OpencachingDeutschland/oc-server3
1
0
Fork 0
Code Issues Pull Requests Releases Activity
oc-server3/htdocs/editcache.php
following b5d24350dc marked ocprop triggers
2013-03-27 23:31:16 +01:00

888 lines
34 KiB
PHP
Raw Blame History

<?php
/****************************************************************************
./editcache.php
-------------------
begin : July 5 2004
For license information see doc/license.txt
*****************************************************************************/
/****************************************************************************
Unicode Reminder メモ
edit a cache listing
used template(s): editcache
GET/POST Parameter: cacheid
****************************************************************************/
//prepare the templates and include all neccessary
require_once('./lib/common.inc.php');
function getWaypoints($cacheid)
{
global $waypointline;
global $waypointlines;
global $nowaypoints;
$wphandler = new ChildWp_Handler();
$waypoints = $wphandler->getChildWps($cacheid);
$ret = '';
if (!empty($waypoints))
{
$formatter = new Coordinate_Formatter();
foreach ($waypoints as $waypoint)
{
$tmpline = $waypointline;
$tmpline = mb_ereg_replace('{wp_image}', htmlspecialchars($waypoint['image'], ENT_COMPAT, 'UTF-8'), $tmpline);
$tmpline = mb_ereg_replace('{wp_type}', htmlspecialchars($waypoint['name'], ENT_COMPAT, 'UTF-8'), $tmpline);
$htmlcoordinate = $formatter->formatHtml($waypoint['coordinate'], '</td></tr><tr><td style="white-space:nowrap">');
$tmpline = mb_ereg_replace('{wp_coordinate}', $htmlcoordinate, $tmpline);
$tmpline = mb_ereg_replace('{wp_description}', htmlspecialchars(trim($waypoint['description']), ENT_COMPAT, 'UTF-8'), $tmpline);
$tmpline = mb_ereg_replace('{wp_show_description}', mb_ereg_replace('\r\n','<br />',htmlspecialchars($waypoint['description'], ENT_COMPAT, 'UTF-8')), $tmpline);
$tmpline = mb_ereg_replace('{cacheid}', htmlspecialchars($cacheid, ENT_COMPAT, 'UTF-8'), $tmpline);
$tmpline = mb_ereg_replace('{childid}', htmlspecialchars($waypoint['childid'], ENT_COMPAT, 'UTF-8'), $tmpline);
$ret .= $tmpline;
}
$ret = mb_ereg_replace('{lines}', $ret, $waypointlines);
return $ret;
}
return $nowaypoints;
}
//Preprocessing
if ($error == false)
{
//cacheid
$cache_id = 0;
if (isset($_REQUEST['cacheid'])) // Ocprop
{
$cache_id = $_REQUEST['cacheid'];
}
if ($usr === false)
{
$tplname = 'login';
tpl_set_var('username', '');
tpl_set_var('target', 'editcache.php?cacheid=' . urlencode($cache_id));
tpl_set_var('message_start', "");
tpl_set_var('message_end', "");
tpl_set_var('message', $login_required);
}
else
{
$cache_rs = sql("SELECT `caches`.`uuid`, `caches`.`user_id`, `caches`.`name`, `stat_caches`.`picture`, `caches`.`type`, `caches`.`size`, `caches`.`date_hidden`, `caches`.`date_activate`, `caches`.`longitude`, `caches`.`latitude`, `caches`.`country`, `caches`.`terrain`, `caches`.`difficulty`, `caches`.`desc_languages`, `caches`.`status`, `caches`.`search_time`, `caches`.`way_length`, `caches`.`logpw`, `caches`.`wp_gc`, `caches`.`wp_nc`, `caches`.`node`, `user`.`username` FROM `caches` INNER JOIN `user` ON `caches`.`user_id`=`user`.`user_id` LEFT JOIN `stat_caches` ON `caches`.`cache_id`=`stat_caches`.`cache_id` WHERE `caches`.`cache_id`='&1'", $cache_id);
$cache_record = sql_fetch_array($cache_rs);
sql_free_result($cache_rs);
if ($cache_record !== false)
{
if ($cache_record['user_id'] == $usr['userid'])
{
$tplname = 'editcache';
require($stylepath . '/editcache.inc.php');
if ($cache_record['node'] != $oc_nodeid)
{
tpl_errorMsg('editcache', $error_wrong_node);
exit;
}
//here we read all used information from the form if submitted, otherwise from DB
$cache_name = isset($_POST['name']) ? $_POST['name'] : $cache_record['name']; // Ocprop
$cache_type = isset($_POST['type']) ? $_POST['type'] : $cache_record['type'];
if (!isset($_POST['size']))
{
if ($cache_type == 4 || $cache_type == 5)
{
$sel_size = 7;
}
else
{
$sel_size = $cache_record['size'];
}
}
else
{
$sel_size = isset($_POST['size']) ? $_POST['size'] : $cache_record['size'];
}
$cache_hidden_day = isset($_POST['hidden_day']) ? $_POST['hidden_day'] : date('d', strtotime($cache_record['date_hidden'])); // Ocprop
$cache_hidden_month = isset($_POST['hidden_month']) ? $_POST['hidden_month'] : date('m', strtotime($cache_record['date_hidden'])); // Ocprop
$cache_hidden_year = isset($_POST['hidden_year']) ? $_POST['hidden_year'] : date('Y', strtotime($cache_record['date_hidden'])); // Ocprop
if(is_null($cache_record['date_activate']))
{
$cache_activate_day = isset($_POST['activate_day']) ? $_POST['activate_day'] : date('d');
$cache_activate_month = isset($_POST['activate_month']) ? $_POST['activate_month'] : date('m');
$cache_activate_year = isset($_POST['activate_year']) ? $_POST['activate_year'] : date('Y');
$cache_activate_hour = isset($_POST['activate_hour']) ? $_POST['activate_hour'] : date('H');
}
else
{
$cache_activate_day = isset($_POST['activate_day']) ? $_POST['activate_day'] : date('d', strtotime($cache_record['date_activate']));
$cache_activate_month = isset($_POST['activate_month']) ? $_POST['activate_month'] : date('m', strtotime($cache_record['date_activate']));
$cache_activate_year = isset($_POST['activate_year']) ? $_POST['activate_year'] : date('Y', strtotime($cache_record['date_activate']));
$cache_activate_hour = isset($_POST['activate_hour']) ? $_POST['activate_hour'] : date('H', strtotime($cache_record['date_activate']));
}
$cache_difficulty = isset($_POST['difficulty']) ? $_POST['difficulty'] : $cache_record['difficulty']; // Ocprop
$cache_terrain = isset($_POST['terrain']) ? $_POST['terrain'] : $cache_record['terrain']; // Ocprop
$cache_country = isset($_POST['country']) ? $_POST['country'] : $cache_record['country']; // Ocprop
$show_all_countries = isset($_POST['show_all_countries']) ? $_POST['show_all_countries'] : 0;
$status = isset($_POST['status']) ? $_POST['status'] : $cache_record['status']; // Ocprop
$status_old = $cache_record['status'];
$search_time = isset($_POST['search_time']) ? $_POST['search_time'] : $cache_record['search_time'];
$way_length = isset($_POST['way_length']) ? $_POST['way_length'] : $cache_record['way_length'];
if($status_old == 5 && $status == 5)
{
if(isset($_POST['publish'])) // Ocprop
{
$publish = $_POST['publish'];
if(!($publish == 'now' || $publish == 'later' || $publish == 'notnow'))
{
// somebody messed up the POST-data, so we do not publish the cache, since he isn't published right now (status=5)
$publish = 'notnow';
}
}
else
{
if(is_null($cache_record['date_activate']))
{
$publish = 'notnow';
}
else
{
$publish = 'later';
}
}
}
else
{
$publish = isset($_POST['publish']) ? $_POST['publish'] : 'now';
if(!($publish == 'now' || $publish == 'later' || $publish == 'notnow'))
{
// somebody messed up the POST-data, so the cache has to be published (status<5)
$publish = 'now';
}
}
$bAdmin = sqlValue("SELECT `admin` FROM `user` WHERE `user_id` = &1", 0, $usr['userid']);
if ($status == 7 && ($bAdmin & ADMIN_USER) != ADMIN_USER)
{
$status = $status_old;
}
if ($status_old == 7) // cache is locked
{
// only admins can change status of locked caches
if (($bAdmin & ADMIN_USER) != ADMIN_USER)
{
// no status change allowed for normal user
$status = $status_old;
}
}
$search_time = mb_ereg_replace(',', '.', $search_time);
$way_length = mb_ereg_replace(',', '.', $way_length);
if (mb_strpos($search_time, ':') == mb_strlen($search_time) - 3)
{
$st_hours = mb_substr($search_time, 0, mb_strpos($search_time, ':'));
$st_minutes = mb_substr($search_time, mb_strlen($st_hours) + 1);
if (is_numeric($st_hours) && is_numeric($st_minutes))
{
if (($st_minutes >= 0) && ($st_minutes < 60))
{
$search_time = $st_hours + $st_minutes / 60;
}
}
}
$log_pw = isset($_POST['log_pw']) ? mb_substr($_POST['log_pw'], 0, 20) : $cache_record['logpw'];
// fix #4356: gc waypoints are frequently copy&pasted with leading spaces
$wp_gc = isset($_POST['wp_gc']) ? trim($_POST['wp_gc']) : $cache_record['wp_gc']; // Ocprop
$wp_nc = isset($_POST['wp_nc']) ? trim($_POST['wp_nc']) : $cache_record['wp_nc'];
// name
$name_not_ok = false;
if(isset($_POST['name']))
{
if($_POST['name'] == "")
$name_not_ok = true;
}
if (isset($_POST['latNS']))
{
//get coords from post-form
$coords_latNS = $_POST['latNS']; // Ocprop
$coords_lonEW = $_POST['lonEW']; // Ocprop
$coords_lat_h = $_POST['lat_h']; // Ocprop
$coords_lon_h = $_POST['lon_h']; // Ocprop
$coords_lat_min = $_POST['lat_min']; // Ocprop
$coords_lon_min = $_POST['lon_min']; // Ocprop
}
else
{
//get coords from DB
$coords_lon = $cache_record['longitude'];
$coords_lat = $cache_record['latitude'];
if ($coords_lon < 0)
{
$coords_lonEW = 'W';
$coords_lon = -$coords_lon;
}
else
{
$coords_lonEW = 'E';
}
if ($coords_lat < 0)
{
$coords_latNS = 'S';
$coords_lat = -$coords_lat;
}
else
{
$coords_latNS = 'N';
}
$coords_lat_h = floor($coords_lat);
$coords_lon_h = floor($coords_lon);
$coords_lat_min = sprintf("%02.3f", round(($coords_lat - $coords_lat_h) * 60, 3));
$coords_lon_min = sprintf("%02.3f", round(($coords_lon - $coords_lon_h) * 60, 3));
}
//here we validate the data
//coords
$lon_not_ok = false;
if (!mb_ereg_match('^[0-9]{1,3}$', $coords_lon_h))
{
$lon_not_ok = true;
}
else
{
$lon_not_ok = (($coords_lon_h >= 0) && ($coords_lon_h < 180)) ? false : true;
}
if (is_numeric($coords_lon_min))
{
// important: use here |=
$lon_not_ok |= (($coords_lon_min >= 0) && ($coords_lon_min < 60)) ? false : true;
}
else
{
$lon_not_ok = true;
}
//same with lat
$lat_not_ok = false;
if (!mb_ereg_match('^[0-9]{1,3}$', $coords_lat_h))
{
$lat_not_ok = true;
}
else
{
$lat_not_ok = (($coords_lat_h >= 0) && ($coords_lat_h < 180)) ? false : true;
}
if (is_numeric($coords_lat_min))
{
// important: use here |=
$lat_not_ok |= (($coords_lat_min >= 0) && ($coords_lat_min < 60)) ? false : true;
}
else
{
$lat_not_ok = true;
}
//check effort
$time_not_ok = true;
tpl_set_var('effort_message', '');
if (is_numeric($search_time) || ($search_time == ''))
{
$time_not_ok = false;
}
if ($time_not_ok)
{
tpl_set_var('effort_message', $time_not_ok_message);
$error = true;
}
$way_length_not_ok =true;
if (is_numeric($way_length) || ($way_length == ''))
{
$way_length_not_ok = false;
}
if ($way_length_not_ok)
{
tpl_set_var('effort_message', $way_length_not_ok_message);
$error = true;
}
//check hidden_since
$hidden_date_not_ok = true;
if (is_numeric($cache_hidden_day) && is_numeric($cache_hidden_month) && is_numeric($cache_hidden_year))
{
$hidden_date_not_ok = (checkdate($cache_hidden_month, $cache_hidden_day, $cache_hidden_year) == false);
}
//check date_activate
if($status == 5)
{
$activate_date_not_ok = true;
if (is_numeric($cache_activate_day) && is_numeric($cache_activate_month) && is_numeric($cache_activate_year) && is_numeric($cache_activate_hour))
{
$activate_date_not_ok = ((checkdate($cache_activate_month, $cache_activate_day, $cache_activate_year) == false) || $cache_activate_hour < 0 || $cache_activate_hour > 23);
}
}
else
{
$activate_date_not_ok = false;
}
//check status and publish options
if(($status == 5 && $publish == 'now') || ($status != 5 && ($publish == 'later' || $publish == 'notnow')))
{
tpl_set_var('status_message', $status_message);
$status_not_ok = true;
}
else
{
tpl_set_var('status_message', '');
$status_not_ok = false;
}
//check cache size
$size_not_ok = false;
if ($sel_size != 7 && ($cache_type == 4 || $cache_type == 5))
{
$error = true;
$size_not_ok = true;
}
//difficulty / terrain
$diff_not_ok = false;
tpl_set_var('diff_message', '');
if ($cache_difficulty < 2 || $cache_difficulty > 10 || $cache_terrain < 2 || $cache_terrain > 10)
{
tpl_set_var('diff_message', $diff_not_ok_message);
$error = true;
$diff_not_ok = true;
}
// cache-attributes
if (isset($_POST['cache_attribs']))
{
$cache_attribs = mb_split(';', $_POST['cache_attribs']);
}
else
{
// get attribs for this cache from db
$rs = sql("SELECT `attrib_id` FROM `caches_attributes` WHERE `cache_id`='&1'", $cache_id);
if(mysql_num_rows($rs) > 0)
{
unset($cache_attribs);
while($record = sql_fetch_array($rs))
{
$cache_attribs[] = $record['attrib_id'];
}
unset($record);
}
else
{
$cache_attribs = array();
}
sql_free_result($rs);
}
//try to save to DB?
if (isset($_POST['submit'])) // Ocprop
{
//all validations ok?
if (!($hidden_date_not_ok || $lat_not_ok || $lon_not_ok || $name_not_ok || $time_not_ok || $way_length_not_ok || $size_not_ok || $activate_date_not_ok || $status_not_ok || $diff_not_ok))
{
$cache_lat = $coords_lat_h + $coords_lat_min / 60;
if ($coords_latNS == 'S') $cache_lat = -$cache_lat;
$cache_lon = $coords_lon_h + $coords_lon_min / 60;
if ($coords_lonEW == 'W') $cache_lon = -$cache_lon;
if($publish == 'now')
{
$activation_date = 'NULL';
}
elseif($publish == 'later')
{
$status = 5;
$activation_date = "'".sql_escape(date('Y-m-d H:i:s', mktime($cache_activate_hour, 0, 0, $cache_activate_month, $cache_activate_day, $cache_activate_year)))."'";
}
elseif($publish == 'notnow')
{
$status = 5;
$activation_date = 'NULL';
}
else
{
// should never happen
$activation_date = 'NULL';
}
// check for Ocprop data to ignore
if ($ocpropping)
{
$rs = sql("SELECT `type`, `size` FROM `caches` WHERE `cache_id`='&1'", $cache_id);
if ($r = sql_fetch_assoc($rs))
{
if ($r['type'] == 8 && $cache_type == 7)
$cache_type = 8;
if ($r['type'] == 10 && $cache_type == 2)
$cache_type = 10;
if ($r['size'] == 8 && ($sel_size == 1 || $sel_size == 2))
$sel_size = 8;
}
sql_free_result($rs);
}
// save to DB
// status update will trigger touching the last_modified date of all depending records
sql("UPDATE `caches` SET `name`='&1', `longitude`='&2', `latitude`='&3', `type`='&4', `date_hidden`='&5', `country`='&6', `size`='&7', `difficulty`='&8', `terrain`='&9', `status`='&10', `search_time`='&11', `way_length`='&12', `logpw`='&13', `wp_gc`='&14', `wp_nc`='&15', `date_activate` = $activation_date WHERE `cache_id`='&16'", $cache_name, $cache_lon, $cache_lat, $cache_type, date('Y-m-d', mktime(0, 0, 0, $cache_hidden_month, $cache_hidden_day, $cache_hidden_year)), $cache_country, $sel_size, $cache_difficulty, $cache_terrain, $status, $search_time, $way_length, $log_pw, $wp_gc, $wp_nc, $cache_id);
// do not use slave server for the next time ...
db_slave_exclude();
// update cache attributes
$attriblist = "999";
for ($i=0; $i<count($cache_attribs); $i++)
{
if ($cache_attribs[$i]+0 > 0)
{
sql("INSERT IGNORE INTO `caches_attributes` (`cache_id`, `attrib_id`) VALUES('&1', '&2')", $cache_id, $cache_attribs[$i]+0);
$attriblist .= "," . ($cache_attribs[$i]+0);
}
}
sql("DELETE FROM `caches_attributes` WHERE `cache_id`='&1' AND `attrib_id` NOT IN (" . $attriblist . ")",
// SQL injections in $attriblist prevented by adding 0 above
$cache_id);
//call eventhandler
require_once($opt['rootpath'] . 'lib/eventhandler.inc.php');
event_edit_cache($cache_id, $usr['userid']+0);
// if old status is not yet published and new status is published => notify-event
if ($status_old == 5 && $status != 5)
{
event_notify_new_cache($cache_id);
}
//display cache-page
tpl_redirect('viewcache.php?cacheid=' . urlencode($cache_id));
// Ocprop: Location:\s*$viewcacheUrl\?cacheid=([0-9]+)
// (s.a. tpl_redirect() in common.inc.php
exit;
}
}
elseif (isset($_POST['show_all_countries_submit']))
{
$show_all_countries = 1;
}
//here we only set up the template variables
//build countrylist
$countriesoptions = '';
//check if selected country is in list_default
if ($show_all_countries == 0)
{
$rs = sql("SELECT `show` FROM `countries_list_default` WHERE `show`='&1' AND `lang`='&2'", $cache_country, $locale);
if (mysql_num_rows($rs) == 0) $show_all_countries = 1;
sql_free_result($rs);
}
//get the record
if ($show_all_countries == 0)
$rs = sql("SELECT `countries`.`short`, IFNULL(`sys_trans_text`.`text`, `countries`.`name`) AS `name` FROM `countries` INNER JOIN `countries_list_default` ON `countries_list_default`.`show`=`countries`.`short` LEFT JOIN `sys_trans` ON `countries`.`trans_id`=`sys_trans`.`id` LEFT JOIN `sys_trans_text` ON `sys_trans`.`id`=`sys_trans_text`.`trans_id` AND `sys_trans_text`.`lang`='&1' WHERE `countries_list_default`.`lang`='&1' ORDER BY `name` ASC", $locale);
else
$rs = sql("SELECT `countries`.`short`, IFNULL(`sys_trans_text`.`text`, `countries`.`name`) AS `name` FROM `countries` LEFT JOIN `sys_trans` ON `countries`.`trans_id`=`sys_trans`.`id` LEFT JOIN `sys_trans_text` ON `sys_trans`.`id`=`sys_trans_text`.`trans_id` AND `sys_trans_text`.`lang`='&1' ORDER BY `name` ASC", $locale);
while ($record = sql_fetch_assoc($rs))
{
$sSelected = ($record['short'] == $cache_country) ? ' selected="selected"' : '';
$countriesoptions .= '<option value="' . htmlspecialchars($record['short'], ENT_COMPAT, 'UTF-8') . '"' . $sSelected . '>' . htmlspecialchars($record['name'], ENT_COMPAT, 'UTF-8') . '</option>' . "\n";
}
tpl_set_var('countryoptions', $countriesoptions);
sql_free_result($rs);
// cache-attributes
$bBeginLine = true;
$nPrevLineAttrCount = 0;
$nLineAttrCount = 0;
$cache_attrib_list = '';
$cache_attrib_array = '';
$cache_attribs_string = '';
$rsAttrGroup = sql("SELECT `attribute_groups`.`id`, IFNULL(`sys_trans_text`.`text`, `attribute_groups`.`name`) AS `name`, `attribute_categories`.`color`
FROM `attribute_groups`
INNER JOIN `attribute_categories` ON `attribute_groups`.`category_id`=`attribute_categories`.`id`
LEFT JOIN `sys_trans` ON `attribute_groups`.`trans_id`=`sys_trans`.`id`
LEFT JOIN `sys_trans_text` ON `sys_trans`.`id`=`sys_trans_text`.`trans_id` AND `sys_trans_text`.`lang`='&1'
ORDER BY `attribute_groups`.`category_id` ASC, `attribute_groups`.`id` ASC", $locale);
while ($rAttrGroup = sql_fetch_assoc($rsAttrGroup))
{
$group_line = '';
$rs = sql("SELECT `cache_attrib`.`id`, IFNULL(`ttname`.`text`, `cache_attrib`.`name`) AS `name`, `cache_attrib`.`icon_undef`, `cache_attrib`.`icon_large`,
IFNULL(`ttdesc`.`text`, `cache_attrib`.`html_desc`) AS `html_desc`
FROM `cache_attrib`
LEFT JOIN `caches_attributes` ON `cache_attrib`.`id`=`caches_attributes`.`attrib_id` AND `caches_attributes`.`cache_id`='&1'
LEFT JOIN `sys_trans` AS `tname` ON `cache_attrib`.`trans_id`=`tname`.`id` AND `cache_attrib`.`name`=`tname`.`text`
LEFT JOIN `sys_trans_text` AS `ttname` ON `tname`.`id`=`ttname`.`trans_id` AND `ttname`.`lang`='&1'
LEFT JOIN `sys_trans` AS `tdesc` ON `cache_attrib`.`html_desc_trans_id`=`tdesc`.`id` AND `cache_attrib`.`html_desc`=`tdesc`.`text`
LEFT JOIN `sys_trans_text` AS `ttdesc` ON `tdesc`.`id`=`ttdesc`.`trans_id` AND `ttdesc`.`lang`='&1'
WHERE `cache_attrib`.`group_id`='&3' AND
NOT IFNULL(`cache_attrib`.`hidden`, 0)=1 AND
(`cache_attrib`.`selectable`!=0 OR `caches_attributes`.`cache_id`='&2')
ORDER BY `cache_attrib`.`group_id` ASC, `cache_attrib`.`id` ASC", $locale, $cache_id, $rAttrGroup['id']);
while($record = sql_fetch_array($rs))
{
$line = $cache_attrib_pic;
$line = mb_ereg_replace('{attrib_id}', $record['id'], $line);
$line = mb_ereg_replace('{attrib_text}', escape_javascript($record['name']), $line);
if (in_array($record['id'], $cache_attribs))
$line = mb_ereg_replace('{attrib_pic}', $record['icon_large'], $line);
else
$line = mb_ereg_replace('{attrib_pic}', $record['icon_undef'], $line);
$line = mb_ereg_replace('{html_desc}', escape_javascript($record['html_desc']), $line);
$line = mb_ereg_replace('{name}', escape_javascript($record['name']), $line);
$line = mb_ereg_replace('{color}', $rAttrGroup['color'], $line);
$group_line .= $line;
$nLineAttrCount++;
$line = $cache_attrib_js;
$line = mb_ereg_replace('{id}', $record['id'], $line);
if (in_array($record['id'], $cache_attribs))
$line = mb_ereg_replace('{selected}', 1, $line);
else
$line = mb_ereg_replace('{selected}', 0, $line);
$line = mb_ereg_replace('{img_undef}', $record['icon_undef'], $line);
$line = mb_ereg_replace('{img_large}', $record['icon_large'], $line);
if ($cache_attrib_array != '') $cache_attrib_array .= ',';
$cache_attrib_array .= $line;
if (in_array($record['id'], $cache_attribs))
{
if ($cache_attribs_string != '') $cache_attribs_string .= ';';
$cache_attribs_string .= $record['id'];
}
}
sql_free_result($rs);
if ($group_line != '')
{
$group_img = $cache_attrib_group;
$group_img = mb_ereg_replace('{color}', $rAttrGroup['color'], $group_img);
$group_img = mb_ereg_replace('{attribs}', $group_line, $group_img);
$group_img = mb_ereg_replace('{name}', htmlspecialchars($rAttrGroup['name'], ENT_COMPAT, 'UTF-8'), $group_img);
if ($bBeginLine == true)
{
$cache_attrib_list .= '<div class="attribswide">';
$bBeginLine = false;
}
$cache_attrib_list .= $group_img;
$nPrevLineAttrCount += $nLineAttrCount;
$nLineAttrCount = 0;
}
}
sql_free_result($rsAttrGroup);
if ($bBeginLine == false)
$cache_attrib_list .= '</div>';
tpl_set_var('cache_attrib_list', $cache_attrib_list);
tpl_set_var('jsattributes_array', $cache_attrib_array);
tpl_set_var('cache_attribs', $cache_attribs_string);
//difficulty
$difficulty_options = '';
for ($i = 2; $i <= 10; $i++)
{
if ($cache_difficulty == $i)
{
$difficulty_options .= '<option value="' . $i . '" selected="selected">' . $i / 2 . '</options>';
}
else
{
$difficulty_options .= '<option value="' . $i . '">' . $i / 2 . '</options>';
}
$difficulty_options .= "\n";
}
tpl_set_var('difficultyoptions', $difficulty_options);
//build terrain options
$terrain_options = '';
for ($i = 2; $i <= 10; $i++)
{
if ($cache_terrain == $i)
{
$terrain_options .= '<option value="' . $i . '" selected="selected">' . $i / 2 . '</options>';
}
else
{
$terrain_options .= '<option value="' . $i . '">' . $i / 2 . '</options>';
}
$terrain_options .= "\n";
}
tpl_set_var('terrainoptions', $terrain_options);
//build typeoptions
$types = '';
$rsTypes = sql("SELECT `cache_type`.`id`, IFNULL(`sys_trans_text`.`text`, `cache_type`.`name`) AS `name`
FROM `cache_type`
LEFT JOIN `sys_trans` ON `cache_type`.`trans_id`=`sys_trans`.`id`
LEFT JOIN `sys_trans_text` ON `sys_trans`.`id`=`sys_trans_text`.`trans_id` AND
`sys_trans_text`.`lang`='" . sql_escape($locale) . "'
ORDER BY `cache_type`.`ordinal` ASC");
while ($rType = sql_fetch_assoc($rsTypes))
{
$sSelected = ($rType['id'] == $cache_type) ? ' selected="selected"' : '';
$types .= '<option value="' . $rType['id'] . '"' . $sSelected . '>' . htmlspecialchars($rType['name'], ENT_COMPAT, 'UTF-8') . '</option>';
}
sql_free_result($rsTypes);
tpl_set_var('typeoptions', $types);
//build sizeoptions
$sizes = '';
$rsSizes = sql("SELECT `cache_size`.`id`, IFNULL(`sys_trans_text`.`text`, `cache_size`.`name`) AS `name`
FROM `cache_size`
LEFT JOIN `sys_trans` ON `cache_size`.`trans_id`=`sys_trans`.`id`
LEFT JOIN `sys_trans_text` ON `sys_trans`.`id`=`sys_trans_text`.`trans_id` AND
`sys_trans_text`.`lang`='" . sql_escape($locale) . "'
ORDER BY `cache_size`.`ordinal` ASC");
while ($rSize = sql_fetch_assoc($rsSizes))
{
$sSelected = ($rSize['id'] == $sel_size) ? ' selected="selected"' : '';
$sizes .= '<option value="' . $rSize['id'] . '"' . $sSelected . '>' . htmlspecialchars($rSize['name'], ENT_COMPAT, 'UTF-8') . '</option>';
}
sql_free_result($rsSizes);
tpl_set_var('sizeoptions', $sizes);
//Cachedescs
$desclangs = mb_split(',', $cache_record['desc_languages']);
$cache_descs = '';
$gc_com_refs = false;
foreach ($desclangs AS $desclang)
{
if (count($desclangs) > 1)
{
$remove_url = 'removedesc.php?cacheid=' . urlencode($cache_id) . '&desclang=' . urlencode($desclang);
$removedesc = '&nbsp;[<a href="' . htmlspecialchars($remove_url, ENT_COMPAT, 'UTF-8') . '">' . $remove . '</a>]';
}
else
{
$removedesc = '';
}
$resp = sql("SELECT `desc` FROM `cache_desc` WHERE `cache_id`='&1' AND `language`='&2'", $cache_id, $desclang);
$row = sql_fetch_array($resp);
if(mb_strpos($row['desc'], "http://img.groundspeak.com/") !== false)
$gc_com_refs = true;
sql_free_result($resp);
$edit_url = 'editdesc.php?cacheid=' . urlencode($cache_id) . '&desclang=' . urlencode($desclang);
$cache_descs .= '<tr><td colspan="2">' . htmlspecialchars(db_LanguageFromShort($desclang), ENT_COMPAT, 'UTF-8') . ' [<a href="' . htmlspecialchars($edit_url, ENT_COMPAT, 'UTF-8') . '">' . $edit . '</a>]' . $removedesc . '</td></tr>';
}
tpl_set_var('cache_descs', $cache_descs);
if($gc_com_refs)
{
tpl_set_var('gc_com_refs_start', "");
tpl_set_var('gc_com_refs_end', "");
}
else
{
tpl_set_var('gc_com_refs_start', "<!--");
tpl_set_var('gc_com_refs_end', "-->");
}
//Status
$statusoptions = '';
if ($status_old != 7)
{
$rsStatus = sql("SELECT `cache_status`.`id`, IFNULL(`sys_trans_text`.`text`, `cache_status`.`name`) AS `name`
FROM `cache_status`
LEFT JOIN `sys_trans` ON `cache_status`.`trans_id`=`sys_trans`.`id`
LEFT JOIN `sys_trans_text` ON `sys_trans`.`id`=`sys_trans_text`.`trans_id` AND
`sys_trans_text`.`lang`='" . sql_escape($locale) . "'
WHERE `cache_status`.`id` NOT IN (4, 5, 7) OR `cache_status`.`id`='" . sql_escape($status_old+0) . "'
ORDER BY `cache_status`.`id` ASC");
while ($rStatus = sql_fetch_assoc($rsStatus))
{
$sSelected = ($rStatus['id'] == $status) ? ' selected="selected"' : '';
$statusoptions .= '<option value="' . htmlspecialchars($rStatus['id'], ENT_COMPAT, 'UTF-8') . '"' . $sSelected . '>' . htmlspecialchars($rStatus['name'], ENT_COMPAT, 'UTF-8') . '</option>';
}
sql_free_result($rsStatus);
}
else
{
$statusoptions .= '<option value="7" selected="selected">' . htmlspecialchars(t("Locked, invisible"), ENT_COMPAT, 'UTF-8') . '</option>';
}
tpl_set_var('statusoptions', $statusoptions);
// show activation form?
if($status_old == 5) // status = not yet published
{
$tmp = $activation_form;
$tmp = mb_ereg_replace('{activate_day}', htmlspecialchars($cache_activate_day, ENT_COMPAT, 'UTF-8'), $tmp);
$tmp = mb_ereg_replace('{activate_month}', htmlspecialchars($cache_activate_month, ENT_COMPAT, 'UTF-8'), $tmp);
$tmp = mb_ereg_replace('{activate_year}', htmlspecialchars($cache_activate_year, ENT_COMPAT, 'UTF-8'), $tmp);
$tmp = mb_ereg_replace('{publish_now_checked}', ($publish == 'now') ? 'checked' : '', $tmp);
$tmp = mb_ereg_replace('{publish_later_checked}', ($publish == 'later') ? 'checked' : '', $tmp);
$tmp = mb_ereg_replace('{publish_notnow_checked}', ($publish == 'notnow') ? 'checked' : '', $tmp);
$activation_hours = '';
for ($i = 0; $i <= 23; $i++)
{
if ($cache_activate_hour == $i)
{
$activation_hours .= '<option value="' . $i . '" selected="selected">' . $i . '</options>';
}
else
{
$activation_hours .= '<option value="' . $i . '">' . $i . '</options>';
}
$activation_hours .= "\n";
}
$tmp = mb_ereg_replace('{activation_hours}', $activation_hours, $tmp);
if($activate_date_not_ok)
{
$tmp = mb_ereg_replace('{activate_on_message}', $date_message, $tmp);
}
else
{
$tmp = mb_ereg_replace('{activate_on_message}', '', $tmp);
}
tpl_set_var('activation_form', $tmp);
}
else
{
tpl_set_var('activation_form', '');
}
if ($cache_record['picture'] > 0)
{
$pictures = '';
$rspictures = sql("SELECT `url`, `title`, `uuid` FROM `pictures` WHERE `object_id`='&1' AND `object_type`=2", $cache_id);
for ($i = 0; $i < mysql_num_rows($rspictures); $i++)
{
$tmpline = $pictureline;
$pic_record = sql_fetch_array($rspictures);
$tmpline = mb_ereg_replace('{link}', htmlspecialchars($pic_record['url'], ENT_COMPAT, 'UTF-8'), $tmpline);
$tmpline = mb_ereg_replace('{title}', htmlspecialchars($pic_record['title'], ENT_COMPAT, 'UTF-8'), $tmpline);
$tmpline = mb_ereg_replace('{uuid}', htmlspecialchars($pic_record['uuid'], ENT_COMPAT, 'UTF-8'), $tmpline);
$pictures .= $tmpline;
}
$pictures = mb_ereg_replace('{lines}', $pictures, $picturelines);
mysql_free_result($rspictures);
tpl_set_var('pictures', $pictures);
}
else
tpl_set_var('pictures', $nopictures);
tpl_set_var('waypoints', getWaypoints($cache_id));
tpl_set_var('cacheid', htmlspecialchars($cache_id, ENT_COMPAT, 'UTF-8'));
tpl_set_var('name', htmlspecialchars($cache_name, ENT_COMPAT, 'UTF-8'));
tpl_set_var('ownername', htmlspecialchars($cache_record['username'], ENT_COMPAT, 'UTF-8'));
tpl_set_var('date_day', htmlspecialchars($cache_hidden_day, ENT_COMPAT, 'UTF-8'));
tpl_set_var('date_month', htmlspecialchars($cache_hidden_month, ENT_COMPAT, 'UTF-8'));
tpl_set_var('date_year', htmlspecialchars($cache_hidden_year, ENT_COMPAT, 'UTF-8'));
tpl_set_var('selLatN', ($coords_latNS == 'N') ? ' selected="selected"' : '');
tpl_set_var('selLatS', ($coords_latNS == 'S') ? ' selected="selected"' : '');
tpl_set_var('selLonE', ($coords_lonEW == 'E') ? ' selected="selected"' : '');
tpl_set_var('selLonW', ($coords_lonEW == 'W') ? ' selected="selected"' : '');
tpl_set_var('lat_h', htmlspecialchars($coords_lat_h, ENT_COMPAT, 'UTF-8'));
tpl_set_var('lat_min', htmlspecialchars($coords_lat_min, ENT_COMPAT, 'UTF-8'));
tpl_set_var('lon_h', htmlspecialchars($coords_lon_h, ENT_COMPAT, 'UTF-8'));
tpl_set_var('lon_min', htmlspecialchars($coords_lon_min, ENT_COMPAT, 'UTF-8'));
tpl_set_var('name_message', ($name_not_ok == true) ? $name_message : '');
tpl_set_var('lon_message', ($lon_not_ok == true) ? $coords_message : '');
tpl_set_var('lat_message', ($lat_not_ok == true) ? $coords_message : '');
tpl_set_var('date_message', ($hidden_date_not_ok == true) ? $date_message : '');
tpl_set_var('size_message', ($size_not_ok == true) ? $sizemismatch_message : '');
if($lon_not_ok || $lat_not_ok || $hidden_date_not_ok || $name_not_ok)
tpl_set_var('general_message', $error_general);
else
tpl_set_var('general_message', "");
tpl_set_var('cacheid_urlencode', htmlspecialchars(urlencode($cache_id), ENT_COMPAT, 'UTF-8'));
tpl_set_var('cacheuuid_urlencode', htmlspecialchars(urlencode($cache_record['uuid']), ENT_COMPAT, 'UTF-8'));
tpl_set_var('show_all_countries', $show_all_countries);
tpl_set_var('show_all_countries_submit', ($show_all_countries == 0) ? $all_countries_submit: '');
$st_hours = floor($search_time);
$st_minutes = sprintf('%02.0F', ($search_time - $st_hours) * 60);
tpl_set_var('search_time', $st_hours . ':' . $st_minutes);
tpl_set_var('way_length', $way_length);
tpl_set_var('log_pw', htmlspecialchars($log_pw, ENT_COMPAT, 'UTF-8'));
tpl_set_var('wp_gc', htmlspecialchars($wp_gc, ENT_COMPAT, 'UTF-8'));
tpl_set_var('wp_nc', htmlspecialchars($wp_nc, ENT_COMPAT, 'UTF-8'));
tpl_set_var('reset', $reset);
tpl_set_var('submit', $submit);
}
else
{
//TODO: not the owner
}
}
else
{
//TODO: cache not exist
}
}
}
//make the template and send it out
tpl_BuildTemplate();
?>
Reference in New Issue View Git Blame Copy Permalink