science-ation/common.inc.php

811 lines
20 KiB
PHP

<?
/*
This file is part of the 'Science Fair In A Box' project
SFIAB Website: http://www.sfiab.ca
Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
Copyright (C) 2005 James Grant <james@lightbox.org>
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public
License as published by the Free Software Foundation, version 2.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; see the file COPYING. If not, write to
the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
Boston, MA 02111-1307, USA.
*/
?>
<?
define('REQUIREDFIELD','<span class="requiredfield">*</span>');
//figure out the directory to prepend to directoroy names, depending on if we are in a subdirectory or not
if(substr(getcwd(),-6)=="/admin")
$prependdir="../";
else if(substr(getcwd(),-7)=="/config")
$prependdir="../";
else if(substr(getcwd(),-3)=="/db")
$prependdir="../";
else if(substr(getcwd(),-8)=="/scripts")
$prependdir="../";
else
$prependdir="";
$sfiabversion=@file($prependdir."version.txt");
$config['version']=trim($sfiabversion[0]);
//make sure the data subdirectory is writable, if its not, then we're screwed, so make sure it is!
if(!is_writable($prependdir."data"))
{
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "data/ subdirectory is not writable by the web server";
echo "<br>";
echo "<h2>Details</h2>";
echo "The data/ subdirectory is used to store files uploaded through the SFIAB software. The web server must have write access to this directory in order to function properly. Please contact your system administrator (if you are the system administrator, chown/chmod the data directory appropriately).";
echo "<br>";
echo "</body></html>";
exit;
}
if(file_exists($prependdir."data/config.inc.php"))
{
require_once($prependdir."data/config.inc.php");
}
else
{
echo "<html><head><title>SFIAB</title></head><body>";
echo "<h1>Science Fair In A Box - Installation</h1>";
echo "It looks like this is a new installation of SFIAB, and the database has not yet been configured. Please choose from the following options: <br />";
echo "<br />";
echo "<a href=\"install.php\">Proceed with Fresh SFIAB Installation</a>";
echo "<br />";
echo "</body></html>";
exit;
}
if(!mysql_connect($DBHOST,$DBUSER,$DBPASS))
{
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "Cannot connect to database!";
echo "</body></html>";
exit;
}
if(!mysql_select_db($DBNAME))
{
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "Cannot select database!";
echo "</body></html>";
exit;
}
//find out the fair year and any other 'year=0' configuration parameters (things that dont change as the years go on)
$q=@mysql_query("SELECT * FROM config WHERE year='0'");
//we might get an error if installation step 2 is not done (ie, the config table doesnt even exist)
if(mysql_error())
{
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
echo "<br>";
echo "</body></html>";
exit;
}
//if we have 0 (<1) then install2 is not done, which would get caught above,
//if we have 1 (<2) then insatll3 is not done (no entries for FAIRYEAR and SFIABDIRECTORY)
if(mysql_num_rows($q)<2)
{
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install3.php\">Installer Step 3</a> to complete the installation process";
echo "<br>";
echo "</body></html>";
exit;
}
else
{
while($r=mysql_fetch_object($q))
{
$config[$r->var]=$r->val;
}
}
$dbdbversion=$config['DBVERSION'];
$dbcodeversion=@file($prependdir."db/db.code.version.txt");
$dbcodeversion=trim($dbcodeversion[0]);
if(!$dbdbversion)
{
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB installation is not complete. Please go to <A href=\"install2.php\">Installer Step 2</a> to complete the installation process";
echo "<br>";
echo "</body></html>";
exit;
}
if($dbcodeversion!=$dbdbversion)
{
echo "<html><head><title>SFIAB ERROR</title></head><body>";
echo "<h1>Science Fair In A Box - ERROR</h1>";
echo "SFIAB database and code are mismatched";
echo "<br>";
echo "Please run the db_update.php script in order to update";
echo "<br>";
echo "your database to the same version as the code";
echo "<br>";
echo "<br>";
echo "<br>";
echo "<h2>Details</h2>";
echo "Current SFIAB codebase requires DB version: ".$dbcodeversion;
echo "<br>";
echo "Current SFIAB database is detected as version: ".$dbdbversion;
echo "<br>";
echo "</body></html>";
exit;
}
//now pull the rest of the configuration
$q=mysql_query("SELECT * FROM config WHERE year='".$config['FAIRYEAR']."'");
while($r=mysql_fetch_object($q))
{
$config[$r->var]=$r->val;
}
//now pull the dates
$q=mysql_query("SELECT * FROM dates WHERE year='".$config['FAIRYEAR']."'");
while($r=mysql_fetch_object($q))
{
$config['dates'][$r->name]=$r->date;
}
require_once("committee_auth.php");
session_set_cookie_params(0,$config['SFIABDIRECTORY']);
session_start();
//detect the browser first, so we know what icons to use - we store this in the config array as well
//even though its not configurable by the fair
if(stristr($_SERVER['HTTP_USER_AGENT'],"MSIE"))
$config['icon_extension']="gif";
else
$config['icon_extension']="png";
//now get the languages, and make sure we have at least one active language
$q=mysql_query("SELECT * FROM languages WHERE active='Y' ORDER BY langname");
if(mysql_num_rows($q)==0)
{
echo "No active languages defined, defaulting to English";
$config['languages']['en']="English";
}
else
{
while($r=mysql_fetch_object($q))
{
$config['languages'][$r->lang]=$r->langname;
}
}
//now if no language has been set yet, lets set it to the default language
if(!$_SESSION['lang'])
{
//first try the default language, if that doesnt work, use "en"
if($config['default_language'])
$_SESSION['lang']=$config['default_language'];
else
$_SESSION['lang']="en";
}
//if the user has switched languages, go ahead and switch the session variable
if($_GET['switchlanguage'])
{
//first, make sure its a valid language:
if($config['languages'][$_GET['switchlanguage']])
{
$_SESSION['lang']=$_GET['switchlanguage'];
}
else
{
//invalid language, dont do anything
}
}
function i18n($str,$args=array(),$argsdesc=array())
{
if(!$str)
return "";
if($_SESSION['lang'])
{
if($_SESSION['lang']=="en")
{
for($x=1;$x<=count($args);$x++)
{
$str=str_replace("%$x",$args[$x-1],$str);
}
return $str;
}
else
{
$q=mysql_query("SELECT * FROM translations WHERE lang='".$_SESSION['lang']."' AND strmd5='".md5($str)."'");
if($r=@mysql_fetch_object($q))
{
if($r->val)
{
$ret=$r->val;
for($x=1;$x<=count($args);$x++)
{
$ret=str_replace("%$x",$args[$x-1],$ret);
}
return $ret;
}
else
{
for($x=1;$x<=count($args);$x++)
{
$str=str_replace("%$x",$args[$x-1],$str);
}
return "{{".$str."}}";
}
}
else
{
if(count($argsdesc))
{
$argsdescstring="";
$n=1;
foreach($argsdesc AS $ad)
{
$argsdescstring.="%$n=$ad, ";
$n++;
}
$argsdescstring=substr($argsdescstring,0,-2);
$argsdescstring="'".mysql_escape_string($argsdescstring)."'";
}
else
$argsdescstring="null";
mysql_query("INSERT INTO translations (lang,strmd5,str,argsdesc) VALUES ('".$_SESSION['lang']."','".md5($str)."','".mysql_escape_string($str)."',$argsdescstring)");
for($x=1;$x<=count($args);$x++)
{
$str=str_replace("%$x",$args[$x-1],$str);
}
return "{{".$str."}}";
}
}
}
else
{
//no language set, assume english
return $str;
}
}
function error($str,$type="normal")
{
if($type=="normal")
return "<div class=\"error\">$str</div><br />";
else if($type=="inline")
return "<span class=\"error\">$str</span><br />";
}
function notice($str,$type="normal")
{
if($type=="normal")
return "<div class=\"notice\">$str</div><br />";
else if($type=="inline")
return "<span class=\"notice\">$str</span><br />";
}
function happy($str,$type="normal")
{
if($type=="normal")
return "<div class=\"happy\">$str</div><br />";
else if($type=="inline")
return "<span class=\"happy\">$str</span><br />";
}
$HEADER_SENT=false;
function send_header($title="")
{
global $HEADER_SENT;
global $config;
//do this so we can use send_header() a little more loosly and not worry about it being sent more than once.
if($HEADER_SENT) return;
else $HEADER_SENT=true;
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title><?=i18n($title)?></title>
<link rel="stylesheet" href="<?=$config['SFIABDIRECTORY']?>/sfiab.css" type="text/css" />
</head>
<body>
<script language="javascript" type="text/javascript">
<!--
//useful function that we'll be using throughout
function confirmClick(msg)
{
var okay=confirm(msg);
if(okay)
return true;
else
return false;
}
function el(str,domain,name)
{
document.write('<a href="ma'+'il'+'to:' + str + '@' + domain + '">' + name + '</a>');
}
function em(str,domain)
{
document.write('<a href="ma'+'il'+'to:' + str + '@' + domain + '">' + str + '@' + domain + '</a>');
}
var anyFieldHasBeenChanged=false;
function fieldChanged()
{
anyFieldHasBeenChanged=true;
}
function confirmChanges()
{
if(anyFieldHasBeenChanged)
{
var okay=confirm('<?=i18n("You have unsaved changes. Click \"Cancel\" to return so you can save your changes, or press \"OK\" to discard your changes and continue")?>');
if(okay)
return true;
else
return false;
}
else
return true;
}
-->
</script>
<div id="header">
<?
if(file_exists($prependdir."data/logo-100.gif"))
echo "<img align=\"left\" height=\"50\" src=\"".$config['SFIABDIRECTORY']."/data/logo-100.gif\">";
echo "<h1>".i18n($config['fairname'])."</h1>";
?>
<hr />
</div>
<table cellpadding="5" width="100%">
<tr><td width="175">
<div id="left">
<ul class="mainnav">
<li><a href="<?=$config['SFIABDIRECTORY']?>/index.php"><?=i18n("Home Page")?></a></li><li><a href="<?=$config['SFIABDIRECTORY']?>/important_dates.php"><?=i18n("Important Dates")?></a></li><li><a href="<?=$config['SFIABDIRECTORY']?>/register_participants.php"><?=i18n("Participant Registration")?></a></li><li><a href="<?=$config['SFIABDIRECTORY']?>/register_judges.php"><?=i18n("Judges Registration")?></a></li><li><a href="<?=$config['SFIABDIRECTORY']?>/committees.php"><?=i18n("Committee")?></a></li><li><a href="<?=$config['SFIABDIRECTORY']?>/winners.php"><?=i18n("Winners")?></a></li></ul>
<br />
<ul class="mainnav">
<?
if(auth_has_access("admin") || auth_has_access("config") || auth_has_access("super"))
{
if(auth_has_access("admin")){ ?>
<li><a href="<?=$config['SFIABDIRECTORY']?>/admin/"><?=i18n("Fair Administration")?></a></li>
<? }
if(auth_has_access("config")){ ?>
<li><a href="<?=$config['SFIABDIRECTORY']?>/config/"><?=i18n("SFIAB Configuration")?></a></li>
<? }
?><li><a href="<?=$config['SFIABDIRECTORY']?>/committee_login.php?action=logout"><?=i18n("Committee Logout")?></a></li><?
}
else
{
?><li><a href="<?=$config['SFIABDIRECTORY']?>/committee_login.php"><?=i18n("Committee Login")?></a></li><?
}
?></ul>
<br />
<ul class="mainnav">
<?
if($_SESSION['schoolid'] && $_SESSION['schoolaccesscode'])
{
?>
<li><a href="<?=$config['SFIABDIRECTORY']?>/schoolaccess.php?action=logout"><?=i18n("School Logout")?></a></li><?
}
else
{
?>
<li><a href="<?=$config['SFIABDIRECTORY']?>/schoolaccess.php"><?=i18n("School Login")?></a></li><?
}
?></ul>
<div class="aligncenter">
<?
if(count($config['languages'])>1)
{
echo "<br />";
echo "<form name=\"languageselect\" method=\"get\" action=\"".$_SERVER['PHP_SELF']."\">";
echo "<select name=\"switchlanguage\" onchange=\"document.forms.languageselect.submit()\">\n";
foreach($config['languages'] AS $key=>$val)
{
if($_SESSION['lang']==$key) $selected="selected=\"selected\""; else $selected="";
echo "<option $selected value=\"$key\">$val</option>";
}
echo "</select>";
echo "</form>";
}
?>
<a href="http://www.sfiab.ca/"><?=i18n("Return to SFIAB Development Page")?></a>
<br />
</div>
</div>
</td><td>
<div id="main">
<?
if($title)
echo "<h2>".i18n($title)."</h2>";
}
function send_footer()
{
global $config;
?>
</td></tr></table>
</div>
<div id="footer">
<?
//we only show the debug session variables if we have an ODD numbered version.
$lastdigit=$config['version'][strlen($config['version'])-1];
if($lastdigit%2!=0)
{
echo "DEBUG:";
print_r($_SESSION);
}
echo "SFIAB Version ".$config['version'];
?>
</div>
</body>
</html>
<?
}
function send_popup_header($title="")
{
global $HEADER_SENT;
global $config;
//do this so we can use send_header() a little more loosly and not worry about it being sent more than once.
if($HEADER_SENT) return;
else $HEADER_SENT=true;
echo "<?xml version=\"1.0\" encoding=\"iso-8859-1\" ?>\n";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" >
<head><title><?=i18n($title)?></title>
<link rel="stylesheet" href="<?=$config['SFIABDIRECTORY']?>/sfiab.css" type="text/css" />
</head>
<body onload="window.focus()">
<?
if($title)
echo "<h2>".i18n($title)."</h2>";
}
function send_popup_footer()
{
?>
<br />
<br />
<div id="footer">
<?
global $config;
$lastdigit=$config['version'][strlen($config['version'])-1];
if($lastdigit%2!=0)
{
echo "DEBUG:";
print_r($_SESSION);
}
echo "SFIAB Version ".$config['version'];
?>
</div>
</body>
</html>
<?
}
function emit_month_selector($name,$selected="")
{
echo "<select name=\"$name\">\n";
$months=array("","Jan","Feb","Mar","Apr","May","Jun","Jul","Aug","Sep","Oct","Nov","Dec");
echo "<option value=\"\">".i18n("Month")."</option>\n";
for($x=1;$x<=12;$x++)
{
if($x==$selected)
$s="selected=\"selected\"";
else
$s="";
echo "<option $s value=\"$x\">".$months[$x]."</option>\n";
}
echo "</select>\n";
}
function emit_day_selector($name,$selected="")
{
echo "<select name=\"$name\">\n";
echo "<option value=\"\">".i18n("Day")."</option>\n";
for($x=1;$x<=31;$x++)
echo "<option value=\"".($x<10?"0":"")."$x\" ".($selected==$x?"selected=\"selected\"":"").">$x</option>\n";
echo "</select>\n";
}
function emit_year_selector($name,$selected="",$min=0,$max=0)
{
$curyear=date("Y");
echo "<select name=\"$name\">\n";
echo "<option value=\"\">".i18n("Year")."</option>\n";
if($min&&$max)
{
for($x=$min;$x<=$max;$x++)
echo "<option value=\"$x\" ".($selected==$x?"selected=\"selected\"":"").">$x</option>\n";
}
else
{
//if we arent given a min and max, lets show current year + 5
for($x=$curyear;$x<$curyear+5;$x++)
echo "<option value=\"$x\" ".($selected==$x?"selected=\"selected\"":"").">$x</option>\n";
}
echo "</select>\n";
}
function emit_date_selector($name,$selected="")
{
if($selected)
{
list($year,$month,$day)=split("-",$selected);
}
echo "<table cellpadding=0>";
echo "<tr><td>";
emit_year_selector($name."_year",$year);
echo "</td><td>";
emit_month_selector($name."_month",$month);
echo "</td><td>";
emit_day_selector($name."_day",$day);
echo "</td></tr>";
echo "</table>";
}
function emit_hour_selector($name,$selected="")
{
if($selected!="") $selected=(int)$selected;
echo "<select name=\"$name\">\n";
echo "<option value=\"\">HH</option>\n";
for($x=0;$x<=23;$x++)
{
if($x===$selected)
$sel="selected";
else
$sel="";
echo "<option value=\"$x\" $sel>".sprintf("%02d",$x)."</option>\n";
}
echo "</select>\n";
}
function emit_minute_selector($name,$selected="")
{
$mins=array("00","05","10","15","20","25","30","35","40","45","50","55");
echo "<select name=\"$name\">\n";
echo "<option value=\"\">MM</option>\n";
for($x=0;$x<count($mins);$x++)
echo "<option value=\"".$mins[$x]."\" ".($selected==$mins[$x]?"selected":"").">$mins[$x]</option>\n";
echo "</select>\n";
}
function emit_time_selector($name,$selected="")
{
if($selected)
{
list($hour,$minute,$second)=split(":",$selected);
}
echo "<table cellpadding=0>";
echo "<tr><td>";
emit_hour_selector($name."_hour",$hour);
echo "</td><td>";
emit_minute_selector($name."_minute",$minute);
echo "</td></tr>";
echo "</table>";
}
function emit_province_selector($name,$selected="",$extra="")
{
$q=mysql_query("SELECT * FROM provinces ORDER BY province");
if(mysql_num_rows($q)==1)
{
$r=mysql_fetch_object($q);
echo "<input type=\"hidden\" name=\"$name\" value=\"$r-code\">";
echo i18n($r->province);
}
else
{
echo "<select name=\"$name\" $extra>\n";
echo "<option value=\"\">".i18n("Select a Province")."</option>\n";
while($r=mysql_fetch_object($q))
{
if($r->code == $selected) $sel="selected=\"selected\""; else $sel="";
echo "<option $sel value=\"$r->code\">".i18n($r->province);
echo "</option>\n";
}
echo "</select>\n";
}
}
function outputStatus($status)
{
$ret="";
switch($status)
{
case 'incomplete':
$ret.="<div class=\"incomplete\">";
$ret.= i18n("Incomplete");
$ret.= "</div>";
break;
case 'complete':
$ret.= "<div class=\"complete\">";
$ret.= i18n("Complete");
$ret.= "</div>";
break;
case 'empty':
$ret.="<div class=\"incomplete\">";
$ret.= i18n("Empty");
$ret.= "</div>";
break;
default:
$ret.=i18n("Unknown");
break;
}
return $ret;
}
function email_send($val,$to,$sub_subject=array(),$sub_body=array())
{
//if our "to" doesnt look like a valid email, then forget about sending it.
if(!eregi('[a-zA-Z0-9._-]+@[a-zA-Z0-9._-]+\.([a-zA-Z]{2,4})', $to))
return;
$q=mysql_query("SELECT * FROM emails WHERE val='$val'");
if($r=mysql_fetch_object($q))
{
$subject=i18n($r->subject);
$body=i18n($r->body);
if(count($sub_subject))
{
foreach($sub_subject AS $sub_k=>$sub_v)
{
$subject=ereg_replace("\[$sub_k\]","$sub_v",$subject);
}
}
if(count($sub_body))
{
foreach($sub_body AS $sub_k=>$sub_v)
{
$body=ereg_replace("\[$sub_k\]","$sub_v",$body);
}
}
//now word-wrap the body to 79 chars
//hmm forget the wordwrap for now, its not really needed, but could be done later if need be.
//i'll leave in the start of the function, but its not nearly complete
/*
$MAXCHARS=79;
$c=0;
$lastspace=0;
for($x=0;$x<strlen($body);$x++)
{
if($body[$x]==" ")
$lastspace=$x;
$c++;
if($c>$MAXCHARS)
{
}
}
*/
mail($to,$subject,$body,"From: $r->from\r\nReply-To: $r->from\r\nReturn-Path: $r->from");
}
else
{
echo error(i18n("CRITICAL ERROR: email '%1' not found",array($val),array("email address")));
}
}
function output_page_text($textname)
{
global $config;
$q=mysql_query("SELECT * FROM pagetext WHERE textname='$textname' AND year='".$config['FAIRYEAR']."'");
if(mysql_num_rows($q))
$r=mysql_fetch_object($q);
else
{
//not defined, lets grab the default text
$q=mysql_query("SELECT * FROM pagetext WHERE textname='$textname' AND year='-1'");
$r=mysql_fetch_object($q);
}
//if it looks like we have HTML content, dont do a nl2br, if there's no html, then do the nl2br
if(strlen($r->text)==strlen(strip_tags($r->text)))
echo nl2br(i18n($r->text));
else
echo i18n($r->text);
}
function generatePassword()
{
//these are good characters that are not easily confused with other characters :)
$available="ABCDEFGHJKLMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz23456789";
$len=strlen($available);
$key="";
for($x=0;$x<8;$x++)
{
$key.=$available[rand(0,$len)];
}
return $key;
}
?>