed to execute query(s) without error!<b><br/>";
}
echo "<b>Done! installed database version $x</b><br />\n";
//now update the db version in the database
mysql_query("UPDATE config SET val='$x' WHERE var='DBVERSION' AND conferences_id='0'");
echo "<b>Attempting to update database using standard update script to update from $x to $dbcodeversion<br />";
echo "<br />Please scroll to the bottom of this page for the link to the next step of the installation process.<br /></b>";
chdir ("db");
/* Update the database, but don't update the config variables yet, because
* We haven't set the conference id */
$db_update_skip_variables = true;
include "db_update.php";
chdir ("../");
echo "<br />";
echo "<b>Done!</b><br />";
echo "<a href=\"install3.php\">Proceed to installation step 3</a><br />";
break;
}
}
}
//only if this file was created will we go ahead with the rest
//creating all the tables and such..
?>
</body></html>

311
install3.php
View File

@ -1,152 +1,159 @@
<? <?
/* /*
This file is part of the 'Science Fair In A Box' project This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org> Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org> Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2. License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful, This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details. General Public License for more details.
You should have received a copy of the GNU General Public License You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330, the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA. Boston, MA 02111-1307, USA.
*/ */
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n"; echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?> ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" > <html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title>SFIAB Installation</title> <head><title>SFIAB Installation</title>
<link rel="stylesheet" href="sfiab.css" type="text/css" /> <link rel="stylesheet" href="sfiab.css" type="text/css" />
</head> </head>
<body> <body>
<h1>SFIAB Installation - Step 3</h1> <h1>SFIAB Installation - Step 3</h1>
<? <?
if(!file_exists("data/config.inc.php")) { if(!file_exists("data/config.inc.php")) {
echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>"; echo "<div class=\"error\">SFIAB Installation Step 1 is not yet complete.</div>";
echo "<a href=\"install.php\">Go back to installation step 1</a><br />"; echo "<a href=\"install.php\">Go back to installation step 1</a><br />";
echo "</body></html>"; echo "</body></html>";
exit; exit;
} }
require_once("data/config.inc.php"); require_once("data/config.inc.php");
require_once("config_editor.inc.php"); require_once("config_editor.inc.php");
require_once("user.inc.php"); require_once("user.inc.php");
require_once("committee.inc.php"); require_once("committee.inc.php");
mysql_connect($DBHOST,$DBUSER,$DBPASS); mysql_connect($DBHOST,$DBUSER,$DBPASS);
mysql_select_db($DBNAME); mysql_select_db($DBNAME);
echo "Checking for SFIAB database... "; echo "Checking for SFIAB database... ";
$q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'"); $q=@mysql_query("SELECT val FROM config WHERE var='DBVERSION' AND conferences_id='0'");
$r=@mysql_fetch_object($q); $r=@mysql_fetch_object($q);
$dbdbversion=$r->val; $dbdbversion=$r->val;
if(!$dbdbversion) { if(!$dbdbversion) {
echo "<div class=\"error\">SFIAB Installation Step 2 is not yet complete.</div>"; echo "<div class=\"error\">SFIAB Installation Step 2 is not yet complete.</div>";
echo "<a href=\"install2.php\">Go back to installation step 2</a><br />"; echo "<a href=\"install2.php\">Go back to installation step 2</a><br />";
echo "</body></html>"; echo "</body></html>";
exit; exit;
} }
//a fresh install should ONLY have DBVERSION defined in the config table. If there are others (SFIABDIRECTORY) then this is NOT fresh //a fresh install should ONLY have DBVERSION defined in the config table. If there are others (SFIABDIRECTORY) then this is NOT fresh
$q=mysql_query("SELECT * FROM config WHERE conferences_id='0' AND ( var='DBVERSION' OR var='SFIABDIRECTORY') "); $q=mysql_query("SELECT * FROM config WHERE conferences_id='0' AND ( var='DBVERSION' OR var='SFIABDIRECTORY') ");
//we might get an error if the config table does not exist (ie, installer step 2 failed) //we might get an error if the config table does not exist (ie, installer step 2 failed)
if(mysql_error()) { if(mysql_error()) {
//we say all tables, but really only we check for config where conferences_id=0; //we say all tables, but really only we check for config where conferences_id=0;
echo "<div class=\"error\">ERROR: No SFIAB tables detected, It seems like step 2 failed. Please go <a href=\"install2.php\">Back to Installation Step 2</a> and try again.</div>"; echo "<div class=\"error\">ERROR: No SFIAB tables detected, It seems like step 2 failed. Please go <a href=\"install2.php\">Back to Installation Step 2</a> and try again.</div>";
echo "</body></html>"; echo "</body></html>";
exit; exit;
} }
//1 is okay (DBVERSION). More than 1 is bad (already isntalled) //1 is okay (DBVERSION). More than 1 is bad (already isntalled)
if(mysql_num_rows($q)>1) { if(mysql_num_rows($q)>1) {
//we say all tables, but really only we check for config where conferences_id=0; //we say all tables, but really only we check for config where conferences_id=0;
echo "<div class=\"error\">ERROR: Detected existing table data, SFIAB Installation Step 3 requires a clean SFIAB database installation.</div>"; echo "<div class=\"error\">ERROR: Detected existing table data, SFIAB Installation Step 3 requires a clean SFIAB database installation.</div>";
echo "</body></html>"; echo "</body></html>";
exit; exit;
} }
echo "<b>Found!</b><br />"; echo "<b>Found!</b><br />";
if($_POST['action']=="save") { if($_POST['action']=="save") {
$err=false; $err=false;
if(!$_POST['email']) { if(!$_POST['email']) {
echo "Superuser email address is required"; echo "Superuser email address is required";
$err=true; $err=true;
} }
if(!( $_POST['pass1'] && $_POST['pass2'])) { if(!( $_POST['pass1'] && $_POST['pass2'])) {
echo "Superuser password and password confirmation are required"; echo "Superuser password and password confirmation are required";
$err=true; $err=true;
} }
if($_POST['pass1'] != $_POST['pass2']) { if($_POST['pass1'] != $_POST['pass2']) {
echo "Password and Password confirmation do not match"; echo "Password and Password confirmation do not match";
$err=true; $err=true;
} }
if(!$err) { if(!$err) {
echo "Creating configuration settings... "; echo "Creating configuration settings... ";
// mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FAIRYEAR','".$_POST['fairyear']."','Special','0','0')"); // mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FAIRYEAR','".$_POST['fairyear']."','Special','0','0')");
mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FISCALYEAR','".$_POST['fiscalyear']."','Special','0','0')"); mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('FISCALYEAR','".$_POST['fiscalyear']."','Special','0','0')");
mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('SFIABDIRECTORY','".$_POST['sfiabdirectory']."','Special','','0')"); mysql_query("INSERT INTO config (var,val,category,ord,conferences_id) VALUES ('SFIABDIRECTORY','".$_POST['sfiabdirectory']."','Special','','0')");
/* /*
$year = intval($_POST['fairyear']); $year = intval($_POST['fairyear']);
$config['FAIRYEAR']=$year; $config['FAIRYEAR']=$year;
*/ */
echo "Creating superuser account... "; echo "Creating superuser account... ";
$account = account_create($_POST['email'], $_POST['pass1']); // The next line returned $account = false instead of a query result when installing on windows server.
mysql_query("UPDATE accounts SET superuser = 'yes' WHERE id = " . $account['id']); // DES dspanogle 2011-02-05 so of course the UPDATE fails Failed on account load..
// the problem was in account_load - had SELECT parameter not in the account table.
echo "<b>Done!</b><br />"; // I did a temporary fix by removing pendingemail parameter from the SELECT .
echo "Installation is now complete! You can now proceed to the following location: <br />"; // ALSO... email was not set for the supper user not sure if it should be so I set = to username in the
echo "&nbsp; &nbsp; <a href=\"".$_POST['sfiabdirectory']."\">Your SFIAB main page</a><br />"; // database accounts entry for superuser.
echo "</body></html>"; $account = account_create($_POST['email'], $_POST['pass1']);
exit; mysql_query("UPDATE accounts SET superuser = 'yes' WHERE id = " . $account['id']);
}
echo "<b>Done!</b><br />";
} echo "Installation is now complete! You can now proceed to the following location: <br />";
echo "&nbsp; &nbsp; <a href=\"".$_POST['sfiabdirectory']."\">Your SFIAB main page</a><br />";
echo "<br />"; echo "</body></html>";
echo "Please enter the following options <br />"; exit;
echo "<br />"; }
$month=date("m"); }
if($month>6) $fiscalyearsuggest=date("Y")+1;
else $fiscalyearsuggest=date("Y"); echo "<br />";
echo "Please enter the following options <br />";
$directorysuggest=substr($_SERVER['REQUEST_URI'],0,-13); echo "<br />";
echo "<h3>Options</h3>";
echo "<form method=\"post\" action=\"install3.php\">"; $month=date("m");
echo "<input type=\"hidden\" name=\"action\" value=\"save\" />"; if($month>6) $fiscalyearsuggest=date("Y")+1;
else $fiscalyearsuggest=date("Y");
echo "<table>"; // DES dspanogle 2011-02-05 $_SERVER['REQUEST_URI'] is not available on many Windows servers
echo "<tr><td>Fiscal Year</td><td><input size=\"8\" type=\"text\" name=\"fiscalyear\" value=\"$fiscalyearsuggest\"></td><td>The current fiscal year (for fundraising/accounting purposes)</td></tr>"; //$directorysuggest = substr($_SERVER['REQUEST_URI'],0,-13);
echo "<tr><td>Directory</td><td><input size=\"25\" type=\"text\" name=\"sfiabdirectory\" value=\"$directorysuggest\"></td><td>The directory of this SFIAB installation as seen by the web browser</td></tr>"; $directorysuggest = substr(getenv("SCRIPT_NAME"),0,-13);
echo "<h3>Options</h3>";
echo "</table>"; echo "<form method=\"post\" action=\"install3.php\">";
echo "<br />"; echo "<input type=\"hidden\" name=\"action\" value=\"save\" />";
echo "<h3>Superuser Account</h3>";
echo "Please choose your superuser account which is required to login to SFIAB and configure the system, as well as to add other users. <br />"; echo "<table>";
echo "<table>"; echo "<tr><td>Fiscal Year</td><td><input size=\"8\" type=\"text\" name=\"fiscalyear\" value=\"$fiscalyearsuggest\"></td><td>The current fiscal year (for fundraising/accounting purposes)</td></tr>";
echo "<tr><td>Superuser Email Address</td><td><input size=\"40\" type=\"text\" name=\"email\"></td></tr>"; echo "<tr><td>Directory</td><td><input size=\"25\" type=\"text\" name=\"sfiabdirectory\" value=\"$directorysuggest\"></td><td>The directory of this SFIAB installation as seen by the web browser</td></tr>";
echo "<tr><td>Superuser Password</td><td><input size=\"15\" type=\"password\" name=\"pass1\"></td></tr>";
echo "<tr><td>Superuser Password (Confirm)</td><td><input size=\"15\" type=\"password\" name=\"pass2\"></td></tr>"; echo "</table>";
echo "</table>"; echo "<br />";
echo "<br />"; echo "<h3>Superuser Account</h3>";
echo "<input type=\"submit\" value=\"Complete Installation\">"; echo "Please choose your superuser account which is required to login to SFIAB and configure the system, as well as to add other users. <br />";
echo "</form>"; echo "<table>";
echo "<tr><td>Superuser Email Address</td><td><input size=\"40\" type=\"text\" name=\"email\"></td></tr>";
?> echo "<tr><td>Superuser Password</td><td><input size=\"15\" type=\"password\" name=\"pass1\"></td></tr>";
echo "<tr><td>Superuser Password (Confirm)</td><td><input size=\"15\" type=\"password\" name=\"pass2\"></td></tr>";
</body></html> echo "</table>";
echo "<br />";
echo "<input type=\"submit\" value=\"Complete Installation\">";
echo "</form>";
?>
</body></html>