6 files changed, 220 insertions, 5 deletions
diff --git a/central/trunk/activatesub.php b/central/trunk/activatesub.php
new file mode 100644
index 0000000..46a05ec
--- /dev/null
+++ b/central/trunk/activatesub.php

@@ -0,0 +1,124 @@
+<?php
+/* InstaDisc Server - A Four Island Project */
+include('includes/instadisc.php');
+include('includes/template.php');
+if (isset($_SESSION['username']))
+{
+        if (!isset($_GET['submit']))
+        {
+                showForm('',array());
+        } else {
+                $numOfErrors = 0;
+                $errors = array();
+                $getpending = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($_SESSION['username']) . "\" AND url = \"" . mysql_real_escape_string($_POST['url']) . "\"";
+                $getpending2 = mysql_query($getpending);
+                $getpending3 = mysql_fetch_array($getpending2);
+                if ($getpending3['username'] != $_POST['username'])
+                {
+                        addError($numOfErrors, $errors, 'url', 'Subscription could not be found');
+                }
+                if ($numOfErrors > 0)
+                {
+                        showForm($_POST['url'], $errors);
+                } else {
+                        if ($_POST['submit'] == "Verify")
+                        {
+                                switch (instaDisc_addSubscription($_SESSION['username'], $_POST['url']))
+                                {
+                                        case 0:
+                                                $template = new FITemplate('activatedsub');
+                                                $template->add('SITENAME', instaDisc_getConfig('siteName'));
+                                                $template->display();
+                                                break;
+                                        case 1:
+                                                addError($numOfErrors, $errors, '', 'Unknown error');
+                                                showForm($_POST['url'], $errors);
+                                                break;
+                                        case 2:
+                                                addError($numOfErrors, $errors, 'url', 'Subscription could not be found');
+                                                showForm($_POST['url'], $errors);
+                                                break;
+                                        case 3:
+                                                addError($numOfErrors, $errors, '', 'Subscription File is not well-formed');
+                                                showForm($_POST['url'], $errors);
+                                                break;
+                                        case 4:
+                                                addError($numOfErrors, $errors, '', 'Key in Subscription File is incorrect');
+                                                showForm($_POST['url'], $errors);
+                                                break;
+                                }
+                        } else {
+                                instaDisc_cancelSubscription($_SESSION['username'], $_POST['url']);
+                        }
+                }
+        }
+} else {
+        header('Location: index.php');
+}
+function showForm($url, $errors)
+{
+        $template = new FITemplate('activatesub');
+        $template->add('SITENAME', instaDisc_getConfig('siteName'));
+        if (isset($errors[1]))
+        {
+                $template->adds_block('ERROR', array('ex'=>'1'));
+                foreach ($errors as $name => $value)
+                {
+                        $template->adds_block('ERRORS', array(  'NAME' => $name,
+                                                                'MSG' => $value['msg']));
+                }
+        }
+        $template->add('URL_ERR', ifErrors($errors, 'url'));
+        doErrors($template, $errors, 'url');
+        $template->add('URL', $url);
+        $template->display();
+}
+function ifErrors($errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        return ' error';
+                }
+        }
+        return '';
+}
+function doErrors($template, $errors, $id)
+{
+        foreach ($errors as $name => $value)
+        {
+                if ($value['field'] == $id)
+                {
+                        $template->adds_block(strtoupper($id) . '_ERRS', array( 'NAME' => $name,
+                                                                                'VALUE' => $value['msg']));
+                }
+        }
+}
+function addError(&$numOfErrors, &$errors, $field, $msg)
+{
+        $numOfErrors++;
+        $errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
+}
+?>
diff --git a/central/trunk/includes/instadisc.php b/central/trunk/includes/instadisc.php
index d07e53b..6b3d630 100644
--- a/central/trunk/includes/instadisc.php
+++ b/central/trunk/includes/instadisc.php

@@ -294,9 +294,6 @@ function instaDisc_addSubscription($username, $url)
        $getcode3 = mysql_fetch_array($getcode2);
        if ($getcode3['username'] == $username)
        {
-                $delcode = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\"";
-                $delcode2 = mysql_query($delcode);
                $c = curl_init();
                curl_setopt($c, CURLOPT_URL, $url);
                curl_setopt($c, CURLOPT_HEADER, false);
@@ -324,15 +321,30 @@ function instaDisc_addSubscription($username, $url)
                                                        $inssub = "INSERT INTO subscriptions (username,url,owner,category) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($header['Subscription']) . "\", \"true\", \"" . mysql_real_escape_string($header['Category']) . "\")";
                                                        $inssub2 = mysql_query($inssub);
-                                                        return true;
+                                                        $delcode = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\"";
+                                                        $delcode2 = mysql_query($delcode);
+                                                        return 0;
+                                                } else {
+                                                        return 4;
                                                }
+                                        } else {
+                                                return 3;
                                        }
+                                } else {
+                                        return 3;
                                }
+                        } else {
+                                return 3;
                        }
+                } else {
+                        return 3;
                }
+        } else {
+                return 2;
        }
-        return false;
+        return 1;
 }
 function instaDisc_listPendingSubscriptions($username)
diff --git a/central/trunk/theme/activatedsub.tpl b/central/trunk/theme/activatedsub.tpl
new file mode 100644
index 0000000..9bdcbf5
--- /dev/null
+++ b/central/trunk/theme/activatedsub.tpl

@@ -0,0 +1,14 @@
+<HTML>
+        <HEAD>
+                <TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
+        </HEAD>
+        <BODY>
+                <CENTER>
+                        <H1>InstaDisc Subscription Activation</H1>
+                        <P>You've sucessfully activated your subscription! <A HREF="userpanel.php">Back to User Panel</A>
+                </CENTER>
+        </BODY>
+</HTML>
diff --git a/central/trunk/theme/activatesub.tpl b/central/trunk/theme/activatesub.tpl
new file mode 100644
index 0000000..f6dd6a0
--- /dev/null
+++ b/central/trunk/theme/activatesub.tpl

@@ -0,0 +1,51 @@
+<HTML>
+        <HEAD>
+                <TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
+                <LINK REL="stylesheet" TYPE="text/css" HREF="theme/uniform.css">
+        </HEAD>
+        <BODY>
+                <CENTER>
+                        <H1>InstaDisc Subscription Activation</H1>
+                        <P>If you've already requested a subscription be sponsered and added its Activation Key to its Subscription File, you can activate the subscription here:
+                </CENTER>
+                <FORM CLASS="uniform" ACTION="./activatesub.php?submit=" METHOD="POST">
+                        <!--BEGIN ERROR-->
+                        <DIV ID="errorMsg">Uh oh! Validation errors!<P>
+                                <OL>
+                        <!--END ERROR-->
+                        <!--BEGIN ERRORS-->
+                                        <LI><A HREF="#error<!--ERRORS.NAME-->"><!--ERRORS.MSG--></A></LI>
+                        <!--END ERRORS-->
+                        <!--BEGIN ERROR-->
+                                </OL>
+                        </DIV>
+                        <!--END ERROR-->
+                        <FIELDSET CLASS="inlineLabels">
+                                <LEGEND>User Details</LEGEND>
+                                <DIV CLASS="ctrlHolder<!--URL_ERR-->">
+                                        <!--BEGIN URL_ERRS-->
+                                                <P ID="error<!--URL_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
+                                                        <!--URL_ERRS.MSG-->
+                                                </P>
+                                        <!--END URL_ERRS-->
+                                        <LABEL FOR="url"><EM>*</EM> Subscription File URL: </LABEL>
+                                        <INPUT TYPE="text" ID="url" NAME="url" CLASS="textInput" VALUE="<!--URL-->">                    
+                                </DIV>
+                        </FIELDSET>
+                        <DIV CLASS="buttonHolder">
+                                <INPUT TYPE="submit" NAME="submit" VALUE="Verify">
+                                <INPUT TYPE="submit" NAME="submit" VALUE="Delete">
+                        </DIV>
+                </FORM>
+        </BODY>
+</HTML>
diff --git a/central/trunk/theme/userpanel.tpl b/central/trunk/theme/userpanel.tpl
index 63be6f1..c10c0dc 100644
--- a/central/trunk/theme/userpanel.tpl
+++ b/central/trunk/theme/userpanel.tpl

@@ -21,6 +21,14 @@
                                <LI><A HREF="activatesub.php">Activate a Subscription</A></LI>
                                <LI><A HREF="mansub.php">Manage subscriptions</A></LI>
                        </UL>
+                        <!--BEGIN ADMIN-->
+                        <P>Since you are the almighty admin of this Central Server, you can edit configurational values!
+                        <UL>
+                                <LI><A HREF="admin.php">Edit Configuration</A></LI>
+                        </UL>
+                        <!--END ADMIN-->
                </CENTER>
        </BODY>
 </HTML>
diff --git a/central/trunk/userpanel.php b/central/trunk/userpanel.php
index f28b8fb..d0570e1 100644
--- a/central/trunk/userpanel.php
+++ b/central/trunk/userpanel.php

@@ -10,6 +10,12 @@ if (isset($_SESSION['username']))
        $template = new FITemplate('userpanel');
        $template->add('SITENAME', instaDisc_getConfig('siteName'));
        $template->add('USERNAME', $_SESSION['username']);
+        if (instaDisc_getConfig('owner') == $_SESSION['username'])
+        {
+                $template->adds_block('ADMIN',array('ex'=>1));
+        }
        $template->display();
 } else {
        header('Location: index.php');

diff --git a/central/trunk/activatesub.php b/central/trunk/activatesub.php new file mode 100644 index 0000000..46a05ec --- /dev/null +++ b/central/trunk/activatesub.php
@@ -0,0 +1,124 @@
		1	<?php
		2
		3	/* InstaDisc Server - A Four Island Project */
		4
		5	include('includes/instadisc.php');
		6	include('includes/template.php');
		7
		8	if (isset($_SESSION['username']))
		9	{
		10	if (!isset($_GET['submit']))
		11	{
		12	showForm('',array());
		13	} else {
		14	$numOfErrors = 0;
		15	$errors = array();
		16
		17	$getpending = "SELECT * FROM pending2 WHERE username = \"" . mysql_real_escape_string($_SESSION['username']) . "\" AND url = \"" . mysql_real_escape_string($_POST['url']) . "\"";
		18	$getpending2 = mysql_query($getpending);
		19	$getpending3 = mysql_fetch_array($getpending2);
		20	if ($getpending3['username'] != $_POST['username'])
		21	{
		22	addError($numOfErrors, $errors, 'url', 'Subscription could not be found');
		23	}
		24
		25	if ($numOfErrors > 0)
		26	{
		27	showForm($_POST['url'], $errors);
		28	} else {
		29	if ($_POST['submit'] == "Verify")
		30	{
		31	switch (instaDisc_addSubscription($_SESSION['username'], $_POST['url']))
		32	{
		33	case 0:
		34	$template = new FITemplate('activatedsub');
		35	$template->add('SITENAME', instaDisc_getConfig('siteName'));
		36	$template->display();
		37	break;
		38
		39	case 1:
		40	addError($numOfErrors, $errors, '', 'Unknown error');
		41	showForm($_POST['url'], $errors);
		42	break;
		43
		44	case 2:
		45	addError($numOfErrors, $errors, 'url', 'Subscription could not be found');
		46	showForm($_POST['url'], $errors);
		47	break;
		48
		49	case 3:
		50	addError($numOfErrors, $errors, '', 'Subscription File is not well-formed');
		51	showForm($_POST['url'], $errors);
		52	break;
		53
		54	case 4:
		55	addError($numOfErrors, $errors, '', 'Key in Subscription File is incorrect');
		56	showForm($_POST['url'], $errors);
		57	break;
		58	}
		59	} else {
		60	instaDisc_cancelSubscription($_SESSION['username'], $_POST['url']);
		61	}
		62	}
		63	}
		64	} else {
		65	header('Location: index.php');
		66	}
		67
		68	function showForm($url, $errors)
		69	{
		70	$template = new FITemplate('activatesub');
		71	$template->add('SITENAME', instaDisc_getConfig('siteName'));
		72
		73	if (isset($errors[1]))
		74	{
		75	$template->adds_block('ERROR', array('ex'=>'1'));
		76
		77	foreach ($errors as $name => $value)
		78	{
		79	$template->adds_block('ERRORS', array( 'NAME' => $name,
		80	'MSG' => $value['msg']));
		81	}
		82	}
		83
		84	$template->add('URL_ERR', ifErrors($errors, 'url'));
		85
		86	doErrors($template, $errors, 'url');
		87
		88	$template->add('URL', $url);
		89
		90	$template->display();
		91	}
		92
		93	function ifErrors($errors, $id)
		94	{
		95	foreach ($errors as $name => $value)
		96	{
		97	if ($value['field'] == $id)
		98	{
		99	return ' error';
		100	}
		101	}
		102
		103	return '';
		104	}
		105
		106	function doErrors($template, $errors, $id)
		107	{
		108	foreach ($errors as $name => $value)
		109	{
		110	if ($value['field'] == $id)
		111	{
		112	$template->adds_block(strtoupper($id) . '_ERRS', array( 'NAME' => $name,
		113	'VALUE' => $value['msg']));
		114	}
		115	}
		116	}
		117
		118	function addError(&$numOfErrors, &$errors, $field, $msg)
		119	{
		120	$numOfErrors++;
		121	$errors[$numOfErrors] = array('field' => $field, 'msg' => $msg);
		122	}
		123
		124	?>


diff --git a/central/trunk/includes/instadisc.php b/central/trunk/includes/instadisc.php index d07e53b..6b3d630 100644 --- a/central/trunk/includes/instadisc.php +++ b/central/trunk/includes/instadisc.php
@@ -294,9 +294,6 @@ function instaDisc_addSubscription($username, $url)
294	$getcode3 = mysql_fetch_array($getcode2);	294	$getcode3 = mysql_fetch_array($getcode2);
295	if ($getcode3['username'] == $username)	295	if ($getcode3['username'] == $username)
296	{	296	{
297	$delcode = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\"";
298	$delcode2 = mysql_query($delcode);
299
300	$c = curl_init();	297	$c = curl_init();
301	curl_setopt($c, CURLOPT_URL, $url);	298	curl_setopt($c, CURLOPT_URL, $url);
302	curl_setopt($c, CURLOPT_HEADER, false);	299	curl_setopt($c, CURLOPT_HEADER, false);
@@ -324,15 +321,30 @@ function instaDisc_addSubscription($username, $url)
324	$inssub = "INSERT INTO subscriptions (username,url,owner,category) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($header['Subscription']) . "\", \"true\", \"" . mysql_real_escape_string($header['Category']) . "\")";	321	$inssub = "INSERT INTO subscriptions (username,url,owner,category) VALUES (\"" . mysql_real_escape_string($username) . "\", \"" . mysql_real_escape_string($header['Subscription']) . "\", \"true\", \"" . mysql_real_escape_string($header['Category']) . "\")";
325	$inssub2 = mysql_query($inssub);	322	$inssub2 = mysql_query($inssub);
326		323
327	return true;	324	$delcode = "DELETE FROM pending2 WHERE username = \"" . mysql_real_escape_string($username) . "\" AND url = \"" . mysql_real_escape_string($url) . "\"";
		325	$delcode2 = mysql_query($delcode);
		326
		327	return 0;
		328	} else {
		329	return 4;
328	}	330	}
		331	} else {
		332	return 3;
329	}	333	}
		334	} else {
		335	return 3;
330	}	336	}
		337	} else {
		338	return 3;
331	}	339	}
		340	} else {
		341	return 3;
332	}	342	}
		343	} else {
		344	return 2;
333	}	345	}
334		346
335	return false;	347	return 1;
336	}	348	}
337		349
338	function instaDisc_listPendingSubscriptions($username)	350	function instaDisc_listPendingSubscriptions($username)


diff --git a/central/trunk/theme/activatedsub.tpl b/central/trunk/theme/activatedsub.tpl new file mode 100644 index 0000000..9bdcbf5 --- /dev/null +++ b/central/trunk/theme/activatedsub.tpl
@@ -0,0 +1,14 @@
		1	<HTML>
		2	<HEAD>
		3	<TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
		4	</HEAD>
		5
		6	<BODY>
		7	<CENTER>
		8	<H1>InstaDisc Subscription Activation</H1>
		9
		10	<P>You've sucessfully activated your subscription! <A HREF="userpanel.php">Back to User Panel</A>
		11	</CENTER>
		12	</BODY>
		13	</HTML>
		14


diff --git a/central/trunk/theme/activatesub.tpl b/central/trunk/theme/activatesub.tpl new file mode 100644 index 0000000..f6dd6a0 --- /dev/null +++ b/central/trunk/theme/activatesub.tpl
@@ -0,0 +1,51 @@
		1	<HTML>
		2	<HEAD>
		3	<TITLE><!--SITENAME--> InstaDisc Central Server</TITLE>
		4	<LINK REL="stylesheet" TYPE="text/css" HREF="theme/uniform.css">
		5	</HEAD>
		6
		7	<BODY>
		8	<CENTER>
		9	<H1>InstaDisc Subscription Activation</H1>
		10
		11	<P>If you've already requested a subscription be sponsered and added its Activation Key to its Subscription File, you can activate the subscription here:
		12	</CENTER>
		13
		14	<FORM CLASS="uniform" ACTION="./activatesub.php?submit=" METHOD="POST">
		15
		16	<!--BEGIN ERROR-->
		17	<DIV ID="errorMsg">Uh oh! Validation errors!<P>
		18	<OL>
		19	<!--END ERROR-->
		20
		21	<!--BEGIN ERRORS-->
		22	<LI><A HREF="#error<!--ERRORS.NAME-->"><!--ERRORS.MSG--></A></LI>
		23	<!--END ERRORS-->
		24
		25	<!--BEGIN ERROR-->
		26	</OL>
		27	</DIV>
		28	<!--END ERROR-->
		29
		30	<FIELDSET CLASS="inlineLabels">
		31	<LEGEND>User Details</LEGEND>
		32
		33	<DIV CLASS="ctrlHolder<!--URL_ERR-->">
		34	<!--BEGIN URL_ERRS-->
		35	<P ID="error<!--URL_ERRS.NAME-->" CLASS="errorField"><EM>*</EM>
		36	<!--URL_ERRS.MSG-->
		37	</P>
		38	<!--END URL_ERRS-->
		39
		40	<LABEL FOR="url"><EM>*</EM> Subscription File URL: </LABEL>
		41	<INPUT TYPE="text" ID="url" NAME="url" CLASS="textInput" VALUE="<!--URL-->">
		42	</DIV>
		43	</FIELDSET>
		44
		45	<DIV CLASS="buttonHolder">
		46	<INPUT TYPE="submit" NAME="submit" VALUE="Verify">
		47	<INPUT TYPE="submit" NAME="submit" VALUE="Delete">
		48	</DIV>
		49	</FORM>
		50	</BODY>
		51	</HTML>


diff --git a/central/trunk/theme/userpanel.tpl b/central/trunk/theme/userpanel.tpl index 63be6f1..c10c0dc 100644 --- a/central/trunk/theme/userpanel.tpl +++ b/central/trunk/theme/userpanel.tpl
@@ -21,6 +21,14 @@
21	<LI><A HREF="activatesub.php">Activate a Subscription</A></LI>	21	<LI><A HREF="activatesub.php">Activate a Subscription</A></LI>
22	<LI><A HREF="mansub.php">Manage subscriptions</A></LI>	22	<LI><A HREF="mansub.php">Manage subscriptions</A></LI>
23	</UL>	23	</UL>
		24
		25	<!--BEGIN ADMIN-->
		26	<P>Since you are the almighty admin of this Central Server, you can edit configurational values!
		27
		28	<UL>
		29	<LI><A HREF="admin.php">Edit Configuration</A></LI>
		30	</UL>
		31	<!--END ADMIN-->
24	</CENTER>	32	</CENTER>
25	</BODY>	33	</BODY>
26	</HTML>	34	</HTML>


diff --git a/central/trunk/userpanel.php b/central/trunk/userpanel.php index f28b8fb..d0570e1 100644 --- a/central/trunk/userpanel.php +++ b/central/trunk/userpanel.php
@@ -10,6 +10,12 @@ if (isset($_SESSION['username']))
10	$template = new FITemplate('userpanel');	10	$template = new FITemplate('userpanel');
11	$template->add('SITENAME', instaDisc_getConfig('siteName'));	11	$template->add('SITENAME', instaDisc_getConfig('siteName'));
12	$template->add('USERNAME', $_SESSION['username']);	12	$template->add('USERNAME', $_SESSION['username']);
		13
		14	if (instaDisc_getConfig('owner') == $_SESSION['username'])
		15	{
		16	$template->adds_block('ADMIN',array('ex'=>1));
		17	}
		18
13	$template->display();	19	$template->display();
14	} else {	20	} else {
15	header('Location: index.php');	21	header('Location: index.php');