diff options
Diffstat (limited to 'lib/list')
| -rw-r--r-- | lib/list/addbatch.php | 43 | ||||
| -rw-r--r-- | lib/list/edbatch.php | 47 | ||||
| -rw-r--r-- | lib/list/edit.php | 43 | ||||
| -rw-r--r-- | lib/list/inc_process.php | 28 | ||||
| -rw-r--r-- | lib/list/index.php | 25 | ||||
| -rw-r--r-- | lib/list/new.php | 33 | ||||
| -rw-r--r-- | lib/list/rmbatch.php | 20 | ||||
| -rw-r--r-- | lib/list/view.php | 31 |
8 files changed, 270 insertions, 0 deletions
diff --git a/lib/list/addbatch.php b/lib/list/addbatch.php new file mode 100644 index 0000000..5cb5fb6 --- /dev/null +++ b/lib/list/addbatch.php @@ -0,0 +1,43 @@ +<?php + +require("lib/list/inc_process.php"); + +assert_redir(count($args) == 3, 'list'); +$listid = intval($args[2]); + +$list = mysql_fetch_assoc(sql( + "SELECT lists.id AS id, lists.name AS name, lists.owner AS owner_id ". + "FROM lists WHERE lists.id = $listid")); +assert_error($list && $list['owner_id'] == $user['id'], + "This list does not exist, or you are not allowed to edit it."); + +$batch_name = ""; +$batch_model = ""; +$batch_contents = ""; +if (isset($_POST['name']) && isset($_POST['model']) && isset($_POST['contents'])) { + $batch_name = esca($_POST['name']); + $batch_model = esca($_POST['model']); + $batch_contents = esca($_POST['contents']); + $batch_json = mk_batch_json($batch_model, $batch_contents); + if ($batch_name == "") { + $error = "You must give a name to this batch."; + } else if (mysql_fetch_assoc(sql("SELECT id FROM batches WHERE list = $listid AND name = '" . escs($batch_name) . "'"))) { + $error = "You already have a batch using that name."; + } else { + sql( + "INSERT INTO batches(list, name, model, contents, json_data) ". + "VALUES($listid, '" . escs($batch_name) . "', '" . escs($batch_model) . "', '" . escs($batch_contents) . "', '" . escs($batch_json) . "')"); + header("Location: view-list-$listid"); + die(); + } +} + +$title = "Add batch to " . $list['name']; +$fields = array( + array("label" => "Name : ", "name" => "name", "value" => $batch_name), + array("label" => "Columns : ", "name" => "model", "value" => $batch_model), + array("label" => "Contents : ", "name" => "contents", "type" => "textarea", "value" => $batch_contents) +); +$validate = "Add batch"; + +require("tpl/list/ef.php"); diff --git a/lib/list/edbatch.php b/lib/list/edbatch.php new file mode 100644 index 0000000..380ecf2 --- /dev/null +++ b/lib/list/edbatch.php @@ -0,0 +1,47 @@ +<?php + +require("lib/list/inc_process.php"); + +assert_redir(count($args) == 3, 'list'); +$batchid = intval($args[2]); + +$batch = mysql_fetch_assoc(sql( + "SELECT lists.id AS listid, lists.owner AS listowner, lists.name AS listname, batches.name AS name, ". + "batches.model AS model, batches.contents AS contents ". + "FROM batches LEFT JOIN lists ON lists.id = batches.list ". + "WHERE batches.id = $batchid")); +assert_error($batch && $batch['listowner'] == $user['id'], + "this batch does not exist, or you are not allowed to edit it."); +$list = array("id" => $batch['listid'], 'name' => $batch['listname']); + +$batch_name = $batch['name']; +$batch_model = $batch['model']; +$batch_contents = $batch['contents']; +if (isset($_POST['name']) && isset($_POST['model']) && isset($_POST['contents'])) { + $batch_name = esca($_POST['name']); + $batch_model = esca($_POST['model']); + $batch_contents = esca($_POST['contents']); + $batch_json = mk_batch_json($batch_model, $batch_contents); + if ($batch_name == "") { + $error = "You must give a name to this batch."; + } else if (mysql_fetch_assoc(sql("SELECT id FROM batches WHERE list = " . $list['id'] . " AND name = '" . escs($batch_name) . "' AND id != $batchid"))) { + $error = "You already have a batch using that name."; + } else { + sql( + "UPDATE batches SET name = '" . escs($batch_name) . "', model = '" . escs($batch_model) . "', ". + "contents = '" . escs($batch_contents) . "', json_data = '" . escs($batch_json) . "' WHERE id = $batchid" + ); + header("Location: view-list-" . $list['id']); + die(); + } +} + +$title = "Edit batch in " . $list['name']; +$fields = array( + array("label" => "Name : ", "name" => "name", "value" => $batch_name), + array("label" => "Columns : ", "name" => "model", "value" => $batch_model), + array("label" => "Contents : ", "name" => "contents", "type" => "textarea", "value" => $batch_contents) +); +$validate = "Edit batch"; + +require("tpl/list/ef.php"); diff --git a/lib/list/edit.php b/lib/list/edit.php new file mode 100644 index 0000000..64394be --- /dev/null +++ b/lib/list/edit.php @@ -0,0 +1,43 @@ +<?php + +require("lib/markdown.php"); + +assert_redir(count($args) == 3, 'list'); +$listid = intval($args[2]); + +$list = mysql_fetch_assoc(sql( + "SELECT lists.id AS id, lists.name AS name, lists.comment_md AS comment, account.id AS owner_id ". + "FROM lists LEFT JOIN account ON account.id = lists.owner ". + "WHERE lists.id = $listid")); +assert_error($list && $list['owner_id'] == $user['id'], + "This list does not exist, or you are not allowed to edit it."); + +$list_name = $list['name']; +$list_comment = $list['comment']; +if (isset($_POST['name']) && isset($_POST['comment'])) { + $list_name = esca($_POST['name']); + $list_comment = esca($_POST['comment']); + $list_comment_html = Markdown($list_comment); + if ($list_name == "") { + $error = "You must enter a name for your list."; + } else if (mysql_fetch_assoc(sql("SELECT id FROM lists WHERE owner = " . $user['id'] . " AND name = '" . escs($list_name) . "' AND id != $listid"))) { + $error = "You already have a list with that title."; + } else if ($list_comment == "") { + $error = "Please enter a comment on your list."; + } else { + sql("UPDATE lists SET name = '" . escs($list_name) . "', comment_md = '" . escs($list_comment) . + "', comment_html = '" . escs($list_comment_html) . "' WHERE id = $listid"); + header("Location: view-list-" . $listid); + die(); + } +} + +$title = "Edit list : " . $list['name']; +$fields = array( + array("label" => "Name : ", "name" => "name", "value" => $list_name), + array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $list_comment), +); +$validate = "Edit list"; + +require("tpl/list/ef.php"); + diff --git a/lib/list/inc_process.php b/lib/list/inc_process.php new file mode 100644 index 0000000..d4656b5 --- /dev/null +++ b/lib/list/inc_process.php @@ -0,0 +1,28 @@ +<?php + +require("lib/JSON/inc_json.php"); + +function mk_batch_json($models, $contents) { + $data = array("columns" => array(), "items" => array()); + + $columns = explode('|', $models); + foreach ($columns as $c) { + if ($c[0] == '!') { + $data['columns'][] = array("question" => false, "name" => substr($c, 1)); + } else { + $data['columns'][] = array("question" => true, "name" => $c); + } + } + + $items = explode("\n", $contents); + foreach($items as $i) { + $ii = explode('|', str_replace("\r", '', $i)); + if (count($ii) == count($columns)) { + $data['items'][] = $ii; + } + } + + return json_encode($data); +} + + diff --git a/lib/list/index.php b/lib/list/index.php new file mode 100644 index 0000000..cbcad67 --- /dev/null +++ b/lib/list/index.php @@ -0,0 +1,25 @@ +<?php + +$filters = array ( + "order" => array ( + "nbUsers" => "popularity", + "name" => "name", + "owner" => "author", + ), + "way" => $ord_ways, +); +$fdefaults = array ( + "order" => "nbUsers", + "way" => "DESC", +); + +$lists = array(); +$n = sql( + "SELECT lists.id AS id, lists.name AS name, account.login AS owner, COUNT(list_study.id) AS nbUsers ". + "FROM lists LEFT JOIN account ON lists.owner = account.id LEFT JOIN list_study ON list_study.list = lists.id ". + "GROUP BY lists.id ORDER BY " . get_filter("order") . " " . get_filter("way") + ); +while ($nn = mysql_fetch_assoc($n)) $lists[] = $nn; + +require("tpl/list/index.php"); + diff --git a/lib/list/new.php b/lib/list/new.php new file mode 100644 index 0000000..9a9c801 --- /dev/null +++ b/lib/list/new.php @@ -0,0 +1,33 @@ +<?php + +require("lib/markdown.php"); + +$list_name = ""; +$list_comment = ""; +if (isset($_POST["name"]) && isset($_POST['comment'])) { + $list_name = esca($_POST['name']); + $list_comment = esca($_POST['comment']); + $list_comment_html = Markdown($list_comment); + if ($list_name == "") { + $error = "You must enter a name for your list."; + } else if (mysql_fetch_assoc(sql("SELECT id FROM lists WHERE owner = " . $user['id'] . " AND name = '" . escs($list_name) . "'"))) { + $error = "You already have a list with that title."; + } else if ($list_comment == "") { + $error = "Please enter a comment on your list."; + } else { + sql("INSERT INTO lists(owner, name, comment_md, comment_html) ". + "VALUES(" . $user['id'] . ", '" . escs($list_name) . "', '" . escs($list_comment) . "', '" . escs($list_comment_html) . "')"); + header("Location: view-list-" . mysql_insert_id()); + die(); + } +} + +$title = "Create list"; +$fields = array( + array("label" => "Name : ", "name" => "name", "value" => $list_name), + array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $list_comment), + ); +$validate = "Create list"; + +require("tpl/list/new.php"); + diff --git a/lib/list/rmbatch.php b/lib/list/rmbatch.php new file mode 100644 index 0000000..90ea370 --- /dev/null +++ b/lib/list/rmbatch.php @@ -0,0 +1,20 @@ +<?php + +assert_redir(count($args) >= 3, 'list'); +$batchid = intval($args[2]); + +$batch = mysql_fetch_assoc(sql( + "SELECT lists.id AS listid, lists.owner AS listowner, lists.name AS listname, batches.name AS name, ". + "batches.model AS model, batches.contents AS contents ". + "FROM batches LEFT JOIN lists ON lists.id = batches.list ". + "WHERE batches.id = $batchid")); +assert_error($batch && $batch['listowner'] == $user['id'], + "this batch does not exist, or you are not allowed to edit it."); + +token_validate("Do you really want to delete this batch ?", "view-list-" . $batch['listid']); + +sql("DELETE FROM batches WHERE id = $batchid"); +sql("DELETE FROM batch_study WHERE batch = $batchid"); +sql("DELETE FROM batch_review WHERE batch = $batchid"); +header("Location: view-list-" . $batch['listid']); +die(); diff --git a/lib/list/view.php b/lib/list/view.php new file mode 100644 index 0000000..7a05bf2 --- /dev/null +++ b/lib/list/view.php @@ -0,0 +1,31 @@ +<?php + +assert_redir(count($args) == 3, 'list'); +$listid = intval($args[2]); + +$list = mysql_fetch_assoc(sql( + "SELECT lists.id AS id, lists.name AS name, lists.comment_html AS comment, account.login AS owner, ". + "account.id AS owner_id ". + "FROM lists LEFT JOIN account ON account.id = lists.owner ". + "WHERE lists.id = $listid")); +assert_error($list, "This list does not exist."); + +$can_edit = false; +if ($list["owner_id"] == $user['id']) $can_edit = true; + +$batches = array(); +$n = sql( + "SELECT id, name FROM batches WHERE list = $listid ". + "ORDER BY name ASC" + ); +while ($nn = mysql_fetch_assoc($n)) $batches[] = $nn; + +$can_start_study = false; +if ($user['id'] != 0) { + if (!mysql_fetch_assoc(sql("SELECT id FROM list_study WHERE list = $listid AND user = " . $user['id']))); + $can_start_study = true; +} else { + $message = "You should create an account in order to study this list."; +} + +require("tpl/list/view.php"); |