goodoldpaul/MastodonStartpage
1
0
Fork 0
Code Releases Activity
MastodonStartpage/web/admin/edinsth.php
pezcurrel 3c631ccf7e ...
2020-04-05 22:45:21 +02:00

367 lines
17 KiB
PHP
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<?php
require('include/glob.php');
require('include/muoribene.php');
require('include/sessionstart.php');
require('include/myconn.php');
require('include/tables.php');
$tables=tables($link);
$dbg='';
use function mysqli_real_escape_string as myesc;
// praticamente una macro
function hspech($str) {
return(htmlspecialchars($str,ENT_QUOTES|ENT_HTML5,'UTF-8'));
}
$contextopts=array(
'http'=>array(
'timeout'=>5
),
'socket'=>array(
'tcp_nodelay'=>true
)
);
$context=stream_context_create($contextopts);
$email='pezcurrel@tiscali.it';
$langs=array('xx'=>'Local language','en'=>'English','es'=>'Español','fr'=>'Français','it'=>'Italiano');
$exvalsjsarr='null;'.N;
$morejs='';
$dbg.='<pre>GET:'.N.print_r($_GET,1).'POST:'.N.print_r($_POST,1).'</pre>';
function edaddrem(&$link,&$morejs,&$id,$table,$column,$dispselarr,$lntable,$lncolumn,$searchid,$dispselid,$recbid) {
if ($_POST['m']=='add') {
mysqli_query($link,'INSERT INTO '.$table.' (ID, '.$column.') VALUES (NULL, \''.myesc($link,$_POST['v']).'\')')
or muoribene(__LINE__.': '.mysqli_error($link),true);
$newid=mysqli_insert_id($link);
$morejs.='parent.'.$dispselarr.'.push(["'.jsencode($_POST['v']).'",'.$newid.',true]);'.N;
$morejs.='parent.'.$dispselarr.'=parent.sortByKey(parent.'.$dispselarr.',0);'.N;
} elseif ($_POST['m']=='remove') {
if (!array_key_exists('subst',$_POST) || preg_match('/^[0-9]+$/',$_POST['subst'])!==1)
muoribene(__LINE__.': Malformed input.',true);
$newid=$_POST['subst']+0;
mysqli_query($link,'DELETE FROM '.$table.' WHERE ID='.$id)
or muoribene(__LINE__.': '.mysqli_error($link),true);
if ($newid==0) {
$res=mysqli_query($link,'SELECT * FROM '.$lntable.' WHERE '.$lncolumn.'='.$id)
or muoribene(__LINE__.': '.mysqli_error($link),true);
mysqli_query($link,'DELETE FROM '.$lntable.' WHERE '.$lncolumn.'='.$id)
or muoribene(__LINE__.': '.mysqli_error($link),true);
while ($row=mysqli_fetch_assoc($res)) {
$rres=mysqli_query($link,'SELECT * FROM '.$lntable.' WHERE InstID='.$row['InstID'].' ORDER BY Pos ASC') or muoribene(__LINE__.': '.mysqli_error($link),true);
$pos=0;
while ($rrow=mysqli_fetch_assoc($rres)) {
$pos++;
mysqli_query($link,'UPDATE '.$lntable.' SET Pos='.$pos.' WHERE InstID='.$rrow['InstID'].' AND '.$lncolumn.'='.$rrow[$lncolumn].' AND Pos='.$rrow['Pos'])
or muoribene(__LINE__.': '.mysqli_error($link),true);
}
}
} else {
$res=mysqli_query($link,'SELECT * FROM '.$lntable.' WHERE '.$lncolumn.'='.$id)
or muoribene(__LINE__.': '.mysqli_error($link),true);
while ($row=mysqli_fetch_assoc($res)) {
$rres=mysqli_query($link,'SELECT * FROM '.$lntable.' WHERE InstID='.$row['InstID'].' AND '.$lncolumn.'='.$newid) or muoribene(__LINE__.': '.mysqli_error($link),true);
if (mysqli_num_rows($rres)==0) {
mysqli_query($link,'UPDATE '.$lntable.' SET '.$lncolumn.'='.$newid.' WHERE InstID='.$row['InstID'].' AND '.$lncolumn.'='.$id.' AND Pos='.$row['Pos']) or muoribene(__LINE__.': '.mysqli_error($link),true);
//+++ potrebbe aver senso mettere js qui che sposti la voce agli associati se non è già lì, magari con un alerta
} else {
mysqli_query($link,'DELETE FROM '.$lntable.' WHERE InstID='.$row['InstID'].' AND '.$lncolumn.'='.$id.' AND Pos='.$row['Pos']) or muoribene(__LINE__.': '.mysqli_error($link),true);
$rres=mysqli_query($link,'SELECT * FROM '.$lntable.' WHERE InstID='.$row['InstID'].' ORDER BY Pos ASC') or muoribene(__LINE__.': '.mysqli_error($link),true);
$pos=0;
while ($rrow=mysqli_fetch_assoc($rres)) {
$pos++;
mysqli_query($link,'UPDATE '.$lntable.' SET Pos='.$pos.' WHERE InstID='.$rrow['InstID'].' AND '.$lncolumn.'='.$rrow[$lncolumn].' AND Pos='.$rrow['Pos'])
or muoribene(__LINE__.': '.mysqli_error($link),true);
}
}
}
}
$morejs.='parent.'.$dispselarr.'=parent.rmelbyval(parent.'.$dispselarr.','.$id.');'.N;
} elseif ($_POST['m']=='edit') {
mysqli_query($link,'UPDATE '.$table.' SET '.$column.'=\''.myesc($link,$_POST['v']).'\' WHERE ID='.$id)
or muoribene(__LINE__.': '.mysqli_error($link),true);
$morejs.='parent.'.$dispselarr.'=parent.cheltxtbyval(parent.'.$dispselarr.','.$id.',"'.jsencode($_POST['v']).'");'.N;
$morejs.='parent.'.$dispselarr.'=parent.sortByKey(parent.'.$dispselarr.',0);'.N;
}
$morejs.='parent.filtsel (parent.'.$dispselarr.', parent.document.getElementById("'.$searchid.'").value, "'.$dispselid.'", "'.$recbid.'", "'.$searchid.'", "white", "#ff8080");'.N;
}
if (array_key_exists('w',$_GET) && array_key_exists('i',$_GET) && preg_match('/^[0-9]+$/',$_GET['i'])===1 && array_key_exists('m',$_GET) && in_array($_GET['m'],array('edit','add','remove'))) {
$id=$_GET['i']+0;
switch ($_GET['w']) {
case 'LocalityID':
$fout=buildform($id,'Localities','Name'.$dlang,'Locality name','Instances','LocalityID');
$exvalsjsarr=setjsarr('Localities','Name'.$dlang);
break;
/*case 'DispLangs':
$fout=buildform($id,'Languages','Name'.$dlang,'Language','InstOurLangs','OurLangID');
$exvalsjsarr=setjsarr('Languages','Name'.$dlang);
break;*/
case 'DispFinModes':
$fout=buildform($id,'Financing','Type','Financing method','InstFinancing','FinID');
$exvalsjsarr=setjsarr('Financing','Type');
break;
case 'DispPolicies':
$fout=buildform($id,'Policies','Name','Policy','InstPolicies','PolID');
$exvalsjsarr=setjsarr('Policies','Name');
break;
case 'DispTags':
$fout=buildform($id,'Tags','Name','Tag','InstTags','TagID');
$exvalsjsarr=setjsarr('Tags','Name');
break;
default:
muoribene(__LINE__.': Malformed input.',true);
break;
}
} elseif (array_key_exists('m',$_POST) && in_array($_POST['m'],array('edit','add','remove')) && array_key_exists('t',$_POST) && in_array($_POST['t'],array('Localities','Financing','Policies','Tags')) && array_key_exists('i',$_POST) && preg_match('/^[0-9]+$/',$_POST['i'])===1) {
if (array_key_exists('v',$_POST)) {
$fout='';
$id=$_POST['i']+0;
if ($_POST['t']=='Localities') {
//https://nominatim.openstreetmap.org/search?q=bresso,+milano&format=json&accept-language=fr&email=pezcurrel@tiscali.it
//https://nominatim.openstreetmap.org/lookup?osm_ids=R45266&format=json&accept-language=fr&addressdetails=1&email=pezcurrel@tiscali.it
$url='https://nominatim.openstreetmap.org/search?q='.urlencode($_POST['v']).'&format=json&email='.$email;
$osmd=@file_get_contents($url,false,$context);
if ($osmd!==false) {
$fout.='<form action="edinsth.php" method="post" id="f">'.N;
$addrkeys=array('suburb','city','county','state','country');
$osmd=json_decode($osmd,true);
if (count($osmd)>0) {
$some=false;
$fout.='<p><strong>Please choose the most detailed appropriate entry</strong></p>'.N;
foreach ($osmd as $loc) {
if (array_key_exists('osm_id',$loc) && array_key_exists('osm_type',$loc) && $loc['osm_type']=='relation') {
$fout.='<div class="hifloc" onclick="subosmd(\''.$loc['osm_id'].'\');">'.N;
$fout.='<ul class="hiful">'.N;
foreach ($langs as $code=>$lang) {
$url='https://nominatim.openstreetmap.org/lookup?osm_ids=R'.$loc['osm_id'].'&format=json&accept-language='.$code.'&addressdetails=1&email='.$email;
$osmdil=@file_get_contents($url,false,$context);
if ($osmdil!==false) {
$some=true; //+++
$osmdil=json_decode($osmdil,true);
if (array_key_exists(0,$osmdil) && array_key_exists('address',$osmdil[0])) {
$dispname='';
foreach ($addrkeys as $addrkey)
if (array_key_exists($addrkey,$osmdil[0]['address']))
$dispname.=$osmdil[0]['address'][$addrkey].', ';
$dispname=substr($dispname,0,-2);
$fout.='<li><strong>'.$lang.':</strong> '.hspech($dispname).'</li>'.N;
$fout.='<input type="hidden" id="Loc'.ucfirst($code).'-'.$loc['osm_id'].'" value="'.jsencode($dispname).'">'.N;
} else {
$fout.='<li class="hiferr"><strong>'.$lang.':</strong> Couldnt parse OpenStreetMap lookup data.</li>'.N;
$fout.='<input type="hidden" id="Loc'.ucfirst($code).'-'.$loc['osm_id'].'" value="">'.N;
}
} else {
$fout.='<li class="hiferr"><strong>'.$lang.':</strong> Couldnt fetch OpenStreetMap lookup data.</li>'.N;
}
}
$fout.='</ul>'.N.'</div>'.N;
}
}
if ($some) {
$fout.='<input type="hidden" id="i" name="i" value="'.$_POST['i'].'">'.N;
$fout.='<input type="hidden" id="t" name="t" value="'.$_POST['t'].'">'.N;
$fout.='<input type="hidden" id="m" name="m" value="'.$_POST['m'].'">'.N;
$fout.='<input type="hidden" id="LocXx" name="LocXx" value="">'.N;
$fout.='<input type="hidden" id="LocEn" name="LocEn" value="">'.N;
$fout.='<input type="hidden" id="LocEs" name="LocEs" value="">'.N;
$fout.='<input type="hidden" id="LocFr" name="LocFr" value="">'.N;
$fout.='<input type="hidden" id="LocIt" name="LocIt" value="">'.N;
$fout.='</form>'.N;
} else {
$fout='<p class="hiferr">Couldnt find localized OpenStreetMap data for «'.hspech($_POST['v']).'».</p>';
}
} else {
$fout='<p class="hiferr">Couldnt find OpenStreetMap data for «'.hspech($_POST['v']).'».</p>';
}
} else {
$fout='<p class="hiferr">Couldnt fetch OpenStreetMap search data.</p>'.N;
}
/*} elseif ($_POST['t']=='Languagues') {
edaddrem($link,$morejs,$id,'Languages','Name'.$langd,'langselarr','InstOurLangs','OurLangID','langsearch','DispLangs','langselre');*/
} elseif ($_POST['t']=='Financing') {
edaddrem($link,$morejs,$id,'Financing','Type','finselarr','InstFinancing','FinID','finsearch','DispFinModes','finselre');
} elseif ($_POST['t']=='Policies') {
edaddrem($link,$morejs,$id,'Policies','Name','polselarr','InstPolicies','PolID','polsearch','DispPolicies','polselre');
} elseif ($_POST['t']=='Tags') {
edaddrem($link,$morejs,$id,'Tags','Name','tagselarr','InstTags','TagID','tagsearch','DispTags','tagselre');
}
} elseif (array_key_exists('LocEn',$_POST) && array_key_exists('LocEs',$_POST) && array_key_exists('LocFr',$_POST) && array_key_exists('LocIt',$_POST)) {
$fout='CIAO!';
} else {
muoribene(__LINE__.': Malformed input.',true);
}
} else {
muoribene(__LINE__.': Malformed input.',true);
}
function buildform($id,$table,$column,$title,$lntable,$lncolumn) {
global $account, $tables, $link;
$fout='';
if ($_GET['m']=='edit' || $_GET['m']=='remove') {
$res=mysqli_query($link,'SELECT * FROM '.$table.' WHERE ID='.$id)
or muoribene(__LINE__.': '.mysqli_error($link),true);
if (mysqli_num_rows($res)==1) {
$row=mysqli_fetch_assoc($res);
/*if ($account['Level']=='guest') {
if ($row['AddedBy']!=$account['ID']
$rres=mysqli_query($link,'SELECT * FROM '.$lntable.' WHERE '.$lncolumn.'='.$id.' AND InstID!='.$account['OwnInstID']) or muoribene(__LINE__.': '.mysqli_error($link),true);
if ($
}
$rres='SELECT * FROM '.$lntable.' WHERE '.$lncolumn.'='.$id.' AND InstID!=
if ($account['Level']!='guest' || ($row['AddedBy']==$account['ID']*/
if ($_GET['m']=='edit') {
$fout.='<div class="hiflab"><label for="v">'.$title.'</label></div>'.N;
$fout.='<input type="text" class="hifinp" name="v" id="v" maxlength="'.$tables[$table][$column].'" value="'.hspech($row[$column]).'">'.N;
$fout.='<script language="JavaScript">'.N;
$fout.='<!--'.N;
$fout.='document.getElementById(\'v\').focus();'.N;
$fout.='document.getElementById(\'v\').select();'.N;
$fout.='//-->'.N;
$fout.='</script>'.N;
} elseif ($_GET['m']=='remove') {
$lnres=mysqli_query($link,'SELECT * FROM '.$lntable.' WHERE '.$lncolumn.'='.$id)
or muoribene(__LINE__.': '.mysqli_error($link),true);
$nlinking=mysqli_num_rows($lnres);
if ($nlinking>0) {
$fout.='<div class="hiflab">«'.hspech($row[$column]).'» is referenced by '.$nlinking.' '.(($nlinking==1) ? 'instance' : 'instances').'!</div>'.N;
$fout.='<div class="hifdiv">What do you want to do with '.(($nlinking==1) ? 'this reference' : 'those '.$nlinking.' references').'?<br>If you choose “Delete” '.(($nlinking==1) ? 'it' : 'they').' will be removed; otherwise you can select a substitution record.</div>'.N;
$fout.='<select id="subst" name="subst" class="hifinp">'.N;
$fout.='<option value="0">Delete</option>'.N;
$lnres=mysqli_query($link,'SELECT * FROM '.$table.' WHERE ID!='.$id.' ORDER BY '.$column.' ASC')
or muoribene(__LINE__.': '.mysqli_error($link),true);
while ($lnrow=mysqli_fetch_assoc($lnres)) {
$fout.='<option value="'.$lnrow['ID'].'">Subst. with «'.hspech($lnrow[$column]).'»</option>'.N;
}
$fout.='</select>'.N;
}
$fout.='<div class="hiflab">Are you sure you want to remove «'.$row[$column].'»?</div>'.N;
$fout.='<input type="hidden" name="v" value="IGNORAMI">'.N;
}
$fout.='<input type="hidden" name="i" value="'.$id.'">'.N;
} else {
$fout.='<p>There is no '.$title.' with ID='.$id.'</p>'.N;
}
} elseif ($_GET['m']=='add') {
$fout.='<div class="hiflab"><label for="v">'.$title.'</label></div>'.N;
$fout.='<input type="text" class="hifinp" name="v" id="v" maxlength="'.$tables[$table][$column].'" value="">'.N;
$fout.='<script language="JavaScript">'.N;
$fout.='<!--'.N;
$fout.='document.getElementById(\'v\').focus();'.N;
$fout.='document.getElementById(\'v\').select();'.N;
$fout.='//-->'.N;
$fout.='</script>'.N;
$fout.='<input type="hidden" name="i" value="0">'.N;
}
$fout.='<input type="hidden" name="m" value="'.$_GET['m'].'">'.N;
$fout.='<input type="hidden" name="t" value="'.$table.'">'.N;
$fout.='<div id="errmsg"></div>'.N;
$fout.='<table class="hiftab"><tr><td style="width:50%"><input type="button" value="Cancel" class="hifbut" onclick="parent.closeinpup()"></td><td style="width:50%"><input type="button" value="Ok" class="hifbut" onclick="ckf(\''.$_GET['m'].'\',\''.$table.'\')"></td></tr></table>'.N;
$fout='<form action="edinsth.php" method="post" id="f" onsubmit="return ckf(\''.$_GET['m'].'\',\''.$table.'\');">'.N.$fout.'</form>'.N;
return($fout);
}
function jsencode($str) {
return(str_replace('"','\"',$str));
}
function setjsarr($table,$column) {
global $link;
$jsarr=array();
$res=mysqli_query($link,'SELECT '.$column.' FROM '.$table)
or muoribene(__LINE__.': '.mysqli_error($link),true);
while ($row=mysqli_fetch_assoc($res)) {
$jsarr[]=jsencode(strtolower($row[$column]));
}
$jsarr='["'.implode('","',$jsarr).'"];'.N;
return($jsarr);
}
mysqli_close($link);
?>
<!DOCTYPE HTML>
<html lang="en">
<head>
<title>Mastodon Startpage Admin - Little edits helper</title>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="description" content="Admin pages for Mastodon Startpage">
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no">
<script language="JavaScript" src="js/confirma.js?v=<?php echo($cjrand); ?>"></script>
<script language="JavaScript" src="js/alerta.js?v=<?php echo($cjrand); ?>"></script>
<link rel="stylesheet" type="text/css" href="theme.css?v=<?php echo($cjrand); ?>">
<script language="JavaScript">
<!--
exvalsarr=<?php echo($exvalsjsarr); ?>
function ckf(mode,table) {
var ok=false;
if (mode=='remove') {
ok=true;
} else if (mode=='add' || mode=='edit') {
var val=document.getElementById('v').value.trim(), vallow=val.toLowerCase(), len=exvalsarr.length, i=0, found=false;
document.getElementById('v').value=val;
if (val!='') {
for (i=0; i<len; i++) {
if (exvalsarr[i]==vallow) {
found=true;
break;
}
}
if (found) {
document.getElementById('errmsg').innerHTML='«'+val+'» already exists!';
} else {
ok=true;
}
} else {
document.getElementById('errmsg').innerHTML='You cant submit an empty value!';
}
}
if (ok) {
var wdiv=document.getElementById('wait');
if (table=='Localities')
wdiv.innerHTML='Fetching data from OpenStreetMap.org ...';
else
wdiv.innerHTML='Sending data ...';
wdiv.style.display='block';
document.getElementById('f').submit();
} else {
return false;
}
}
function subosmd(osmid) {
document.getElementById('LocEn').value=document.getElementById('LocEn-'+osmid).value;
document.getElementById('LocEs').value=document.getElementById('LocEs-'+osmid).value;
document.getElementById('LocFr').value=document.getElementById('LocFr-'+osmid).value;
document.getElementById('LocIt').value=document.getElementById('LocIt-'+osmid).value;
if (document.getElementById('LocEn').value=='' || document.getElementById('LocEs').value=='' || document.getElementById('LocFr').value=='' || document.getElementById('LocIt').value=='') {
alert('NO GOOD!');
} else {
document.getElementById('f').submit();
}
}
<?php echo($morejs); ?>
//-->
</script>
</head>
<body class="hifbody">
<div id="fullscreen">
<div id="middlerow">
<?php echo($fout); ?>
</div>
</div>
<?php echo($dbg); ?>
<div id="wait">
...
</div>
</body>
</html>
View git blame Copy permalink