$title

diff -u -r -N karmapools.orig/account.php karmapools/account.php --- karmapools.orig/account.php 2004-09-11 15:14:12.000000000 -0500 +++ karmapools/account.php 2004-09-13 16:04:16.233426664 -0500 @@ -7,17 +7,18 @@ if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } $title = DEFAULT_SITE_TITLE . "::Create Account"; -pageHeader(true,$title); $cols = 2; $cmo = $cols - 1; -$lo_url = "./?a=" . LOGOUT_QS; -$rules_url = "./?a=" . VIEW_RULES_QS; +$lo_url = INCPREFIX . "?a=" . LOGOUT_QS; +$rules_url = INCPREFIX . "?a=" . VIEW_RULES_QS; $attribs = array('width'=>"600",'height'=>"550"); $rules_lnk = popupLink("$rules_url","rules",$attribs); $vhs_url = "./?a=" . VIEW_HOSHAME_QS; +$bodyargs = 'onLoad="document.create_account.username.focus();"'; +pageHeader(true,$title,$bodyargs); if (!isLoggedIn()) { ?> -

+ * *****************************************************************************/ if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } -requireAdmin(); $title = DEFAULT_SITE_TITLE . "::Create Pool"; $cols = 2; $now = getdate(); @@ -16,8 +15,9 @@ ($next_month == 1) ? $next_year = $cur_year + 1: $next_year = $cur_year; $next_day = getMonthDays($next_month,$next_year); $max_year = $cur_year + MAX_YEARS_FORWARD; -pageHeader(true,$title);?> - +$bodyargs = 'onLoad="document.create_pool.pname.focus();"'; +pageHeader(true,$title,$bodyargs);?> + 500)); ?> diff -u -r -N karmapools.orig/admin/includes/admin.app.functions.php karmapools/admin/includes/admin.app.functions.php --- karmapools.orig/admin/includes/admin.app.functions.php 1969-12-31 18:00:00.000000000 -0600 +++ karmapools/admin/includes/admin.app.functions.php 2004-09-13 10:04:52.514610208 -0500 @@ -0,0 +1,156 @@ + * + *****************************************************************************/ +if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } + +/***************************************************************************** + * + *****************************************************************************/ +function createPool($echo=true,$pvars='') { + +isset($pvars['pname']) ? $pn = $pvars['pname'] : $pn = ''; +isset($pvars['pdesc']) ? $pd = $pvars['pdesc'] : $pd = ''; +isset($pvars['sday']) ? $sd = $pvars['sday'] : $sd = ''; +isset($pvars['smonth']) ? $sm = $pvars['smonth'] : $sm = ''; +isset($pvars['syear']) ? $sy = $pvars['syear'] : $sy = ''; +isset($pvars['emonth']) ? $em = $pvars['emonth'] : $em = ''; +isset($pvars['eday']) ? $ed = $pvars['eday'] : $ed = ''; +isset($pvars['eyear']) ? $ey = $pvars['eyear'] : $ey = ''; +isset($pvars['cmonth']) ? $cm = $pvars['cmonth'] : $cm = ''; +isset($pvars['cday']) ? $cd = $pvars['cday'] : $cd = ''; +isset($pvars['cyear']) ? $cy = $pvars['cyear'] : $cy = ''; +isset($pvars['eper']) ? $ep = $pvars['eper'] : $ep = ''; +isset($pvars['prize']) ? $prn = $pvars['prize'] : $prn = ''; +isset($pvars['purl']) ? $pu = $pvars['purl'] : $pu = ''; +if ($pn == '' or $ep == '') { + $html = "Pool creation failed due to empty field value. "; + $html .= "Use the back button and try again."; + if ($echo) { die($html); } else { return $html; } + } +if (poolExists($pn)) { + $html = "A pool by this name already exists. "; + $html .= "Use the back button and try again."; + if ($echo) { die($html); } else { return $html; } + } +if (!is_numeric($ep)) { + $html = "Pool creation failed due to a non-numeric entries per "; + $html .= "user value. Use the back button and try again."; + if ($echo) { die($html); } else { return $html; } + } +// +// Ok, here is where we attempt to sanitize date entries. +// First make sure each date is current or in the future. +if (!checkDateSanity($sy,$sm,$sd)) { + $html = "The starting date is invalid you moron. "; + $html .= "Use the back button to fix it and try again."; + if ($echo) { die($html); } else { return $html; } + } +if (!checkDateSanity($ey,$em,$ed)) { + $html = "The ending date is invalid you moron. "; + $html .= "Use the back button to fix it and try again."; + if ($echo) { die($html); } else { return $html; } + } +if (!checkDateSanity($cy,$cm,$cd)) { + $html = "The cutoff date is invalid you moron. "; + $html .= "Use the back button to fix it and try again."; + if ($echo) { die($html); } else { return $html; } + } +// verify we are talking about linear time +$start_ts = mktime(0,0,0,$sm,$sd,$sy); +$end_ts = mktime(0,0,0,$em,$ed,$ey); +$cutoff_ts = mktime(0,0,0,$cm,$cd,$cy); +if ($end_ts < $start_ts) { + $html = "The end date happens before the start date. This won't "; + $html .= "work. Use the back button to fix it and try again."; + if ($echo) { die($html); } else { return $html; } + } +if ($cutoff_ts < $start_ts) { + $html = "The cutoff date happens before the start date. This won't "; + $html .= "work. Use the back button to fix it and try again."; + if ($echo) { die($html); } else { return $html; } + } +if ($end_ts < $cutoff_ts) { + $html = "The end date happens before the cutoff date. This won't "; + $html .= "work. Use the back button to fix it and try again."; + if ($echo) { die($html); } else { return $html; } + } +// verify the thing lasts at least 1 day! +$totalDays = getDaysDiff($sy,$sm,$sd,$cy,$cm,$cd); +if ($totalDays === false or !is_numeric($totalDays) or $totalDays < 2) { + $html = "Um, what exactly is the point to creating a pool for one "; + $html .= "day or less? Use the back button to fix it and try again."; + if ($echo) { die($html); } else { return $html; } + } +// Don't create a pool beyond what is defined by MAX_YEARS_FORWARD +$year_diff = $sy - $ey; +if ((!defined('MAX_YEARS_FORWARD')) or (!is_numeric(MAX_YEARS_FORWARD)) or + ($year_diff > MAX_YEARS_FORWARD)) { + $html = "Sorry, MAX_YEARS_FORWARD is either not defined in globals.php "; + $html .= "or you have created a pool that goes on too long. The current "; + $html .= "setting is: " . MAX_YEARS_FORWARD . ". "; + $html .= "Use the back button and try again."; + if ($echo) { die($html); } else { return $html; } + } +// Don't allow individual entries beyond MAX_USER_ENTRIES +if ((!defined('MAX_USER_ENTRIES')) or (!is_numeric(MAX_USER_ENTRIES)) or + ($ep > MAX_USER_ENTRIES)) { + $html = "Sorry, MAX_USER_ENTRIES is either not defined in globals.php "; + $html .= "or you have created a pool that allows too many entries per "; + $html .= "user. The current max allowed votes per user is: "; + $html .= MAX_USER_ENTRIES . ". Use the back button and try again."; + } + +// Put humpty dumpty back together +$pn = addslashes($pn); +$pd = addslashes($pd); +$prn = addslashes($prn); +$pu = addslashes($pu); +$s_date = $sy . "-" . $sm . "-" . $sd; +$e_date = $ey . "-" . $em . "-" . $ed; +$c_date = $cy . "-" . $cm . "-" . $cd; + +$fl = "pool_name,pool_desc,pool_start,pool_end,cutoff_date,allowed_entries,"; +$fl .= "prize_text,prize_url"; +$vl = "'$pn','$pd','$s_date','$e_date','$c_date',$ep,'$prn','$pu'"; +$sql = "insert into " . DBN . ".pool_ids($fl) values($vl)"; + +if (!db_query($sql)) { + $html = "Pool creation failed due to sql failure. "; + $html .= "Try Again."; + if ($echo) { die($html); } else { return $html; } + } +if (! $pid = db_insert_id() or $pid < 0) { + $html = "The pool may have been created, but the id cannot be "; + $html .= "determined. This is a problem that a db administrator needs "; + $html .= "to take care of. "; + $html .= "Try Again."; + } +// seed stats so updatePoolStats() call to queryPoolInfo() will not +// fail. +$sql = "insert into " . DBN . ".pool_stats(pool_id,days_total,days_taken) "; +$sql .= "values($pid,0,0)"; +if (!db_query($sql)) { + $html = "The pool was created, but seeding the stats table failed due "; + $html .= "to a sql failure. This is a problem that needs attention from "; + $html .= "a db administrator. "; + $html .= "Try Again."; + if ($echo) { die($html); } else { return $html; } + } +if (!updatePoolStats($pid)) { + $html = "The pool was created, but updating the stats table failed due "; + $html .= "to a sql failure. This is a problem that needs attention from "; + $html .= "a db administrator. "; + $html .= "Try Again."; + if ($echo) { die($html); } else { return $html; } + } +$html = "

Congratulations! You now have a new pool and can start "; +$html .= "populating it.

Pool Index

"; + +if ($echo) { die($html); } else { return $html; } + +} + +?> diff -u -r -N karmapools.orig/admin/includes/admin.globals.php karmapools/admin/includes/admin.globals.php --- karmapools.orig/admin/includes/admin.globals.php 1969-12-31 18:00:00.000000000 -0600 +++ karmapools/admin/includes/admin.globals.php 2004-09-13 16:36:15.959583928 -0500 @@ -0,0 +1,25 @@ + * + *****************************************************************************/ +if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } +requireAdmin(); + +// database settings +define(DBH,"localhost"); +define(DBN,"date_pools"); +define(DBU,"webuser"); +define(DBP,"webuser"); + +// action strings +define(CREATE_POOL_QS,"cp"); +define(LIST_POOL_QS,"lp"); +define(LIST_USER_QS,"lu"); + +// includes +require_once('includes/admin.html.functions.php'); +require_once('includes/admin.app.functions.php'); + +?> diff -u -r -N karmapools.orig/admin/includes/admin.html.functions.php karmapools/admin/includes/admin.html.functions.php --- karmapools.orig/admin/includes/admin.html.functions.php 1969-12-31 18:00:00.000000000 -0600 +++ karmapools/admin/includes/admin.html.functions.php 2004-09-13 10:16:03.579592824 -0500 @@ -0,0 +1,10 @@ + * + *****************************************************************************/ +if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } + + +?> diff -u -r -N karmapools.orig/admin/index.php karmapools/admin/index.php --- karmapools.orig/admin/index.php 1969-12-31 18:00:00.000000000 -0600 +++ karmapools/admin/index.php 2004-09-13 16:49:39.243466216 -0500 @@ -0,0 +1,36 @@ + * + *****************************************************************************/ +define(ADMINREQUEST,true); +require_once("../includes/globals.php"); + +/***************************************************************************** + * direct traffic * + *****************************************************************************/ +if (!db_connect(DBH,DBN,DBU,DBP)) { + die("Could not connect to mysql, oh well..."); + } + +// Take action if called for +switch ("$a") { + // create pool + case CREATE_POOL_QS: + if ($_POST['confirm']) { + $html = createPool(false,$_POST); + $subtitle = "Pool Creation Status"; + die(displayMessage($html,$subtitle)); + } else { + die(include("./create.pool.php")); + } + break; + case LIST_USER_QS: + die(include("./user.list.php")); + break; + default: + die(include("./menu.php")); + break; + } +?> diff -u -r -N karmapools.orig/admin/menu.php karmapools/admin/menu.php --- karmapools.orig/admin/menu.php 1969-12-31 18:00:00.000000000 -0600 +++ karmapools/admin/menu.php 2004-09-13 16:44:12.938072176 -0500 @@ -0,0 +1,54 @@ + * + *****************************************************************************/ +if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } +$title = DEFAULT_SITE_TITLE . "::Admin Menu"; +$cols = 2; +$pools_qs = "./?a=" . LIST_POOL_QS; +$pools_img = "

"; +$pools_href = "$pools_img"; +$users_qs = "./?a=" . LIST_USER_QS; +$users_img = "

"; +$users_href = "$users_img"; +$back_qs = INCPREFIX; +$back_img = "

"; +$back_href = ""; +pageHeader(true,$title); +tableOpen(true,array('width'=>'400')) +?> + + + + + + + + + + + + Pool Management: edit pools, select winning dates, delete + pools, create pools, etc.. + + + + + + + + User Management: add, edit, delete users, view user properties, + etc.. + + + + + + + + diff -u -r -N karmapools.orig/admin/user.list.php karmapools/admin/user.list.php --- karmapools.orig/admin/user.list.php 1969-12-31 18:00:00.000000000 -0600 +++ karmapools/admin/user.list.php 2004-09-13 17:05:03.155010312 -0500 @@ -0,0 +1,43 @@ + * + *****************************************************************************/ +if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } +$cols = 7; +$title = DEFAULT_SITE_TITLE . "::Admin Menu::List Users"; +$back_qs = INCPREFIX; +$back_img = "

"; +$back_href = ""; + +$text = ""; +$o_email = $text . "ue\">Email"; +$o_ip = $text . "ip\">IP"; +$o_access = $text . "ul\">Access"; +$o_audit = $text . "ua\">Audit"; + +pageHeader(true,$title); tableOpen(true,array('width'=>'800')); +?> + + + + + + + + + + + + E + D + + + + + + + + diff -u -r -N karmapools.orig/docs/Changelog karmapools/docs/Changelog --- karmapools.orig/docs/Changelog 2004-09-13 09:33:24.540625000 -0500 +++ karmapools/docs/Changelog 2004-09-13 17:25:07.482924640 -0500 @@ -1,9 +1,50 @@ -Date: 2004-09-11 12:56 -Patch: patch-0.0.1-01 +Date: 2004-09-13 17:32 +Release: patch-0.0.3-03 +Author: Mike Green + +Split admin functions into a seperate directory structure, made various changes +to accomodate. Started work on admin pages. Bumped release version to +0.0.4. + +Date: 2004-09-12 14:12 +Patch: patch-0.0.3-02 Author: Mike Green -Fixed pool view calendar to align itself Monday thru Sunday instead -of starting with the date the pool starts. +includes/app.functions.php: added stats information array to +queryPoolInfo(). + +includes/globals.php: added define for db include file so that database +types can be abstracted. Moved requires() to bottom of file to account +for DBINCLUDE. + +includes/html.functions.php: Moved month and day header routines to +their own functions - drawMonthHeader() and drawDayHeader(). Changed loop +to key off of total days from start_date instead of end_date due to daylight +savings time causing weirdness. + +Added user pick count total to output if user is logged in. + +Date: 2004-09-11 19:52 +Patch: patch-0.0.3-01 +Author: Mike Green + +Moved source/ out of the source! + +Date: 2004-09-11 19:36 +Patch: patch-0.0.2-02 +Author: Mike Green + +Added jump around links in the calendar. Added display of logged in +user's picks when logged in. Added login/logout urls. Added banner +image code. Yanked calendar display code out of pool.php and stuck +it in includes/html.functions.php to keep it clean. + +Date: 2004-09-11 15:25 +Patch: patch-0.0.2-01 +Author: Mike Green + +Added Changelog, popup windows, source code link. +Changed rules links to be popup windows. Date: 2004-09-11 15:07 Patch: patch-0.0.1-02 @@ -30,42 +71,9 @@ includes/globals.php: added defaults for popup window attributes. -Date: 2004-09-11 15:25 -Patch: patch-0.0.2-01 -Author: Mike Green - -Added Changelog, popup windows, source code link. -Changed rules links to be popup windows. - -Date: 2004-09-11 19:36 -Patch: patch-0.0.2-02 -Author: Mike Green - -Added jump around links in the calendar. Added display of logged in -user's picks when logged in. Added login/logout urls. Added banner -image code. Yanked calendar display code out of pool.php and stuck -it in includes/html.functions.php to keep it clean. - -Date: 2004-09-11 19:52 -Patch: patch-0.0.3-01 -Author: Mike Green - -Moved source/ out of the source! - -Date: 2004-09-12 14:12 -Patch: patch-0.0.3-02 +Date: 2004-09-11 12:56 +Patch: patch-0.0.1-01 Author: Mike Green -includes/app.functions.php: added stats information array to -queryPoolInfo(). - -includes/globals.php: added define for db include file so that database -types can be abstracted. Moved requires() to bottom of file to account -for DBINCLUDE. - -includes/html.functions.php: Moved month and day header routines to -their own functions - drawMonthHeader() and drawDayHeader(). Changed loop -to key off of total days from start_date instead of end_date due to daylight -savings time causing weirdness. - -Added user pick count total to output if user is logged in. \ No newline at end of file +Fixed pool view calendar to align itself Monday thru Sunday instead +of starting with the date the pool starts. diff -u -r -N karmapools.orig/docs/date_pools.sql karmapools/docs/date_pools.sql --- karmapools.orig/docs/date_pools.sql 2004-09-11 15:14:10.000000000 -0500 +++ karmapools/docs/date_pools.sql 2004-09-13 09:36:45.559066432 -0500 @@ -31,12 +31,6 @@ UNIQUE KEY pool_name (pool_name) ) TYPE=MyISAM; -INSERT INTO pool_ids VALUES (10,'Darl\\\'s Demise','Date of Darl McBride\'s last day worked as noted on his pink slip. This date must be the officially announced last day of his employment. He must be forced out intentionally, for example by legal consequences, stockholder revolt, board action, or resignation. Freak accidents, act\'s of God, and bankruptcy does not count.','2004-08-10','2007-01-01','2004-11-01',5,NULL,NULL,NULL,'Smug Satisfaction',''); -INSERT INTO pool_ids VALUES (13,'SCO Group Bankruptcy','Date that the SCO Group officially files for bankruptcy protection.','2004-09-11','2006-12-31','2004-10-01',10,NULL,NULL,NULL,'Glee',''); -INSERT INTO pool_ids VALUES (15,'SCOG Stock Price <= $1.00','Date that the SCO Group stock price closes at $1.00 or below','2004-09-11','2006-12-31','2004-11-01',2,NULL,NULL,NULL,'Bragging Rights',''); -INSERT INTO pool_ids VALUES (14,'SCOG Stock Price <= $2.00','Date that the SCO Group stock price closes at $2.00 or below','2004-09-11','2006-12-01','2004-11-01',2,NULL,NULL,NULL,'Joy',''); -INSERT INTO pool_ids VALUES (16,'SCO Group Delisting','Date that the SCO Group is forced to delist from Nasdaq','2004-09-11','2007-12-31','2004-12-31',10,NULL,NULL,NULL,'Everlasting Happiness',''); - CREATE TABLE pool_stats ( pool_id int(10) unsigned NOT NULL default '0', days_total int(10) unsigned NOT NULL default '0', @@ -44,12 +38,6 @@ PRIMARY KEY (pool_id) ) TYPE=MyISAM; -INSERT INTO pool_stats VALUES (14,811,0); -INSERT INTO pool_stats VALUES (13,841,0); -INSERT INTO pool_stats VALUES (10,874,0); -INSERT INTO pool_stats VALUES (15,841,0); -INSERT INTO pool_stats VALUES (16,1206,0); - CREATE TABLE pool_users ( user_id int(10) unsigned NOT NULL auto_increment, user_name varchar(100) NOT NULL default '', Files karmapools.orig/images/left.gif and karmapools/images/left.gif differ Files karmapools.orig/images/left.png and karmapools/images/left.png differ Files karmapools.orig/images/pool.png and karmapools/images/pool.png differ Files karmapools.orig/images/user.gif and karmapools/images/user.gif differ Files karmapools.orig/images/user.png and karmapools/images/user.png differ diff -u -r -N karmapools.orig/includes/app.functions.php karmapools/includes/app.functions.php --- karmapools.orig/includes/app.functions.php 2004-09-13 09:33:24.541625000 -0500 +++ karmapools/includes/app.functions.php 2004-09-13 11:00:39.222833224 -0500 @@ -133,153 +133,6 @@ /***************************************************************************** * *****************************************************************************/ -function createPool($echo=true,$pvars='') { - -isset($pvars['pname']) ? $pn = $pvars['pname'] : $pn = ''; -isset($pvars['pdesc']) ? $pd = $pvars['pdesc'] : $pd = ''; -isset($pvars['sday']) ? $sd = $pvars['sday'] : $sd = ''; -isset($pvars['smonth']) ? $sm = $pvars['smonth'] : $sm = ''; -isset($pvars['syear']) ? $sy = $pvars['syear'] : $sy = ''; -isset($pvars['emonth']) ? $em = $pvars['emonth'] : $em = ''; -isset($pvars['eday']) ? $ed = $pvars['eday'] : $ed = ''; -isset($pvars['eyear']) ? $ey = $pvars['eyear'] : $ey = ''; -isset($pvars['cmonth']) ? $cm = $pvars['cmonth'] : $cm = ''; -isset($pvars['cday']) ? $cd = $pvars['cday'] : $cd = ''; -isset($pvars['cyear']) ? $cy = $pvars['cyear'] : $cy = ''; -isset($pvars['eper']) ? $ep = $pvars['eper'] : $ep = ''; -isset($pvars['prize']) ? $prn = $pvars['prize'] : $prn = ''; -isset($pvars['purl']) ? $pu = $pvars['purl'] : $pu = ''; -if ($pn == '' or $ep == '') { - $html = "Pool creation failed due to empty field value. "; - $html .= "Use the back button and try again."; - if ($echo) { die($html); } else { return $html; } - } -if (poolExists($pn)) { - $html = "A pool by this name already exists. "; - $html .= "Use the back button and try again."; - if ($echo) { die($html); } else { return $html; } - } -if (!is_numeric($ep)) { - $html = "Pool creation failed due to a non-numeric entries per "; - $html .= "user value. Use the back button and try again."; - if ($echo) { die($html); } else { return $html; } - } -// -// Ok, here is where we attempt to sanitize date entries. -// First make sure each date is current or in the future. -if (!checkDateSanity($sy,$sm,$sd)) { - $html = "The starting date is invalid you moron. "; - $html .= "Use the back button to fix it and try again."; - if ($echo) { die($html); } else { return $html; } - } -if (!checkDateSanity($ey,$em,$ed)) { - $html = "The ending date is invalid you moron. "; - $html .= "Use the back button to fix it and try again."; - if ($echo) { die($html); } else { return $html; } - } -if (!checkDateSanity($cy,$cm,$cd)) { - $html = "The cutoff date is invalid you moron. "; - $html .= "Use the back button to fix it and try again."; - if ($echo) { die($html); } else { return $html; } - } -// verify we are talking about linear time -$start_ts = mktime(0,0,0,$sm,$sd,$sy); -$end_ts = mktime(0,0,0,$em,$ed,$ey); -$cutoff_ts = mktime(0,0,0,$cm,$cd,$cy); -if ($end_ts < $start_ts) { - $html = "The end date happens before the start date. This won't "; - $html .= "work. Use the back button to fix it and try again."; - if ($echo) { die($html); } else { return $html; } - } -if ($cutoff_ts < $start_ts) { - $html = "The cutoff date happens before the start date. This won't "; - $html .= "work. Use the back button to fix it and try again."; - if ($echo) { die($html); } else { return $html; } - } -if ($end_ts < $cutoff_ts) { - $html = "The end date happens before the cutoff date. This won't "; - $html .= "work. Use the back button to fix it and try again."; - if ($echo) { die($html); } else { return $html; } - } -// verify the thing lasts at least 1 day! -$totalDays = getDaysDiff($sy,$sm,$sd,$cy,$cm,$cd); -if ($totalDays === false or !is_numeric($totalDays) or $totalDays < 2) { - $html = "Um, what exactly is the point to creating a pool for one "; - $html .= "day or less? Use the back button to fix it and try again."; - if ($echo) { die($html); } else { return $html; } - } -// Don't create a pool beyond what is defined by MAX_YEARS_FORWARD -$year_diff = $sy - $ey; -if ((!defined('MAX_YEARS_FORWARD')) or (!is_numeric(MAX_YEARS_FORWARD)) or - ($year_diff > MAX_YEARS_FORWARD)) { - $html = "Sorry, MAX_YEARS_FORWARD is either not defined in globals.php "; - $html .= "or you have created a pool that goes on too long. The current "; - $html .= "setting is: " . MAX_YEARS_FORWARD . ". "; - $html .= "Use the back button and try again."; - if ($echo) { die($html); } else { return $html; } - } -// Don't allow individual entries beyond MAX_USER_ENTRIES -if ((!defined('MAX_USER_ENTRIES')) or (!is_numeric(MAX_USER_ENTRIES)) or - ($ep > MAX_USER_ENTRIES)) { - $html = "Sorry, MAX_USER_ENTRIES is either not defined in globals.php "; - $html .= "or you have created a pool that allows too many entries per "; - $html .= "user. The current max allowed votes per user is: "; - $html .= MAX_USER_ENTRIES . ". Use the back button and try again."; - } - -// Put humpty dumpty back together -$pn = addslashes($pn); -$pd = addslashes($pd); -$prn = addslashes($prn); -$pu = addslashes($pu); -$s_date = $sy . "-" . $sm . "-" . $sd; -$e_date = $ey . "-" . $em . "-" . $ed; -$c_date = $cy . "-" . $cm . "-" . $cd; - -$fl = "pool_name,pool_desc,pool_start,pool_end,cutoff_date,allowed_entries,"; -$fl .= "prize_text,prize_url"; -$vl = "'$pn','$pd','$s_date','$e_date','$c_date',$ep,'$prn','$pu'"; -$sql = "insert into " . DBN . ".pool_ids($fl) values($vl)"; - -if (!db_query($sql)) { - $html = "Pool creation failed due to sql failure. "; - $html .= "Try Again."; - if ($echo) { die($html); } else { return $html; } - } -if (! $pid = db_insert_id() or $pid < 0) { - $html = "The pool may have been created, but the id cannot be "; - $html .= "determined. This is a problem that a db administrator needs "; - $html .= "to take care of. "; - $html .= "Try Again."; - } -// seed stats so updatePoolStats() call to queryPoolInfo() will not -// fail. -$sql = "insert into " . DBN . ".pool_stats(pool_id,days_total,days_taken) "; -$sql .= "values($pid,0,0)"; -if (!db_query($sql)) { - $html = "The pool was created, but seeding the stats table failed due "; - $html .= "to a sql failure. This is a problem that needs attention from "; - $html .= "a db administrator. "; - $html .= "Try Again."; - if ($echo) { die($html); } else { return $html; } - } -if (!updatePoolStats($pid)) { - $html = "The pool was created, but updating the stats table failed due "; - $html .= "to a sql failure. This is a problem that needs attention from "; - $html .= "a db administrator. "; - $html .= "Try Again."; - if ($echo) { die($html); } else { return $html; } - } -$html = "

Congratulations! You now have a new pool and can start "; -$html .= "populating it.

Pool Index

"; - -if ($echo) { die($html); } else { return $html; } - -} - -/***************************************************************************** - * - *****************************************************************************/ function dupeExists($table='',$field='',$value='',$isint=false) { if ($table == '' or $field == '' or $value == '') { return true; } @@ -628,7 +481,7 @@ if (!isLoggedIn()) { isset($POOLSESS["lasturi"]) || $POOLSESS["lasturi"] = getURI(); - die(include("./login.php")); + die(include(INCPREFIX . "login.php")); } } diff -u -r -N karmapools.orig/includes/globals.php karmapools/includes/globals.php --- karmapools.orig/includes/globals.php 2004-09-13 09:34:53.518099000 -0500 +++ karmapools/includes/globals.php 2004-09-13 10:59:11.555160736 -0500 @@ -11,8 +11,6 @@ define(DBN,"date_pools"); define(DBU,"webuser"); define(DBP,"webuser"); -// Database abstraction library in the includes directory. In case -// someone wants to port to another database engine. define(DBINCLUDE,"mysql.functions.php"); // defaults - comment out banner and url if you don't want it. @@ -22,6 +20,7 @@ define(WARN_POSSIBLE_CHEATERS,true); define(MAX_YEARS_FORWARD,10); define(MAX_USER_ENTRIES,10); +define(STYLESHEET,"style.css"); // table defaults define(DEF_T_CLASS,"generic"); @@ -57,12 +56,23 @@ define(USERID_MAX_LEN,100); define(UA_MAX_LEN,255); +// account for admin requests +if (ADMINREQUEST === true) { + define(INCPREFIX,"../"); + } else { + define(INCPREFIX,"./"); + } + // includes -require_once('includes/' . DBINCLUDE); -require_once('includes/html.functions.php'); -require_once('includes/app.functions.php'); +require_once(INCPREFIX . "includes/" . DBINCLUDE); +require_once(INCPREFIX . 'includes/html.functions.php'); +require_once(INCPREFIX . 'includes/app.functions.php'); // start the session session_start(); session_register("POOLSESS"); + +if (ADMINREQUEST === true) { + require_once('./includes/admin.globals.php'); + } ?> diff -u -r -N karmapools.orig/includes/html.functions.php karmapools/includes/html.functions.php --- karmapools.orig/includes/html.functions.php 2004-09-13 09:33:24.543625000 -0500 +++ karmapools/includes/html.functions.php 2004-09-13 11:00:06.967736744 -0500 @@ -7,6 +7,43 @@ if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } /***************************************************************************** + * + *****************************************************************************/ +function displayMessage($message='',$subtitle='') { + +if ($message == '') { + $message = "Not sure what to tell you, 10-4 good buddy."; + } + +$title = DEFAULT_SITE_TITLE; +if (!$subtitle == '') { + $title .= "::$subtitle"; + } + +$html = pageHeader(false,$title); +$html .= tableOpen(false,array('width'=>"500")); +$html .= " + + $title + + + + + $message + + + + + + + \n"; +$html .= tableClose() . pageFooter(); + +die($html); + +} + +/***************************************************************************** * This is messy. It would be much faster to use database queries to * * calculate date differences and such, but different database engines have * * different capabilities, so we handle all date calculations in php for * @@ -394,7 +431,8 @@ $title\n"; if ($loadstyle) { - $html .= "\n"; } if ($loadjs) { diff -u -r -N karmapools.orig/index.php karmapools/index.php --- karmapools.orig/index.php 2004-09-11 19:28:40.000000000 -0500 +++ karmapools/index.php 2004-09-13 16:00:54.291126560 -0500 @@ -20,19 +20,9 @@ if ($_POST['confirm']) { $html = createAccount(false,$_POST); $subtitle = "Account Creation Status"; - die(include("message.php")); + die(displayMessage($html,$subtitle)); } else { - die(include("account.php")); - } - break; - // create pool - case CREATE_POOL_QS: - if ($_POST['confirm']) { - $html = createPool(false,$_POST); - $subtitle = "Pool Creation Status"; - die(include("message.php")); - } else { - die(include("admin/create.pool.php")); + die(include(INCPREFIX . "account.php")); } break; // login @@ -53,7 +43,7 @@ $html .= "class=\"info\" href=\""; $html .= "$login_url\">Try Again?"; $subtitle = "Login Failure"; - die(include("./message.php")); + die(displayMessage($html,$subtitle)); } break; case LOGOUT_QS: @@ -70,7 +60,7 @@ } else { $subtitle = "Date Selection Failure"; $html .= "

Try Again

". - die(include("message.php")); + die(displayMessage($html,$subtitle)); } break; // view hall of shame diff -u -r -N karmapools.orig/login.php karmapools/login.php --- karmapools.orig/login.php 2004-09-11 19:30:56.000000000 -0500 +++ karmapools/login.php 2004-09-13 16:00:43.357788680 -0500 @@ -6,11 +6,12 @@ *****************************************************************************/ if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } $title = DEFAULT_SITE_TITLE . "::Login Required"; -$create_url = "./?a=" . CREATE_ACCOUNT_QS; +$create_url = INCPREFIX . "?a=" . CREATE_ACCOUNT_QS; $cols = 2; -pageHeader(true,$title); +$bodyargs = 'onLoad="document.login.username.focus();"'; +pageHeader(true,$title,$bodyargs); ?> - + "400")); ?> diff -u -r -N karmapools.orig/message.php karmapools/message.php --- karmapools.orig/message.php 2004-09-11 15:14:12.000000000 -0500 +++ karmapools/message.php 1969-12-31 18:00:00.000000000 -0600 @@ -1,35 +0,0 @@ - * - *****************************************************************************/ -if (basename($PHP_SELF) == basename(__FILE__)) { die("Access Denied"); } - -$title = DEFAULT_SITE_TITLE; -if (isset($subtitle)) { - $title .= "::$subtitle"; - } - -if (!isset($html)) { - $html = "Not sure what to tell you, good buddy."; - } - -pageHeader(true,$title); tableOpen(true,array('width'=>"500")); -?> - - - - - - - - - - - - - - - - diff -u -r -N karmapools.orig/pool.php karmapools/pool.php --- karmapools.orig/pool.php 2004-09-11 19:24:32.000000000 -0500 +++ karmapools/pool.php 2004-09-13 10:36:02.294360480 -0500 @@ -12,7 +12,7 @@ $subtitle = "Query Pool Failure"; $html = "Oops. Cannot locate information about the pool."; $html .= "Try Again later."; - die(include("message.php")); + die(displayMessage($html,$subtitle)); } $pool_desc = stripslashes($pool_ar['info']['pool_desc']); $legend_url = "./?a=" . VIEW_LEGEND_QS; diff -u -r -N karmapools.orig/style.css karmapools/style.css --- karmapools.orig/style.css 2004-09-11 16:29:52.000000000 -0500 +++ karmapools/style.css 2004-09-13 17:04:22.643169048 -0500 @@ -4,14 +4,18 @@ * Distributed under the terms of the GNU General Public License v2 * * Created 2004-09-09 Mike Green * *****************************************************************************/ -body { margin-top:5; margin-left:5; margin-right:5; +body { margin-top:5; margin-left:5; margin-right:5; background-color:#000000; color:#ffffff; font-family:verdana,arial,lelvetica; font-weight:normal; font-size:11.5px; } -a:link { color:#000000; text-decoration:none; } +a:link { color:#000000; text-decoration:none; } a:visited { color:#000000; text-decoration:none; } a:active { color:#000000; text-decoration:none; } -a:hover { color:#000000; text-decoration:underline; } +a:hover { color:#000000; text-decoration:underline; } +a.header:link { color:#9a9a9a; } +a.header:visited { color:#9a9a9a; } +a.header:active { color:#9a9a9a; } +a.header:hover { color:#ffffff; text-decoration:underline; } a.info:link { color:#a5a464; } a.info:visited { color:#a5a464; } a.info:active { color:#a5a464; }