[Openfirst-cvscommit] members adduser.php,1.4,1.5 divisions.php,1.1,1.2 links.php,1.1,1.2 logout.php
Brought to you by:
xtimg
Update of /cvsroot/openfirst/members In directory sc8-pr-cvs1:/tmp/cvs-serv14123 Modified Files: adduser.php divisions.php links.php logout.php profile.php skills.php updateprofile.php web.php workspace.php Log Message: Replace mysql functions with new database functions, allowing multiple database types to be used easily. Index: adduser.php =================================================================== RCS file: /cvsroot/openfirst/members/adduser.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** adduser.php 12 Aug 2003 05:02:59 -0000 1.4 --- adduser.php 23 Aug 2003 20:31:16 -0000 1.5 *************** *** 36,43 **** if(isset($_POST["ndivision"]) == true && $_POST["ndivision"] != "") { $_POST["division"] = $_POST["ndivision"]; ! $q = mysql_query("INSERT INTO ofirst_divisions (division, description) VALUES ( '" . $_POST["division"] . "', '" . $_POST["divisiondescription"] . "');"); } ! $q = mysql_query("INSERT INTO ofirst_members (user, firstname, lastname, password, membertype, division, year, email, icq, aim, msn, yim, description, signature, picturelocation, team, dateregistered) --- 36,43 ---- if(isset($_POST["ndivision"]) == true && $_POST["ndivision"] != "") { $_POST["division"] = $_POST["ndivision"]; ! $q = ofirst_dbquery("INSERT INTO ofirst_divisions (division, description) VALUES ( '" . $_POST["division"] . "', '" . $_POST["divisiondescription"] . "');"); } ! $q = ofirst_dbquery("INSERT INTO ofirst_members (user, firstname, lastname, password, membertype, division, year, email, icq, aim, msn, yim, description, signature, picturelocation, team, dateregistered) *************** *** 100,105 **** <br><select name="division"> <?php ! $div = mysql_query("SELECT division FROM ofirst_divisions;"); ! while($d = mysql_fetch_object($div)) { echo("<option value='$d->division'>$d->division</option>"); } --- 100,105 ---- <br><select name="division"> <?php ! $div = ofirst_dbquery("SELECT division FROM ofirst_divisions;"); ! while($d = ofirst_dbfetch_object($div)) { echo("<option value='$d->division'>$d->division</option>"); } Index: divisions.php =================================================================== RCS file: /cvsroot/openfirst/members/divisions.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** divisions.php 12 Aug 2003 04:45:57 -0000 1.1 --- divisions.php 23 Aug 2003 20:31:16 -0000 1.2 *************** *** 36,55 **** if(isset($_GET["division"]) == true) { $division = $_GET["division"]; } if($division != "") { ! $div = mysql_fetch_object(mysql_query("SELECT * FROM ofirst_divisions WHERE division='$division';")); echo("<h2>$div->division</h2> <sub><a href='divisions.php?division='>View list of all divisions</a></sub> <p>$div->description</p> <h2>$div->division Division Members</h2>"); ! $members = mysql_query("SELECT user, firstname, lastname, year, dateregistered, lastseen FROM ofirst_members WHERE division='$div->division';"); echo("<table> <tr><th>Full Name</th><th>Year</th><th>Date Registered</th><th>Last Seen</th></tr>"); ! while ($m = mysql_fetch_object($members)) { echo("<tr><td><a href='profile.php?id=$m->user'>$m->firstname $m->lastname</a></td><td>$m->year</td><td>$m->dateregistered</td><td>$m->lastseen</td></tr>"); } } else { ! $d = mysql_query("SELECT * FROM ofirst_divisions;"); echo("<table>"); ! while ($div = mysql_fetch_object($d)) { echo("<tr><th><a href='divisions.php?division=$div->division'>$div->division</a></th><td>$div->description</td></tr>"); } --- 36,55 ---- if(isset($_GET["division"]) == true) { $division = $_GET["division"]; } if($division != "") { ! $div = ofirst_dbfetch_object(ofirst_dbquery("SELECT * FROM ofirst_divisions WHERE division='$division';")); echo("<h2>$div->division</h2> <sub><a href='divisions.php?division='>View list of all divisions</a></sub> <p>$div->description</p> <h2>$div->division Division Members</h2>"); ! $members = ofirst_dbquery("SELECT user, firstname, lastname, year, dateregistered, lastseen FROM ofirst_members WHERE division='$div->division';"); echo("<table> <tr><th>Full Name</th><th>Year</th><th>Date Registered</th><th>Last Seen</th></tr>"); ! while ($m = ofirst_dbfetch_object($members)) { echo("<tr><td><a href='profile.php?id=$m->user'>$m->firstname $m->lastname</a></td><td>$m->year</td><td>$m->dateregistered</td><td>$m->lastseen</td></tr>"); } } else { ! $d = ofirst_dbquery("SELECT * FROM ofirst_divisions;"); echo("<table>"); ! while ($div = ofirst_dbfetch_object($d)) { echo("<tr><th><a href='divisions.php?division=$div->division'>$div->division</a></th><td>$div->description</td></tr>"); } Index: links.php =================================================================== RCS file: /cvsroot/openfirst/members/links.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** links.php 13 Aug 2003 11:52:30 -0000 1.1 --- links.php 23 Aug 2003 20:31:16 -0000 1.2 *************** *** 30,39 **** if (isset($_POST["ncategory"]) == true && isset($user->user) == true && $_POST["ncategory"] != "") { ! $q = mysql_query("INSERT INTO ofirst_resources_categories (category) VALUES ('" . $_POST["ncategory"] . "');"); $_POST["category"] = $_POST["ncategory"]; } if (isset($_POST["address"]) == true && isset($user->user) == true) { ! $q = mysql_query("INSERT INTO ofirst_resources_links (address, name, category, type, creator, date) VALUES ('" . $_POST["address"] . "', '" . $_POST["name"] . "', '" . $_POST["category"] . "', '" . $_POST["type"] . "', '$user->user', '" . date("D M d Y") . "');"); } ?> --- 30,39 ---- if (isset($_POST["ncategory"]) == true && isset($user->user) == true && $_POST["ncategory"] != "") { ! $q = ofirst_dbquery("INSERT INTO ofirst_resources_categories (category) VALUES ('" . $_POST["ncategory"] . "');"); $_POST["category"] = $_POST["ncategory"]; } if (isset($_POST["address"]) == true && isset($user->user) == true) { ! $q = ofirst_dbquery("INSERT INTO ofirst_resources_links (address, name, category, type, creator, date) VALUES ('" . $_POST["address"] . "', '" . $_POST["name"] . "', '" . $_POST["category"] . "', '" . $_POST["type"] . "', '$user->user', '" . date("D M d Y") . "');"); } ?> *************** *** 41,51 **** <h1>Link Listing</h1> <?php ! $cats = mysql_query("SELECT category FROM ofirst_resources_categories;"); ! while($c = mysql_fetch_object($cats)) { echo("<h2>$c->category</h2>"); echo("<table> <tr><th>Type</th><th>Link</th><th>Creator</th><th>Date</th></tr>"); ! $links = mysql_query("SELECT * FROM ofirst_resources_links WHERE category='$c->category';"); ! while($l = mysql_fetch_object($links)) { echo("<tr><td><img src='$l->type' alt=''></td><td><a href='$l->address'>$l->name</a></td><td>$l->creator</td><td>$l->date</td></tr>"); } --- 41,51 ---- <h1>Link Listing</h1> <?php ! $cats = ofirst_dbquery("SELECT category FROM ofirst_resources_categories;"); ! while($c = ofirst_dbfetch_object($cats)) { echo("<h2>$c->category</h2>"); echo("<table> <tr><th>Type</th><th>Link</th><th>Creator</th><th>Date</th></tr>"); ! $links = ofirst_dbquery("SELECT * FROM ofirst_resources_links WHERE category='$c->category';"); ! while($l = ofirst_dbfetch_object($links)) { echo("<tr><td><img src='$l->type' alt=''></td><td><a href='$l->address'>$l->name</a></td><td>$l->creator</td><td>$l->date</td></tr>"); } *************** *** 62,67 **** <tr><th>Category</th><td> <select name='category'>"); ! $cats = mysql_query("SELECT category FROM ofirst_resources_categories;"); ! while($c = mysql_fetch_object($cats)) { echo("<option value='$c->category'>$c->category</option>"); } --- 62,67 ---- <tr><th>Category</th><td> <select name='category'>"); ! $cats = ofirst_dbquery("SELECT category FROM ofirst_resources_categories;"); ! while($c = ofirst_dbfetch_object($cats)) { echo("<option value='$c->category'>$c->category</option>"); } *************** *** 70,75 **** <tr><th>Type of Document</th><td> <select name='type'>"); ! $types = mysql_query("SELECT image, description FROM ofirst_workspace_filetypes GROUP BY description ORDER BY description;"); ! while ($type = mysql_fetch_object($types)) { if($type->description == "HTML Page") { echo("<option value='$type->image' selected='selected'>$type->description</option>"); --- 70,75 ---- <tr><th>Type of Document</th><td> <select name='type'>"); ! $types = ofirst_dbquery("SELECT image, description FROM ofirst_workspace_filetypes GROUP BY description ORDER BY description;"); ! while ($type = ofirst_dbfetch_object($types)) { if($type->description == "HTML Page") { echo("<option value='$type->image' selected='selected'>$type->description</option>"); Index: logout.php =================================================================== RCS file: /cvsroot/openfirst/members/logout.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** logout.php 23 Jul 2003 13:26:42 -0000 1.4 --- logout.php 23 Aug 2003 20:31:16 -0000 1.5 *************** *** 34,39 **** <h1>Logged Out</h1> <?php ! $q = mysql_query("UPDATE ofirst_members SET authcode = NULL WHERE user='$user->user';"); ! echo(mysql_error()); @session_start(); @session_destroy(); --- 34,39 ---- <h1>Logged Out</h1> <?php ! $q = ofirst_dbquery("UPDATE ofirst_members SET authcode = NULL WHERE user='$user->user';"); ! echo(ofirst_dberror()); @session_start(); @session_destroy(); Index: profile.php =================================================================== RCS file: /cvsroot/openfirst/members/profile.php,v retrieving revision 1.10 retrieving revision 1.11 diff -C2 -d -r1.10 -r1.11 *** profile.php 12 Aug 2003 17:47:25 -0000 1.10 --- profile.php 23 Aug 2003 20:31:16 -0000 1.11 *************** *** 90,98 **** if($_GET["orderby"] == "") { $_GET["orderby"] = "user"; } if(isset($extra) == true && $extra != "") { ! $query = mysql_query("SELECT * FROM ofirst_members where " . $_GET["orderby"] . " is NOT NULL $extra ORDER BY " . $_GET["orderby"] . ";"); } else { ! $query = mysql_query("SELECT * FROM ofirst_members where " . $_GET["orderby"] . " is NOT NULL ORDER BY " . $_GET["orderby"] . ";"); } ! while($q = mysql_fetch_object($query)) { echo("<tr><td><a href='profile.php?id=$q->user'>$q->user</a></td><td>$q->team</td>"); if($q->email != "") { echo("<td><img src='email.png' alt='email available' /></td>"); } else { echo("<td></td>"); } --- 90,98 ---- if($_GET["orderby"] == "") { $_GET["orderby"] = "user"; } if(isset($extra) == true && $extra != "") { ! $query = ofirst_dbquery("SELECT * FROM ofirst_members where " . $_GET["orderby"] . " is NOT NULL $extra ORDER BY " . $_GET["orderby"] . ";"); } else { ! $query = ofirst_dbquery("SELECT * FROM ofirst_members where " . $_GET["orderby"] . " is NOT NULL ORDER BY " . $_GET["orderby"] . ";"); } ! while($q = ofirst_dbfetch_object($query)) { echo("<tr><td><a href='profile.php?id=$q->user'>$q->user</a></td><td>$q->team</td>"); if($q->email != "") { echo("<td><img src='email.png' alt='email available' /></td>"); } else { echo("<td></td>"); } *************** *** 107,112 **** <?php } else { ! $query = mysql_query("SELECT * FROM ofirst_members WHERE user='" . $_GET["id"] . "';"); ! while($q = mysql_fetch_object($query)) { if (function_exists('emoticon_translate')) { --- 107,112 ---- <?php } else { ! $query = ofirst_dbquery("SELECT * FROM ofirst_members WHERE user='" . $_GET["id"] . "';"); ! while($q = ofirst_dbfetch_object($query)) { if (function_exists('emoticon_translate')) { Index: skills.php =================================================================== RCS file: /cvsroot/openfirst/members/skills.php,v retrieving revision 1.2 retrieving revision 1.3 diff -C2 -d -r1.2 -r1.3 *** skills.php 28 Jun 2003 03:01:25 -0000 1.2 --- skills.php 23 Aug 2003 20:31:16 -0000 1.3 *************** *** 44,52 **** } $query = "UPDATE ofirst_members SET skills='$skilled' WHERE user='$user->user';"; ! $q = mysql_query($query); unset($q); $query = "SELECT * FROM ofirst_members WHERE user='$user->user';"; ! $q = mysql_query($query); ! $user = mysql_fetch_object($q); echo("Updated Skills"); --- 44,52 ---- } $query = "UPDATE ofirst_members SET skills='$skilled' WHERE user='$user->user';"; ! $q = ofirst_dbquery($query); unset($q); $query = "SELECT * FROM ofirst_members WHERE user='$user->user';"; ! $q = ofirst_dbquery($query); ! $user = ofirst_dbfetch_object($q); echo("Updated Skills"); Index: updateprofile.php =================================================================== RCS file: /cvsroot/openfirst/members/updateprofile.php,v retrieving revision 1.4 retrieving revision 1.5 diff -C2 -d -r1.4 -r1.5 *** updateprofile.php 12 Aug 2003 05:02:59 -0000 1.4 --- updateprofile.php 23 Aug 2003 20:31:16 -0000 1.5 *************** *** 33,39 **** if(isset($_POST["ndivision"]) == true && $_POST["ndivision"] != "") { $_POST["division"] = $_POST["ndivision"]; ! $q = mysql_query("INSERT INTO ofirst_divisions (division) VALUES ( '" . $_POST["division"] . "');"); ! $q = mysql_query("UPDATE ofirst_divisions SET description='" . $_POST["divisiondescription"] . "' WHERE division='" . $_POST["division"] . "';"); } $query = "UPDATE ofirst_members SET firstname='" . $_POST["firstname"] . "', lastname='" . $_POST["lastname"] . "' --- 33,39 ---- if(isset($_POST["ndivision"]) == true && $_POST["ndivision"] != "") { $_POST["division"] = $_POST["ndivision"]; ! $q = ofirst_dbquery("INSERT INTO ofirst_divisions (division) VALUES ( '" . $_POST["division"] . "');"); ! $q = ofirst_dbquery("UPDATE ofirst_divisions SET description='" . $_POST["divisiondescription"] . "' WHERE division='" . $_POST["division"] . "';"); } $query = "UPDATE ofirst_members SET firstname='" . $_POST["firstname"] . "', lastname='" . $_POST["lastname"] . "' *************** *** 42,49 **** $_POST["yim"] . "', signature='" . $_POST["signature"] . "', description='" . $_POST["description"] . "', picturelocation='" . $_POST["picturelocation"] . "' WHERE user='$user->user';"; ! $q = mysql_query($query); if(isset($_POST["password"]) == true && isset($_POST["cpassword"]) == true) { if($_POST["password"] == $_POST["cpassword"] && $_POST["password"] != "") { ! $query = mysql_query("UPDATE ofirst_members SET password='" . cryptpassword($_POST["password"], $encryption) ."' WHERE user='$user->user';"); echo("Password Changed."); } elseif ($_POST["password"] != $_POST["cpassword"]) { --- 42,49 ---- $_POST["yim"] . "', signature='" . $_POST["signature"] . "', description='" . $_POST["description"] . "', picturelocation='" . $_POST["picturelocation"] . "' WHERE user='$user->user';"; ! $q = ofirst_dbquery($query); if(isset($_POST["password"]) == true && isset($_POST["cpassword"]) == true) { if($_POST["password"] == $_POST["cpassword"] && $_POST["password"] != "") { ! $query = ofirst_dbquery("UPDATE ofirst_members SET password='" . cryptpassword($_POST["password"], $encryption) ."' WHERE user='$user->user';"); echo("Password Changed."); } elseif ($_POST["password"] != $_POST["cpassword"]) { *************** *** 70,75 **** Existing: <br><select name='division'>"); ! $div = mysql_query("SELECT division FROM ofirst_divisions;"); ! while($d = mysql_fetch_object($div)) { echo("<option value='$d->division'"); if($d->division == $user->division) { echo(" selected='selected'"); } --- 70,75 ---- Existing: <br><select name='division'>"); ! $div = ofirst_dbquery("SELECT division FROM ofirst_divisions;"); ! while($d = ofirst_dbfetch_object($div)) { echo("<option value='$d->division'"); if($d->division == $user->division) { echo(" selected='selected'"); } Index: web.php =================================================================== RCS file: /cvsroot/openfirst/members/web.php,v retrieving revision 1.1 retrieving revision 1.2 diff -C2 -d -r1.1 -r1.2 *** web.php 12 Aug 2003 17:09:14 -0000 1.1 --- web.php 23 Aug 2003 20:31:16 -0000 1.2 *************** *** 32,36 **** $user = substr($_GET["uri"],1, strpos($_GET["uri"], "/", 2) - 1); $file = substr($_GET["uri"],strlen($user) + 2, strlen($_GET["uri"]) - strlen($user)); ! $vfs = mysql_fetch_object(mysql_query("SELECT virtfspath FROM ofirst_workspace_users WHERE user='$user';")); $vfs = $vfs->virtfspath . "www/"; if(substr($file, -1, 1) == "/") { $file .= "index.html"; } --- 32,36 ---- $user = substr($_GET["uri"],1, strpos($_GET["uri"], "/", 2) - 1); $file = substr($_GET["uri"],strlen($user) + 2, strlen($_GET["uri"]) - strlen($user)); ! $vfs = ofirst_dbfetch_object(ofirst_dbquery("SELECT virtfspath FROM ofirst_workspace_users WHERE user='$user';")); $vfs = $vfs->virtfspath . "www/"; if(substr($file, -1, 1) == "/") { $file .= "index.html"; } Index: workspace.php =================================================================== RCS file: /cvsroot/openfirst/members/workspace.php,v retrieving revision 1.8 retrieving revision 1.9 diff -C2 -d -r1.8 -r1.9 *** workspace.php 20 Aug 2003 15:25:28 -0000 1.8 --- workspace.php 23 Aug 2003 20:31:16 -0000 1.9 *************** *** 34,39 **** // Get important data used throughout this. ! $wsu = mysql_query("SELECT * FROM ofirst_workspace_users WHERE user='$user->user';"); ! $ws = mysql_fetch_object($wsu); if(isset($_GET["action"]) == true && $_GET["action"] == "view" && isset($_GET["view"]) == true) { --- 34,39 ---- // Get important data used throughout this. ! $wsu = ofirst_dbquery("SELECT * FROM ofirst_workspace_users WHERE user='$user->user';"); ! $ws = ofirst_dbfetch_object($wsu); if(isset($_GET["action"]) == true && $_GET["action"] == "view" && isset($_GET["view"]) == true) { *************** *** 41,45 **** $file = $ws->virtfspath . "/" . $_GET["file"]; } else { ! $vfs = mysql_fetch_object(mysql_query("SELECT virtfspath FROM ofirst_workspace_users WHERE user='" . $_GET["owner"] . "';")); $file = $vfs->virtfspath; } --- 41,45 ---- $file = $ws->virtfspath . "/" . $_GET["file"]; } else { ! $vfs = ofirst_dbfetch_object(ofirst_dbquery("SELECT virtfspath FROM ofirst_workspace_users WHERE user='" . $_GET["owner"] . "';")); $file = $vfs->virtfspath; } *************** *** 59,66 **** function fileicon ($extension='unknown') { $extension = strtolower($extension); ! $query = mysql_query("SELECT * FROM ofirst_workspace_filetypes WHERE extension='$extension';"); ! if (mysql_num_rows($query) != 0){ ! while ($fi = mysql_fetch_object($query)) { return("<img src='$fi->image' alt='$fi->description' title='$fi->description'>"); } --- 59,66 ---- function fileicon ($extension='unknown') { $extension = strtolower($extension); ! $query = ofirst_dbquery("SELECT * FROM ofirst_workspace_filetypes WHERE extension='$extension';"); ! if (ofirst_dbnum_rows($query) != 0){ ! while ($fi = ofirst_dbfetch_object($query)) { return("<img src='$fi->image' alt='$fi->description' title='$fi->description'>"); } *************** *** 73,77 **** if(isset($_POST["action"]) == true && $_POST["action"] == "modify") { echo("Your modifications to "" . $_POST["file"] . "" have been made [ <a href='workspace.php'>Return to workspace</a> ]"); ! $vfs = mysql_fetch_object(mysql_query("SELECT virtfspath FROM ofirst_workspace_users WHERE user='" . $_POST["owner"] . "';")); $fi = fopen($vfs->virtfspath . "/" . $_POST["filepath"] . "/" . $_POST["file"], 'w'); fputs($fi, $_POST["newdata"]); --- 73,77 ---- if(isset($_POST["action"]) == true && $_POST["action"] == "modify") { echo("Your modifications to "" . $_POST["file"] . "" have been made [ <a href='workspace.php'>Return to workspace</a> ]"); ! $vfs = ofirst_dbfetch_object(ofirst_dbquery("SELECT virtfspath FROM ofirst_workspace_users WHERE user='" . $_POST["owner"] . "';")); $fi = fopen($vfs->virtfspath . "/" . $_POST["filepath"] . "/" . $_POST["file"], 'w'); fputs($fi, $_POST["newdata"]); *************** *** 79,83 **** die(include($footer)); } elseif ($_POST["action"] == "setperm") { ! mysql_query("UPDATE ofirst_workspace_files SET permissions='" . $_POST["userperm"] . $_POST["groupperm"] . $_POST["otherperm"] . "' WHERE name='" . $_POST["file"] . "' AND owner='" . $_POST["owner"] . "' AND location='" . $_POST["filepath"] . "';"); echo("Permissions on file "" . $_POST["file"] . "" have been modified. [ <a href='workspace.php'>Return to workspace</a> ]"); die(include($footer)); --- 79,83 ---- die(include($footer)); } elseif ($_POST["action"] == "setperm") { ! ofirst_dbquery("UPDATE ofirst_workspace_files SET permissions='" . $_POST["userperm"] . $_POST["groupperm"] . $_POST["otherperm"] . "' WHERE name='" . $_POST["file"] . "' AND owner='" . $_POST["owner"] . "' AND location='" . $_POST["filepath"] . "';"); echo("Permissions on file "" . $_POST["file"] . "" have been modified. [ <a href='workspace.php'>Return to workspace</a> ]"); die(include($footer)); *************** *** 85,89 **** if(isset($_POST["action"]) == true && $_POST["action"] == "makedirectory") { mkdir(getcwd() . "/virtfs/$user->user/$filepath/" . $_POST["directory"]); ! $uf = mysql_query("INSERT INTO ofirst_workspace_files (size, location, owner, permissions, date, description, filetype, name) VALUES('0', '$filepath', '$user->user', 'drw-------', '" . date('D M d Y h:m:s') . "', 'Sub Directory', 'dir-" . $_POST["directorytype"] . "', '" . $_POST["directory"] . "');"); echo("Sub directory Created [<a href='workspace.php?filepath=$filepath'>Return to Workspace</a> ]"); --- 85,89 ---- if(isset($_POST["action"]) == true && $_POST["action"] == "makedirectory") { mkdir(getcwd() . "/virtfs/$user->user/$filepath/" . $_POST["directory"]); ! $uf = ofirst_dbquery("INSERT INTO ofirst_workspace_files (size, location, owner, permissions, date, description, filetype, name) VALUES('0', '$filepath', '$user->user', 'drw-------', '" . date('D M d Y h:m:s') . "', 'Sub Directory', 'dir-" . $_POST["directorytype"] . "', '" . $_POST["directory"] . "');"); echo("Sub directory Created [<a href='workspace.php?filepath=$filepath'>Return to Workspace</a> ]"); *************** *** 97,101 **** die(include($footer)); } elseif($_GET["action"] == "delete" && isset($_GET["confirmed"]) == true) { ! $del = mysql_query("DELETE FROM ofirst_workspace_files WHERE name='" . $_GET["file"] . "' AND owner='$user->user' AND location='" . $_GET["filepath"] . "';"); unlink($ws->virtfspath . "/" . $_GET["file"]); echo("The file <strong>"" . $_GET["file"] . ""</strong> has been deleted. [ <a href='workspace.php'>Workspace</a> ]"); --- 97,101 ---- die(include($footer)); } elseif($_GET["action"] == "delete" && isset($_GET["confirmed"]) == true) { ! $del = ofirst_dbquery("DELETE FROM ofirst_workspace_files WHERE name='" . $_GET["file"] . "' AND owner='$user->user' AND location='" . $_GET["filepath"] . "';"); unlink($ws->virtfspath . "/" . $_GET["file"]); echo("The file <strong>"" . $_GET["file"] . ""</strong> has been deleted. [ <a href='workspace.php'>Workspace</a> ]"); *************** *** 107,111 **** // Handle directory deletion if($_GET["action"] == "removedirectory" && isset($_GET["confirmed"]) == true) { ! $del = mysql_query("DELETE FROM ofirst_workspace_files WHERE name='" . $_GET["directory"] . "' AND owner='$user->user' AND location='" . $_GET["filepath"] ."';"); // deldir() based on code originally written by: fl...@cu... --- 107,111 ---- // Handle directory deletion if($_GET["action"] == "removedirectory" && isset($_GET["confirmed"]) == true) { ! $del = ofirst_dbquery("DELETE FROM ofirst_workspace_files WHERE name='" . $_GET["directory"] . "' AND owner='$user->user' AND location='" . $_GET["filepath"] ."';"); // deldir() based on code originally written by: fl...@cu... *************** *** 141,145 **** // Handle file modification if($_GET["action"] == "modify") { ! $fi = mysql_fetch_object(mysql_query("SELECT * FROM ofirst_workspace_files WHERE name='" . $_GET["file"] . "' AND location='" . $_GET["filepath"] . "' AND owner='" . $_GET["owner"] . "';")); echo("<h1>Modify " . $_GET["file"] . "</h1> <table style='width: 500px;'> --- 141,145 ---- // Handle file modification if($_GET["action"] == "modify") { ! $fi = ofirst_dbfetch_object(ofirst_dbquery("SELECT * FROM ofirst_workspace_files WHERE name='" . $_GET["file"] . "' AND location='" . $_GET["filepath"] . "' AND owner='" . $_GET["owner"] . "';")); echo("<h1>Modify " . $_GET["file"] . "</h1> <table style='width: 500px;'> *************** *** 148,155 **** <tr><th>File Name</th><td>" . $_GET["file"] . "</td></tr> <tr><th>File Type</th><td>"); ! $query = mysql_query("SELECT * FROM ofirst_workspace_filetypes WHERE extension='$fi->filetype';"); ! if (mysql_num_rows($query) != 0){ ! while ($fil = mysql_fetch_object($query)) { echo("<img src='$fil->image' alt='$fil->description' title='$fil->description'><br>$fil->description"); $fimg = $fil->image; --- 148,155 ---- <tr><th>File Name</th><td>" . $_GET["file"] . "</td></tr> <tr><th>File Type</th><td>"); ! $query = ofirst_dbquery("SELECT * FROM ofirst_workspace_filetypes WHERE extension='$fi->filetype';"); ! if (ofirst_dbnum_rows($query) != 0){ ! while ($fil = ofirst_dbfetch_object($query)) { echo("<img src='$fil->image' alt='$fil->description' title='$fil->description'><br>$fil->description"); $fimg = $fil->image; *************** *** 197,201 **** echo("<form method='post' action='workspace.php'>"); echo("<textarea name='newdata' style='width: 275px; height: 125px;'>"); ! $vfs = mysql_fetch_object(mysql_query("SELECT virtfspath FROM ofirst_workspace_users WHERE user='" . $_GET["owner"] . "';")); $fi = fopen($vfs->virtfspath . "/" . $_GET["filepath"] . "/" . $_GET["file"], 'r'); htmlentities(fpassthru($fi)); --- 197,201 ---- echo("<form method='post' action='workspace.php'>"); echo("<textarea name='newdata' style='width: 275px; height: 125px;'>"); ! $vfs = ofirst_dbfetch_object(ofirst_dbquery("SELECT virtfspath FROM ofirst_workspace_users WHERE user='" . $_GET["owner"] . "';")); $fi = fopen($vfs->virtfspath . "/" . $_GET["filepath"] . "/" . $_GET["file"], 'r'); htmlentities(fpassthru($fi)); *************** *** 222,234 **** // Handle file viewing (complete with information on what viewer to use to open the file) if($_GET["action"] == "view" && isset($_GET["view"]) == false) { ! $fi = mysql_fetch_object(mysql_query("SELECT * FROM ofirst_workspace_files WHERE name='" . $_GET["file"] . "' AND location='" . $_GET["filepath"] . "' AND owner='" . $_GET["owner"] . "';")); echo("<h1>View " . $_GET["file"] . "</h1> <table> <tr><th>File Name</th><td>" . $_GET["file"] . "</td></tr> <tr><th>File Type</th><td>"); ! $query = mysql_query("SELECT * FROM ofirst_workspace_filetypes WHERE extension='$fi->filetype';"); ! if (mysql_num_rows($query) != 0){ ! while ($fil = mysql_fetch_object($query)) { echo("<img src='$fil->image' alt='$fil->description' title='$fil->description'> $fil->description"); } --- 222,234 ---- // Handle file viewing (complete with information on what viewer to use to open the file) if($_GET["action"] == "view" && isset($_GET["view"]) == false) { ! $fi = ofirst_dbfetch_object(ofirst_dbquery("SELECT * FROM ofirst_workspace_files WHERE name='" . $_GET["file"] . "' AND location='" . $_GET["filepath"] . "' AND owner='" . $_GET["owner"] . "';")); echo("<h1>View " . $_GET["file"] . "</h1> <table> <tr><th>File Name</th><td>" . $_GET["file"] . "</td></tr> <tr><th>File Type</th><td>"); ! $query = ofirst_dbquery("SELECT * FROM ofirst_workspace_filetypes WHERE extension='$fi->filetype';"); ! if (ofirst_dbnum_rows($query) != 0){ ! while ($fil = ofirst_dbfetch_object($query)) { echo("<img src='$fil->image' alt='$fil->description' title='$fil->description'> $fil->description"); } *************** *** 254,258 **** $name = str_replace("&", "and", $name); copy($filename, "$ws->virtfspath/" . $_POST["filepath"] . "/$name"); ! $uf = mysql_query("INSERT INTO ofirst_workspace_files (size, location, owner, division, permissions, date, description, filetype, name) VALUES('" .( filesize("$ws->virtfspath/" . $_POST["filepath"] . "/$name") / 1024). "', '" . $_POST["filepath"] . "', '$user->user', '" . $_POST["division"] . "', '" . $_POST["userperm"] . $_POST["groupperm"] . $_POST["otherperm"] . "', '" . date('D M d Y h:m:s') . "', '" . $_POST["description"] . "', '" . strtolower(substr($name, strrpos($name, ".") +1)) . "', '$name');"); echo("File "$name" has been uploaded successfully. [ <a href='workspace.php'>Workspace</a> | <a href='workspace.php?file=$name&action=view&filepath=" . $_POST["filepath"] ."'>View</a> ]"); die(include($footer)); --- 254,258 ---- $name = str_replace("&", "and", $name); copy($filename, "$ws->virtfspath/" . $_POST["filepath"] . "/$name"); ! $uf = ofirst_dbquery("INSERT INTO ofirst_workspace_files (size, location, owner, division, permissions, date, description, filetype, name) VALUES('" .( filesize("$ws->virtfspath/" . $_POST["filepath"] . "/$name") / 1024). "', '" . $_POST["filepath"] . "', '$user->user', '" . $_POST["division"] . "', '" . $_POST["userperm"] . $_POST["groupperm"] . $_POST["otherperm"] . "', '" . date('D M d Y h:m:s') . "', '" . $_POST["description"] . "', '" . strtolower(substr($name, strrpos($name, ".") +1)) . "', '$name');"); echo("File "$name" has been uploaded successfully. [ <a href='workspace.php'>Workspace</a> | <a href='workspace.php?file=$name&action=view&filepath=" . $_POST["filepath"] ."'>View</a> ]"); die(include($footer)); *************** *** 262,267 **** <h1>Personal Workspace</h1> <p><?php ! $files = mysql_fetch_object(mysql_query("SELECT SUM(size) as used FROM ofirst_workspace_files WHERE owner='$user->user';")); ! if(mysql_num_rows($wsu) == 1) { ?> <table style="width: 500px;"> --- 262,267 ---- <h1>Personal Workspace</h1> <p><?php ! $files = ofirst_dbfetch_object(ofirst_dbquery("SELECT SUM(size) as used FROM ofirst_workspace_files WHERE owner='$user->user';")); ! if(ofirst_dbnum_rows($wsu) == 1) { ?> <table style="width: 500px;"> *************** *** 278,283 **** </table></td><td> <?php ! $dirs = mysql_query("SELECT * FROM ofirst_workspace_files WHERE permissions like 'd%' AND owner='$user->user' AND location='$filepath';"); ! if(mysql_num_rows($dirs) > 0) { ?> <p><strong>Your Sub Directories (<?php echo($filepath); ?>)</strong></p> --- 278,283 ---- </table></td><td> <?php ! $dirs = ofirst_dbquery("SELECT * FROM ofirst_workspace_files WHERE permissions like 'd%' AND owner='$user->user' AND location='$filepath';"); ! if(ofirst_dbnum_rows($dirs) > 0) { ?> <p><strong>Your Sub Directories (<?php echo($filepath); ?>)</strong></p> *************** *** 285,289 **** <?php echo("<tr><th>Icon</th><th>Name</th><th>Date Created</th><th>Actions</th></tr>"); ! while($d = mysql_fetch_object($dirs)) { echo("<tr><td>" . fileicon($d->filetype) . "</td><td><a href='workspace.php?filepath=$d->location$d->name'>$d->name</a></td><td>$d->date</td><td><a href='workspace.php?action=removedirectory&directory=$d->name&filepath=$filepath'>Remove Directory</a></td></tr>"); } --- 285,289 ---- <?php echo("<tr><th>Icon</th><th>Name</th><th>Date Created</th><th>Actions</th></tr>"); ! while($d = ofirst_dbfetch_object($dirs)) { echo("<tr><td>" . fileicon($d->filetype) . "</td><td><a href='workspace.php?filepath=$d->location$d->name'>$d->name</a></td><td>$d->date</td><td><a href='workspace.php?action=removedirectory&directory=$d->name&filepath=$filepath'>Remove Directory</a></td></tr>"); } *************** *** 296,302 **** <table> <?php ! $files = mysql_query("SELECT * FROM ofirst_workspace_files WHERE permissions not like 'd%' AND owner='$user->user' AND location='$filepath';"); echo("<tr><th>File Type</th><th>Name</th><th>Division</th><th>Permissions</th><th>Date</th><th>Description</th> <th>Actions</th></tr>"); ! while($file = mysql_fetch_object($files)) { $file->name = str_replace("\"", """, $file->name); echo("<tr><td>" . fileicon($file->filetype) . "</td><td>$file->name</td><td>$file->division</td> --- 296,302 ---- <table> <?php ! $files = ofirst_dbquery("SELECT * FROM ofirst_workspace_files WHERE permissions not like 'd%' AND owner='$user->user' AND location='$filepath';"); echo("<tr><th>File Type</th><th>Name</th><th>Division</th><th>Permissions</th><th>Date</th><th>Description</th> <th>Actions</th></tr>"); ! while($file = ofirst_dbfetch_object($files)) { $file->name = str_replace("\"", """, $file->name); echo("<tr><td>" . fileicon($file->filetype) . "</td><td>$file->name</td><td>$file->division</td> *************** *** 358,363 **** <tr><th>File</th><td> <input name="userfile[]" type="file"></td></tr> <tr><th>Division</th><td><select name="division"><?php ! $d = mysql_query("SELECT division FROM ofirst_divisions;"); ! while($di = mysql_fetch_object($d)) { if($di->division == $user->division) { echo("<option value='$di->division' selected='selected'>$di->division</option>"); --- 358,363 ---- <tr><th>File</th><td> <input name="userfile[]" type="file"></td></tr> <tr><th>Division</th><td><select name="division"><?php ! $d = ofirst_dbquery("SELECT division FROM ofirst_divisions;"); ! while($di = ofirst_dbfetch_object($d)) { if($di->division == $user->division) { echo("<option value='$di->division' selected='selected'>$di->division</option>"); *************** *** 398,405 **** <table> <?php ! $files = mysql_query("SELECT * FROM ofirst_workspace_files WHERE permissions like '____r%';"); echo("<tr><th>File Type</th><th>Name</th><th>Owner</th><th>Division</th><th>Permissions</th><th>Date</th><th>Description</th> <th>Actions</th></tr>"); ! while($file = mysql_fetch_object($files)) { echo("<tr><td>" . fileicon($file->filetype) . "</td><td>$file->name</td><td>$file->owner</td><td>$file->division</td> --- 398,405 ---- <table> <?php ! $files = ofirst_dbquery("SELECT * FROM ofirst_workspace_files WHERE permissions like '____r%';"); echo("<tr><th>File Type</th><th>Name</th><th>Owner</th><th>Division</th><th>Permissions</th><th>Date</th><th>Description</th> <th>Actions</th></tr>"); ! while($file = ofirst_dbfetch_object($files)) { echo("<tr><td>" . fileicon($file->filetype) . "</td><td>$file->name</td><td>$file->owner</td><td>$file->division</td> *************** *** 415,422 **** <table> <?php ! $files = mysql_query("SELECT * FROM ofirst_workspace_files WHERE permissions like '%r__';"); echo("<tr><th>File Type</th><th>Name</th><th>Owner</th><th>Division</th><th>Permissions</th><th>Date</th><th>Description</th> <th>Actions</th></tr>"); ! while($file = mysql_fetch_object($files)) { echo("<tr><td>" . fileicon($file->filetype) . "</td><td>$file->name</td><td>$file->owner</td><td>$file->division</td> --- 415,422 ---- <table> <?php ! $files = ofirst_dbquery("SELECT * FROM ofirst_workspace_files WHERE permissions like '%r__';"); echo("<tr><th>File Type</th><th>Name</th><th>Owner</th><th>Division</th><th>Permissions</th><th>Date</th><th>Description</th> <th>Actions</th></tr>"); ! while($file = ofirst_dbfetch_object($files)) { echo("<tr><td>" . fileicon($file->filetype) . "</td><td>$file->name</td><td>$file->owner</td><td>$file->division</td> *************** *** 436,448 **** if(isset($_GET["activate"]) == true && $_GET["activate"] == true) { if(is_writable(getcwd() . "/virtfs/") == true) { ! mysql_query("INSERT INTO ofirst_workspace_users (quota, user, virtfspath, frozen) VALUES('10', '$user->user', '" . getcwd() . "/virtfs/$user->user/', '0');"); mkdir(getcwd() . "/virtfs/$user->user/"); mkdir(getcwd() . "/virtfs/$user->user/www/"); mkdir(getcwd() . "/virtfs/$user->user/$filepath/" . $_POST["directory"]); ! $uf = mysql_query("INSERT INTO ofirst_workspace_files (size, location, owner, permissions, date, description, filetype, name) VALUES('0', '$filepath', '$user->user', 'drw-------', '" . date('D M d Y h:m:s') . "', 'Web Site Directory', 'dir-folder_html.png', 'www');"); ! $uf = mysql_query("INSERT INTO ofirst_workspace_files (size, location, owner, permissions, date, description, filetype, name) VALUES('0', '/www', '$user->user', '-rw-------', '" . date('D M d Y h:m:s') . "', 'Main Page for Personal Web Site', 'html', 'index.html');"); --- 436,448 ---- if(isset($_GET["activate"]) == true && $_GET["activate"] == true) { if(is_writable(getcwd() . "/virtfs/") == true) { ! ofirst_dbquery("INSERT INTO ofirst_workspace_users (quota, user, virtfspath, frozen) VALUES('10', '$user->user', '" . getcwd() . "/virtfs/$user->user/', '0');"); mkdir(getcwd() . "/virtfs/$user->user/"); mkdir(getcwd() . "/virtfs/$user->user/www/"); mkdir(getcwd() . "/virtfs/$user->user/$filepath/" . $_POST["directory"]); ! $uf = ofirst_dbquery("INSERT INTO ofirst_workspace_files (size, location, owner, permissions, date, description, filetype, name) VALUES('0', '$filepath', '$user->user', 'drw-------', '" . date('D M d Y h:m:s') . "', 'Web Site Directory', 'dir-folder_html.png', 'www');"); ! $uf = ofirst_dbquery("INSERT INTO ofirst_workspace_files (size, location, owner, permissions, date, description, filetype, name) VALUES('0', '/www', '$user->user', '-rw-------', '" . date('D M d Y h:m:s') . "', 'Main Page for Personal Web Site', 'html', 'index.html');"); |