<?PHP
if (!isset($mainfile)) { include("mainfile.php"); }
###
### Main Page (would this be index.php)
###
function mainpage() {
include ('header.php');
$result = mysql_query("select match_id, home_team, away_team, home_score, away_score, division, match_date from team_scores where status>0 order by match_date DESC");
echo "<center><H2><B>Live Result Listings</b></h2></center>";
echo "<center><B>All results submitted through this system should be genuine match results only.</b><BR><BR><B>New:</b> You can now see a running history of each team's matches by clicking on their team name. For and against graphs are also included.</center>";
echo "<BR><table width=100%>";
$lastmatchdate="";
while (list($match_id, $home_team, $away_team, $home_score, $away_score, $division, $match_date) = mysql_fetch_row($result))
{
if ($match_date!=$lastmatchdate)
{
$matchdate = date("Y-m-d", strtotime($match_date));
$displaymatchdate = date("d-m-Y", strtotime($match_date));
echo "<tr><td colspan=4 align=center><font size=4><b><a href=\"leagueresult.php?op=showdate&date=$matchdate\">Click here for matches played on $displaymatchdate</a></b></font size=4></td></tr>";
}
$lastmatchdate=$match_date;
}
echo "</table>";
livefooter();
mysql_free_result($result);
include ('footer.php');
}
###
### Show Date Listing (would this be datelist.php)
###
function showdate($matchdate) {
include ('header.php');
$result = mysql_query("select match_id, home_team, away_team, home_score, away_score, division, match_date, status, comments from team_scores where status>0 AND match_date='$matchdate' order by match_date, division");
# Look up comments
// $commentresult = mysql_query("select COUNT(*) from match_commentary where match_id='$match_id'");
// $commentcount=mysql_fetch_array($commentresult);
// $nocomments= $commentcount[0];
if ($status==1)
{
echo "<tr><td bgcolor=\"#ffffff\" align=right width=43%><font size=4><a href=\"leagueresult.php?op=teammatches&team=$home_team\">$home_team</a></font size=4></td><TD bgcolor=\"#ffffff\" align=center width=7%><font size=4>$home_score</font size=4></TD><TD bgcolor=\"#ffffff\" align=center width=7%><font size=4>$away_score</font size=4></TD><TD bgcolor=\"#ffffff\" align=left width=43%><font size=4><a href=\"leagueresult.php?op=teammatches&team=$away_team\">$away_team</a></font size=4></td></tr>";
}
// The below line referring to commentary and SMS needs to be removed but When I tried I got a blank page.
else
{
echo "<tr><td colspan=4><center><table border=0><td width=90% bgcolor=\"#ffffff\" align=middle width=90%><font size=4>$comments</font size=4></td><td><img src=\"/images/sms.gif\" title=\"This result has been submitted by SMS\"></td></tr></table></center></td><td><center><a href=\"#\" onclick=\"javascript:window.open('commentary.php?matchid=$match_id','COMMENTARY','width=380, height=400, scrollbars=yes, resizable=no, toolbar=no, location=no, status=no, menubar=no')\">Read</a>(<B>".$nocomments."</b>)</center></td></tr>";
}
$thiscount=$thiscount+1;
$lastdivision=$division;
$lastmatchdate=$match_date;
}
livefooter();
mysql_free_result($result);
include ('footer.php');
}
###
### Show All Team Match Scores By date (would this be scoresbydate.php)
###
function teammatches($team) {
include ('header.php');
$result = mysql_query("select match_id, home_team, away_team, home_score, away_score, division, match_date, status, comments from team_scores where status>0 AND (home_team='$team' or away_team='$team') order by match_date");
echo "<BR><center><table width=90% border=1 valign=top>";
echo "<tr><td colspan=5 align=center bgcolor=\"#B1CFED\"><h3>Games Played By $team This Season</h3></td></tr>";
$result = mysql_query("select match_id, home_team, away_team, home_score, away_score, division, match_date, status, comments from team_scores where status>0 AND (home_team='$team' or away_team='$team') order by match_date");
mysql_free_result($result);
include ('footer.php');
}
###
### Result Form (would this be resultform.php)
###
function resultform($user) {
include ('header.php');
### registered user or email address
$user2 = base64_decode($user);
$user2 = addslashes($user2);
$user2 = explode(":", $user2);
$username = "$user2[1]";
## load in team names
$result = mysql_query("select team_name, division from team_names2 order by division, team_name");
$result2 = mysql_query("select team_name, division from team_names2 order by division, team_name");
function Validate(thisForm)
{
if (thisForm.division.options[thisForm.division.selectedIndex].value == \"null\")
{
alert(\"You must select a division.\");
thisForm.division.focus();
return (false);
}
if (thisForm.home_team.value==\"null\")
{
alert(\"You must enter a home team.\");
thisForm.home_team.focus();
return (false);
}
if (thisForm.away_team.value==\"null\")
{
alert(\"You must enter an away team.\");
thisForm.away_team.focus();
return (false);
}
if (thisForm.away_team.options[thisForm.away_team.selectedIndex].text==thisForm.home_team.options[thisForm.home_team.selectedIndex].text)
{
alert(\"Home team cannot be the same as away team.\");
thisForm.home_team.focus();
return (false);
}
if (((thisForm.home_score.options[thisForm.home_score.selectedIndex].text*1)+(thisForm.home_score.options[thisForm.away_score.selectedIndex].text*1)<13) && (thisForm.comments.value==\"\"))
{
alert(\"This score does not add up to 13. If this is the case you must give a reason in the comments box.\");
thisForm.comments.focus();
return (false);
}
if (((thisForm.home_score.options[thisForm.home_score.selectedIndex].text*1)+(thisForm.home_score.options[thisForm.away_score.selectedIndex].text*1)>13) && (thisForm.comments.value==\"\"))
{
alert(\"No more than 13 games should played as part of a match. Please correct the scores.\");
return (false);
}
";
if ($username=='')
{
echo "
if (thisForm.tickme.checked == false)
{
alert (\"You must tick to say you have read and understand the disclaimer.\");
return false;
}
if ((thisForm.email.value.indexOf(\".\") > 2) && (thisForm.email.value.indexOf(\"@\") > 0))
{
}
else
{
alert(\"Without a valid email address you will be unable to validate this result.\");
thisForm.email.focus();
return (false);
}
if (thisForm.email.value.indexOf(\"hotmail\") > 1)
{
alert(\"Hotmail seems to mark the verification emails as junk mail. Please check in your junk mail folder and see if the verification email gets put there.\");
}
if (thisForm.email.value.indexOf(\"lycos\") > 1)
{
alert(\"Lycos rejects emails from this form so we are unable to accept Lycos addresses until they fix their system. Please provide an alternative email address to validate your result. Sorry.\");
return (false);
}
if (thisForm.email.value.indexOf(\"aol\") > 1)
{
alert(\"AOL's email client does not allow links to be clickable so you will need to cut and paste the verification link from the email in to your browser manually. Sorry, AOL's fault, not ours.\");
}
";
}
function startBlink() {
if (document.all)
setInterval(\"doBlink()\",500)
}
window.onload = startBlink;
// -->
</SCRIPT>";
echo "<font size=4>Submit League Match Result. If 13-0, please indicate if a no show in the comments box.</font size=4>";
if ($username=='')
{
echo "<BR><blink><B>Important!</b></blink> This result will be emailed to you for confirmation before being accepted. If you do not authorise the result by clicking on the link in the email your result <B>will not</b> be accepted.";
}
# echo "<FORM ACTION=\"leagueresult.php\" METHOD=\"POST\" NAME=\"Result\">";
if ($username=='')
{
echo "<B>Your Email Address:</b> <input type=text NAME=\"email\" size=30><BR>*As a non-registered user your results will need to be validated before acceptance<BR>";
}
else
{
echo "<B>User ID: </b> <input type=text NAME=\"email\" size=30 value=\"".$username."\" disabled> *As a registered user your results are prevalidated<BR>";
}
if ($username=='')
{
echo "
<BR clear=all><input type=checkbox name=\"tickme\">By ticking this box I understand that I will have to validate this result through an email sent to me at the address specified above. If I do not get the email, or do not bother to validate it, I understand that my result will not be processed or accepted by the league. I will not bitch and moan if this happens because I was made aware of the consequences beforehand. If I do not get an email I will read <a href=\"http://rebelt.westonpoolleague.org.uk/leagueresult.php?op=FAQ\">the help page</a> to find out what to do next.";
}
echo "</form>";
livefooter();
include ('footer.php');
}
### Add Result To Database
### Add Result To Database (would this be addtodb.php)
### Add Result To Database
function submittedresult($home_team, $away_team, $home_score, $away_score, $division, $match_date, $submitter, $email, $comments, $user) {
include ('header.php');
### registered user or email address
$user2 = base64_decode($user);
$user2 = addslashes($user2);
$user2 = explode(":", $user2);
$username = "$user2[1]";
if ($username!=''){$email=$username;}
function startBlink() {
if (document.all)
setInterval(\"doBlink()\",500)
}
window.onload = startBlink;
// -->
</SCRIPT>";
#$division=substr($division,22,1);
## Get date of next Tuesday
if (date("Y-m-d", strtotime("this Tuesday"))==date("Y-m-d", strtotime("today")))
{
$lasttuesday = date("Y-m-d", strtotime("today"));
}
else
{
$lasttuesday = date("Y-m-d", strtotime("last Tuesday"));
}
$matchdate = date("Y-m-d", strtotime($match_date));
$displaymatchdate = date("d-m-Y", strtotime($match_date));
##
## Make sure all fields are filled in
##
if ($home_team=='' or $away_team=='' or $home_score=='' or $away_score=='' or $division=='' or $match_date=='' or $email=='')
{
echo "Somehow you have got this far without filling in all the fields on the previous form. Please return to the previous page and fill in all the fields.";
exit;
}
# check to see if this result has already been verified
$result = mysql_query("select COUNT(*) from team_scores where home_team='$home_team' AND away_team='$away_team' AND match_date='$match_date' AND division='$division' AND home_score='$home_score' AND away_score='$away_score' AND status='1'");
$totalcount2=mysql_fetch_array($result);
$alreadyverified= $totalcount2[0];
### If not validated
if ($alreadyverified==0){
# check to see if this result has been submitted twice
$result = mysql_query("select COUNT(*) from team_scores where home_team='$home_team' AND away_team='$away_team' AND match_date='$match_date' AND division='$division' AND home_score='$home_score' AND away_score='$away_score' AND submitter='$submitter' AND email='$email'");
$totalcount3=mysql_fetch_array($result);
$alreadylogged= $totalcount3[0];
if ($alreadylogged==0){
$result=mysql_query("insert into team_scores values (NULL, '$home_team', '$away_team', $home_score, $away_score, '$division', '$matchdate', '$submitter', 0, '$email', '$comments')");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
}
### Read back in
$result = mysql_query("select match_id from team_scores where home_team='$home_team' AND away_team='$away_team' AND match_date='$matchdate' AND division='$division' AND home_score='$home_score' AND away_score='$away_score' AND submitter='$submitter' AND email='$email' limit 1");
while (list($match_id) = mysql_fetch_row($result))
{
if (strstr($email,"aol"))
{
### AOL Mail
#
mail("$email", "Weston Pool League Result Verification", "The following information was submitted to http://rebelt.westonpoolleague.org.uk. If you have not submitted this information please ignore this email.
Division: $division
Home team: $home_team $home_score
Away team: $away_team $away_score
Match date: $displaymatchdate
Submitted By: $submitter
Email: $email
Comments: $comments
To accept this result please <a href=\"http://rebelt.westonpoolleague.org.uk/leagueresult.php?op=makelive&id=$this_match&validate=$email2\">click here</a>
To delete this result please <a href=\"http://rebelt.westonpoolleague.org.uk/leagueresult.php?op=delete&id=$this_match&validate=$email2\">click here</a>
DO NOT DELETE THIS EMAIL. This is confirmation of receipt of your result and may be needed in cases of dispute.", "From:
Only registered users can see links on this board! Get registered or login to the forums!
");
####
}
else
{
###Normal email
mail("$email", "Weston Pool League Result Verification", "The following information was submitted to http://rebelt.westonpoolleague.org.uk. If you have not submitted this information please ignore this email.
Division: $division
Home team: $home_team $home_score
Away team: $away_team $away_score
Match date: $displaymatchdate
Submitted By: $submitter
Email: $email
Comments: $comments
To validate this result click this link:
http://rebelt.westonpoolleague.org.uk/leagueresult.php?op=makelive&id=$this_match&validate=$email2
IF YOU DO NOT VALIDATE, YOUR RESULT WILL NOT BE SENT TO THE LEAGUE AND THE GAME WILL BE FORFEIT
To delete this result click this link:
http://rebelt.westonpoolleague.org.uk/leagueresult.php?op=delete&id=$this_match&validate=$email2
DO NOT DELETE THIS EMAIL. This is confirmation of receipt of your result and may be needed in cases of dispute.
", "From: rebelt.westonpoolleague.org.uk");
}
echo "<h2>Result Submission</h2>
Division: $division<BR>
Home team: $home_team $home_score<BR>
Away team: $away_team $away_score<BR>
Match date: $displaymatchdate<BR>
Submitted By: $submitter<BR>
Email: $email<BR>
Comments: $comments
<BR><BR>";
echo "<font size=4>Your result has not been accepted. Yet. </font size=4> In order to complete the result submission process, you must now check the email address you specified and click on the link inside. This is a very simple process and will take you a matter of seconds. Hopefully you will see how this makes the system more secure and stops people submitting fake results for your match or wasting the league's time with malicious submissions.<Br><BR> Once you have clicked the link your result will appear in the Live Results table straight away. You can see it by <a href=\"leagueresult.php?op=showdate&date=$lasttuesday\">clicking here</a>.<BR><BR><Blink>Remember, if you do not verify this result it will not be accepted!</blink>";
}
else
{
### Registered user. Send email and validate.
### Look up email address
$result = mysql_query("select user_email from nuke_users where username='$email'");
while (list($useremail) = mysql_fetch_row($result))
{
mail("$useremail", "Weston Pool League Result", "The following match result has been received and pre-validated.
Division: $division
Home team: $home_team $home_score
Away team: $away_team $away_score
Match date: $displaymatchdate
Submitted By: $email
Email: $useremail
Comments: $comments
Thank you for your submission.
DO NOT DELETE THIS EMAIL. This is confirmation of receipt of your result and may be needed in cases of dispute.
", "From:
Only registered users can see links on this board! Get registered or login to the forums!
");
}
echo "<h2>Result Submission</h2>
Division: $division<BR>
Home team: $home_team $home_score<BR>
Away team: $away_team $away_score<BR>
Match date: $displaymatchdate<BR>
Submitted By: $email<BR>
Email: $useremail<BR>
Comments: $comments
<BR><BR>";
echo "<font size=4>As a pregistered site user your result has now been pre-validated and accepted. There is no need to do anything further.</font size=4> You can see it by <a href=\"leagueresult.php?op=showdate&date=$lasttuesday\">clicking here</a>.<BR><BR>";
### Update result to live
# delete where details are the same and != match_id
mysql_query("delete from team_scores where (home_team='$home_team' AND away_team='$away_team' AND home_score='$home_score' AND away_score='$away_score' AND match_date='$match_date' AND match_id!='$this_match')");
# make validated link live
mysql_query("update team_scores set status='1' where match_id='$this_match'");
#mail result to RebelT
mail("webmaster@rebelt.westonpoolleague.org.uk", "League Result $home_team v $away_team", "The following result has been verified.
Only registered users can see links on this board! Get registered or login to the forums!
");
}
}
else
{
echo "<B>This result has already been submitted. Please check the <a href=\"leagueresult.php?op=showdate&date=$lasttuesday\">real time results service</a> to see if it has been verified.<BR><BR>";
}
livefooter();
include ('footer.php');
}
###
### List Results In Admin
###
### Would this now be index.php in modulename/admin?
function listresults()
{
include ('header.php');
global $admin;
$result = mysql_query("select match_id, home_team, away_team, home_score, away_score, division, email, match_date from team_scores where status=0 order by division");
$result = mysql_query("select match_id, home_team, away_team, home_score, away_score, division, email, match_date, status, comments from team_scores where status>0 order by division");
###
### Make Live
###
### admin file 2?
function makelive_result($id, $validate)
{
$email = str_replace(',', '.', $validate);
# read match in
$result = mysql_query("select home_team, away_team, home_score, away_score, match_date, email from team_scores where match_id='$id'");
while (list($home_team, $away_team, $home_score, $away_score, $match_date, $thisemail) = mysql_fetch_row($result))
{
# delete where details are the same and != match_id
if ($email==$thisemail){
mysql_query("delete from team_scores where (home_team='$home_team' AND away_team='$away_team' AND home_score='$home_score' AND away_score='$away_score' AND match_date='$match_date' AND match_id!='$id')"); }
}
# make validated link live
mysql_query("update team_scores set status='1' where match_id='$id' AND email='$email' AND status='0'");
if (mysql_affected_rows()==0)
{
$result = mysql_query("select COUNT(*) from team_scores where match_id='$id'");
$totalcount2=mysql_fetch_array($result);
$totalcount= $totalcount2[0];
# No such ID
if ($totalcount==0)
{
dispmessage('nosuchmatchID', $id);
}
else
{
$result = mysql_query("select home_team, away_team, home_score, away_score, division, match_date, submitter, email, status, comments from team_scores where match_id='$id'");
Only registered users can see links on this board! Get registered or login to the forums!
");
dispmessage('authorised', $id);
}
}
}
###
### Delete
###
function delete_result($id, $validate)
{
$email = str_replace(',', '.', $validate);
mysql_query("delete from team_scores where match_id='$id' AND email='$email' AND status='0'");
if (mysql_affected_rows()==0)
{
dispmessage('notauthorisedtodelete', $id);
}
else
{
dispmessage('deleted', $id);
}
}
###
### Admin Delete
###
function admin_delete_result($id, $validate)
{
$email = str_replace(',', '.', $validate);
mysql_query("delete from team_scores where match_id='$id'");
if (mysql_affected_rows()==0)
{
dispmessage('nosuchmatchID', $id);
}
else
{
dispmessage('deleted', $id);
}
}
###
### Admin Make Live
###
function admin_makelive_result($id)
{
mysql_query("update team_scores set status='1' where match_id='$id'");
if (mysql_affected_rows()==0)
{
dispmessage('nosuchmatchID', $id);
}
else
{
dispmessage('authorised', $id);
}
}
###
### Errors and Confirmation ( anotherfile.php in modules/modulename
###
function dispmessage($messagetype, $id) {
include ('header.php');
if ($messagetype=="authorised")
{
echo "<h2><B>Result Validation</b></h2><BR><BR>";
echo "Thank you, your result was successfully verified and has been added to the database. You can view this result on the <a href=\"leagueresult.php?op=showdate&date=$lasttuesday\">real time results service by clicking here</a>.";
}
if ($messagetype=="wrongemail")
{
echo "<h2><B>Result Validation</b></h2><BR><BR>";
echo "That is not the correct email address used to submit this match. Only the person who submitted the result can verify it.";
}
if ($messagetype=="alreadyvalidated")
{
echo "<h2><B>Result Validation</b></h2><BR><BR>";
echo "This match has already been validated. Perhaps you clicked the validation link twice by mistake?<BR>To see your result <a href=\"leagueresult.php?op=showdate&date=$lasttuesday\">click here for the real time results service</a>.";
}
if ($messagetype=="smssubmission")
{
echo "<h2><B>Result Validation</b></h2><BR><BR>";
echo "You have attempted to validate an SMS submission. It is not possible to do this, nor is it necessary.";
}
if ($messagetype=="deleted")
{
echo "<h2><B>Result Deletion</b></h2><BR><BR>";
echo "Thank you, your result was successfully deleted from the database. Please <a href=\"leagueresult.php?op=resultform\">resubmit your result</a> and try again if necessary.";
}
if ($messagetype=="notauthorisedtoupdate")
{
echo "<h2><B>Result Deletion</b></h2><BR><BR>";
echo "You are not authorised to update that record. If you believe this to be an error, please contact <a href=\"mailto:mail@mail.co.uk\">mail@mail.co.uk</a> quoting the following code: UPDAUTH$id.";
}
if ($messagetype=="notauthorisedtodelete")
{
echo "<h2><B>Result Deletion</b></h2><BR><BR>";
echo "You are not authorised to delete that record. If you believe this to be an error, please contact <a href=\"mailto:mail@mail.co.uk\">mail@mail.co.uk</a> quoting the following code: DELAUTH$id.";
}
if ($messagetype=="nosuchmatchID")
{
echo "<h2><B>Result Deletion</b></h2><BR><BR>";
echo "The match you have tried to delete does not exist. If you believe this to be an error, please contact <a href=\"mailto:mail@mail.co.uk\">mail@mail.co.uk</a> quoting the following code: NOSUCH$id.";
}
livefooter();
include ('footer.php');
}
###
### Page Footer Leave in first index.php
###
function livefooter(){
echo "<BR><BR><center><table width=90% border=1><tr><td align=center width=50%><a href=\"leagueresult.php?op=resultform\"><B>Add Result</b></a></td></tr></table></center><BR><BR><BR><BR>";
}
###
### Main Entry
###
switch($_REQUEST['op']) {
case "resultform":
resultform($_REQUEST['user']);
break;
case "list":
listresults();
break;
case "FAQ":
FAQ();
break;
case "makelive":
makelive_result($_REQUEST['id'], $_REQUEST['validate']);
break;
case "adminmakelive":
admin_makelive_result($_REQUEST['id']);
break;
case "showdate":
showdate($_REQUEST['date']);
break;
case "teammatches":
teammatches($_REQUEST['team']);
break;
case "delete":
delete_result($_REQUEST['id'], $_REQUEST['validate']);
break;
case "admindelete":
admin_delete_result($_REQUEST['id'], $_REQUEST['validate']);
break;
<?PHP
// includes the mainfile functions and the header junk
if (!isset($mainfile)) { include("mainfile.php"); }
### Main Page
### Main Page (would now be index.php)
### Main Page
function mainpage() {
include ('header.php');
maintheader();
echo "<center><B>This online service will be used to add and update Weston Pool League team names, members and venues.<br /> By registering with Weston Pool League, you acknowledge that the league, those who run it and members, are not responsible for access to any venue. <br />If you are new to this process, get started by creating your team using the first option below.<br /><h3>Please make sure the player is ONLY registered to play for your team.</h3><br /><h3><blink><B>Important!</b></blink><br/>DO NOT enter any team detail, until the notice appears on the fromt page telling you the database is ready.</h3></center>";
echo "<BR><table width=100%>";
echo "<a href=\"?op=CreateTeam&step=Venue\">1. Create New Team</a><BR><BR>
<a href=\"?op=ListVenues\">2. List All Venues</a><BR><BR>
<a href=\"?op=ShowMyTeam\">3. Show My Team</a><BR><BR>
<a href=\"?op=ListTeams\">4. List All Teams</a><BR><BR>";
echo "</table>";
maintfooter();
mysql_free_result($result);
include ('footer.php');
}
### List Teams
### List Teams (would now be teams.php)
### List Teams
function listteams() {
include ('header.php');
maintheader();
$result = mysql_query("select team_id, team_name, division from team_names2 order by division, team_name");
$lastdivision="A";
while (list($teamid, $teamname, $division) = mysql_fetch_row($result))
{
if ($division!=$lastdivision)
{
if ($division=='0')
{
echo "<BR><B>Division Unallocated Teams</b> (divisions are usually allocated towards the beginning of the season)<BR><BR>";
}
else
{
echo "<BR><B>Division $division Teams</b><BR><BR>";
}
}
echo "<a href=\"?op=ShowTeam&teamid=$teamid\">$teamname</a><BR>";
$lastdivision=$division;
}
maintfooter();
mysql_free_result($result);
include ('footer.php');
}
### Show My Team
### Show My Team (would now be showmyteam.php)
### Show My Team
function showmyteam($user) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
## Check to see if user is author on a team
$teamresult = mysql_query("select COUNT(*) from team_authorisation where authorisation_user='$username'");
$teamcount=mysql_fetch_array($teamresult);
$existsonteam= $teamcount[0];
if ($existsonteam)
{
$result = mysql_query("select authorisation_teamid from team_authorisation where authorisation_user='$username'");
while (list($authorisation_teamid) = mysql_fetch_row($result))
{
$url = "http://rebelt.westonpoolleague.org.uk/maintenance.php?op=ShowTeam&teamid=$authorisation_teamid";
$delay = "0";
echo '<meta http-equiv="refresh" content="'.$delay.';url='.$url.'">';
}
}
else
{
echo "Unfortunately we cannot find your user ID attached to any existing team. You either need to create a new team or ask the person who administers your team to add your user ID to the list of authorised users.";
exit;
}
mysql_free_result($result);
include ('footer.php');
}
### List Venues
### List Venues (would now be venues.php)
### List Venues
function listvenues() {
include ('header.php');
maintheader();
$result = mysql_query("select venue_name, venue_id from team_venues order by venue_name");
while (list($venuename, $venueid) = mysql_fetch_row($result))
{
echo "<a href=\"?op=ShowVenue&venueid=$venueid\">$venuename</a><BR>";
}
maintfooter();
mysql_free_result($result);
include ('footer.php');
}
### Show Team
### Show Team (would now be showteam.php)
### Show Team
function showteam($teamid, $user) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
echo "<h3><B>Show Team Details</b></h3>";
$result = mysql_query("select team_venue_id, team_name, team_name_old, division, division_old, team_email, team_telephone, team_alternate_telephone from team_names2 where team_id='$teamid' order by team_id limit 1");
while (list($teamvenueid, $teamname, $teamnameold, $division, $divisionold, $teamemail, $teamtelephone, $teamalternatetelephone) = mysql_fetch_row($result))
{
echo "<B>Team Name:</b> $teamname<BR>";
echo "<B>Team Email Contact:</b> $teamemail<BR>";
echo "<B>Team Telephone Contact:</b> $teamtelephone<BR>";
echo "<B>Alternate Team Telephone Contact:</b> $teamalternatetelephone<BR>";
if ($teamnameold!='') echo "<B>Old Team Name:</b> $teamnameold<BR>";
echo "<B>Division This Season:</b>";
if ($division==0) {echo " not yet allocated<BR>";}
else {echo " $division<BR>";}
if ($divisionold!=0) echo "<B>Division Last Season:</b> $divisionold<BR>";
$result = mysql_query("select players_playerid, players_playername, players_playerstartdate from team_players where players_teamid='$teamid' order by players_playerid");
while (list($playersplayerid, $playersplayername, $playersplayerstartdate) = mysql_fetch_row($result))
{
$box.="<TR><td>$playersplayername</td><td>".date("Y-m-d", strtotime($playersplayerstartdate))."</td><td>";
if ($x==1){$box.=" (Captain)";}
$box.="</td></tr>";
$x++;
}
if ($box){
echo "<table border=0><tr><td><B>Player Name</b></td><td><B>Valid For games From</b></td><td></td></tr>";
echo $box;
echo "</table>";
}
else
{
echo "No registered players";
}
echo "<BR><BR><B>Current authors:</b><BR>";
# Read existing authors in
$result = mysql_query("select authorisation_user from team_authorisation where authorisation_teamid='$teamid'");
while (list($authorisation_user) = mysql_fetch_row($result))
{
echo "$authorisation_user<BR>";
if (trim($authorisation_user)==trim($username)) {$author=1;}
}
if ($author){echo "<BR><B><h3><a href=\"http://rebelt.westonpoolleague.org.uk/maintenance.php?op=CreateTeam&step=AddPlayers&teamid=$teamid&teamname=$teamname\">add players</a> | <a href=\"http://rebelt.westonpoolleague.org.uk/maintenance.php?op=CreateTeam&step=AddAuthors&teamid=$teamid&teamname=$teamname\">add authors</a> | <a href=\"http://rebelt.westonpoolleague.org.uk/maintenance.php\">main menu</a></B></h3>";}
else{echo "<BR><B><h3>To edit this team you must be logged in and listed as a team author. </b></h3>";}
}
maintfooter();
include ('footer.php');
}
### Show Venue
### Show Venue (would now be showvenue.php)
### Show Venue
function showvenue($venueid) {
include ('header.php');
maintheader();
echo "<h3><B>Venue Details</b></h3>";
### Select Venue
### Select Venue (would now be venselect.php)
### Select Venue
function selectvenue($user) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
echo "<SCRIPT LANGUAGE=\"JavaScript\">\n
function Validate(thisForm)\n
{\n";
echo "thisForm.venuename.value=thisForm.venueid.options[thisForm.venueid.selectedIndex].text;\n";
echo "if (thisForm.venuename.value==\"Other...\" || thisForm.venuename.value==\"Select One\"){return (false)};\n";
echo "return (true);\n
}\n
\n
function Validate2(thisForm)\n
{\n";
echo "if (thisForm.venuename.value==\"\" || thisForm.venueaddress.value==\"\" || thisForm.venuetown.value==\"\" || thisForm.venuepostcode.value==\"\" || thisForm.venuetelephone.value==\"\"){alert(\"It is very important that you fill all these fields in so that other site users can find your venue when playing you at home.\"); return (false) };\n";
echo "return (true);\n
}\n
\n
function unhide(thisField, thisObject)\n
{\n
if (thisField.options[thisField.selectedIndex].text==\"Other...\"){thisObject.style.display=\"\";}\n
else\n
{thisObject.style.display=\"none\"}
}\n
##
## Make sure all fields are filled in
##
if ($venuename=='' or $venueaddress=='' or $venuetown=='' or $venuepostcode=='' or $venuetelephone=='')
{
echo "Somehow you have got this far without filling in all the fields on the previous form. Please return to the previous page and fill in all the fields.";
exit;
}
if (!$result) {
die('Could not write record: ' . mysql_error());
}
### Read back in
$result = mysql_query("select venue_id from team_venues where venue_name='$venuename' AND venue_oldname='$venueoldname' AND venue_address='$venueaddress' AND venue_town='$venuetown' AND venue_postcode='$venuepostcode' AND venue_telephone='$venuetelephone' limit 1");
### Submitted Team Name
### Submitted Team Name (would now be teamname.php)
### Submitted Team Name
function submittedteamname($venueid, $teamname, $teamemail, $teamtelephone, $teamalternatetelephone, $teamnameold, $divisionold, $user) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
if ($username!=''){$email=$username;}
$teamname=ucwords(strtolower($teamname));
$teamnameold=ucwords(strtolower($teamnameold));
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
##
## Make sure all fields are filled in
##
if ($teamname=='')
{
echo "Somehow you have got this far without filling in all the fields on the previous form. Please return to the previous page and fill in all the fields.";
exit;
}
### Check if team name at venue already exists, then stop from writing new record
$teamresult = mysql_query("select COUNT(*) from team_names2 where team_name='$teamname' AND team_venue_id='$venueid'");
$teamcount=mysql_fetch_array($teamresult);
$nameexists= $teamcount[0];
if ($nameexists){echo "Sorry, the team name you specified has already been allocated. Please click the back button on your browser and choose another name."; exit;}
### Write team record
$result=mysql_query("insert into team_names2 values (NULL, $venueid, '$teamname', '$teamnameold', '0', '$divisionold', '$teamemail', '$teamtelephone', '$teamalternatetelephone')");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
### Read back in
$result = mysql_query("select team_id from team_names2 where team_venue_id='$venueid' AND team_name='$teamname' AND team_name_old='$teamnameold' AND division_old='$divisionold' limit 1");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
while (list($teamid2) = mysql_fetch_row($result))
{
### Add user to authority file
$teamid=$teamid2;
$result=mysql_query("insert into team_authorisation values ('$teamid', '$username')");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
}
echo "<h3><b>Create New Team: Add Players</b></h3>";
echo "<B>Player names entered here CANNOT be changed. If you do not know the exact name of some of your team members do not enter them. You can come back to this page at any time and add more members to your team without penalty.</b><BR><BR>";
echo "<FORM ACTION=\"maintenance.php\" METHOD=\"POST\" NAME=\"AddPlayers\">;
<input type=hidden NAME=\"teamid\" value=\"$teamid\">
Team Name: <input type=text NAME=\"teamname2\" value=\"$teamname\" disabled>
<input type=hidden NAME=\"teamname\" value=\"$teamname\">
<input type=hidden NAME=\"user\" value=\"$username\"><BR><BR>";
echo "<b>Players added now will only be elligible to play in games from tomorrow.<BR><BR></b>";
echo "<h4><b>Please enter First and Last names. Not just initial (e.g. John Smith not J.Smith)</b> </h4>
<BR>";
# Read existing players in
$x=1;
$result = mysql_query("select players_playerid, players_playername, players_playerstartdate from team_players where players_teamid='$teamid' order by players_playerid");
### registered user or email address
$username=getusername($user);
if ($username!=''){$email=$username;}
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
if (!(isauthorised($teamid, $username))){echo "Not authorised."; exit;}
##
## Make sure all fields are filled in
##
#if ($teamname=='')
#{
# echo "Somehow you have got this far without filling in all the fields on the previous form. Please #return to the previous page and fill in all the fields.";
#exit;
#}
### Write player records
if ($thisplayer!=''){
$y++;
$result=mysql_query("insert into team_players values ('$y', '$teamid', '$thisplayer', '$tomorrow')");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
else
{
}
}
$x++;
}
### Read back in
#$result = mysql_query("select team_id from team_names2 where team_venue_id='$venueid' AND team_name='$teamname' AND teamname_old='$teamnameold' AND division_old='$divisionold' limit 1");
#while (list($teamid) = mysql_fetch_row($result))
# {
#### Add user to authority file
#$result=mysql_query("insert into team_authorisation values ('$teamid', '$username')");
# }
echo "<h3><B>Create New Team: Add Team Authors</b></h3>";
echo "<FORM ACTION=\"maintenance.php\" METHOD=\"POST\" NAME=\"AddAuthors\">
Using this form you can add or delete site members as editors of your team. If you do not add any more only you will be able to amend the details about your team. If you do not wish to add them now you can add them at any time in the future.<BR><BR>
<input type=hidden NAME=\"teamid\" value=\"$teamid\">
Team Name: <input type=text NAME=\"teamname2\" value=\"$teamname\" disabled>
<input type=hidden NAME=\"teamname\" value=\"$teamname\">
<input type=hidden NAME=\"user\" value=\"$username\"><BR><BR><B>Current authors:</b><BR>";
# Read existing authors in
$x=0;
$result = mysql_query("select authorisation_user from team_authorisation where authorisation_teamid='$teamid'");
while (list($authorisation_user) = mysql_fetch_row($result))
{
echo "<input type=text NAME=\"author$x\" size=30 value=\"$authorisation_user\" disabled>";
if ($authorisation_user!=$username){ echo "<a href=\"?op=CreateTeam&step=RemoveAuthor&teamid=$teamid&authorid=$authorisation_user&teamname=$teamname\">remove</a>";}
echo "<BR><BR>";
$author{$x}=$authorisation_user;
$x++;
}
echo "<select name=\"addauthor\" size=\"10\">";
$result = mysql_query("select username from nuke_users");
$authorexists=0;
while (list($allusers) = mysql_fetch_row($result))
{
for ($i = 0; $i <= $x; $i++)
{
if ($allusers==$author{$i}){$authorexists=1;}
}
if (!($authorexists)){echo "<option>$allusers</option>";}
### Submitted Author
### Submitted Author (would now be subauthor.php)
### Submitted Author
function submittedauthor($teamid, $teamname, $user, $addauthor) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
if ($username!=''){$email=$username;}
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
if (!(isauthorised($teamid, $username))){echo "Not authorised."; exit;}
if ($addauthor==$username){echo "Your name is already in the authors list."; exit;}
##
## Make sure all fields are filled in
##
if ($addauthor=='')
{
echo "You must select a name from the list in order to add an additional team author. If you do not have any more authors to add, just click the 'Finished' button.";
exit;
}
# Count existing players
$playerresult = mysql_query("select COUNT(*) from team_players where players_teamid='$teamid'");
$playercount=mysql_fetch_array($playerresult);
$y= $playercount[0];
$result=mysql_query("insert into team_authorisation values ('$teamid', '$addauthor')");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
$url = "http://rebelt.westonpoolleague.org.uk/maintenance.php?op=CreateTeam&step=AddAuthors&teamid=$teamid&teamname=$teamname";
$delay = "0";
echo '<meta http-equiv="refresh" content="'.$delay.';url='.$url.'">';
maintfooter();
include ('footer.php');
}
### Finished
### Finished (would now be finished.php)
### Finished
function finished($teamid) {
include ('header.php');
maintheader();
# players
$result = mysql_query("select players_playerid, players_teamid, players_playername, players_playerstartdate from team_players order by players_teamid, players_playerid");
###
### Admin Delete (would now be admin/delete.php)
###
function admin_delete_team($id)
{
mysql_query("delete from team_names2 where team_id='$id'");
mysql_query("delete from team_players where players_teamid='$id'");
mysql_query("delete from team_authorisation where authorisation_teamid='$id'");
function removeauthor($teamid, $teamname, $user, $authorid)
{
### registered user or email address
$username=getusername($user);
if (!(isauthorised($teamid, $username))){echo "Not authorised."; exit;}
if ($authorid==$username){echo "You cannot remove yourself from the team."; exit;}
mysql_query("delete from team_authorisation where authorisation_teamid='$teamid' AND authorisation_user='$authorid'");
function removevenue($venueid, $user)
{
### registered user or email address
$username=getusername($user);
if ($username=="LeeJS" | $username=="RebelT")
{
mysql_query("delete from team_venues where venue_id='$venueid'");
}
$url = "http://rebelt.westonpoolleague.org.uk/maintenance.php?op=Admin&step=List";
$delay = "0";
echo '<meta http-equiv="refresh" content="'.$delay.';url='.$url.'">';
}
###
### Delete Player
###
function removeplayer($playerid, $teamid, $user)
{
### registered user or email address
$username=getusername($user);
if ($username=="2wheels" | $username=="RebelT")
{
mysql_query("delete from team_players where players_playerid='$playerid' and players_teamid='$teamid'");
# echo "delete from team_players where players_playerid='$playerid' and players_teamid='$teamid'<BR>";
## Now sort through whole team and ensure IDs are contiguous
##
##read in number of players
$playerresult = mysql_query("select COUNT(*) from team_players where players_teamid='$teamid'");
$playercount=mysql_fetch_array($playerresult);
$y= $playercount[0];
$thisplayerid=1;
# Read in all players details
$result = mysql_query("select players_playerid from team_players where players_teamid=$teamid order by players_playerid");
# for loop reading each one in turn
while (list($playersplayerid) = mysql_fetch_row($result))
{
# Compare player number against loop number
#if different update with loop value
#echo "playersplayerid=$playersplayerid | thisplayerid=$thisplayerid<BR>";
if ($playersplayerid!=$thisplayerid)
{
mysql_query("update team_players set players_playerid='$thisplayerid' where players_playerid='$playersplayerid' and players_teamid='$teamid'");
## echo "update team_players set players_playerid='$thisplayerid' where players_playerid='$playersplayerid' and players_teamid='$teamid'<BR>";
}
##else{ echo "No update<BR>"; }
###
### Summarise Team Members (would now be admin/summary.php)
###
function summarise($user)
{
include ('header.php');
global $admin;
maintheader();
# player summary
$result = mysql_query("select team_id, team_venue_id, team_name, players_teamid, players_playername from team_names2, team_players where team_id=players_teamid order by team_name, players_playername");
if (!$result) {
die('Could not read record: ' . mysql_error());
}
echo "<h3><B>Player Summary data</b></h3>";
echo "<table>";
while (list($teamid, $teamvenueid, $teamname, $teamid2, $playername) = mysql_fetch_row($result))
{
if ($teamname!=$oldteamname)
{
if ($teamcount) echo "<tr><td>Total</td><td><B>$teamcount</B></td></tr><tr><td> </td><td> </td></tr>";
echo "<tr><td><B>$teamname</b></td>";
$teamcount=0;
}
else
{
echo "<tr><td> </td>";
}
echo "<td>$playername</td></tr>";
$oldteamname=$teamname;
$teamcount=$teamcount+1;
$playercount=$playercount+1;
}
echo "<tr><td>Total</td><td><B>$teamcount</B></td></tr><tr><td> </td><td> </td></tr>";
echo "<tr><td><B>Total Number Of Players:</b></td><td><B>$playercount</b></td>";
echo "</table><BR><BR>";
mysql_free_result($result);
include ("footer.php");
}
### Admin Options
### Admin Options (would now be admin/options.php)
### Admin Options
function adminoptions($user) {
include ('header.php');
maintheader();
$username=getusername($user);
if ($username=="LeeJS" | $username=="RebelT")
{
echo "<center><H3><B>Pool Team Maintenance Administration Options</b></h3></center>";
//echo "<center><B>This is a beta service for adding and updating Weston Pool League team names and members. You are now in the Administration section.</center>";
echo "<BR><table width=100%>";
// These links will obviously need changing
echo "<a href=\"?op=Admin&step=List\">List All Team Data</a><BR><BR>
<a href=\"?op=Admin&step=Allocate\">Allocate Divisions</a><BR><BR>
<a href=\"?op=Admin&step=Summarise\">Summarise Team Members By Team</a><BR><BR>";
### Allocate
### Allocate (would now be admin/allocate.php)
### Allocate
function allocate($user) {
include ('header.php');
maintheader();
$result = mysql_query("select team_id, team_name, division, division_old from team_names2 order by division_old, team_name");
echo "<SCRIPT LANGUAGE=\"JavaScript\">\n
function Validate(thisForm)\n
{\n
var result = \"\";
var thisvar = \"\";
var formElements = thisForm.elements; \n
for (i=0; i<formElements.length; i++) { \n
thisvar=formElements[i].name; \n
if (thisvar.substring(0,4)==\"team\")\n
{\n
result += thisvar.substring(4,thisvar.length)+\"=\"+formElements[i].value+\"|\";\n
}\n
}\n
thisForm.allchanges.value=result;
return true;
}\n
</SCRIPT>";
function isauthorised($teamid, $username)
{
$result = mysql_query("select authorisation_user from team_authorisation where authorisation_teamid='$teamid'");
while (list($authorisation_user) = mysql_fetch_row($result))
{
if ($authorisation_user==$username){ return true;}
}
return false;
}
###
### Main Entry
###
switch($op) {
case "CreateTeam":
switch($step) {
case "Venue":
selectvenue($user);
break;
case "SubmittedVenue":
submittedvenue($venuename, $venueoldname, $venueaddress, $venuetown, $venuepostcode, $venuetelephone, $user);
break;
case "VenueSelected":
venueselected($venueid, $venuename, $user);
break;
Gonna have a go at this but would like to ask a couple of questions first.
As I understand it, I will need an index.php file in modules/Leagueresult for the public part and leagueresult.php, in admin/modules for the admin part.
Joined: Mar 30, 2006 Posts: 2456 Location: Pittsburgh, Pennsylvania
Posted:
Wed Jun 23, 2010 4:22 pm
Yes on the links. If there is a separate admin for both modules I would put them in modules/*modulename*/admin. If the admin is for both modules then you are stuck doing the /admin/modules/ as you suggest.
Thanks. Yes the admin is separate. Haven't worked out how to access modules/*modulename*/admin yet though I'll have a look at the howto once the public part is done
Changed all the mysql_query to $db->sql_query and mysql_fetch_row to $db->sql_fetchrow.
Most things seem to work but am getting the "Sorry, that module file was not found." error on this link.
<?PHP
// includes the mainfile functions and the header junk
if (!isset($mainfile)) { include("mainfile.php"); }
### Main Page
### Main Page
### Main Page
function mainpage() {
include ('header.php');
maintheader();
echo "<center><B>This online service will be used to add and update Weston Pool League team names, members and venues.<br /> By registering with Weston Pool League, you acknowledge that the league, those who run it and members, are not responsible for access to any venue. <br />If you are new to this process, get started by creating your team using the first option below.<br /><h3>Please make sure the player is ONLY registered to play for your team.</h3><br /><h3><blink><B>Important!</b></blink><br/>DO NOT enter any team detail, until the notice appears on the fromt page telling you the database is ready.</h3></center>";
echo "<BR><table width=100%>";
echo "<a href=\"?op=CreateTeam&step=Venue\">1. Create New Team</a><BR><BR>
<a href=\"?op=ListVenues\">2. List All Venues</a><BR><BR>
<a href=\"?op=ShowMyTeam\">3. Show My Team</a><BR><BR>
<a href=\"?op=ListTeams\">4. List All Teams</a><BR><BR>";
echo "</table>";
maintfooter();
mysql_free_result($result);
include ('footer.php');
}
### List Teams
### List Teams
### List Teams
function listteams() {
include ('header.php');
maintheader();
$result = mysql_query("select team_id, team_name, division from team_names2 order by division, team_name");
$lastdivision="A";
while (list($teamid, $teamname, $division) = mysql_fetch_row($result))
{
if ($division!=$lastdivision)
{
if ($division=='0')
{
echo "<BR><B>Division Unallocated Teams</b> (divisions are usually allocated towards the beginning of the season)<BR><BR>";
}
else
{
echo "<BR><B>Division $division Teams</b><BR><BR>";
}
}
echo "<a href=\"?op=ShowTeam&teamid=$teamid\">$teamname</a><BR>";
$lastdivision=$division;
}
maintfooter();
mysql_free_result($result);
include ('footer.php');
}
### Show My Team
### Show My Team
### Show My Team
function showmyteam($user) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
## Check to see if user is author on a team
$teamresult = mysql_query("select COUNT(*) from team_authorisation where authorisation_user='$username'");
$teamcount=mysql_fetch_array($teamresult);
$existsonteam= $teamcount[0];
if ($existsonteam)
{
$result = mysql_query("select authorisation_teamid from team_authorisation where authorisation_user='$username'");
while (list($authorisation_teamid) = mysql_fetch_row($result))
{
$url = "http://rebelt.westonpoolleague.org.uk/maintenance.php?op=ShowTeam&teamid=$authorisation_teamid";
$delay = "0";
echo '<meta http-equiv="refresh" content="'.$delay.';url='.$url.'">';
}
}
else
{
echo "Unfortunately we cannot find your user ID attached to any existing team. You either need to create a new team or ask the person who administers your team to add your user ID to the list of authorised users.";
exit;
}
mysql_free_result($result);
include ('footer.php');
}
### List Venues
### List Venues
### List Venues
function listvenues() {
include ('header.php');
maintheader();
$result = mysql_query("select venue_name, venue_id from team_venues order by venue_name");
while (list($venuename, $venueid) = mysql_fetch_row($result))
{
echo "<a href=\"?op=ShowVenue&venueid=$venueid\">$venuename</a><BR>";
}
maintfooter();
mysql_free_result($result);
include ('footer.php');
}
### Show Team
### Show Team
### Show Team
function showteam($teamid, $user) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
echo "<h3><B>Show Team Details</b></h3>";
$result = mysql_query("select team_venue_id, team_name, team_name_old, division, division_old, team_email, team_telephone, team_alternate_telephone from team_names2 where team_id='$teamid' order by team_id limit 1");
while (list($teamvenueid, $teamname, $teamnameold, $division, $divisionold, $teamemail, $teamtelephone, $teamalternatetelephone) = mysql_fetch_row($result))
{
echo "<B>Team Name:</b> $teamname<BR>";
echo "<B>Team Email Contact:</b> $teamemail<BR>";
echo "<B>Team Telephone Contact:</b> $teamtelephone<BR>";
echo "<B>Alternate Team Telephone Contact:</b> $teamalternatetelephone<BR>";
if ($teamnameold!='') echo "<B>Old Team Name:</b> $teamnameold<BR>";
echo "<B>Division This Season:</b>";
if ($division==0) {echo " not yet allocated<BR>";}
else {echo " $division<BR>";}
if ($divisionold!=0) echo "<B>Division Last Season:</b> $divisionold<BR>";
$result = mysql_query("select players_playerid, players_playername, players_playerstartdate from team_players where players_teamid='$teamid' order by players_playerid");
while (list($playersplayerid, $playersplayername, $playersplayerstartdate) = mysql_fetch_row($result))
{
$box.="<TR><td>$playersplayername</td><td>".date("Y-m-d", strtotime($playersplayerstartdate))."</td><td>";
if ($x==1){$box.=" (Captain)";}
$box.="</td></tr>";
$x++;
}
if ($box){
echo "<table border=0><tr><td><B>Player Name</b></td><td><B>Valid For games From</b></td><td></td></tr>";
echo $box;
echo "</table>";
}
else
{
echo "No registered players";
}
echo "<BR><BR><B>Current authors:</b><BR>";
# Read existing authors in
$result = mysql_query("select authorisation_user from team_authorisation where authorisation_teamid='$teamid'");
while (list($authorisation_user) = mysql_fetch_row($result))
{
echo "$authorisation_user<BR>";
if (trim($authorisation_user)==trim($username)) {$author=1;}
}
if ($author){echo "<BR><B><h3><a href=\"http://rebelt.westonpoolleague.org.uk/maintenance.php?op=CreateTeam&step=AddPlayers&teamid=$teamid&teamname=$teamname\">add players</a> | <a href=\"http://rebelt.westonpoolleague.org.uk/maintenance.php?op=CreateTeam&step=AddAuthors&teamid=$teamid&teamname=$teamname\">add authors</a> | <a href=\"http://rebelt.westonpoolleague.org.uk/maintenance.php\">main menu</a></B></h3>";}
else{echo "<BR><B><h3>To edit this team you must be logged in and listed as a team author. </b></h3>";}
}
maintfooter();
include ('footer.php');
}
### Show Venue
### Show Venue
### Show Venue
function showvenue($venueid) {
include ('header.php');
maintheader();
echo "<h3><B>Venue Details</b></h3>";
function selectvenue($user) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
echo "<SCRIPT LANGUAGE=\"JavaScript\">\n
function Validate(thisForm)\n
{\n";
echo "thisForm.venuename.value=thisForm.venueid.options[thisForm.venueid.selectedIndex].text;\n";
echo "if (thisForm.venuename.value==\"Other...\" || thisForm.venuename.value==\"Select One\"){return (false)};\n";
echo "return (true);\n
}\n
\n
function Validate2(thisForm)\n
{\n";
echo "if (thisForm.venuename.value==\"\" || thisForm.venueaddress.value==\"\" || thisForm.venuetown.value==\"\" || thisForm.venuepostcode.value==\"\" || thisForm.venuetelephone.value==\"\"){alert(\"It is very important that you fill all these fields in so that other site users can find your venue when playing you at home.\"); return (false) };\n";
echo "return (true);\n
}\n
\n
function unhide(thisField, thisObject)\n
{\n
if (thisField.options[thisField.selectedIndex].text==\"Other...\"){thisObject.style.display=\"\";}\n
else\n
{thisObject.style.display=\"none\"}
}\n
##
## Make sure all fields are filled in
##
if ($venuename=='' or $venueaddress=='' or $venuetown=='' or $venuepostcode=='' or $venuetelephone=='')
{
echo "Somehow you have got this far without filling in all the fields on the previous form. Please return to the previous page and fill in all the fields.";
exit;
}
if (!$result) {
die('Could not write record: ' . mysql_error());
}
### Read back in
$result = mysql_query("select venue_id from team_venues where venue_name='$venuename' AND venue_oldname='$venueoldname' AND venue_address='$venueaddress' AND venue_town='$venuetown' AND venue_postcode='$venuepostcode' AND venue_telephone='$venuetelephone' limit 1");
### Submitted Team Name
### Submitted Team Name
### Submitted Team Name
function submittedteamname($venueid, $teamname, $teamemail, $teamtelephone, $teamalternatetelephone, $teamnameold, $divisionold, $user) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
if ($username!=''){$email=$username;}
$teamname=ucwords(strtolower($teamname));
$teamnameold=ucwords(strtolower($teamnameold));
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
##
## Make sure all fields are filled in
##
if ($teamname=='')
{
echo "Somehow you have got this far without filling in all the fields on the previous form. Please return to the previous page and fill in all the fields.";
exit;
}
### Check if team name at venue already exists, then stop from writing new record
$teamresult = mysql_query("select COUNT(*) from team_names2 where team_name='$teamname' AND team_venue_id='$venueid'");
$teamcount=mysql_fetch_array($teamresult);
$nameexists= $teamcount[0];
if ($nameexists){echo "Sorry, the team name you specified has already been allocated. Please click the back button on your browser and choose another name."; exit;}
### Write team record
$result=mysql_query("insert into team_names2 values (NULL, $venueid, '$teamname', '$teamnameold', '0', '$divisionold', '$teamemail', '$teamtelephone', '$teamalternatetelephone')");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
### Read back in
$result = mysql_query("select team_id from team_names2 where team_venue_id='$venueid' AND team_name='$teamname' AND team_name_old='$teamnameold' AND division_old='$divisionold' limit 1");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
while (list($teamid2) = mysql_fetch_row($result))
{
### Add user to authority file
$teamid=$teamid2;
$result=mysql_query("insert into team_authorisation values ('$teamid', '$username')");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
}
echo "<h3><b>Create New Team: Add Players</b></h3>";
echo "<B>Player names entered here CANNOT be changed. If you do not know the exact name of some of your team members do not enter them. You can come back to this page at any time and add more members to your team without penalty.</b><BR><BR>";
echo "<FORM ACTION=\"maintenance.php\" METHOD=\"POST\" NAME=\"AddPlayers\">;
<input type=hidden NAME=\"teamid\" value=\"$teamid\">
Team Name: <input type=text NAME=\"teamname2\" value=\"$teamname\" disabled>
<input type=hidden NAME=\"teamname\" value=\"$teamname\">
<input type=hidden NAME=\"user\" value=\"$username\"><BR><BR>";
echo "<b>Players added now will only be elligible to play in games from tomorrow.<BR><BR></b>";
echo "<h4><b>Please enter First and Last names. Not just initial (e.g. John Smith not J.Smith)</b> </h4>
<BR>";
# Read existing players in
$x=1;
$result = mysql_query("select players_playerid, players_playername, players_playerstartdate from team_players where players_teamid='$teamid' order by players_playerid");
### registered user or email address
$username=getusername($user);
if ($username!=''){$email=$username;}
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
if (!(isauthorised($teamid, $username))){echo "Not authorised."; exit;}
##
## Make sure all fields are filled in
##
#if ($teamname=='')
#{
# echo "Somehow you have got this far without filling in all the fields on the previous form. Please #return to the previous page and fill in all the fields.";
#exit;
#}
### Write player records
if ($thisplayer!=''){
$y++;
$result=mysql_query("insert into team_players values ('$y', '$teamid', '$thisplayer', '$tomorrow')");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
else
{
}
}
$x++;
}
### Read back in
#$result = mysql_query("select team_id from team_names2 where team_venue_id='$venueid' AND team_name='$teamname' AND teamname_old='$teamnameold' AND division_old='$divisionold' limit 1");
#while (list($teamid) = mysql_fetch_row($result))
# {
#### Add user to authority file
#$result=mysql_query("insert into team_authorisation values ('$teamid', '$username')");
# }
echo "<h3><B>Create New Team: Add Team Authors</b></h3>";
echo "<FORM ACTION=\"maintenance.php\" METHOD=\"POST\" NAME=\"AddAuthors\">
Using this form you can add or delete site members as editors of your team. If you do not add any more only you will be able to amend the details about your team. If you do not wish to add them now you can add them at any time in the future.<BR><BR>
<input type=hidden NAME=\"teamid\" value=\"$teamid\">
Team Name: <input type=text NAME=\"teamname2\" value=\"$teamname\" disabled>
<input type=hidden NAME=\"teamname\" value=\"$teamname\">
<input type=hidden NAME=\"user\" value=\"$username\"><BR><BR><B>Current authors:</b><BR>";
# Read existing authors in
$x=0;
$result = mysql_query("select authorisation_user from team_authorisation where authorisation_teamid='$teamid'");
while (list($authorisation_user) = mysql_fetch_row($result))
{
echo "<input type=text NAME=\"author$x\" size=30 value=\"$authorisation_user\" disabled>";
if ($authorisation_user!=$username){ echo "<a href=\"?op=CreateTeam&step=RemoveAuthor&teamid=$teamid&authorid=$authorisation_user&teamname=$teamname\">remove</a>";}
echo "<BR><BR>";
$author{$x}=$authorisation_user;
$x++;
}
echo "<select name=\"addauthor\" size=\"10\">";
$result = mysql_query("select username from nuke_users");
$authorexists=0;
while (list($allusers) = mysql_fetch_row($result))
{
for ($i = 0; $i <= $x; $i++)
{
if ($allusers==$author{$i}){$authorexists=1;}
}
if (!($authorexists)){echo "<option>$allusers</option>";}
function submittedauthor($teamid, $teamname, $user, $addauthor) {
include ('header.php');
maintheader();
### registered user or email address
$username=getusername($user);
if ($username!=''){$email=$username;}
if (!($username)){echo "Sorry, you need to be a registered user to use this area of the site."; exit;}
if (!(isauthorised($teamid, $username))){echo "Not authorised."; exit;}
if ($addauthor==$username){echo "Your name is already in the authors list."; exit;}
##
## Make sure all fields are filled in
##
if ($addauthor=='')
{
echo "You must select a name from the list in order to add an additional team author. If you do not have any more authors to add, just click the 'Finished' button.";
exit;
}
# Count existing players
$playerresult = mysql_query("select COUNT(*) from team_players where players_teamid='$teamid'");
$playercount=mysql_fetch_array($playerresult);
$y= $playercount[0];
$result=mysql_query("insert into team_authorisation values ('$teamid', '$addauthor')");
if (!$result) {
die('Could not write record: ' . mysql_error());
}
$url = "http://rebelt.westonpoolleague.org.uk/maintenance.php?op=CreateTeam&step=AddAuthors&teamid=$teamid&teamname=$teamname";
$delay = "0";
echo '<meta http-equiv="refresh" content="'.$delay.';url='.$url.'">';
maintfooter();
include ('footer.php');
}
### Finished
### Finished
### Finished
function finished($teamid) {
include ('header.php');
maintheader();
# players
$result = mysql_query("select players_playerid, players_teamid, players_playername, players_playerstartdate from team_players order by players_teamid, players_playerid");
function admin_delete_team($id)
{
mysql_query("delete from team_names2 where team_id='$id'");
mysql_query("delete from team_players where players_teamid='$id'");
mysql_query("delete from team_authorisation where authorisation_teamid='$id'");
function removeauthor($teamid, $teamname, $user, $authorid)
{
### registered user or email address
$username=getusername($user);
if (!(isauthorised($teamid, $username))){echo "Not authorised."; exit;}
if ($authorid==$username){echo "You cannot remove yourself from the team."; exit;}
mysql_query("delete from team_authorisation where authorisation_teamid='$teamid' AND authorisation_user='$authorid'");
function removevenue($venueid, $user)
{
### registered user or email address
$username=getusername($user);
if ($username=="LeeJS" | $username=="RebelT")
{
mysql_query("delete from team_venues where venue_id='$venueid'");
}
$url = "http://rebelt.westonpoolleague.org.uk/maintenance.php?op=Admin&step=List";
$delay = "0";
echo '<meta http-equiv="refresh" content="'.$delay.';url='.$url.'">';
}
###
### Delete Player
###
function removeplayer($playerid, $teamid, $user)
{
### registered user or email address
$username=getusername($user);
if ($username=="2wheels" | $username=="RebelT")
{
mysql_query("delete from team_players where players_playerid='$playerid' and players_teamid='$teamid'");
# echo "delete from team_players where players_playerid='$playerid' and players_teamid='$teamid'<BR>";
## Now sort through whole team and ensure IDs are contiguous
##
##read in number of players
$playerresult = mysql_query("select COUNT(*) from team_players where players_teamid='$teamid'");
$playercount=mysql_fetch_array($playerresult);
$y= $playercount[0];
$thisplayerid=1;
# Read in all players details
$result = mysql_query("select players_playerid from team_players where players_teamid=$teamid order by players_playerid");
# for loop reading each one in turn
while (list($playersplayerid) = mysql_fetch_row($result))
{
# Compare player number against loop number
#if different update with loop value
#echo "playersplayerid=$playersplayerid | thisplayerid=$thisplayerid<BR>";
if ($playersplayerid!=$thisplayerid)
{
mysql_query("update team_players set players_playerid='$thisplayerid' where players_playerid='$playersplayerid' and players_teamid='$teamid'");
## echo "update team_players set players_playerid='$thisplayerid' where players_playerid='$playersplayerid' and players_teamid='$teamid'<BR>";
}
##else{ echo "No update<BR>"; }
function adminoptions($user) {
include ('header.php');
maintheader();
$username=getusername($user);
if ($username=="LeeJS" | $username=="RebelT")
{
echo "<center><H3><B>Pool Team Maintenance Administration Options</b></h3></center>";
//echo "<center><B>This is a beta service for adding and updating Weston Pool League team names and members. You are now in the Administration section.</center>";
echo "<BR><table width=100%>";
// These links will obviously need changing
echo "<a href=\"?op=Admin&step=List\">List All Team Data</a><BR><BR>
<a href=\"?op=Admin&step=Allocate\">Allocate Divisions</a><BR><BR>
<a href=\"?op=Admin&step=Summarise\">Summarise Team Members By Team</a><BR><BR>";
function allocate($user) {
include ('header.php');
maintheader();
$result = mysql_query("select team_id, team_name, division, division_old from team_names2 order by division_old, team_name");
echo "<SCRIPT LANGUAGE=\"JavaScript\">\n
function Validate(thisForm)\n
{\n
var result = \"\";
var thisvar = \"\";
var formElements = thisForm.elements; \n
for (i=0; i<formElements.length; i++) { \n
thisvar=formElements[i].name; \n
if (thisvar.substring(0,4)==\"team\")\n
{\n
result += thisvar.substring(4,thisvar.length)+\"=\"+formElements[i].value+\"|\";\n
}\n
}\n
thisForm.allchanges.value=result;
return true;
}\n
</SCRIPT>";
function isauthorised($teamid, $username)
{
$result = mysql_query("select authorisation_user from team_authorisation where authorisation_teamid='$teamid'");
while (list($authorisation_user) = mysql_fetch_row($result))
{
if ($authorisation_user==$username){ return true;}
}
return false;
}
###
### Main Entry
###
switch($op) {
case "CreateTeam":
switch($step) {
case "Venue":
selectvenue($user);
break;
case "SubmittedVenue":
submittedvenue($venuename, $venueoldname, $venueaddress, $venuetown, $venuepostcode, $venuetelephone, $user);
break;
case "VenueSelected":
venueselected($venueid, $venuename, $user);
break;
You don't have permission to access the requested object. It is either read-protected or not readable by the server.
modules/Leagueresult/admin
index.php
Code:
<?php
if (!eregi("admin.php", $_SERVER['PHP_SELF'])) { die ("Access Denied"); }
$querystr = "SELECT radminsuper, admlanguage FROM "
.$prefix."_authors where aid='$aid'";
$result = $db->sql_query($querystr) or die ("invalied query");
list($radminsuper) = $db->sql_fetchrow($result);
if ($radminsuper==1) {
} else {
echo "Access Denied";
}
###
### List Results In Admin
###
function listresults()
{
include ('header.php');
global $admin;
$result = $db->sql_query("select match_id, home_team, away_team, home_score, away_score, division, email, match_date from team_scores where status=0 order by division");
$result = $db->sql_query("select match_id, home_team, away_team, home_score, away_score, division, email, match_date, status, comments from team_scores where status>0 order by division");
$db->sql_query("delete from team_scores where match_id='$id'");
if (mysql_affected_rows()==0)
{
dispmessage('nosuchmatchID', $id);
}
else
{
dispmessage('deleted', $id);
}
}
###
### Admin Make Live
###
/*
function admin_makelive_result($id)
{
$db->sql_query("update team_scores set status='1' where match_id='$id'");
if (mysql_affected_rows()==0)
{
dispmessage('nosuchmatchID', $id);
}
else
{
dispmessage('authorised', $id);
}
}
*/
switch($_REQUEST['op']) {
// case "adminmakelive":
// admin_makelive_result($_REQUEST['id']);
// break;
case "admindelete":
admin_delete_result($_REQUEST['id'], $_REQUEST['validate']);
break;
}
die();
?>
case.php
Code:
<?php
if (!defined('ADMIN_FILE')) die ('Access Denied');
$module_name = 'Leagueresult';
switch($_REQUEST['op']) {
case 'adminmakelive':
case 'admindelete':
include 'modules/'.$module_name.'/admin/index.php';
break;
}
?>
links.php
Code:
<?php
if ( !defined('ADMIN_FILE') ) die('Illegal File Access');
View next topic View previous topic
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
![[Valid RSS]](http://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
:: 
::
I'll have a look at the howto once the public part is done 
