".$setup['EventSubject']."

. */ function echoln($t, $debugmsg=false, $layout=false) { global $setup; if( $setup['Debug'] ) { echo $t; if( !$layout ) echo "\n"; }else { echo rtrim(ltrim($t), "\n\r\0\x0B"); } } function debug($msg) { global $setup; if( $setup['Debug'] ) { echo "\n

$msg

\n"; } } function debug_array($name, $array) { global $setup; if( $setup['Debug'] ) { debug($name.":
".nl2br(strtr(print_r($array, true), array(" " => " ")))); } } function page_header($nohtml=false, $extraHeader=NULL) { global $setup, $ldap, $LDAPTRANS; if( $setup['AuthSystem']=="" ) { $setup['AuthSystem'] = "None"; } $authClass = "Auth".$setup['AuthSystem']; require_once("./include/".$authClass.".php"); $ldap = new $authClass(); // Check login if( isset($_GET['logout']) ) { //Do logout $username = $_SESSION['sess_name']; $layout=$_SESSION['layout']; $_SESSION=array(); $_SESSION['layout']=$layout; dolog("login_user", "'".$username."' logged out", "info"); if( substr($_SERVER['PHP_SELF'], -9)=="apply.php" OR substr($_SERVER['PHP_SELF'], -9)=="board.php" ) { header("location: index.php"); exit(); } } if( $setup['AuthSystem']!="None" && isset($_POST['login']) ) { // Check login if( $ldap->auth(stripslashes($_POST['username']), stripslashes($_POST['password'])) ) { // Ok dolog("login_user", "'".stripslashes(trim($_POST['username']))."' logged in from ".get_remote_address()." via ".$setup['AuthSystem'], "info"); session_regenerate_id(true); $_SESSION['sess_uid'] = -10; $_SESSION['sess_name'] = stripslashes(trim($_POST['username'])); $_SESSION['sess_groups'] = $ldap->getBoardGroups(); $_SESSION['access_user'] = true; $search = array_keys($LDAPTRANS); if( $res = $ldap->getData($search) ) { for( $i=0; $i0 ) { $_SESSION['user_FirstName'] = substr($_SESSION['sess_name'], 0, $h); $_SESSION['user_LastName'] = substr($_SESSION['sess_name'], $h+1); }else { dolog("login_user", "Aarrgg, there is even not a space in username for '".$_SESSION['sess_name']."', leaving LastName empty.", "error"); $_SESSION['user_FirstName'] = $_SESSION['sess_name']; } } // Do some repairs if( isset($_SESSION['user_Phone']) && substr($_SESSION['user_Phone'], 0, 1)=="+" ) $_SESSION['user_Phone'] = substr($_SESSION['user_Phone'], 1); if( isset($_SESSION['user_Mobile']) && substr($_SESSION['user_Mobile'], 0, 1)=="+" ) $_SESSION['user_Mobile'] = substr($_SESSION['user_Mobile'], 1); if( isset($_SESSION['user_Fax']) && substr($_SESSION['user_Fax'], 0, 1)=="+" ) $_SESSION['user_Fax'] = substr($_SESSION['user_Fax'], 1); if( isset($_SESSION['user_CountryCode']) && strlen($_SESSION['user_CountryCode'])>0 ) { $query="SELECT `Code` FROM `CountryCodes` WHERE `ISO_2`='".addslashes($_SESSION['user_CountryCode'])."' OR `ISO_3`='".addslashes($_SESSION['user_CountryCode'])."' OR `Postal`='".addslashes($_SESSION['user_CountryCode'])."'"; if( @mysql_num_rows( $res=doquery($query) )==1 ) { $row = mysql_fetch_array($res); $_SESSION['user_CountryCode'] = $row['Code']; }else { unset($_SESSION['user_CountryCode']); } } }else { dolog("login_user", "Failed login for '".$_POST['username']."' from ".get_remote_address()." via ".$setup['AuthSystem'], "warning"); layout("login", $ldap); exit(); } } if( $setup['AuthSystem']!="None" AND isset($_GET['login']) AND !($_SESSION['sess_uid']!=0) ) { //Show login page and exit ssl_redirect(); layout("login", $ldap); exit(); } if( !$nohtml ) { layout("top", $ldap, $extraHeader); layout_menu("Home"); layout_menu("Chair news"); if( $setup['SetupWSNumber']>0 ) { layout_menu("Workshops"); } if( isset($_SESSION['access_user']) && $_SESSION['access_user']==true ) { layout_menu("My application"); }elseif( $setup['PromoteAnonymousApplication'] || $setup['AuthSystem']=="None" ) { layout_menu("My application"); }else { layout_menu("My application"); } if( $setup['SetupBoardApproval']=="yes" ) { if( $setup['PromoteAnonymousApplication'] || $setup['AuthSystem']=="None" ) { layout_menu("Boards"); }else { layout_menu("Boards"); } } if( $setup['CandidateAdminOpen'] && get_sql_date($setup["EventDateEnd"])>=date("Y-m-d", strtotime("now -19months")) ) { layout_menu("Candidates"); } layout_menu("For Contacts"); layout_menu("Participants list"); if( is_after("EventDateStart") ) { layout_menu("Photos"); } #layout_menu("Downloads"); layout_menu("Statistics"); layout_menu("Your privacy"); layout_menu("About"); layout("account-top", $ldap); if( isset($_SESSION['sess_uid']) && $_SESSION['sess_uid']!=0 && $setup['AuthSystem']!="None" ) { layout("account-loggedin", $ldap); }else { layout("account-anonymous", $ldap); if( $setup['AuthSystem']!="None" ) { echoln("
login"); } } layout("account-bottom", $ldap); layout("page-top", $ldap); echoln(" Home > "); #echoln("Office > "); echoln("Statutory > "); echoln("".$setup['MenuName']."

"); } } function page_footer($nohtml=false) { global $ldap; if( !$nohtml ) { layout("page-bottom", $ldap); layout("bottom", $ldap); } $ldap->__destruct(); } function layout($part, $ldap=null, $extraHeader=NULL) { $parts = array(); $parts[] = "login"; $parts[] = "top"; $parts[] = "menu-top"; $parts[] = "menu-bottom"; $parts[] = "account-top"; $parts[] = "account-anonymous"; $parts[] = "account-loggedin"; $parts[] = "account-bottom"; $parts[] = "page-top"; $parts[] = "page-bottom"; $parts[] = "bottom"; $parts[] = "all"; if( in_array($part, $parts) ) { if( $part=="top" ) { header("Content-Type: text/html; charset=UTF-8"); } if( $fd=fopen(LAYOUTPATHABS.$_SESSION['layout']."/".$part.".html", "r") ) { $search = array(); $replace = array(); $search[] = "%PHP_SELF%"; $replace[] = $_SERVER['PHP_SELF']; if( isset($_SESSION['sess_name']) ) { $search[] = "%USERNAME%"; $replace[] = $_SESSION['sess_name']; $search[] = "%RAWENCODEUSERNAME%"; $replace[] = rawurlencode($_SESSION['sess_name']); } $search[] = "%LAYOUTDIR%"; $replace[] = LAYOUTPATHABS.$_SESSION['layout']."/"; $search[] = "%QUERY_STRING%"; $replace[] = preg_replace("/logout/", "", $_SERVER['QUERY_STRING']); if( $ldap==null ) { $search[] = "%AUTH_SYSTEM_NAME%"; $replace[] = "aegee.org"; $search[] = "%AUTH_REGISTRATION_URL%"; $replace[] = "http://www.aegee.org/"; }else { $search[] = "%AUTH_SYSTEM_NAME%"; $replace[] = $ldap->getSystemName(); $search[] = "%AUTH_REGISTRATION_URL%"; $replace[] = $ldap->getRegistrationUrl(); } if( $extraHeader == NULL ) { $search[] = "%EXTRAHEADER%"; $replace[] = ""; }else { $search[] = "%EXTRAHEADER%"; $replace[] = $extraHeader; } while( !feof($fd) ) { echoln( str_replace($search, $replace, fgets($fd, 4096)), false, true ); } fclose ($fd); } }else { // Not valid } } function layout_img($img) { $imgs=array(); $imgs[]="previous.gif"; $imgs[]="next.gif"; $imgs[]="list.gif"; if( in_array($img, $imgs) ) { return "./layout/".$_SESSION['layout']."/image/".$img; }else { // Not valid return ""; } } function layout_menu($item) { layout("menu-top"); echoln("\t\t\t\t\t\t\t\t\t\t".$item); layout("menu-bottom"); } /* admin_header($empty=false) * Show the page header * @param: empty: when true, do not output anything if login is ok (useful for downloads or images) * @return: - */ function admin_header($nomenu=false, $nohtml=false) { global $ldap, $LDAPTRANS, $setup; ssl_redirect(); // always switch to https // Check login if( $setup['AuthSystem']=="" ) { $setup['AuthSystem'] = "None"; } $authClass = "Auth".$setup['AuthSystem']; require_once("./include/".$authClass.".php"); $ldap = new $authClass(); if( isset($_GET['logout']) AND $_SESSION['sess_uid']!=0 ) { //Do logout dolog("login_admin", "'".$_SESSION['sess_name']."' logged out", "info"); $layout=$_SESSION['layout']; $_SESSION=array(); $_SESSION['layout']=$layout; } if( !isset($_SESSION['sess_uid']) OR $_SESSION['sess_uid']<1 ) { // Check login if( (isset($_POST['username']) && isset($_POST['password'])) && (($auth_ldap=$ldap->auth($_POST['username'], $_POST['password'])) || ($auth_mysql=(@mysql_num_rows(doquery("SELECT `uid` FROM `users` WHERE `user`='".addslashes($_POST['username'])."' AND `password`='".md5(SECRET.$_POST['password'])."'"))==1))) ) { // user/password ok, now check if user has admin access $query="SELECT `uid`, `user`, `password`, `role_id`, `privstatementagree` FROM `users` WHERE `user`='".addslashes($_POST['username'])."'"; if( @mysql_num_rows( $res=doquery($query) )==1 ) { // admin access granted $row = mysql_fetch_array($res); session_regenerate_id(true); $_SESSION['sess_uid'] = $row['uid']; $_SESSION['sess_name'] = $row['user']; $_SESSION['sess_role_id'] = $row['role_id']; $query2 = "SELECT `id`, `name` FROM `functions` "; $query2.= "LEFT JOIN `function_roles` ON `function_roles`.`function_id`=`functions`.`id` "; $query2.= "WHERE `role_id`=".$row['role_id']; $functions = array(); if( @mysql_num_rows( $res2=doquery($query2) )>0 ) { while( $row2 = mysql_fetch_assoc($res2) ) { $functions[ $row2['id'] ] = $row2['name']; } } $_SESSION['sess_functions'] = $functions; if( mayExport() ) { $_SESSION['sess_functions'][] = "exports"; $functions[] = "exports"; } if( $row['privstatementagree']!="yes" ) { // User did not agree to privacy statement yet $_SESSION['sess_functions'] = array(); $_SESSION['privstatementagree'] = "ask"; $_SESSION['privstatementagree_functions'] = $functions; } dolog("login_admin", "'".$_SESSION['sess_name']."' logged in from ".get_remote_address()." via ".($auth_ldap?"LDAP":($auth_mysql?"MySQL":"unknown access DB")), "info"); if( $auth_ldap AND $row['password']!=md5(SECRET.$_POST['password']) ) { // MySQL password different than LDAP -> update $query = "UPDATE `users` SET `password`='".addslashes(md5(SECRET.$_POST['password']))."' WHERE `uid`=".$row['uid']; if( doquery($query) ) { dolog("login_admin", "Saved password for '".$_SESSION['sess_name']."' in MySQL.", "info"); }else { dolog("login_admin", "Failed saving password for '".$_SESSION['sess_name']."' in MySQL.", "error"); } } }else { // No access to admin page layout("login"); exit(); } }else { // Wrong user/password layout("login"); exit(); } } if( isset($_SESSION['privstatementagree']) && $_SESSION['privstatementagree']=="ask" ) { if( $_SERVER['REQUEST_METHOD']=="POST" AND isset($_POST['agreeprivstatement']) ) { $_SESSION['sess_functions'] = $_SESSION['privstatementagree_functions']; $_SESSION['privstatementagree'] = NULL; $_SESSION['privstatementagree_access'] = NULL; dolog("login_admin", "'".$_SESSION['sess_name']."' agreed to privacy statement", "info"); $query = "UPDATE `users` SET `privstatementagree`='yes' WHERE `uid`=".addslashes($_SESSION['sess_uid']); doquery($query); }else { if( basename($_SERVER['PHP_SELF'])!="index.php" ) { // Only the index.php file can show the privacy statement, redirect there header("Status: 301"); header("Location: ./"); } } } // Load the selection boxes (which participant type to show) get_selection(); // User logged in if( !$nohtml ) { echoln(""); echoln(""); echoln(" "); echoln(" "); echoln(" "); echoln(" "); echoln(" "); echoln(" ".$setup['EventSubject'].""); echoln(" "); if( $nomenu ) { echoln(" "); }else { echoln(" "); echoln(" "); echoln(" "); echoln(" "); echoln(" "); echoln(" "); echoln("
"); echoln("User: ".$_SESSION['sess_name']." [Logout]"); // Help if( isset($_REQUEST['show']) ) { echoln("
Help
"); }else { echoln("
Help
"); } if( count($_SESSION['sess_functions'])>0 ) { // Selections echoln("
Selection: [Change]
"); echoln("
"); echoln("
Accepted status:"); echoln(" ".( $_SESSION['sess_sel_accept_nosel']=="yes" ? "no selection yet; " : "" ) . ( $_SESSION['sess_sel_accept_yes']=="yes" ? "accepted; " : "" ) . ( $_SESSION['sess_sel_accept_pending']=="yes" ? "confirmation pending; " : "" ) . ( $_SESSION['sess_sel_accept_confirm']=="yes" ? "confirmed; " : "" )); echoln(" ".( $_SESSION['sess_sel_accept_no']=="yes" ? "not accepted; " : "" ) . ( $_SESSION['sess_sel_accept_cancel']=="yes" ? "canceled; " : "" ) . ( $_SESSION['sess_sel_accept_arrived']=="yes" ? "arrived; " : "" ) . "
"); if( $setup['RegistrationDesks']>1 ) echoln("
Registration desk: " . ( !isset($_SESSION['sess_sel_registrationdesk']) || $_SESSION['sess_sel_registrationdesk']==0 ? "all desks" : "Desk ".$_SESSION['sess_sel_registrationdesk'] ) . "
"); if( $setup['NumberOfGyms']>1 ) echoln("
Gym: " . ( $_SESSION['sess_sel_gym']==0 ? "all gyms" : "Gym ".$_SESSION['sess_sel_gym'] ) . "
"); echoln("
"); // Overviews echoln("
Overviews:
"); echoln("
"); if( in_array("application_viewlist", $_SESSION['sess_functions']) ) { echoln("
Applications
"); } if( in_array("application_viewworkshop", $_SESSION['sess_functions']) && $setup['SetupWSNumber']>=1 ) { echoln("
Workshop choices
"); } if( in_array("application_viewlist", $_SESSION['sess_functions']) ) { echoln("
Participants list *
"); } if( in_array("application_viewvisa", $_SESSION['sess_functions']) ) { echoln("
Visa
"); #echoln("
Visa invitations
"); } if( in_array("application_viewremarks", $_SESSION['sess_functions']) ) { echoln("
Remarks
"); } if( in_array("application_viewdetail", $_SESSION['sess_functions']) ) { echoln("
Custom overview
"); } if( in_array("candidate_viewlist", $_SESSION['sess_functions']) ) { echoln("
Candidates *
"); } if( in_array("export_mailinglist", $_SESSION['sess_functions']) && $setup['SetupWSNumber']>0 ) { echoln("
Mailing list export
"); } if( in_array("application_viewlist", $_SESSION['sess_functions']) ) { echoln("
Birthdays
"); } if( in_array("application_viewlist", $_SESSION['sess_functions']) && $setup['ApplShowPhoto'] ) { echoln("
Photos
"); } if( in_array("exports", $_SESSION['sess_functions']) ) { echoln("
Export
"); } echoln("
"); // Totals and statistics echoln("
Totals and statistics:
"); echoln("
"); if( in_array("statistics_view", $_SESSION['sess_functions']) ) { echoln("
Applications per country
"); echoln("
Applications per body
"); echoln("
Applications per day
"); echoln("
Quorum
"); } if( in_array("application_viewfee", $_SESSION['sess_functions']) ) { echoln("
Fee expectations
"); echoln("
Fee incomes
"); } if( in_array("application_viewworkshop", $_SESSION['sess_functions']) && $setup['SetupWSNumber']>=1 ) { echoln("
Workshops
"); } if( in_array("application_viewremarks", $_SESSION['sess_functions']) ) { echoln("
Meals
"); } if( in_array("statistics_view", $_SESSION['sess_functions']) ) { echoln("
Arrivals per hour
"); echoln("
Departures per hour
"); echoln("
Other totals
"); } echoln("
"); // Registration functions echoln("
Registration:
"); echoln("
"); if( in_array("application_register", $_SESSION['sess_functions']) ) { echoln("
Register participants * #
"); } if( in_array("application_editfee", $_SESSION['sess_functions']) ) { echoln("
Register fees *
"); } if( in_array("application_register", $_SESSION['sess_functions']) ) { echoln("
Registration list + *
"); #echoln("
Registration detail + *
"); } if( in_array("nummem_view", $_SESSION['sess_functions']) ) { echoln("
Number of members + *
"); } if( in_array("agoralist_view", $_SESSION['sess_functions']) ) { echoln("
JC registration + *
"); echoln("
Attendance list + *
"); echoln("
Prytanium list + *
"); } echoln("
"); // Administrator functions echoln("
Administrator:
"); echoln("
"); if( in_array("setup_view", $_SESSION['sess_functions']) ) { echoln("
Setup *
"); } if( in_array("application_new", $_SESSION['sess_functions']) ) { echoln("
New application
"); } if( in_array("application_invite", $_SESSION['sess_functions']) ) { echoln("
Invite person
"); } if( in_array("massmail_sendaschair", $_SESSION['sess_functions']) || in_array("massmail_sendaslocalorg", $_SESSION['sess_functions']) ) { echoln("
Mass mailer *
"); } if( in_array("massmail_view", $_SESSION['sess_functions']) ) { echoln("
Mass mails send *
"); } if( in_array("application_setup_extra_q_view", $_SESSION['sess_functions']) ) { echoln("
Application extra question *
"); } if( in_array("application_viewgym", $_SESSION['sess_functions']) ) { echoln("
Gym selection *
"); } if( in_array("candidate_viewpositions", $_SESSION['sess_functions']) ) { echoln("
Candidates *
"); } if( in_array("workshop_view", $_SESSION['sess_functions']) && $setup['SetupWSNumber']>=1 ) { echoln("
Workshops
"); } if( in_array("body_view", $_SESSION['sess_functions']) ) { echoln("
AEGEE Bodies *
"); } if( in_array("news_view", $_SESSION['sess_functions']) ) { echoln("
Information *
"); } if( in_array("currencies_view", $_SESSION['sess_functions']) ) { echoln("
Currencies *
"); } if( in_array("roles_view", $_SESSION['sess_functions']) ) { echoln("
Roles *
"); } if( in_array("user_view", $_SESSION['sess_functions']) ) { echoln("
Users *
"); } if( in_array("log_view", $_SESSION['sess_functions']) ) { echoln("
Activity log *
"); } if( in_array("changelog_view", $_SESSION['sess_functions']) ) { echoln("
Changelog *
"); } #echoln("
Mass accepter *
"); echoln("
"); } echoln("
Explanation:"); echoln("
+: opens in new window"); echoln("
*: independent of selection"); echoln("
#: open and hide menu"); // Copyright echoln("
"); echoln("
© Copyright AEGEE-Europe 2003-".date("Y")); echoln("
Created by Wim van Ravesteijn"); echoln(" "); } } } /* admin_footer($empty=false) * Show the page footer * @param: empty: when true, do not output anything if login is ok (useful for downloads or images) * @return: - */ function admin_footer($nomenu=false, $nohtml=false) { global $ldap; if( !$nohtml ) { if( !$nomenu ) { echoln("
"); } echoln("

"); echoln(" "); echoln(""); } $ldap->__destruct(); } function mayExport() { require_once("./include/IExport.php"); $dir = dirname($_SERVER["SCRIPT_FILENAME"])."/Exports/*.php"; if( is_dir(dirname($dir)) ) { foreach( glob($dir) as $file ) { if( is_file($file) ) { $className = basename($file, ".php"); require_once($file); $class = new $className; if( $class->hasAccess() ) { return true; } } } }else { debug(dirname($dir)." does not exist, failed loading exports"); } return false; } ?>