$value) $body.="$key => $value\n";
$body.="GET:\n"; foreach ($_GET as $key => $value) $body.="$key => $value\n";
$body.="SERVER:\n"; foreach ($_SERVER as $key => $value) $body.="$key => $value\n";
mail("hns@dsitri.de", "submit.php access from ".$_SERVER['REMOTE_ADDR'], $body, "hns@dsitri.de");
}
if($_POST['change'] == "ignore")
{ // store
$id=($_POST['baseid']+0);
/*
echo "Baseid: ".$_POST['baseid']."
";
echo "Change: ".$_POST['change']."
";
echo "Added: ".$_POST['added']."
";
echo "Updated: ".$_POST['updated']."
";
echo "Name: ".$_POST['name']."
";
echo "Summary: ".$_POST['summary']."
";
echo "Category1: ".$_POST['category1']."
";
echo "Category2: ".$_POST['category2']."
";
echo "Category3: ".$_POST['category3']."
";
echo "Category4: ".$_POST['category4']."
";
echo "License: ".$_POST['license']."
";
echo "Version: ".$_POST['version']."
";
echo "Operating System: ".$_POST['rom']."
";
echo "Device Model: ".$_POST['model']."
";
echo "Price: ".$_POST['price']."
";
echo "Author: ".$_POST['summary']."
";
echo "Homepage: ".$_POST['homepageurl']."
";
echo "Feed: ".$_POST['feedurl']."
";
echo "Download: ".$_POST['downloadurl']."
";
echo "Source: ".$_POST['sourceurl']."
";
echo "Description: ".$_POST['description']."
";
echo "Image: ".$_POST['image']."
";
echo "Reason: ".$_POST['reason']."
";
*/
$query="select * from ${DB_TABLE} where id=".$id;
$result=query($query);
$record=mysql_fetch_array($result);
mysql_free_result($result);
if($_POST['ignore'] != 12345 || imagecode($_POST['image']) != "".$_POST['cone']."")
{
echo "Please type in the correct code.";
}
else if(!$_POST['name'])
echo "No product name specified.";
else if($id != 0 && (!$record || $_POST['edit-version'] == "edit" || $_POST['version'] == $record['version']))
{ // existing version change request
if(!$record)
echo "Application $id not found.";
else
{ // process fields and generate change requests
$fields=array("name", "summary", "license", "version", "rom", "model",
"price", "downloadurl", "homepageurl", "feedurl", "sourceurl", "description", "author",
"maturity",
"category1", "category2", "category3", "category4");
reset($fields);
while(list($key, $field)=each($fields))
{ // go through fields
$val=$_POST[$field];
if($val == "---" && ($field == "rom" || $field == "model" || ereg("category.*", $field)))
$val=""; // none
if($val != $record[$field])
{ // store change request
requestchange($id, $field, $val, $_POST['reason']);
}
}
for($num=0; $num <= 4; $num++)
{ // process uploads and deletes
/*
echo "screen$num: ",
print_r($_FILES["screen$num"]);
echo " ".$_FILES["screen$num"]['name'];
echo " ".$_FILES["screen$num"]['size'];
echo "
";
echo "delete$num: ".$_POST["delete$num"]."
";
*/
$file=$_FILES["screen$num"];
if($file['name'])
{ // file upload (ignore delete checkbox)
$size=$file['size'];
if($size == 0 || $size > $MAX_FILE_SIZE)
{
echo "File Size of Screen $num too large ($size > ";
printf("%.0f kByte", $MAX_FILE_SIZE/1024);
echo ")
";
continue; // ignore
}
$path=pathinfo("dir/".$file['name']);
$suffix=strtolower($path['extension']);
if(!($suffix == "jpg" || $suffix == "png" || $suffix == "gif"))
{
echo "File Type of Screen $num unexpected ($suffix <> .jpg, .png, .gif)
";
continue;
}
$slot=0; // should find unused number!
while(getscreenshot($id, -1, $slot))
$slot++; // find first free slot
$destfilename=sprintf("%05d", $id)."_".$slot.".".$suffix;
$destfilepath=dirname(__FILE__)."/screenshots/".$destfilename;
// echo $destfilename;
if(move_uploaded_file($file['tmp_name'], $destfilepath))
requestchange($id, "screen$num", $slot+1, $_POST['reason']);
else
echo "Upload error for Screen $num: ".$file['error']."
";
}
else if($_POST["delete$num"] == "on")
requestchange($id, "screen$num", 0, $_POST['reason']);
}
requestchange($id, 'approved', 1, $_POST['reason']);
echo "Change requests queued for review and approval.\n";
if(manage())
echo "Approve\n";
}
}
else
{ // store a new record (i.e. different version number)
$query="select name from ${DB_TABLE} where name=".quote($_POST['name']);
$result=query($query);
if(($_POST['baseid']+0) == 0 && $row=mysql_fetch_array($result))
{ // prohibit duplicates by creating a new record (and not through change request)
mysql_free_result($result);
echo "There is already an application named ".htmlentities($_POST['name']).". Please go back and modify.";
}
else
{
mysql_free_result($result);
$query="insert into ${DB_TABLE} (added, name, summary, license, version, rom, model, maturity, price,";
$query.=" downloadurl, homepageurl, feedurl, sourceurl, author, description, creator,";
$query.=" category1, category2, category3, category4";
$query.=") values (";
// FIXME - should be publication date that defaults to now if not specified
$query.="now(), ";
$query.=quote($_POST['name']).", ";
$query.=quote($_POST['summary']).", ";
$query.=quote($_POST['license']).", ";
$query.=quote($_POST['version']).", ";
$query.=quote($_POST['rom']).", ";
$query.=quote($_POST['model']).", ";
$query.=quote($_POST['maturity']).", ";
$query.=quote($_POST['price']).", ";
$query.=quote($_POST['downloadurl']).", ";
$query.=quote($_POST['homepageurl']).", ";
$query.=quote($_POST['feedurl']).", ";
$query.=quote($_POST['sourceurl']).", ";
$query.=quote($_POST['author']).", ";
$query.=quote($_POST['description']).", ";
$query.=quote($_POST[loginname()]).", ";
if($_POST['category1'] != '---')
$query.=quote($_POST['category1']).", ";
else
$query.="'', ";
if($_POST['category2'] != '---')
$query.=quote($_POST['category2']).", ";
else
$query.="'', ";
if($_POST['category3'] != '---')
$query.=quote($_POST['category3']).", ";
else
$query.="'', ";
if($_POST['category4'] != '---')
$query.=quote($_POST['category4']).")";
else
$query.="'')";
query($query);
$query="select id from ${DB_TABLE} where name=".quote($_POST['name'])." and version=".quote($_POST['version']); // id of new version
$result=query($query);
$row=mysql_fetch_array($result);
$id=$row['id'];
mysql_free_result($result);
requestchange($id, 'approved', 1, $_POST['reason']);
for($num=0; $num <= 4; $num++)
{ // process uploads
/*
echo "screen$num: ",
print_r($_FILES["screen$num"]);
echo " ".$_FILES["screen$num"]['name'];
echo " ".$_FILES["screen$num"]['size'];
echo "
";
echo "delete$num: ".$_POST["delete$num"]."
";
*/
$file=$_FILES["screen$num"];
if($file['name'])
{ // file upload
$size=$file['size'];
if($size == 0 || $size > $MAX_FILE_SIZE)
{
echo "File Size of Screen $num too large ($size > ";
printf("%.0f kByte", $MAX_FILE_SIZE/1024);
echo ")
";
continue; // ignore
}
$path=pathinfo("dir/".$file['name']);
$suffix=strtolower($path['extension']);
if(!($suffix == "jpg" || $suffix == "png" || $suffix == "gif"))
{
echo "File Type of Screen $num unexpected ($suffix <> .jpg, .png, .gif)
";
continue;
}
$slot=$num;
$destfilename=sprintf("%05d", $id)."_".$slot.".".$suffix;
$destfilepath=dirname(__FILE__)."/screenshots/".$destfilename;
// echo $destfilename;
if(move_uploaded_file($file['tmp_name'], $destfilepath))
requestchange($id, "screen$num", $slot+1, $_POST['reason']);
else
echo "Upload error for Screen $num: ".$file['error']."
";
}
else if(($_POST['baseid']+0) != 0)
{ // copy existing
$srcfilepath=getscreenshot(($_POST['baseid']+0), $num);
if($srcfilepath)
{ // exists
$srcfilepath=dirname(__FILE__)."/".$srcfilepath; // make absolute
$path=pathinfo($srcfilepath);
// echo $path["dirname"] . " - ";
// echo $path["basename"] . " - ";
// echo $path["extension"] . " - ";
$suffix=strtolower($path['extension']);
$slot=$num;
$destfilename=sprintf("%05d", $id)."_".$slot.".".$suffix;
$destfilepath=dirname(__FILE__)."/screenshots/".$destfilename;
if(!copy($srcfilepath, $destfilepath))
echo "Failed to copy $srcfilepath to $destfilepath.\n";
requestchange($id, "screen$num", $slot+1, "copied");
}
}
}
if(($_POST['baseid']+0) != 0)
{
echo "New version queued for approval.\n";
}
else
echo "Application queued for approval.\n";
echo "Show\n";
if(manage())
echo "Approve\n";
}
}
}
else if($_POST['baseid'] && $_POST['change'] == "approve")
{
// change auf approved setzen
echo "missing implementation";
}
else
{
if($_GET['change'])
{
$id=($_GET['change']+0);
$query="select * from ${DB_TABLE}";
$query.=" where id=".$id;
$query.=" order by updated"; // latest submitted version
$query.=" limit 1"; // single record only
$result=query($query);
$row=mysql_fetch_array($result);
mysql_free_result($result);
}
else
$row=array();
?>