/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc
Copyright (C) 2005-2010 James Grant
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
function i18n($str,$args=array(),$argsdesc=array(),$forcelang="") {
if(!$str)
return "";
if($forcelang) {
$savelang=$_SESSION['lang'];
$_SESSION['lang']=$forcelang;
}
if($_SESSION['lang']) {
if($_SESSION['lang']=="en") {
for($x=1;$x<=count($args);$x++) {
$str=str_replace("%$x",$args[$x-1],$str);
}
if($forcelang) $_SESSION['lang']=$savelang;
return $str;
}
else {
$q=mysql_query("SELECT * FROM translations WHERE lang='".$_SESSION['lang']."' AND strmd5='".md5($str)."'");
if($r=@mysql_fetch_object($q)) {
if($r->val) {
$ret=$r->val;
for($x=1;$x<=count($args);$x++) {
$ret=str_replace("%$x",$args[$x-1],$ret);
}
if($forcelang) $_SESSION['lang']=$savelang;
return $ret;
}
else {
for($x=1;$x<=count($args);$x++) {
$str=str_replace("%$x",$args[$x-1],$str);
}
if($forcelang) $_SESSION['lang']=$savelang;
return "{{".$str."}}";
}
}
else {
if(count($argsdesc)) {
$argsdescstring="";
$n=1;
foreach($argsdesc AS $ad) {
$argsdescstring.="%$n=$ad, ";
$n++;
}
$argsdescstring=substr($argsdescstring,0,-2);
$argsdescstring="'".mysql_escape_string($argsdescstring)."'";
}
else
$argsdescstring="null";
mysql_query("INSERT INTO translations (lang,strmd5,str,argsdesc) VALUES ('".$_SESSION['lang']."','".md5($str)."','".mysql_escape_string($str)."',$argsdescstring)");
for($x=1;$x<=count($args);$x++) {
$str=str_replace("%$x",$args[$x-1],$str);
}
if($forcelang) $_SESSION['lang']=$savelang;
return "{{".$str."}}";
}
}
}
else {
//no language set, assume english
if($forcelang) $_SESSION['lang']=$savelang;
return $str;
}
}
function error($str,$type="normal") {
if($type=="normal")
return "
";
}
function emit_province_selector($name,$selected="",$extra="") {
global $config;
$q=mysql_query("SELECT * FROM provinces WHERE countries_code='".mysql_escape_string($config['country'])."' ORDER BY province");
if(mysql_num_rows($q)==1) {
$r=mysql_fetch_object($q);
echo "";
echo i18n($r->province);
}
else {
echo "\n";
}
}
function outputStatus($status) {
$ret="";
switch($status) {
case 'incomplete':
$ret.="
";
$ret.= i18n("Incomplete");
$ret.= "
";
break;
case 'complete':
$ret.= "
";
$ret.= i18n("Complete");
$ret.= "
";
break;
case 'empty':
$ret.="
";
$ret.= i18n("Empty");
$ret.= "
";
break;
default:
$ret.=i18n("Unknown");
break;
}
return $ret;
}
//returns true if its a valid email address, false if its not
function isEmailAddress($str) {
if(preg_match('/^[+a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})$/', $str))
return true;
else
return false;
}
function communication_get_user_replacements(&$u) {
global $config;
$rep = array('FAIRNAME' => $config['fairname'],
'NAME' => $u['name'],
'EMAIL' => $u['email'],
'PASSWORD' => $u['password'],
'SALUTATION' => $u['salutation'],
'FIRSTNAME' => $u['firstname'],
'LASTNAME' => $u['lastname'],
'ORGANIZATION' => $u['sponsor']['organization'],
);
return $rep;
}
function communication_replace_vars($text, &$u, $otherrep=array()) {
global $config;
if($u) {
$userrep=communication_get_user_replacements($u);
}
else {
$userrep=array();
}
$rep=array_merge($userrep,$otherrep);
foreach($rep AS $k=>$v) {
$text=ereg_replace("\[$k\]",$v,$text);
}
return $text;
}
function email_send($val,$to,$sub_subject=array(),$sub_body=array()) {
global $config;
/* Standard substitutions that are constant no matter who
* the $to is */
$urlproto = $_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://";
$urlmain = "$urlproto{$_SERVER['HTTP_HOST']}{$config['SFIABDIRECTORY']}";
$urllogin = "$urlmain/login.php";
$stdsub = array("FAIRNAME"=>i18n($config['fairname']),
"URLMAIN"=>$urlmain,
"URLLOGIN"=>$urllogin,
);
/* Add standard subs to existing sub arrays */
$sub_subject = array_merge($sub_subject, $stdsub);
$sub_body = array_merge($sub_body, $stdsub);
//if our "to" doesnt look like a valid email, then forget about sending it.
if(!isEmailAddress($to))
return false;
$q=mysql_query("SELECT * FROM emails WHERE val='$val'");
if($r=mysql_fetch_object($q)) {
$subject=i18n($r->subject);
$body=i18n($r->body);
/* Eventually we should just do this with communication_replace_vars() */
if(count($sub_subject)) {
foreach($sub_subject AS $sub_k=>$sub_v) {
$subject=ereg_replace("\[$sub_k\]","$sub_v",$subject);
}
}
if(count($sub_body)) {
foreach($sub_body AS $sub_k=>$sub_v) {
$body=ereg_replace("\[$sub_k\]","$sub_v",$body);
}
}
if($r->from)
$fr=$r->from;
else if ($config['fairmanageremail'])
$fr=$config['fairmanageremail'];
else
$fr="";
//only send the email if we have a from
if($fr) {
//send using RMail
email_send_new($to,$fr,$subject,$body);
}
else
echo error(i18n("CRITICAL ERROR: email '%1' does not have a 'From' and the Fair Manager Email is not configured",array($val),array("email key name")));
}
else {
echo error(i18n("CRITICAL ERROR: email '%1' not found",array($val),array("email key name")));
}
}
require_once("Rmail/Rmail.php");
require_once("Rmail/RFC822.php");
//this sends out an all-ready-to-go email, it does no substitution or changes or database lookups or anything
function email_send_new($to,$from,$subject,$body,$bodyhtml="") {
$mail=new RMail();
$mail->setHeadCharset("UTF-8");
$mail->setTextCharset("UTF-8");
$mail->setHTMLCharset("UTF-8");
$mail->setFrom($from);
$mail->setSubject($subject);
$mail->setText($body);
$r=new Mail_RFC822($from);
$structure = $r->parseAddressList($from);
$s=$structure[0];
$ret=sprintf("%s@%s",$s->mailbox,$s->host);
$mail->setReturnPath($ret);
$mail->setHeader("Bounce-To",$ret);
//only add the html if we have it
if($bodyhtml) {
$mail->setHTML($bodyhtml);
}
if(is_array($to)) {
return $mail->send($to);
} else {
return $mail->send(array($to));
}
}
/*
returns an array of arrays
[ 0 ] = array ( to, firstname, lastname, email )
[ 1 ] = array ( to, firstname, lastname, email )
...etc
*/
function getEmailRecipientsForRegistration($reg_id)
{
global $config;
//okay first grab the registration record, to see if we should email the kids, the teacher, and/or the parents
$q=mysql_query("SELECT * FROM registrations WHERE id='$reg_id' AND year='{$config['FAIRYEAR']}'");
$registration=mysql_fetch_object($q);
if($registration->emailcontact && isEmailAddress($registration->emailcontact)) {
$ret[]=array("to"=>$registration->emailcontact,
"firstname"=>"",
"lastname"=>"",
"email"=>$registration->emailcontact,
);
}
$sq=mysql_query("SELECT * FROM students WHERE registrations_id='$reg_id' AND year='{$config['FAIRYEAR']}'");
$ret=array();
while($sr=mysql_fetch_object($sq)) {
if($sr->email && isEmailAddress($sr->email)) {
if($sr->firstname && $sr->lastname)
$to=$sr->firstname." ".$sr->lastname." <".$sr->email.">";
else if($sr->firstname)
$to=$sr->firstname." <".$sr->email.">";
else if($sr->lastname)
$to=$sr->lastname." <".$sr->email.">";
else
$to=$sr->email;
$ret[]=array("to"=>$to,
"firstname"=>$sr->firstname,
"lastname"=>$sr->lastname,
"email"=>$sr->email,
);
}
}
return $ret;
}
function output_page_text($textname) {
global $config;
$q=mysql_query("SELECT * FROM pagetext WHERE textname='$textname' AND year='".$config['FAIRYEAR']."' AND lang='".$_SESSION['lang']."'");
if(mysql_num_rows($q))
$r=mysql_fetch_object($q);
else {
//not defined, lets grab the default text
$q=mysql_query("SELECT * FROM pagetext WHERE textname='$textname' AND year='-1' AND lang='".$config['default_language']."'");
$r=mysql_fetch_object($q);
}
//if it looks like we have HTML content, dont do a nl2br, if there's no html, then do the nl2br
if(strlen($r->text)==strlen(strip_tags($r->text)))
echo nl2br($r->text);
else
echo $r->text;
}
function output_page_cms($filename) {
global $config;
$q=mysql_query("SELECT * FROM cms WHERE filename='".mysql_escape_string($filename)."' AND lang='".$_SESSION['lang']."' ORDER BY dt DESC LIMIT 1");
if(mysql_num_rows($q)) {
$r=mysql_fetch_object($q);
send_header($r->title,null,null,true);
if(file_exists("data/logo-200.gif") && $r->showlogo==1)
echo "";
//if it looks like we have HTML content, dont do a nl2br, if there's no html, then do the nl2br
if(strlen($r->text)==strlen(strip_tags($r->text)))
echo nl2br($r->text);
else
echo $r->text;
}
else {
send_header("Error: File not found");
echo error(i18n("The file you have requested (%1), does not exist on the server.",array($filename)));
return;
//not defined, lets grab the default text
}
send_footer();
}
function generatePassword($pwlen=8) {
//these are good characters that are not easily confused with other characters :)
$available="ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz23456789";
$len=strlen($available) - 1;
$key="";
for($x=0;$x<$pwlen;$x++)
$key.=$available{rand(0,$len)};
return $key;
}
//config specific warning
function config_warnings() {
}
//admin specific warnings
function admin_warnings() {
}
//warnings to show to both config and/or admin people
function committee_warnings() {
global $config;
//it is vital that each year the system be rolled over before we start it again
//we should do this, say, 4 months after the FAIRDATE, so its soon enough that they should see
//the message as soon as they login to start preparing for hte new year, but not too late to do it
//properly :)
$q=mysql_query("SELECT DATE_ADD('".$config['dates']['fairdate']."', INTERVAL 4 MONTH) < NOW() AS rollovercheck");
$r=mysql_fetch_object($q);
if($r->rollovercheck) {
echo error(i18n("It has been more than 4 months since your fair. In order to prepare the system for the next year's fair, you should go to the SFIAB Configuration page, and click on 'Rollover Fair Year'. Do not start updating the system with new information until the year has been properly rolled over."));
}
$warn = false;
$q = mysql_query("SELECT * FROM award_prizes WHERE `external_identifier` IS NOT NULL
AND external_identifier=prize");
if(mysql_num_rows($q) > 0) {
/* The bug was that the external_identifier was set to the prize name.. so only display the warning
* if we find that case for a non-sfiab external fair */
while(($p = mysql_fetch_assoc($q) )) {
$qq = mysql_query("SELECT * FROM award_awards
LEFT JOIN fairs ON fairs.id=award_awards.award_source_fairs_id
WHERE award_awards.id='{$p['award_awards_id']}'
AND year='{$config['FAIRYEAR']}'
AND award_awards.award_source_fairs_id IS NOT NULL
AND fairs.type='ysc' ");
echo mysql_error();
if(mysql_num_rows($qq) > 0) {
$warn = true;
break;
}
}
}
if($warn) {
//let everyone know about the need to re-download awards before being able to upload
echo notice(i18n("March 30, 2010 - There was a minor issue with uploading award results that has now been corrected, however, you will need to re-download your awards from all external sources, before you will be able to upload the award winners back to those external sources. Re-downloading the awards will not affect the awards in any visible way, it will just allow the winners to be uploaded properly. Click on Fair Administration -> Awards Management -> Download awards from external sources -> and click 'check' for each award source"));
}
}
function theme_icon($icon, $width=0) {
global $theme_icons, $config;
$w = ($width == 0) ? '' : "width=\"$width\"" ;
if($theme_icons['icons'][$icon])
return "";
return "";
}
//$d can be a unix timestamp integer, OR a text string, eg 2008-01-22
function format_date($d) {
global $config;
if(is_numeric($d))
return date($config['dateformat'],$d);
else
return date($config['dateformat'],strtotime($d));
}
//$t can be a unix timestamp integer, or a text string, eg 10:23:48
function format_time($t) {
global $config;
if(is_numeric($t))
return date($config['timeformat'],$t);
else
return date($config['timeformat'],strtotime($t));
}
//$dt can be a unix timestamp integer, or a text string, eg 2008-01-22 10:23:48
function format_datetime($dt) {
if(is_numeric($dt)) {
return format_date($dt)." ".i18n("at")." ".format_time($dt);
}
else {
list($d,$t)=explode(" ",$dt);
return format_date($d)." ".i18n("at")." ".format_time($t);
}
}
function format_money($n,$decimals=true) {
if($n<0){
$neg=true;
$n=$n*-1;
}
//get the part before the decimal
$before=floor($n);
$out="";
//space it out in blocks of three
for($x=strlen($before);$x>3;$x-=3) {
$out=substr($before,$x-3,3)." ".$out;
}
if($x>0)
$out=substr($before,0,$x)." ".$out;
//trim any leading/trailing space that was added
$out=trim($out);
if($neg) $negdisp="-"; else $negdisp="";
if($decimals) {
//get everything after the decimal place, and %02f it.
$after=substr(strstr(sprintf("%.02f",$n),"."),1);
//finally display it with the right language localization
if($_SESSION['lang']=="fr")
return sprintf("%s%s,%s \$",$negdisp,$out,$after);
else
return sprintf("%s\$%s.%s",$negdisp,$out,$after);
}
else {
if($_SESSION['lang']=="fr")
return sprintf("%s%s \$",$negdisp,$out);
else
return sprintf("%s\$%s",$negdisp,$out);
}
}
function message_push($m) {
if(!is_array($_SESSION['messages'])) $_SESSION['messages'] = array();
$_SESSION['messages'][] = $m;
}
function notice_($str, $i18n_array=array(), $timeout=-1, $type='notice') {
if($timeout == -1) $timeout = 5000;
echo "";
}
function happy_($str, $i18n_array=array(), $timeout=-1) {
notice_($str, $i18n_array, $timeout, 'happy');
}
function error_($str, $i18n_array=array(), $timeout=-1) {
notice_($str, $i18n_array, $timeout, 'error');
}
function debug_($str) {
if($_SESSION['debug'] != true) return;
$s = str_replace("\n", "", nl2br(htmlspecialchars($str))).' ';
echo "";
}
//this function returns a HTML colour code ranging between red and green, with yellow in the middle based on the percent passed into it
function colour_to_percent($percent) {
//0 is red
//50 is yellow
//100 is green
if($percent<=50) $red=255;
else $red=(100-$percent)*2/100*255;;
if($percent>50) $green=255;
else $green=($percent)*2/100*255;;
// echo "red=$red";
// echo "green=$green";
$str="#".sprintf("%02s",dechex($red)).sprintf("%02s",dechex($green))."00";
return $str;
}
function format_duration($seconds, $granularity = 2) {
$units = array(
'1 year|:count years' => 31536000,
'1 week|:count weeks' => 604800,
'1 day|:count days' => 86400,
'1 hour|:count hours' => 3600,
'1 min|:count min' => 60,
'1 sec|:count sec' => 1);
$output = '';
// $output.=time()." - ".$timestamp." = ".$seconds;
foreach ($units as $key => $value) {
$key = explode('|', $key);
if ($seconds >= $value) {
$count = floor($seconds / $value);
$output .= ($output ? ' ' : '');
$output .= ($count == 1) ? $key[0] : str_replace(':count', $count, $key[1]);
$seconds %= $value;
$granularity--;
}
if ($granularity == 0) {
break;
}
}
return $output ? $output : '0 sec';
}
function getTextFromHtml($html) {
//first, replace an
with
$text=str_replace(""," ",$html);
//next, replace a with
$text=str_replace(""," ",$html);
//now replace any with newlines
$text=eregi_replace(' ',chr(13).chr(10),$text);
//and strip the rest of the tags
$text=strip_tags($text);
//a few common html entities
//replace & with & first, so multiply-encoded entities will decode (like " ")
$text=str_replace("&","&",$text);
$text=str_replace(" "," ",$text);
$text=str_replace(" "," ",$text);
$text=str_replace("<","<",$text);
$text=str_replace(">",">",$text);
//text version should always wrap at 75 chars, some mail severs wont accept
//mail with very long lines
$text=wordwrap($text,75,"\n",true);
return $text;
}
function getUserForSponsor($sponsor_id) {
// loop through each contact and draw a form with their data in it.
$q = mysql_query("SELECT *,MAX(year) FROM users LEFT JOIN users_sponsor ON users_sponsor.users_id=users.id
WHERE
sponsors_id='" . $sponsor_id . "'
AND types LIKE '%sponsor%'
GROUP BY uid
HAVING deleted='no'
ORDER BY users_sponsor.primary DESC,lastname,firstname
LIMIT 1
");
$r=mysql_fetch_object($q);
return user_load_by_uid($r->uid);
}
function projectdivisions_load($conferences_id = false) {
global $conference;
if($conferences_id == false) $conferences_id = $conference['id'];
$divs = array();
$q = mysql_query("SELECT * FROM projectdivisions WHERE conferences_id='$conferences_id'");
while(($d = mysql_fetch_assoc($q))) $divs[$d['id']] = $d;
return $divs;
}
function projectsubdivisions_load($conferences_id = false) {
global $conference;
if($conferences_id == false) $conferences_id = $conference['id'];
$subdivs = array();
$q = mysql_query("SELECT * FROM projectsubdivisions WHERE conferences_id='$conferences_id'");
while(($d = mysql_fetch_assoc($q))) $subdivs[$d['id']] = $d;
return $subdivs;
}
function projectcategories_load($conferences_id = false) {
global $conference;
if($conferences_id == false) $conferences_id = $conference['id'];
$cats = array();
$q = mysql_query("SELECT * FROM projectcategories WHERE conferences_id='$conferences_id'");
while(($c = mysql_fetch_assoc($q))) $cats[$c['id']] = $d;
return $cats;
}