Attachment #188271 for bug #303756

Lines 844-850 Link Here

(-)ajax.js (-2 / +2 lines)
844	}	844	}
845		845
846		846
847	function editSlideLink(action,submissoinid,value){	847	function editSlideLink(action,submissionid,value){
848	var node = document.getElementById("slidelink");	848	var node = document.getElementById("slidelink");
849		849
850	var callback =	850	var callback =
Lines 859-865 Link Here
859	}	859	}
860	};	860	};
861		861
862	YAHOO.util.Connect.asyncRequest('POST', "callbacks/edit_slide.php?action="+action+"&submission_id="+submissoinid+"&value="+encodeURIComponent(value), callback);	862	YAHOO.util.Connect.asyncRequest('POST', "callbacks/edit_slide.php?action="+action+"&submission_id="+submissionid+"&value="+encodeURIComponent(value), callback);
863	node.innerHTML = "<div id='spinner' style=''><img src='image/spinner.gif'></div>";	863	node.innerHTML = "<div id='spinner' style=''><img src='image/spinner.gif'></div>";
864	}	864	}
865		865




	/*
	 * ..if not display a message and exit
	 */
	echo "This page is for the conference staff only.";
	exit();
}


		/*
		 * ...find all the submissions where the tenetative_status is not empty
		 */
		$query = "select /* bigbutton.php:get_submissions_with_actionable_status() */ 	* 
			  FROM submissions AS S
			  INNER JOIN submission_types AS T ON T.type = S._type
			  WHERE	tentative_status != ''
			  AND S.conference_id = '".addslashes($context->theconference->getConferenceID())."'
			  AND T.conference_id = '".addslashes($context->theconference->getConferenceID())."'
			  AND T.internal_type in ('".implode('\',\'',$types)."')
			  GROUP BY tentative_status, submission_id";
			  	submissions.conference_id = '".addslashes($context->theconference->getConferenceID())."'
			  and
			  	submission_types.conference_id = '".addslashes($context->theconference->getConferenceID())."'
  		  	  and
			  	submission_types.type = submissions._type
			  and
			  	submission_types.internal_type in ('".implode('\',\'',$types)."')
			  group by 
			  	tentative_status,
			  	submission_id
			  ";
	}else{
		/*
		 * there are no submission to take action on




				echo $conflict['type']
			?></li><?php 
			?><li class="<?=$class?>"><?php 
				$person = get_people_information($conflict['BugzillaUserID']); 
				echo $person['name'];
			?></li><?php 
			

	$conflicts = array();
	
	$query = "select 
				BugzillaUserID, 
				".$tentative."date as date,
				".$tentative."start_time as start_time,
				".$tentative."end_time as end_time,

			";


	# print $query;
	
	$res = conference_sql($query);
	

			$times['submission_id'] = $row['submission_id'];
			$times['room'] = $row['room'];
			$times['type'] = $row['_type'];
			$f[$row['BugzillaUserID']][$row['submission_id']] = $times;
//		}
//		print $tentative;
//		print_pre($row);

						/*
						 * case where the start times are the same
						 */
						$cur['BugzillaUserID'] = $next['BugzillaUserID'] = $personid;
						$conflict['a'] = $cur;
						$conflict['b'] = $next;
						$conflicts[] = $conflict;

						/*
						 * case where the start time of next is within the start end of cur
						 */
						$cur['BugzillaUserID'] = $next['BugzillaUserID'] = $personid;
						$conflict['a'] = $cur;
						$conflict['b'] = $next;
						$conflicts[] = $conflict;




 * If the user specified a talk id in the url..
 */
if(isset($_GET['id'])){
	if(!can_user_edit_submission($_GET['id'],$context->theuser->getBugzillaUserID() )){
		?><h2>You are not authorized to edit this talk.</h2><?
		exit();
	}

		/*
		*  if the current use is not listed as a author or assistant
		*/
		if(!in_array($context->theuser->getBugzillaUserID(),$auths_assistants)){
			/*
			* .. then add them as an author
			*/
			$auths[] = $context->theuser->getBugzillaUserID();
			$_POST['authors'] = implode(",",$auths);
		}
		

		<input id="hidden-authors"  type="hidden" name="authors" value="<?= $_POST['authors'];?>">
		<input id="hidden-assistants" type="hidden" name="assistants" value="<?=$_POST['assistants'];?>">
		
		<tr>
			<td align="right" valign="top">Authors:</td>		
			<td id="author">
			<div id="talk-author">
			<?php
				$found = hiddenPeopleToArrayofPeopleIDorEmail($a_talk['authors'],'authors');
				show_editable_people($a_talk['submission_id'] ? $a_talk['submission_id'] : 0 ,'author', $found['authors'],$found['invited_authors']);
			?>

		$query = "insert into submission_authors set
						rank = '".addslashes($rank)."',
						submission_id = '".addslashes($submission_id)."',
						BugzillaUserID = '".addslashes($auth)."',
						role = 'author'
				";
		$res = conference_sql($query);

		$query = "insert into submission_authors set
						rank = 0,
						submission_id = '".addslashes($submission_id)."',
						BugzillaUserID = '".addslashes($auth)."',
						role = 'assistant'
				";
		$res = conference_sql($query);

	if(trim($need_extra_time) != ""){
		$query = "insert into submission_comments set 
				  	submission_id = '".addslashes($submission_id)."',
				  	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
				  	comment = '".addslashes($need_extra_time)."',
				  	ts = NOW(),
				  	is_private = true";




<?php 
require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
external_entry( false );




<?php
	$query = "
	select * from submissions, submission_authors
		 where
			   submissions.submission_id = submission_authors.submission_id
		   and
			   PersonID = '".$context->theuser->getFoundationID()."'
		   and 
		   submissions.conference_id = ".$context->theconference->getConferenceID()." 
		   and 
		   conference_id = ".$context->theconference->getConferenceID()."
		 order by submissions.submission_id";
	$res = conference_sql($query);
	$title = "Your Submission" . (mysql_num_rows($res) > 1 ? 's' : '');
	if(is_user_logged_in()){
		$query = "select /* index.php:13 */ * from submissions AS S
			INNER JOIN submission_authors AS A on A.submission_id = S.submission_id
			WHERE A.BugzillaUserID = " . $context->theuser->getBugzillaUserID() . "
		   AND S.conference_id = ".$context->theconference->getConferenceID()." 
		 ORDER BY S.submission_id";
		$res = conference_sql($query);
		$title = "Your Submission" . (mysql_num_rows($res) > 1 ? 's' : '');

		$results = array();
		while( $row = mysql_fetch_assoc($res) ) {
			$results[$row['submission_id']] = $row;

			<?php
				
				if($context->theuser->getPicture() == true){		
					$_GET['PersonID'] = $context->theuser->getBugzillaUserID();
					include("callbacks/image-upload.php");
				}else{
					?><h3><a href="" onclick="showUpload('<?=$context->theuser->getBugzillaUserID();?>');return false;">upload your photo</a></h3><?php
				}
			 ?>
		</div>


	<div style='width: 630px;'>
		<h2 style='margin: 0px; margin-bottom: 10px;'>Your Bio</h2>
		<b><?=show_person( $context->theuser->getBugzillaUserID(),true )?></b>
		<?php 
		if(get_speakers_accepted_submissions($context->theuser->getBugzillaUserID())){
			?>
			<div style='font-size: 10px;'>
				<a href="speaker_agreement.php?PersonID=<?=$context->theuser->getBugzillaUserID()?>">Speaker Agreement</a>
			</div>
			<?php 
		} ?>
		<div id="bio" class="bio">
			<span style='float: right; margin-right: 10px;'><a href="" onclick="editBio('edit','<?=$context->theuser->getBugzillaUserID();?>'); return false;"><?=$bio ? "edit" : "create" ?> bio</a></span>
			<br>
			<p>
			<?php
				if( ($bio) ){
					echo $bio;
				}else{

	</div>
	<div style='clear: both;'></div>
</div>
<?php }?>




Lines 22-28 Link Here

(-)schedulingTool.php (-1 / +1 lines)
22	<script type="text/javascript" src="js/yui2.6/build/element/element-beta-min.js"></script>	22	<script type="text/javascript" src="js/yui2.6/build/element/element-beta-min.js"></script>
23	<script type="text/javascript" src="js/yui2.6/build/connection/connection.js"></script>	23	<script type="text/javascript" src="js/yui2.6/build/connection/connection.js"></script>
24	<script type="text/javascript" src="js/yui2.6/build/logger/logger.js"></script>	24	<script type="text/javascript" src="js/yui2.6/build/logger/logger.js"></script>
25	<script type="text/javascript" src="js/yui2.6/build/element/element.js"></script>	25	<script type="text/javascript" src="js/yui2.6/build/element/element-beta.js"></script>
26	<script type="text/javascript" src="js/yui2.6/build/tabview/tabview.js"></script>	26	<script type="text/javascript" src="js/yui2.6/build/tabview/tabview.js"></script>
27	<script type="text/javascript" src="js/yui2.6/build/dragdrop/dragdrop-min.js" ></script>	27	<script type="text/javascript" src="js/yui2.6/build/dragdrop/dragdrop-min.js" ></script>
28		28




require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
external_entry( false );

# sanitize - incoming should be an integer
if(!preg_match("/^[0-9]+$/", $_GET['id'])) {
	unset($_GET['id']);
} 

# Array of talks for this user
$a_talks = array();
 */ 
conference_include($GLOBALS['FRAGMENTS_DIRECTORY'] . "header.php"); 
do_header(false);

$bio = "";
/*
 * if the id is set for this user
 */
if(isset($_GET['id'])){
	/*
	 * load their bio
	 */
	$query = "select * from speakers where BugzillaUserID = '".addslashes($_GET['id'])."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
	$res = conference_sql($query);
	$author_info = mysql_fetch_assoc($res);
	
	if($author_info['bio'] != ""){
		$bio = $author_info['bio'];
	}
	
	# Load up talks for this user
	$query = "select /* user.php:95 */ S.* 
 				  FROM submissions AS S
 				  INNER JOIN submission_authors AS A ON A.submission_id = S.submission_id 
 				  AND BugzillaUserID = ".addslashes($_GET['id'])."
 				  AND role IN ('author','assistant')
	  			  AND conference_id = ".$context->theconference->getConferenceID()." order by rank asc";
	$res = conference_sql($query);
	
	while( $row = mysql_fetch_assoc($res) ) {
		$a_talks[$row['submission_id']] = $row;
	}

}

conference_include($GLOBALS['FRAGMENTS_DIRECTORY'] . "header.php"); 
do_header(false);

 /*
 * From here down, we are generating an HTML page for the user.
 */ 

$bio = "";
/*
 * if the id is set for this user
 */
?>
 	<div id="bodytext">
		<div>

				<div id="picture" style="text-align: center;">
				<?

					if($context->theuser->getBugzillaUserID() == $_GET['id'] || current_user_has_role("conference_chair") ){		
						$_GET['PersonID'] = $_GET['id'];
						include("callbacks/image-upload.php");
					}else{

		
			<div style='width: 600px;'>
				<h2 style='margin: 0px; margin-bottom: 10px;'>Bio</h2>
				<b><?= show_person( $_GET['id'],true, true,true )?></b>
				<?php 
				if(get_speakers_accepted_submissions($_GET['id'])){
					if($context->theuser->getFoundationID() == $_GET['id'] || current_user_has_role("conference_chair")  || current_user_has_role("program_committee") || current_user_has_role("registration_master") ){		

			
			<div style='clear: both;'></div>
		</div>
 		<?php
 		show_table_of_talks($a_talks,"Submissions","view_talk.php"); 
 		
 		<? 
 		$query = "select 
 					submissions.* 
 				  from 
 				  	submissions,
 				  	submission_authors
 				  where 
 				  	submissions.submission_id = submission_authors.submission_id 
 				  and 
 				  	PersonID = '".addslashes($_GET['id'])."'
 				  and
 				  	role in ('author','assistant')
	  			  and 
		 		    conference_id = ".$context->theconference->getConferenceID()."
 				  	
 				  order by rank asc
 				  	";
 		$res = conference_sql($query);
 		/*
		 * get all the results
		 */
		$results = array();
		while( $row = mysql_fetch_assoc($res) ) {
			$results[$row['submission_id']] = $row;
		}
 		show_table_of_talks($results,"Submissions","view_talk.php"); 
 		?>
 		
 	</div>

	}
	?></div><?php
}


?>
 
 
 
<?php /* bodytext */ ?>
<?php conference_include($GLOBALS['FRAGMENTS_DIRECTORY'] . "footer.php"); ?>

Lines 2-7 Link Here

(-)view_talk.php (-13 / +17 lines)
2	require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( false );	3	external_entry( false );
4		4
		5	# sanitize - incoming should be an integer
		6	if(!preg_match("/^[0-9]+$/", $_GET['id'])) {
		7	unset($_GET['id']);
		8	}
		9
5	/*	10	/*
6	* Create a work flow object for processing submissions	11	* Create a work flow object for processing submissions
7	*/	12	*/
Lines 20-26 Link Here
20	$errors = "";	25	$errors = "";
21		26
22	if($_GET['cancel_id'] != ""){	27	if($_GET['cancel_id'] != ""){
23	if(can_user_edit_submission($a_talk['submission_id'], $context->theuser->getFoundationID() ) ){	28	if(can_user_edit_submission($a_talk['submission_id'], $context->theuser->getBugzillaUserID() ) ){
24	$query = "update submissions set status = 'withdrawn' where submission_id = '".addslashes($_GET['cancel_id'])."'";	29	$query = "update submissions set status = 'withdrawn' where submission_id = '".addslashes($_GET['cancel_id'])."'";
25	conference_sql($query);	30	conference_sql($query);
26	}	31	}
Lines 73-81 Link Here
73	if(get_magic_quotes_gpc()) {	78	if(get_magic_quotes_gpc()) {
74	$_POST['comment'] = stripslashes($_POST['comment']);	79	$_POST['comment'] = stripslashes($_POST['comment']);
75	}	80	}
76	$query = "insert into submission_comments set	81	$query = "insert /* view_talk.php:81 */ into submission_comments set
77	submission_id = '".addslashes($_POST['submission_id'])."',	82	submission_id = '".addslashes($_POST['submission_id'])."',
78	PersonID = '".addslashes($context->theuser->getFoundationID())."',	83	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
79	comment = '".mysql_real_escape_string($_POST['comment'])."',	84	comment = '".mysql_real_escape_string($_POST['comment'])."',
80	ts = NOW()	85	ts = NOW()
81	$private";	86	$private";
Lines 87-93 Link Here
87	* remove them from the list for this talk	92	* remove them from the list for this talk
88	* NOTE: a check to make sure they are already on the list is NOT required before attempting to remove them	93	* NOTE: a check to make sure they are already on the list is NOT required before attempting to remove them
89	*/	94	*/
90	$query = "delete from watching_submissions where submission_id = '".addslashes($_POST['submission_id'])."' and PersonID = '".addslashes($context->theuser->getFoundationID())."'";	95	$query = "delete from watching_submissions where submission_id = '".addslashes($_POST['submission_id'])."' and BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'";
91	conference_sql($query);	96	conference_sql($query);
92	$workflow->on_remove_cc_list($context,$_POST['submission_id']);	97	$workflow->on_remove_cc_list($context,$_POST['submission_id']);
93	}elseif($_POST['ADD'] == "add to cc"){	98	}elseif($_POST['ADD'] == "add to cc"){
Lines 95-107 Link Here
95	* .. if the user asked to be added to the CC list	100	* .. if the user asked to be added to the CC list
96	* and they are not already on the list for this talk...	101	* and they are not already on the list for this talk...
97	*/	102	*/
98	$query = "select * from watching_submissions where submission_id = '".addslashes($_POST['submission_id'])."' and PersonID = '".addslashes($context->theuser->getFoundationID())."'";	103	$query = "select * from watching_submissions where submission_id = '".addslashes($_POST['submission_id'])."' and BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'";
99	$res = conference_sql($query);	104	$res = conference_sql($query);
100	if(mysql_num_rows($res) == 0){	105	if(mysql_num_rows($res) == 0){
101	/*	106	/*
102	* .. add the user to the CC list for this talk	107	* .. add the user to the CC list for this talk
103	*/	108	*/
104	$query = "insert into watching_submissions set submission_id = '".addslashes($_POST['submission_id'])."', PersonID = '".addslashes($context->theuser->getFoundationID())."', conference_id = '".addslashes($context->theconference->getConferenceID())."', ts= now()";	109	$query = "insert into watching_submissions set submission_id = '".addslashes($_POST['submission_id'])."', BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."', conference_id = '".addslashes($context->theconference->getConferenceID())."', ts= now()";
105	conference_sql($query);	110	conference_sql($query);
106	$workflow->on_add_cc_list($context,$_POST['submission_id']);	111	$workflow->on_add_cc_list($context,$_POST['submission_id']);
107	}	112	}
Lines 281-287 Link Here
281	/*	286	/*
282	* If this talk is the current users talk	287	* If this talk is the current users talk
283	*/	288	*/
284	if(can_user_edit_submission($a_talk['submission_id'], $context->theuser->getFoundationID() ) ){	289	if(can_user_edit_submission($a_talk['submission_id'], $context->theuser->getBugzillaUserID() ) ){
285	/*	290	/*
286	* .. then show an 'edit submission' button to allow the to make changes to their talk	291	* .. then show an 'edit submission' button to allow the to make changes to their talk
287	*/	292	*/
Lines 443-450 Link Here
443	/*	448	/*
444	* Show all non private the comments (if any)	449	* Show all non private the comments (if any)
445	*/	450	*/
446	$query = "select	451	$query = "select *
447	*
448	from	452	from
449	submission_comments	453	submission_comments
450	where	454	where
Lines 457-463 Link Here
457	$people = array();	461	$people = array();
458	while($comment = mysql_fetch_assoc($res)){	462	while($comment = mysql_fetch_assoc($res)){
459	$comments[] = $comment;	463	$comments[] = $comment;
460	$people[] = $comment['PersonID'];	464	$people[] = $comment['BugzillaUserID'];
461	}	465	}
462		466
463	/*	467	/*
Lines 475-481 Link Here
475	}	479	}
476	?>	480	?>
477	<div class="comment">	481	<div class="comment">
478	<div class="comment-header" style='<?=$privateBG?>'><?= $people[$comment['PersonID']]['name'] ?>	482	<div class="comment-header" style='<?=$privateBG?>'><?= $people[$comment['BugzillaUserID']]['name'] ?>
479	<?	483	<?
480	if($comment['is_private']){	484	if($comment['is_private']){
481	echo "<span style='margin-left: 120px; font-style: italic;'>private comment</span>";	485	echo "<span style='margin-left: 120px; font-style: italic;'>private comment</span>";
Lines 521-527 Link Here
521	/*	525	/*
522	* If you are the author of this talk you will NOT see the add/remove cc buttons	526	* If you are the author of this talk you will NOT see the add/remove cc buttons
523	*/	527	*/
524	if(!can_user_edit_submission($a_talk['submission_id'],$context->theuser->getFoundationID())){	528	if(!can_user_edit_submission($a_talk['submission_id'],$context->theuser->getBugzillaUserID())){
525	/*	529	/*
526	* if the user is on the cc list..	530	* if the user is on the cc list..
527	*/	531	*/
Lines 574-580 Link Here
574		578
575	function is_user_on_cc_list($sub_id){	579	function is_user_on_cc_list($sub_id){
576	global $context;	580	global $context;
577	$query = "select * from watching_submissions where submission_id = '".addslashes($sub_id)."' and PersonID = '".addslashes($context->theuser->getFoundationID())."'";	581	$query = "select * from watching_submissions where submission_id = '".addslashes($sub_id)."' and BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'";
578	$res = conference_sql($query);	582	$res = conference_sql($query);
579	if(mysql_num_rows($res) == 1){	583	if(mysql_num_rows($res) == 1){
580	return true;	584	return true;




	*  Gather data for types/categories
	*/
	$types = $context->theconference->getTalkTypes();
	$query = "select * from watching_types where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
	$res = conference_sql($query);
	$watching_types = array(); 
	while($row = mysql_fetch_assoc($res)){

	}
	
	$categories = get_talk_categories();
	$query = "select * from watching_categories,categories where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and watching_categories.category_id = categories.category_id and watching_categories.conference_id = '".addslashes($context->theconference->getConferenceID())."'";
	$res = conference_sql($query);
	$watching_categories = array(); 
	while($row = mysql_fetch_assoc($res)){

	}

	$tags = get_tags('talk_tag');
	$query = "select * from watching_tags,tags where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and watching_tags.tag_id = tags.tag_id and watching_tags.conference_id = '".addslashes($context->theconference->getConferenceID())."'";
	$res = conference_sql($query);
	$watching_tags = array(); 
	while($row = mysql_fetch_assoc($res)){

	}
	
	
	$query = "select * from watching_new_submissions where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
	$res = conference_sql($query);
	$watching_new_submissions = false; 
	if(mysql_num_rows($res) > 0){
		$watching_new_submissions = true; 
	}
	
	$query = "select * from watching_everything where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
	$res = conference_sql($query);
	$watching_everything = false; 
	if(mysql_num_rows($res) > 0){

		?>
		</div>
	</div>
	<div style='clear: both;'></div>
	<p><b>Talk Tags</b><br>Receive email notification when changes occur to talk tags.</p>

	<div class="blue-corner-box" style='margin: 0px;'>




 if( isset($_POST['role']) and 
 	 isset($_POST['PersonID']) and 
 	 isset($_POST['submission_id']) and 
 	 can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){

	/*
	 * Find max rank for this submission

	/*
	 * insert the data into the database
	 */
	$query = "insert /* add_author.php:37 */ INTO
				submission_authors 
			set
				submission_id = '".addslashes($_POST['submission_id'])."',
				BugzillaUserID = '".addslashes($_POST['PersonID'])."',
				rank = '".addslashes($rank)."',
				role = '".addslashes($_POST['role'])."'";
				";
	$res = conference_sql($query);
				
	/*




require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
external_entry( true );

# sanitize - incoming should be an integer
if(!preg_match("/^[0-9]+$/", $_POST['PersonID'])) {
	unset($_POST['PersonID']);
}

/*
 * Check to see if the person accessing this page is the conference chair
 */
if(!current_user_has_role("conference_chair") || !isset($_POST['PersonID'])) {
	/*
	 * ..if not display a message and exit
	 */
	echo "An error has occurred with your request.  You are not authorized, or your request was malformed.";
	exit();
}


//conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");
//$workflow = new conference_chair_workflow();
 
$query = "insert into people_roles set BugzillaUserID = '".addslashes($_POST['PersonID'])."', role='registration_master', conference_id = '".addslashes($context->theconference->getConferenceID())."'";
$res = conference_sql($query);
 
//$workflow->on_add_program_committee($context,$_POST['PersonID']);




require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
external_entry( true );

# sanitize - incoming should be an integer
if(!preg_match("/^[0-9]+$/", $_POST['PersonID'])) {
	unset($_POST['PersonID']);
}

/*
 * Check to see if the person accessing this page is the conference chair
 */
if(!current_user_has_role("conference_chair") || !isset($_POST['PersonID'])) {
	/*
	 * ..if not display a message and exit
	 */
	echo "An error has occurred with your request.  You are not authorized, or your request was malformed.";
	exit();
}


conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");
$workflow = new conference_chair_workflow();
 
$query = "insert into people_roles set BugzillaUserID = '".addslashes($_POST['PersonID'])."', role='program_committee', conference_id = '".addslashes($context->theconference->getConferenceID())."'";
$res = conference_sql($query);
 
$workflow->on_add_program_committee($context,$_POST['BugzillaUserID']);
 
show_program_committee_list(); 
?>

Lines 12-18 Link Here

(-)callbacks/edit_abstract.php (-1 / +1 lines)
12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");	12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");
13	$workflow = new talk_workflow();	13	$workflow = new talk_workflow();
14		14
15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){	15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){
16	$a_talk = get_submission_details($_POST['submission_id']);	16	$a_talk = get_submission_details($_POST['submission_id']);
17		17
18	if(isset($_POST['abstract'])){	18	if(isset($_POST['abstract'])){




 * By the time we get, there is a user logged in.
 */

# sanitize - incoming should be an integer
if(!preg_match("/^[0-9]+$/", $_GET['PersonID'])) {
	unset($_GET['id']);
}
if(!preg_match("/^[a-z]+$/", $_GET['action'])) {
	unset($_GET['id']);
}

if(isset($_GET['action']) and isset($_GET['PersonID'])){
	if($context->theuser->getBugzillaUserID() == $_GET['PersonID'] or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){
		$query = "select * from speakers where
					*
				  from
				  	speakers
				  where
				  	conference_id = ".$context->theconference->getConferenceID()."
				  and BugzillaUserID = '".addslashes($_GET['PersonID'])."'";
				  	PersonID = '".addslashes($_GET['PersonID'])."'
				  ";
		$res = conference_sql($query);
		$speaker = mysql_fetch_assoc($res);
		$bio = $speaker['bio'];

				}
				if(empty($speaker)){
					
				  	$query = "insert into speakers 
				  				speakers 
				  			  set 
				  			  	bio = '".addslashes($value)."', 
				  			  	conference_id = ".$context->theconference->getConferenceID().",
				  			  	BugzillaUserID = '".addslashes($_GET['PersonID'])."'
				  			 ";
				  	
				  	conference_sql($query);
				}else{
				  	$query = "update speakers 
				  				speakers 
				  			  set 
				  			  	bio = '".addslashes($value)."' 
				  			  where	conference_id = ".$context->theconference->getConferenceID()." 
				  			  and BugzillaUserID = '".addslashes($_GET['PersonID'])."'
				  			  and 
				  			  	PersonID = '".addslashes($_GET['PersonID'])."'
				  			 ";
				  	conference_sql($query);
				}
				
				//LOG BIO CHANGES
				if($bio){
					log_conference_action($context->theconference->getConferenceID(),$context->theuser->getBugzillaUserID(),"update bio","",$_GET['PersonID'],$_GET['value']);
			  	}else{
					log_conference_action($context->theconference->getConferenceID(),$context->theuser->getBugzillaUserID(),"create bio","",$_GET['PersonID'],$_GET['value']);
			  	}
			  	
				?><span style='float: right; margin-right: 10px;'><a href="" onclick="editBio('edit','<?=$_GET['PersonID']?>'); return false;">edit bio</a></span><br><?

Lines 12-18 Link Here

(-)callbacks/edit_category.php (-1 / +1 lines)
12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");	12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");
13	$workflow = new talk_workflow();	13	$workflow = new talk_workflow();
14		14
15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){	15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){
16	$a_talk = get_submission_details($_POST['submission_id']);	16	$a_talk = get_submission_details($_POST['submission_id']);
17	if(isset($_POST['category'])){	17	if(isset($_POST['category'])){
18	if($_POST['category'] != $a_talk['_category']){	18	if($_POST['category'] != $a_talk['_category']){

Lines 12-18 Link Here

(-)callbacks/edit_difficulty.php (-1 / +1 lines)
12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");	12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");
13	$workflow = new talk_workflow();	13	$workflow = new talk_workflow();
14		14
15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){	15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){
16	$a_talk = get_submission_details($_POST['submission_id']);	16	$a_talk = get_submission_details($_POST['submission_id']);
17	$a_talk['difficulties'] = get_talk_difficulties();	17	$a_talk['difficulties'] = get_talk_difficulties();
18		18

Lines 1-9 Link Here

(-)callbacks/edit_file_link.php (-4 / +6 lines)
1	<?php	1	<?php
2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( true, 'explain_why_login' );	3	external_entry( true, 'explain_why_login' );
4	/*	4
5	* By the time we get, there is a user logged in.	5	# sanitize - incoming should be an integer
6	*/	6	if(!preg_match("/^[0-9]+$/", $_GET['submission_id'])) {
		7	unset($_GET['submission_id']);
		8	}
7		9
8	/*	10	/*
9	* Create a work flow object for processing submissions	11	* Create a work flow object for processing submissions
Lines 13-19 Link Here
13		15
14		16
15	if(isset($_GET['action']) and isset($_GET['submission_id'])){	17	if(isset($_GET['action']) and isset($_GET['submission_id'])){
16	if(can_user_edit_submission($_GET['submission_id'],$context->theuser->getFoundationID()) or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){	18	if(can_user_edit_submission($_GET['submission_id'],$context->theuser->getBugzillaUserID()) or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){
17		19
18	$link = getFileLink($_GET['submission_id']);	20	$link = getFileLink($_GET['submission_id']);
19		21

Lines 1-9 Link Here

(-)callbacks/edit_slide.php (-4 / +6 lines)
1	<?php	1	<?php
2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( true, 'explain_why_login' );	3	external_entry( true, 'explain_why_login' );
4	/*	4
5	* By the time we get, there is a user logged in.	5	# sanitize - incoming should be an integer
6	*/	6	if(!preg_match("/^[0-9]+$/", $_GET['submission_id'])) {
		7	unset($_GET['submission_id']);
		8	}
7		9
8	/*	10	/*
9	* Create a work flow object for processing submissions	11	* Create a work flow object for processing submissions
Lines 13-19 Link Here
13		15
14		16
15	if(isset($_GET['action']) and isset($_GET['submission_id'])){	17	if(isset($_GET['action']) and isset($_GET['submission_id'])){
16	if(can_user_edit_submission($_GET['submission_id'],$context->theuser->getFoundationID()) or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){	18	if(can_user_edit_submission($_GET['submission_id'],$context->theuser->getBugzillaUserID()) or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){
17		19
18	$link = getSlideLink($_GET['submission_id']);	20	$link = getSlideLink($_GET['submission_id']);
19		21

Lines 12-18 Link Here

(-)callbacks/edit_title.php (-1 / +1 lines)
12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");	12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");
13	$workflow = new talk_workflow();	13	$workflow = new talk_workflow();
14		14
15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){	15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){
16	$a_talk = get_submission_details($_POST['submission_id']);	16	$a_talk = get_submission_details($_POST['submission_id']);
17	if(isset($_POST['title'])){	17	if(isset($_POST['title'])){
18	$_POST['title'] = stripslashes($_POST['title']);	18	$_POST['title'] = stripslashes($_POST['title']);

Lines 12-18 Link Here

(-)callbacks/edit_type.php (-1 / +1 lines)
12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");	12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");
13	$workflow = new talk_workflow();	13	$workflow = new talk_workflow();
14		14
15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){	15	if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){
16	$a_talk = get_submission_details($_POST['submission_id']);	16	$a_talk = get_submission_details($_POST['submission_id']);
17	if(isset($_POST['type'])){	17	if(isset($_POST['type'])){
18	if($_POST['type'] != $a_talk['_type']){	18	if($_POST['type'] != $a_talk['_type']){




	/*
	 * .. then author is going to be added to a new submission
	 */
	$exclude[$context->theuser->getBugzillaUserID()] = $context->theuser->getBugzillaUserID();
	/*
	* Figure out if we are finding a author or a assistant
	*/

		$exclude[$k] = $k;
	}
}elseif( isset($_POST['role']) and isset($_POST['submission_id']) and 
	can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID()) ){
	/*
	 * get all the authors on this talk
	 * use this list to remove them from the list

?>
<div class="blue-corner-box" style='margin-left:0px;'>
	<form onSubmit="search_for_auth(<?=$_POST['submission_id'] ? $_POST['submission_id'] : 0 ;?>,this.search.value,'<?=$_POST['role'];?>'); return false;" style="padding: 0px; margin: 0px;">
		Search for a person by their first or last name<br>
		<input name="search" value="<?=$_POST['search'];?>">
		<input type="submit" value="Search for <?=ucfirst($_POST['role'])?>">
		<?php 	

		 * Parse the search string with our search parser
		 */
		$keywords = full_text_keywords( $_POST['search'] );
		$searchable_fields = array('realname');
		$ands = array();
		foreach( $keywords as $keyword ) {
			$pieces = array();

		/*
		 * Perform the query to find all the matching people
		 */
		$query = "select /* find_author.php:107 */ userid AS BugzillaUserID, realname
	    			  from profiles 
	    			  where  " .
	    			  	People 
	    			  where 
	    			  " .
	    			  implode( " AND ", $ands )."
	    			  order by realname";
	   	$res = bugzilla_sql($query);
	   	$res = foundation_sql($query);
   		?><div style='margin-left: 10px;'><?
   		
   		/*

	   		* .. show all the people found with link to add them to this submission an author/assistant
	   		*/
		   	while($person = mysql_fetch_assoc($res)){
		   		if(isset($exclude[$person['BugzillaUserID']])){
		   			?><?= ucwords($person['realname'])?> <em>(already author)</em><br><?
		   		}else{
		   			?><a href="" onClick="add_author(<?=$_POST['submission_id'];?>,'<?=$person['BugzillaUserID'];?>','<?=$_POST['role'];?>'); return false;"><?= ucwords($person['realname']);?> <img src="image/plus.gif"> </a><br><?
		   		}
		   	}
		}	




	*  If a search has been made
	*/
	if($_POST['search']){
		$query = "select BugzillaUserID from people_roles where role='registration_master' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
		$res = conference_sql($query);
		while($row = mysql_fetch_assoc($res)){
			$exclude[$row['PersonID']] = $row['PersonID'];

		 * Parse the search string with our search parser
		 */
		$keywords = full_text_keywords( $_POST['search'] );
		$searchable_fields = array('realname');
		$ands = array();
		foreach( $keywords as $keyword ) {
			$pieces = array();

		/*
		 * Perform the query to find all the matching people
		 */
		$query = "select /* find_people_for_conference_queen.php:53 */ userid AS BugzillaUserID, realname
	    			  from profiles 
	    			  where  " .
	    			  	People 
	    			  where 
	    			  " .
	    			  implode( " AND ", $ands )."
	    			  order by realname";
		$res = bugzilla_sql($query);
	   	$res = foundation_sql($query);
   		?><div style='margin-left: 10px;'><?
   		
   		/*

	   	if(mysql_num_rows($res) == 0){
	   		/*
	   		* .. show an not resutls found message
	   		* TODO: sanitize this!!
	   		*/
	   		?><em>No results found for '<?=$_POST['search'];?>'</em><br><?
	   	}else{

	   		* .. show all the people found with link to add them to this submission an author/assistant
	   		*/
		   	while($person = mysql_fetch_assoc($res)){
		   		if(isset($exclude[$person['BugzillaUserID']])){
		   			?><?= ucwords($person['realname']);?> <em>(already selected)</em><br><?
		   		}else{
		   			?><a href="" onClick="add_conference_queen('<?=$person['BugzillaUserID'];?>'); return false;"><?= ucwords($person['realname']);?> <img src="image/plus.gif"> </a><br><?
		   		}
		   	}
		}	




	*  If a search has been made
	*/
	if($_POST['search']){
		$query = "select BugzillaUserID from people_roles where role='program_committee' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
		$res = conference_sql($query);
		while($row = mysql_fetch_assoc($res)){
			$exclude[$row['BugzillaUserID']] = $row['BugzillaUserID'];
		}
		/*
		 * Parse the search string with our search parser
		 */
		$keywords = full_text_keywords( $_POST['search'] );
		$searchable_fields = array("realname");
		$ands = array();
		foreach( $keywords as $keyword ) {
			$pieces = array();

			$ands[] = $str;
		}

		$query = "select /* find_people_for_program_committee.php:50 */ userid AS BugzillaUserID, realname
	    			  from profiles 
	    			  where  " .
		$query = "select 
	    				PersonID,FName,LName
	    			  from 
	    			  	People 
	    			  where 
	    			  " .
	    			  implode( " AND ", $ands )."
	    			  order by realname";
		$res = bugzilla_sql($query);
	   	$res = foundation_sql($query);
   		?><div style='margin-left: 10px;'><?
   		
   		/*

	   	if(mysql_num_rows($res) == 0){
	   		/*
	   		* .. show an not resutls found message
	   		* TODO: sanitize this!!
	   		*/
	   		?><em>No results found for '<?=$_POST['search'];?>'</em><br><?
	   	}else{

	   		* .. show all the people found with link to add them to this submission an author/assistant
	   		*/
		   	while($person = mysql_fetch_assoc($res)){
		   		if(isset($exclude[$person['BugzillaUserID']])){
		   			?><?= ucwords($person['realname']);?> <em>(already selected)</em><br><?
		   		}else{
		   			?><a href="" onClick="add_program_committee('<?=$person['BugzillaUserID'];?>'); return false;"><?= ucwords($person['realname']);?> <img src="image/plus.gif"> </a><br><?
		   		}
		   	}
		}	




 /*
  * get the PersonID
  */
$PersonID = $_GET['PersonID'];

# sanitize - incoming should be an integer
if(!preg_match("/^[0-9]+$/", $_GET['PersonID'])) {
	unset($_GET['PersonID']);
}
$BugzillaUserID = $_GET['PersonID'];

if($context->theuser->getBugzillaUserID() != $BugzillaUserID and !current_user_has_role("conference_chair")){
	/*
	 * show their image
	 */
	?>
		<img src='callbacks/show_image.php?PersonID=<?= $BugzillaUserID ?>&seed=<?=rand();?>'>
	<?
}else{

	/*
	 * get the current Picture of the user if there is one
	 */ 
	$query = "select Picture from people where BugzillaUserID = '".addslashes($BugzillaUserID)."'";
	$res = conference_sql($query);
	$picture = mysql_fetch_assoc($res);//$context->theuser->getPicture();
	$picture = $picture['Picture'];
	

		/*
		 * then try and caputre the new image
		 */
		if(uploadNewImage($_FILES['image_path']['tmp_name'],$BugzillaUserID)){
			$picture = true;
		}else{
			/*

	if( ($picture == false || $_GET['upload_new_image'] == 'true') ){
	
		if($picture != false){
			?><a style='float: left; margin-left: 10px;' href="" onClick="showImage('<?= $BugzillaUserID ?>'); return false;">back</a><?
		}
	
		/*

			<br/><input type="file" size="10" name="image_path"/>
			<br/>
			<p>
				<input type="button" value="Upload new Photo" onClick="uploadNewImage('<?= $BugzillaUserID ?>');" />
			</p>
			<?= $error;?>
		</form>

		 * show their image
		 */
		?>
			<img src='callbacks/show_image.php?PersonID=<?= $BugzillaUserID ?>&seed=<?=rand();?>'>
			<br>
			<a href="?upload_new_image=true" onclick="showUpload('<?= $BugzillaUserID ?>');return false;">Upload new Photo</a>
		<?
	}else{
		/*

}


function uploadNewImage($fullname,$BugzillaUserID){
	global $context;

	$image_cache_dir = $context->getImageCacheDir();

	
	$bits = addslashes( $bits );
	
	# Not sure what $suffic was for
	# $query = "update People$suffic set Picture_mime = '$mime', Picture = '...'  where PersonID = '".addslashes($PersonID)."'";
	$query = "REPLACE into people set PictureMime = '$mime', Picture = '...', BugzillaUserID = '".addslashes($BugzillaUserID)."'";
	
	$query = str_replace( "...", $bits, $query );
	conference_sql($query,$dbh);
	
	return true;
}




require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
external_entry( false );

# sanitize - incoming should be an string
if(!preg_match("/^[a-zA-Z0-9]+$/", $_POST['id'])) {
	unset($_POST['id']);
}
 
/*
 * Valid input:

	
		case 'category' :
			$queries['add'] = $query = "insert into watching_categories set 
									  		BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
									  		category_id = '".addslashes($_POST[id])."',
										  	conference_id = '".addslashes($context->theconference->getConferenceID())."',
										  	ts = now();

			$queries['remove'] = $query = "delete from 
											watching_categories 
										  where 
										  	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
										  and
									  		category_id = '".addslashes($_POST[id])."'
										  and 

			
		case 'talk_tag' :
			$queries['add'] = $query = "insert into watching_tags set 
									  		BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
									  		tag_id = '".addslashes($_POST[id])."',
										  	conference_id = '".addslashes($context->theconference->getConferenceID())."',
										  	ts = now();

			$queries['remove'] = $query = "delete from 
											watching_tags 
										  where 
										  	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
										  and
									  		tag_id = '".addslashes($_POST[id])."'
										  and 

		break;
		case 'type' :
			$queries['add'] = $query = "insert into watching_types set 
									  		BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
									  		type = '".addslashes($_POST[id])."',
										  	conference_id = '".addslashes($context->theconference->getConferenceID())."',
										  	ts = now();

			$queries['remove'] = $query = "delete from 
											watching_types 
										  where 
										  	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
										  and
									  		type = '".addslashes($_POST[id])."'
										  and 

		break;
		case 'new_submission' :
			$queries['add'] = $query = "insert into watching_new_submissions set 
									  		BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
										  	conference_id = '".addslashes($context->theconference->getConferenceID())."',
										  	ts = now();
										  	";

			$queries['remove'] = $query = "delete from 
											watching_new_submissions 
										  where 
										  	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
										  and 
										  	conference_id = '".addslashes($context->theconference->getConferenceID())."'										  	";
		
		break;
		case 'everything' :
			$queries['add'] = $query = "insert into watching_everything set 
									  		BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
										  	conference_id = '".addslashes($context->theconference->getConferenceID())."',
										  	ts = now();
										  	";

			$queries['remove'] = $query = "delete from 
											watching_everything 
										  where 
										  	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
										  and 
										  	conference_id = '".addslashes($context->theconference->getConferenceID())."'										  	";
		break;




require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
external_entry( true );

# sanitize - incoming should be an integer
if(!preg_match("/^[0-9]+$/", $_POST['PersonID'])) {
	unset($_POST['PersonID']);
}

/*
 * Check to see if the person accessing this page is the conference chair
 */
if(!current_user_has_role("conference_chair") || !isset($_POST['PersonID'])){
	/*
	 * ..if not display a message and exit
	 */
	echo "An error has occurred with your request.  You are not authorized, or your request was malformed.";
	exit();
}


//conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");
//$workflow = new conference_chair_workflow();
 
$query = "delete from people_roles where BugzillaUserID = '".addslashes($_POST['PersonID'])."' and role='registration_master' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
$res = conference_sql($query);
 
//$workflow->on_remove_program_committee($context,$_POST['PersonID']);




require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
external_entry( true );

# sanitize - incoming should be an integer
if(!preg_match("/^[0-9]+$/", $_POST['PersonID'])) {
	unset($_POST['PersonIDID']);
}

/*
 * Check to see if the person accessing this page is the conference chair
 */
if(!current_user_has_role("conference_chair") || !isset($_POST['PersonID'])){
	/*
	 * ..if not display a message and exit
	 */
	echo "An error has occurred with your request.  You are not authorized, or your request was malformed.";
	exit();
}


conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");
$workflow = new conference_chair_workflow();
 
$query = "delete from people_roles where BugzillaUserID = '".addslashes($_POST['PersonID'])."' and role='program_committee' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
$res = conference_sql($query);
 
$workflow->on_remove_program_committee($context,$_POST['PersonID']);

Lines 2-10 Link Here

(-)callbacks/reoder_authors.php (-27 / +19 lines)
2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( true );	3	external_entry( true );
4		4
5	/*	5	# sanitize - incoming should be an integer
6	* By the time we get, there is a user logged in.	6	if(!preg_match("/^[0-9]+$/", $_POST['PersonID'])) {
7	*/	7	unset($_POST['PersonID']);
		8	}
		9	if(!preg_match("/^[0-9]+$/", $_POST['submission_id'])) {
		10	unset($_POST['submission_id']);
		11	}
8		12
9	/*	13	/*
10	* Create a work flow object for processing submissions	14	* Create a work flow object for processing submissions
Lines 12-22 Link Here
12	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");	16	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php");
13	$workflow = new talk_workflow();	17	$workflow = new talk_workflow();
14		18
15	if( isset($_POST['action']) and isset($_POST['PersonID']) and isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){	19	if( isset($_POST['action']) and isset($_POST['PersonID']) and isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){
16	/*	20	/*
17	* Get the 'current rank' of the author we are going to move	21	* Get the 'current rank' of the author we are going to move
18	*/	22	*/
19	$query = "select rank from submission_authors where submission_id = '".addslashes($_POST['submission_id'])."' and PersonID = '".$_POST['PersonID']."'";	23	$query = "select rank from submission_authors where submission_id = '".addslashes($_POST['submission_id'])."' and BugzillaUserID = '".$_POST['PersonID']."'";
20	$res = conference_sql($query);	24	$res = conference_sql($query);
21	$tmp = mysql_fetch_assoc($res);	25	$tmp = mysql_fetch_assoc($res);
22	$current_rank = $tmp['rank'];	26	$current_rank = $tmp['rank'];
Lines 33-65 Link Here
33	/*	37	/*
34	* set the current author with 'new rank' to the 'current rank'	38	* set the current author with 'new rank' to the 'current rank'
35	*/	39	*/
36	$query = "update	40	$query = "update /* reorder_authors.php:36 */ submission_authors
37	submission_authors	41	SET rank = '".addslashes($current_rank)."'
38	set	42	WHERE submission_id = '".addslashes($_POST['submission_id'])."'
39	rank = '".addslashes($current_rank)."'	43	AND rank = '".addslashes($new_rank)."'
40	where	44	AND role='author'";
41	submission_id = '".addslashes($_POST['submission_id'])."'
42	and
43	rank = '".addslashes($new_rank)."'
44	and
45	role='author'
46	";
47	$res = conference_sql($query);	45	$res = conference_sql($query);
48		46
49	/*	47	/*
50	* set the author's rank to 'new rank'	48	* set the author's rank to 'new rank'
51	*/	49	*/
52	$query = "update	50	$query = "update /* reorder_authors.php:46 */ submission_authors
53	submission_authors	51	SET rank = '".addslashes($new_rank)."'
54	set	52	WHERE submission_id = '".addslashes($_POST['submission_id'])."'
55	rank = '".addslashes($new_rank)."'	53	AND BugzillaUserID = '".addslashes($_POST['PersonID'])."'
56	where	54	and role='author'";
57	submission_id = '".addslashes($_POST['submission_id'])."'
58	and
59	PersonID = '".addslashes($_POST['PersonID'])."'
60	and
61	role='author'
62	";
63	$res = conference_sql($query);	55	$res = conference_sql($query);
64		56
65	/*	57	/*




	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
	external_entry( false );
}

if($context->devmode == false){
	$image_cache_dir = $context->getImageCacheDir();




function getPictureFromDB(){
	$query = "select Picture,PictureMime from people where BugzillaUserID = '".addslashes($_GET['PersonID'])."'";	
	
	$result = conference_sql( $query);
	mysql_error_check();
	/*
	*  If the user has a photo

Lines 11-16 Link Here

(-)classes/auth-bugzilladb.class.php (-2 / +3 lines)
11	* Ward Cunningham - initial API and implementation	11	* Ward Cunningham - initial API and implementation
12	* Karl Matthias - initial API and implementation, re-implemented for BZ 3.4	12	* Karl Matthias - initial API and implementation, re-implemented for BZ 3.4
13	* Gabe O'Brien - reworking	13	* Gabe O'Brien - reworking
		14	* Denis Roy - eliminate link to foundation DB, only use BZ
14	* *******************************************************************************/	15	* *******************************************************************************/
15	require_once("functions.php");	16	require_once("functions.php");
16		17
Lines 29-36 Link Here
29	}	30	}
30		31
31	if($email != "" && $password != "") {	32	if($email != "" && $password != "") {
32	if (eregi('^[a-zA-Z0-9._+-]+@[a-zA-Z0-9._-]+\.[a-zA-Z.]{2,5}$', $email)) {	33	if (preg_match('/^[a-zA-Z0-9._+-]+@[a-zA-Z0-9._-]+\.[a-zA-Z.]{2,5}$/', $email)) {
33	$result = bugzilla_sql("SELECT realname, login_name, cryptpassword FROM profiles	34	$result = bugzilla_sql("SELECT userid, realname, login_name, cryptpassword FROM profiles
34	WHERE login_name = '$email'	35	WHERE login_name = '$email'
35	AND disabledtext = ''	36	AND disabledtext = ''
36	");	37	");




				break;
			}
		}
		?><div style="float: left"><a href="search.php?search=<?=stripslashes($href);?>">&#160;< Back to list </a></div><?
	}elseif(strpos($_POST['back_to_list'],"search=")){
		/*
		*  ...there was a POST refer page, so show link to back to their search
		*/
		?><div style="float: left"><a href="<?=stripslashes($_POST['back_to_list']);?>">&#160;< Back to list </a></div><?
	}elseif($_GET['login'] == 'true' or  strpos($_SERVER['SCRIPT_FILENAME'],"index.php") == 0 ){
		/*
		*  NO refer search to link back to, so a show link back home
		*/
		?><div style="float: left"><a href="index.php">&#160;< Back home </a></div><?
	}
}


Lines 4-9 Link Here

(-)classes/external_entry_point.php (-2 / +2 lines)
4		4
5	session_start();	5	session_start();
6		6
		7	date_default_timezone_set('America/Montreal');
		8
7	// Setup some global variables used for calling between scripts	9	// Setup some global variables used for calling between scripts
8	$cwd = getcwd();	10	$cwd = getcwd();
9	$cwd = preg_replace( "/\\\\/", "/", $cwd );	11	$cwd = preg_replace( "/\\\\/", "/", $cwd );
Lines 202-208 Link Here
202	* If the user is here after filling out a login form..	204	* If the user is here after filling out a login form..
203	*/	205	*/
204	if(isset($_POST['user'])) {	206	if(isset($_POST['user'])) {
205
206	$loginsuccessful = devmode_authorization($_POST['user'], $_POST['password'], $context) \|\|	207	$loginsuccessful = devmode_authorization($_POST['user'], $_POST['password'], $context) \|\|
207	bugzilladb_authorization($_POST['user'], $_POST['password'], $context);	208	bugzilladb_authorization($_POST['user'], $_POST['password'], $context);
208		209
Lines 235-241 Link Here
235		236
236	// In devmode as long as no password is provided and it's a valid Bugzilla-style username, let the user in	237	// In devmode as long as no password is provided and it's a valid Bugzilla-style username, let the user in
237	function devmode_authorization($user, $password, $context) {	238	function devmode_authorization($user, $password, $context) {
238
239	if($context->devmode) {	239	if($context->devmode) {
240	if($password == '' && (preg_match('/^\S+@\S+\.\S{2,3}$/', $user))) {	240	if($password == '' && (preg_match('/^\S+@\S+\.\S{2,3}$/', $user))) {
241	return true;	241	return true;

Lines 95-100 Link Here

(-)classes/functions.php (-186 / +121 lines)
95	}	95	}
96	}	96	}
97		97
		98
		99	function php_backtrace() {
		100	echo "<pre>";
		101	debug_print_backtrace();
		102	echo "</pre>"; exit;
		103	}
		104
98	// MySQL wrapper function for keeping backtrace information	105	// MySQL wrapper function for keeping backtrace information
99	function mysql_remember_query ($statement, $dbh, $logstring = null) {	106	function mysql_remember_query ($statement, $dbh, $logstring = null) {
100	global $query_btrace;	107	global $query_btrace;
Lines 160-166 Link Here
160		167
161	$dbh = $context->database( $dbname );	168	$dbh = $context->database( $dbname );
162	$statement = str_replace ('%NOW%', $context->now(), $statement);	169	$statement = str_replace ('%NOW%', $context->now(), $statement);
163	$statement = str_replace ('%USER%', $context->theuser->getFoundationID() , $statement);	170	$statement = str_replace ('%USER%', $context->theuser->getBugzillaUserID() , $statement);
164		171
165	$result = mysql_remember_query ($statement, $dbh);	172	$result = mysql_remember_query ($statement, $dbh);
166	if( $do_error_check ) mysql_error_check();	173	if( $do_error_check ) mysql_error_check();
Lines 796-806 Link Here
796	echo $context->theuser->user_email();	803	echo $context->theuser->user_email();
797	}	804	}
798	?> /	805	?> /
799	<a href="?logout=Log%20Out<?=$gets?>">logout</a>	806	<a href="?logout=Log%20Out<?=$gets?>">Log out</a>
800	</div>	807	</div>
801	<?	808	<?
802	}elseif(!$dologin and !isset($_GET['login']) ){	809	}elseif(!$dologin and !isset($_GET['login']) ){
803	?><div id="login-logout"><a href="?login=true<?=($gets)?>">log in</a></div><?	810	?><div id="login-logout"><a href="?login=true<?=($gets)?>">Log in</a></div><?
804	}	811	}
805	}	812	}
806		813
Lines 978-984 Link Here
978	/*	985	/*
979	* if the user is the on this talk	986	* if the user is the on this talk
980	*/	987	*/
981	if($person['PersonID'] == $context->theuser->getFoundationID()){	988	if($person['PersonID'] == $context->theuser->getBugzillaUserID()){
982	/*	989	/*
983	* ... then we will show the status of all the speaker signing	990	* ... then we will show the status of all the speaker signing
984	*/	991	*/
Lines 1008-1024 Link Here
1008	$auths = get_authors_on_a_submission($submission_id);	1015	$auths = get_authors_on_a_submission($submission_id);
1009	$assistans = get_authors_on_a_submission($submission_id,'assistant');	1016	$assistans = get_authors_on_a_submission($submission_id,'assistant');
1010	$is_assistant = false;//in_array($context->theuser->getFoundationID(),array_keys($assistans));	1017	$is_assistant = false;//in_array($context->theuser->getFoundationID(),array_keys($assistans));
1011		1018	$style = 'border-bottom: 1px dotted grey; padding-bottom: 7px;';
1012	$style = "";
1013	foreach($auths as $author){	1019	foreach($auths as $author){
1014	?>	1020	?>
1015	<div style='<?=$style;?>'>	1021	<div style='<?=$style;?>'>
1016	<?show_a_user_bio($author['PersonID'],$is_assistant);?>	1022	Author: <?= $author['name']?><br />
		1023	<?show_a_user_bio($author['BugzillaUserID'],$is_assistant);?>
1017	</div>	1024	</div>
1018	<?	1025	<?
1019	if($style == ""){
1020	$style = 'border-bottom: 1px dotted grey; padding-bottom: 7px;';
1021	}
1022	}	1026	}
1023	}	1027	}
1024		1028
Lines 1190-1196 Link Here
1190	/*	1194	/*
1191	* If the current users is an author or assistant of this talk	1195	* If the current users is an author or assistant of this talk
1192	*/	1196	*/
1193	if( can_user_edit_submission($sub['submission_id'],$context->theuser->getFoundationID() ) ) {	1197	if( can_user_edit_submission($sub['submission_id'],$context->theuser->getBugzillaUserID() ) ) {
1194	/*	1198	/*
1195	* .. then show an 'edit submission' button to allow the to make modify the talk	1199	* .. then show an 'edit submission' button to allow the to make modify the talk
1196	*/	1200	*/
Lines 1598-1608 Link Here
1598	function get_tags_for_submission($submission_id,$limiter){	1602	function get_tags_for_submission($submission_id,$limiter){
1599	global $context;	1603	global $context;
1600		1604
1601	$PersonID = $context->theuser->getFoundationID();	1605	$PersonID = $context->theuser->getBugzillaUserID();
1602		1606
1603	$query = "select	1607	$query = "select /* functions.php:get_tags_for_submission() */ tags.tag, tags.tag_id
1604	tags.tag,
1605	tags.tag_id
1606	from	1608	from
1607	tags,	1609	tags,
1608	submission_tags	1610	submission_tags
Lines 1612-1620 Link Here
1612	submission_id = '".addslashes($submission_id)."'	1614	submission_id = '".addslashes($submission_id)."'
1613	and	1615	and
1614	tags.limiter_type = '".addslashes($limiter)."'	1616	tags.limiter_type = '".addslashes($limiter)."'
1615	order by	1617	order by tag";
1616	tag
1617	";
1618		1618
1619	$res = conference_sql($query);	1619	$res = conference_sql($query);
1620	$tags = array();	1620	$tags = array();
Lines 1641-1673 Link Here
1641	}	1641	}
1642	}	1642	}
1643		1643
1644	function show_a_user_bio($PersonID, $allow_edit = false){	1644	function show_a_user_bio($BugzillaUserID, $allow_edit = false){
1645	global $context;	1645	global $context;
1646		1646
1647	/*	1647	/*
1648	* If this bio is for the current users	1648	* If this bio is for the current users
1649	*/	1649	*/
1650	if($PersonID == $context->theuser->getFoundationID() or $allow_edit){	1650	if($BugzillaUserID == $context->theuser->getBugzillaUserID() or $allow_edit){
1651	/*	1651	/*
1652	* ...show an 'edit bio' button to allow the to make changes to their bio	1652	* ...show an 'edit bio' button to allow the to make changes to their bio
1653	*/	1653	*/
1654	?>	1654	?>
1655	<div style='float: right' id='bio'>	1655	<div style='float: right' id='bio'>
1656	<form action="bio.php" method="get" onsubmit="return false;"><input onclick="editBio('edit','<?=$PersonID?>'); return false;" type="submit"	1656	<form action="bio.php" method="get" onsubmit="return false;"><input onclick="editBio('edit','<?= $BugzillaUserID ?>'); return false;" type="submit"
1657	value="edit bio"></form>	1657	value="edit bio"></form>
1658	</div>	1658	</div>
1659	<?	1659	<?
1660	}	1660	}
1661		1661
1662	$query = "select	1662	$query = "select /* functions.php:show_a_user_bio() */ bio
1663	bio	1663	FROM speakers
1664	from	1664	WHERE BugzillaUserID = '".addslashes($BugzillaUserID)."'
1665	speakers	1665	AND conference_id = ".addslashes($context->theconference->getConferenceID());
1666	where
1667	PersonID = '".addslashes($PersonID)."'
1668	and
1669	conference_id = ".addslashes($context->theconference->getConferenceID())."
1670	";
1671		1666
1672	$res = conference_sql($query);	1667	$res = conference_sql($query);
1673	$bio = mysql_fetch_assoc($res);	1668	$bio = mysql_fetch_assoc($res);
Lines 1675-1681 Link Here
1675	echo $bio['bio'];	1670	echo $bio['bio'];
1676	}else{	1671	}else{
1677	?>	1672	?>
1678	<em>no bio provided.</em>	1673	<em>No bio provided.</em>
1679	<?	1674	<?
1680	}	1675	}
1681	?>	1676	?>
Lines 1714-1727 Link Here
1714	return $submission[$subid];	1709	return $submission[$subid];
1715	}	1710	}
1716		1711
1717	$query = "select	1712	$query = "SELECT /* functions.php:get_submission_details() /
1718	*	1713	FROM submissions
1719	from	1714	WHERE submission_id = '".addslashes($subid)."'
1720	submissions	1715	AND conference_id = ".addslashes($context->theconference->getConferenceID())."
1721	where
1722	submission_id = '".addslashes($subid)."'
1723	and
1724	conference_id = ".addslashes($context->theconference->getConferenceID())."
1725	";	1716	";
1726	$res = conference_sql($query);	1717	$res = conference_sql($query);
1727	$found = mysql_fetch_assoc($res);	1718	$found = mysql_fetch_assoc($res);
Lines 1852-1904 Link Here
1852	* in the cache), then look them up and cache them	1843	* in the cache), then look them up and cache them
1853	*/	1844	*/
1854	if( count($unknowns) > 0 ) {	1845	if( count($unknowns) > 0 ) {
1855	$sql = "select PersonID, FName, LName,Email from People where PersonID in ('" . implode("','",$unknowns) . "')";	1846	$sql = "select /* functions.php:get_people_information().1 */ userid AS BugzillaUserID, realname, login_name from profiles where userid in ('" . implode("','",$unknowns) . "')";
1856	$result = foundation_sql($sql);	1847	$result = bugzilla_sql($sql);
1857	$people = array();	1848	$people = array();
1858		1849
1859	while( $row = mysql_fetch_assoc($result) ) {	1850	while( $row = mysql_fetch_assoc($result) ) {
1860	/*	1851	/*
1861	* gather the speaker information for this person	1852	* gather the speaker information for this person
1862	*/	1853	*/
1863	$query = "select	1854	$query = "select /* functions.php:get_people_information().2 /
1864	*	1855	FROM speakers
1865	from	1856	WHERE BugzillaUserID = '".addslashes($row['BugzillaUserID'])."'
1866	speakers	1857	AND conference_id = '".addslashes($context->theconference->getConferenceID())."'";
1867	where
1868	PersonID = '".addslashes($row['PersonID'])."'
1869	and
1870	conference_id = '".addslashes($context->theconference->getConferenceID())."'
1871	";
1872	$speaker_res = conference_sql($query);	1858	$speaker_res = conference_sql($query);
1873	$speaker = mysql_fetch_assoc($speaker_res);	1859	$speaker = mysql_fetch_assoc($speaker_res);
1874		1860
1875	$p = array();	1861	$p = array();
1876	$p['name'] = $row['FName'] . ' ' . $row['LName'];	1862	$p['name'] = $row['realname'];
1877	$p['first'] = $row['FName'];	1863	$names = split_full_name($row['realname']);
1878	$p['last'] = $row['LName'];	1864	$p['first'] = $names['FName'];
1879	$p['email'] = $row['Email'];	1865	$p['last'] = $names['LName'];
1880	$p['PersonID'] = $row['PersonID'];	1866	$p['email'] = $row['login_name'];
		1867	$p['PersonID'] = $row['BugzillaUserID'];
		1868	$p['BugzillaUserID'] = $row['BugzillaUserID'];
1881	$p['signed_speaker_agreement'] = $speaker['signed_speaker_agreement'];	1869	$p['signed_speaker_agreement'] = $speaker['signed_speaker_agreement'];
1882		1870
1883	/*	1871	/*
1884	* find company affiliation	1872	* TODO: find company affiliation
1885	*/	1873	*/
1886	$sql = "select Organizations.Name1 from Organizations,OrganizationContacts where OrganizationContacts.PersonID = '".addslashes($row['PersonID'])."' and OrganizationContacts.Relation = 'EMPLY' and Organizations.OrganizationID = OrganizationContacts.OrganizationID";	1874	$sql = "select /* functions.php:get_people_information().3 */ Organizations.Name1 from Organizations,OrganizationContacts where OrganizationContacts.PersonID = '".addslashes($row['PersonID'])."' and OrganizationContacts.Relation = 'EMPLY' and Organizations.OrganizationID = OrganizationContacts.OrganizationID";
1887	$rescomp = foundation_sql($sql);	1875	$rescomp = foundation_sql($sql);
1888	if($company = mysql_fetch_assoc($rescomp)){	1876	if($company = mysql_fetch_assoc($rescomp)){
1889	$p['company'] = $company['Name1'];	1877	$p['company'] = $company['Name1'];
1890	}	1878	}
1891		1879
1892	/*	1880	$rtrn[$row['BugzillaUserID']] = $p;
1893	* bad bad bad hack	1881	$known_people[$row['BugzillaUserID']] = $p;
1894	*
1895	*/
1896	if($p['company'] == "Innoopract"){
1897	$p['company'] = "EclipseSource";
1898	}
1899
1900	$rtrn[$row['PersonID']] = $p;
1901	$known_people[$row['PersonID']] = $p;
1902	}	1882	}
1903	}	1883	}
1904	/*	1884	/*
Lines 1943-1969 Link Here
1943	$invited[$k] = array('email'=> $auth);	1923	$invited[$k] = array('email'=> $auth);
1944	}	1924	}
1945	}	1925	}
1946
1947	for($i=0; $i < count($authors); $i++){	1926	for($i=0; $i < count($authors); $i++){
1948	$person = $authors[$i];	1927	$person = $authors[$i];
1949	?><li id="<?=$role;?>-<?=$person['PersonID'];?>">	1928	?><li id="<?=$role;?>-<?=$person['BugzillaUserID'];?>">
1950	<?show_person($person['PersonID']);?>	1929	<?show_person($person['BugzillaUserID']);?>
1951	<?php	1930	<?php
1952	/*	1931	/*
1953	* if this author is the current one logged in	1932	* if this author is the current one logged in
1954	*/	1933	*/
1955	if($person['PersonID'] == $context->theuser->getFoundationID()){	1934	if($person['BugzillaUserID'] == $context->theuser->getBugzillaUserID()){
1956	if(preg_match("/assistant/",$role)){	1935	if(preg_match("/assistant/",$role)){
1957	/*	1936	/*
1958	* .. then show the 'become author' option	1937	* .. then show the 'become author' option
1959	*/	1938	*/
1960	echo "<a href='' onclick='becomeAuthor(\"".$context->theuser->getFoundationID()."\",".$submission_id.");return false;'>become author</a>";	1939	echo "<a href='' onclick='becomeAuthor(\"".$context->theuser->getBugzillaUserID()."\",".$submission_id.");return false;'>become author</a>";
1961	}	1940	}
1962	if(preg_match("/author/",$role)){	1941	if(preg_match("/author/",$role)){
1963	/*	1942	/*
1964	* .. then show the 'become assistant' option	1943	* .. then show the 'become assistant' option
1965	*/	1944	*/
1966	echo "<a href='' title='I am proposing this submission on the behalf of others' onclick='becomeAssistant(\"".$context->theuser->getFoundationID()."\",".$submission_id.");return false;'>become assistant</a>";	1945	echo "<a href='' title='I am proposing this submission on the behalf of others' onclick='becomeAssistant(\"".$context->theuser->getBugzillaUserID()."\",".$submission_id.");return false;'>become assistant</a>";
1967	}	1946	}
1968	}	1947	}
1969		1948
Lines 1977-1983 Link Here
1977	* .. show the remove icon	1956	* .. show the remove icon
1978	*/	1957	*/
1979	?>	1958	?>
1980	<a href=''onClick="remove_author(<?=$submission_id;?>,'<?=$person['PersonID'];?>','<?=$role;?>'); return false;"><img src="image/minus.gif"></a><?	1959	<a href=''onClick="remove_author(<?=$submission_id;?>,'<?=$person['BugzillaUserID'];?>','<?=$role;?>'); return false;"><img src="image/minus.gif"></a><?
1981	}	1960	}
1982		1961
1983	/*	1962	/*
Lines 1989-2000 Link Here
1989	*/	1968	*/
1990	if($i != 0){	1969	if($i != 0){
1991	?>	1970	?>
1992	<div class='reorder-authors' onclick="reorder_authors(<?=$submission_id?>,'<?=$person['PersonID']?>','<?=$role;?>','up');">&uArr;</div>	1971	<div class='reorder-authors' onclick="reorder_authors(<?=$submission_id?>,'<?=$person['BugzillaUserID']?>','<?=$role;?>','up');">&uArr;</div>
1993	<?	1972	<?
1994	}	1973	}
1995	if($i != count($authors)-1){	1974	if($i != count($authors)-1){
1996	?>	1975	?>
1997	<div class='reorder-authors' onclick="reorder_authors(<?=$submission_id?>,'<?=$person['PersonID']?>','<?=$role;?>','down');">&dArr;</div>	1976	<div class='reorder-authors' onclick="reorder_authors(<?=$submission_id?>,'<?=$person['BugzillaUserID']?>','<?=$role;?>','down');">&dArr;</div>
1998	<?	1977	<?
1999	}	1978	}
2000	}	1979	}
Lines 2126-2144 Link Here
2126		2105
2127	function get_program_committee(){	2106	function get_program_committee(){
2128	global $context;	2107	global $context;
2129	$query = "select	2108	$query = "select /* functions.php:get_program_committee() /
2130	*	2109	FROM people_roles
2131	from	2110	WHERE role='program_committee'
2132	people_roles	2111	AND conference_id = '".addslashes($context->theconference->getConferenceID())."'";
2133	where
2134	role='program_committee'
2135	and
2136	conference_id = '".addslashes($context->theconference->getConferenceID())."'
2137	";
2138	$res = conference_sql($query);	2112	$res = conference_sql($query);
2139	$personids = array();	2113	$personids = array();
2140	while($row = mysql_fetch_assoc($res) ){	2114	while($row = mysql_fetch_assoc($res) ){
2141	$personids[] = $row['PersonID'];	2115	$personids[] = $row['BugzillaUserID'];
2142	}	2116	}
2143	return $personids;	2117	return $personids;
2144	}	2118	}
Lines 2148-2155 Link Here
2148	foreach($pc as $PersonID){	2122	foreach($pc as $PersonID){
2149	$person = get_people_information($PersonID);	2123	$person = get_people_information($PersonID);
2150		2124
2151	?><li style='margin-bottom: 5px;'><?= show_person($person['PersonID'])?><a href=''	2125	?><li style='margin-bottom: 5px;'><?= show_person($person['BugzillaUserID'])?><a href=''
2152	onClick="remove_program_committee('<?=$person['PersonID'];?>'); return false;"><img	2126	onClick="remove_program_committee('<?=$person['BugzillaUserID'];?>'); return false;"><img
2153	src="image/minus.gif"></a>	2127	src="image/minus.gif"></a>
2154	<br>	2128	<br>
2155	(<?=$person['email']?>)	2129	(<?=$person['email']?>)
Lines 2164-2171 Link Here
2164	foreach($queens as $PersonID){	2138	foreach($queens as $PersonID){
2165	$person = get_people_information($PersonID);	2139	$person = get_people_information($PersonID);
2166		2140
2167	?><li style='margin-bottom: 5px;'><?= show_person($person['PersonID'])?><a href=''	2141	?><li style='margin-bottom: 5px;'><?= show_person($person['BugzillaUserID'])?><a href=''
2168	onClick="remove_conference_queen('<?=$person['PersonID'];?>'); return false;"><img	2142	onClick="remove_conference_queen('<?=$person['BugzillaUserID'];?>'); return false;"><img
2169	src="image/minus.gif"></a>	2143	src="image/minus.gif"></a>
2170	<br>	2144	<br>
2171	(<?=$person['email']?>)	2145	(<?=$person['email']?>)
Lines 2176-2194 Link Here
2176		2150
2177	function get_conference_queens(){	2151	function get_conference_queens(){
2178	global $context;	2152	global $context;
2179	$query = "select	2153	$query = "select /* functions.php:show_conference_queen_list() /
2180	*	2154	FROM people_roles
2181	from	2155	WHERE role='registration_master'
2182	people_roles	2156	and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
2183	where
2184	role='registration_master'
2185	and
2186	conference_id = '".addslashes($context->theconference->getConferenceID())."'
2187	";
2188	$res = conference_sql($query);	2157	$res = conference_sql($query);
2189	$personids = array();	2158	$personids = array();
2190	while($row = mysql_fetch_assoc($res) ){	2159	while($row = mysql_fetch_assoc($res) ){
2191	$personids[] = $row['PersonID'];	2160	$personids[] = $row['BugzillaUserID'];
2192	}	2161	}
2193	return $personids;	2162	return $personids;
2194	}	2163	}
Lines 2224-2236 Link Here
2224	if(!isset($roles[$role][$context->theconference->getConferenceID()])){	2193	if(!isset($roles[$role][$context->theconference->getConferenceID()])){
2225	$roles[$role][$context->theconference->getConferenceID()] = false;	2194	$roles[$role][$context->theconference->getConferenceID()] = false;
2226		2195
2227	$query = "select * from people_roles where	2196	$query = "SELECT /* functions.php:current_user_has_role() / FROM people_roles
2228	PersonID = '".addslashes($context->theuser->getFoundationID())."'	2197	WHERE BugzillaUserID = '" . $context->theuser->getBugzillaUserID() . "'
2229	and	2198	AND role = '".addslashes($role)."'
2230	role = '".addslashes($role)."'	2199	AND conference_id = '".addslashes($context->theconference->getConferenceID()) . "'";
2231	and
2232	conference_id = '".addslashes($context->theconference->getConferenceID())."'
2233	";
2234	$res = conference_sql($query);	2200	$res = conference_sql($query);
2235		2201
2236	if(mysql_num_rows($res) == 1){	2202	if(mysql_num_rows($res) == 1){
Lines 2251-2282 Link Here
2251	$people_to_email = $PersonIDs;	2217	$people_to_email = $PersonIDs;
2252		2218
2253	/*	2219	/*
2254	* Find all the users watching everything	2220	* Find all the users watching everything and on the CC list for this talk
2255	*/	2221	*/
2256	$query = "select PersonID from watching_everything where conference_id = '".$context->theconference->getConferenceID()."'";	2222	$query = "select /* functions.php:get_people_info_for_a_submission().1 */ BugzillaUserID from watching_everything where conference_id = '".$context->theconference->getConferenceID()."'
		2223	UNION
		2224	SELECT BugzillaUserID from watching_submissions where submission_id = '".addslashes($submission_id)."' and conference_id = '".$context->theconference->getConferenceID()."'";
2257	$res = conference_sql($query);	2225	$res = conference_sql($query);
2258	while($pid = mysql_fetch_assoc($res)){	2226	while($pid = mysql_fetch_assoc($res)){
2259	$people_to_email[] = $pid['PersonID'];	2227	$people_to_email[] = $pid['BugzillaUserID'];
2260	}	2228	}
2261		2229
2262	/*
2263	* Find all the users who are on the CC list for this talk
2264	*/
2265	$query = "select PersonID from watching_submissions where submission_id = '".addslashes($submission_id)."' and conference_id = '".$context->theconference->getConferenceID()."'";
2266	$res = conference_sql($query);
2267	while($pid = mysql_fetch_assoc($res)){
2268	$people_to_email[] = $pid['PersonID'];
2269	}
2270		2230
2271	/*	2231	/*
2272	* Find all the people who are watching the category for this talk	2232	* Find all the people who are watching the category for this talk
2273	*/	2233	*/
2274	$query = "select	2234	$query = "select /* functions.php:get_people_info_for_a_submission().2 */
2275	PersonID	2235	BugzillaUserID
2276	from	2236	FROM submissions, categories, watching_categories
2277	submissions,
2278	categories,
2279	watching_categories
2280	where	2237	where
2281	submissions.submission_id = '".addslashes($submission_id)."'	2238	submissions.submission_id = '".addslashes($submission_id)."'
2282	and	2239	and
Lines 2288-2301 Link Here
2288	";	2245	";
2289	$res = conference_sql($query);	2246	$res = conference_sql($query);
2290	while($pid = mysql_fetch_assoc($res)){	2247	while($pid = mysql_fetch_assoc($res)){
2291	$people_to_email[] = $pid['PersonID'];	2248	$people_to_email[] = $pid['BugzilllaUserID'];
2292	}	2249	}
2293		2250
2294	/*	2251	/*
2295	* Find all the people who are watching the type for this talk	2252	* Find all the people who are watching the type for this talk
2296	*/	2253	*/
2297	$query = "select	2254	$query = "select
2298	PersonID	2255	BugzillaUserID
2299	from	2256	from
2300	submissions,	2257	submissions,
2301	watching_types	2258	watching_types
Lines 2308-2329 Link Here
2308	";	2265	";
2309	$res = conference_sql($query);	2266	$res = conference_sql($query);
2310	while($pid = mysql_fetch_assoc($res)){	2267	while($pid = mysql_fetch_assoc($res)){
2311	$people_to_email[] = $pid['PersonID'];	2268	$people_to_email[] = $pid['BugzillaUserID'];
2312	}	2269	}
2313		2270
2314	/*	2271	/*
2315	* Add authors/assistants to the list of people to email	2272	* Add authors/assistants to the list of people to email
2316	*/	2273	*/
2317	$query = "select PersonID from submission_authors where submission_id = '".addslashes($submission_id)."' and role in ('author','assistant')";	2274	$query = "select BugzillaUserID from submission_authors where submission_id = '".addslashes($submission_id)."' and role in ('author','assistant')";
2318	$res = conference_sql($query);	2275	$res = conference_sql($query);
2319	while($person = mysql_fetch_assoc($res)){	2276	while($person = mysql_fetch_assoc($res)){
2320	$people_to_email[] = $person['PersonID'];	2277	$people_to_email[] = $person['BugzillaUserID'];
2321	}	2278	}
2322	/*	2279	/*
2323	* Remove any duplicate people from the list	2280	* Remove any duplicate people from the list
2324	*/	2281	*/
2325	$people_to_email = array_unique($people_to_email);	2282	$people_to_email = array_unique($people_to_email);
2326
2327	/*	2283	/*
2328	* Get all the peoples names and email addresses	2284	* Get all the peoples names and email addresses
2329	*/	2285	*/
Lines 2396-2416 Link Here
2396		2352
2397	function get_registration_master_email_address(){	2353	function get_registration_master_email_address(){
2398	global $context;	2354	global $context;
2399	$query = "select	2355	$query = "select /* functions.php:get_registration_master_email_address() */ BugzillaUserID
2400	PersonID	2356	FROM people_roles
2401	from	2357	WHERE people_roles.role = 'registration_master'
2402	people_roles	2358	AND people_roles.conference_id = '".addslashes($context->theconference->getConferenceID())."'";
2403	where
2404	people_roles.role = 'registration_master'
2405	and
2406	people_roles.conference_id = '".addslashes($context->theconference->getConferenceID())."'
2407	";
2408	$res = conference_sql($query);	2359	$res = conference_sql($query);
2409		2360
2410	$reg_masters = array();	2361	$reg_masters = array();
2411	if(mysql_num_rows($res) > 0){	2362	if(mysql_num_rows($res) > 0){
2412	$person = mysql_fetch_assoc($res);	2363	$person = mysql_fetch_assoc($res);
2413	$person = get_people_information($person['PersonID']);	2364	$person = get_people_information($person['BugzillaUserID']);
2414	$reg_masters[] = $person['email'];	2365	$reg_masters[] = $person['email'];
2415	}	2366	}
2416		2367
Lines 2433-2439 Link Here
2433	$reg_masters = array();	2384	$reg_masters = array();
2434	if(mysql_num_rows($res) > 0){	2385	if(mysql_num_rows($res) > 0){
2435	$person = mysql_fetch_assoc($res);	2386	$person = mysql_fetch_assoc($res);
2436	$person = get_people_information($person['PersonID']);	2387	$person = get_people_information($person['BugzillaUserID']);
2437	$reg_masters[] = $person['email'];	2388	$reg_masters[] = $person['email'];
2438	}	2389	}
2439		2390
Lines 2521-2541 Link Here
2521	/*	2472	/*
2522	* Get all the information about all the authors on this submission	2473	* Get all the information about all the authors on this submission
2523	*/	2474	*/
2524	$query = "SELECT	2475	$query = "SELECT /* functions.php:get_authors_on_a_submission() */ submission_id, PersonID, BugzillaUserID, role, rank
2525	submission_id,PersonID,role,rank	2476	FROM submission_authors
2526	from	2477	WHERE submission_id in ('".implode("','",$no_cache)."')
2527	submission_authors	2478	AND role IN ('author','assistant')
2528	where	2479	order by rank asc";
2529	submission_authors.submission_id in ('".implode("','",$no_cache)."')
2530	and
2531	role in ('author','assistant')
2532	order by
2533	rank asc
2534	";
2535	$res = conference_sql($query);	2480	$res = conference_sql($query);
2536		2481
2537	while($row = mysql_fetch_assoc($res)){	2482	while($row = mysql_fetch_assoc($res)){
2538	$submissions[$row['submission_id']]['role'][$row['role']][] = $row['PersonID'];	2483	$submissions[$row['submission_id']]['role'][$row['role']][] = $row['BugzillaUserID'];
2539	}	2484	}
2540	}	2485	}
2541		2486
Lines 2660-2700 Link Here
2660	}	2605	}
2661		2606
2662		2607
2663	function get_speakers_accepted_submissions($PersonID){	2608	function get_speakers_accepted_submissions($BugzillaUserID){
2664	global $context;
2665	static $people = array();
2666
2667	if(isset($people[$PersonID])){
2668	return $people[$PersonID];
2669	}
2670
2671	/*
2672	* find all the accepted talks the specified user is a speaker on
2673	*/
2674	$query = "select
2675	*
2676	from
2677	submissions,
2678	submission_authors
2679	where
2680	submissions.submission_id = submission_authors.submission_id
2681	and
2682	PersonID = '".addslashes($PersonID)."'
2683	and
2684	submissions.conference_id = '".addslashes($context->theconference->getConferenceID())."'
2685	and
2686	status = 'accepted'
2687	and
2688	submission_authors.role = 'author'
2689	order by submissions.submission_id
2690	";
2691
2692	$res = conference_sql($query);
2693	$subs = array();	2609	$subs = array();
2694	while($row = mysql_fetch_assoc($res)){	2610	if(preg_match("/^[0-9]+$/", $BugzillaUserID)) {
2695	$subs[$row['submission_id']] = $row;	2611	global $context;
		2612	static $people = array();
		2613
		2614	if(isset($people[$PersonID])){
		2615	return $people[$PersonID];
		2616	}
		2617
		2618	/*
		2619	* find all the accepted talks the specified user is a speaker on
		2620	*/
		2621	$query = "select /* functions.php:get_speakers_accepted_submissions() / FROM submissions AS S
		2622	INNER JOIN submission_authors AS A ON A.submission_id = S.submission_id
		2623	WHERE A.BugzillaUserID = ". mysql_real_escape_string($BugzillaUserID) . "
		2624	AND S.conference_id = '".mysql_real_escape_string($context->theconference->getConferenceID())."'
		2625	and status = 'accepted' and A.role = 'author' order by S.submission_id";
		2626
		2627	$res = conference_sql($query);
		2628	while($row = mysql_fetch_assoc($res)){
		2629	$subs[$row['submission_id']] = $row;
		2630	}
		2631	$people[$PersonID] = $subs;
2696	}	2632	}
2697	$people[$PersonID] = $subs;
2698	return $subs;	2633	return $subs;
2699	}	2634	}
2700		2635

Lines 254-260 Link Here

(-)classes/search_functions.php (-1 / +1 lines)
254	array_pop($filters['keywords']);	254	array_pop($filters['keywords']);
255	}	255	}
256		256
257	if($context->theuser->getFoundationID() == $_GET['PersonID'] or current_user_has_role("conference_chair") or current_user_has_role("program_committee") or current_user_has_role("registration_master") ){	257	if($context->theuser->getBugzillaUserID() == $_GET['PersonID'] or current_user_has_role("conference_chair") or current_user_has_role("program_committee") or current_user_has_role("registration_master") ){
258	return $filters;	258	return $filters;
259	}else{	259	}else{
260	/*	260	/*




require_once( $GLOBALS['CLASSES_DIRECTORY'] . "functions.php" );

class user {
	public $user_id;  // email address
	public $first_name;
	public $last_name;
	public $full_name;

	public $email_addresses;
	public $is_committer;
	public $PersonID;
	public $bugzilla_id;  // also the email address
	public $bugzilla_userid; // integer...   bugs.profiles.userid
	
	public $unknown_from_address = 'portal-noreply@eclipse.org';
	

			//CHECK IF BUGZILLA EMAIL MATCHES THE PRIMARY FOUNDATION EMAIL ADDRESS
			//FOR SERCURITY REASONS NEVER MATCH ON ANY EMAIL BUT THE PRIMARY FOUNDATION EMAIL
			$this->foundation_login = false;
			#$query = "SELECT PersonID FROM People WHERE EMail = '" . addslashes($this->primary_email) . "'";
			#$res = foundation_sql($query);
			
			#if($row = mysql_fetch_assoc($res)){
		 	#	$this->getUserInfoFromFoundationID($row['PersonID']);
			#}
		}
		
		#if($this->getUserInfoFromFoundationID($user_id)){
			//CHECK IF THE PRIMARY FOUNDATION EMAIL ADDRESS MATCHES A BUGZILLA EMAIL
			//FOR SERCURITY REASONS NEVER MATCH ON ANY EMAIL BUT THE PRIMARY FOUNDATION EMAIL
		#	$this->getUserInfoFromBugzillaID($this->primary_email);
		#}
		
		/*  Check to see if the speaker has been created for this conference
		 *  If not the ceate one in the conference database

		}
	}
	
	function getBugzillaUserID() {
		return $this->bugzilla_userid;
	}
	
	function getSpeakerInfo(){
		global $context;
		if(!isset($this->speakerinfo)){
		  	$query = "SELECT /* user.class.php:getSpeakerInfo*/ * from speakers 
		  			  	where conference_id = ".$context->theconference->getConferenceID()." 
		  			  and BugzillaUserID = ".$this->getBugzillaUserID();
		  			  	speakers 
		  			  where 
		  			  	conference_id = ".$context->theconference->getConferenceID()." 
		  			  and 
		  			  	PersonID = '".$this->getFoundationID(true)."'
		  			  ";
		  	$res = conference_sql($query);
		  	$speaker = mysql_fetch_assoc($res);
		  	if(empty($speaker)){

	
	
	public function getFoundationID($force_creation_if_use_is_nobdoy = false){
		php_backtrace();
		if (isset($this->PersonID)) {
	      return $this->PersonID;
	    } else {

			$this->last_name  = $names['LName'];
			$this->addEmail($row['login_name']);
			$this->bugzilla_id = $user_id;
			$this->bugzilla_userid = $row['userid'];
			$this->bugzilla_login = true;
			return true;
		}

	}
	
	private function getUserInfoFromFoundationID($user_id){
		# We're not doing this anymore.
		if(check_bugzilla_profiles_table_exists() === false){
			return false;
		}
		
		#$query = "select * from People where PersonID = '".addslashes($user_id)."'";
		#$res = foundation_sql($query);
		#if(mysql_num_rows($res)){
		#	$row = mysql_fetch_assoc($res);
		#	$this->first_name = $row['FName'];
	#		$this->last_name = $row['LName'];
#			$this->full_name = $this->first_name." ".$this->last_name;
#			$this->addEmail($row['EMail']);
			# //TODO - CONFIRM IF THEIR PRIMAMRY SHOULD BE FOUNDATION IN A CASES (IE BUGZILLA LOGIN)
			#$this->primary_email = $row['EMail'];
			#$this->PersonID = $user_id;
			# $this->foundation_login = true;
			
			return true;
		#}
		#return false;
	}
	
  public function makeFoundationID($fname, $lname, $email) {
  	php_backtrace();
  	$salt = '';
  	// Create Foundation DB ID and make sure it's unique
  	if(strlen($lname) > 0) {

  }

  function getPicture(){
		$sql = "SELECT Picture FROM people WHERE BugzillaUserID = '".$this->bugzilla_userid."'";
		$res = conference_sql($sql);
		$row = mysql_fetch_assoc($res);
		if($row['Picture'] != ""){
			return $row['Picture'];

Lines 25-31 Link Here

(-)conferences/2011/fragments/header.php (-1 / +1 lines)
25	</div>	25	</div>
26		26
27	<!-- end #header -->	27	<!-- end #header -->
28	<div style='background-color: white;'>	28	<div id='nav'>
29	<?php	29	<?php
30	show_back_to_home_link();	30	show_back_to_home_link();
31		31

Lines 158-164 Link Here

(-)conferences/2011/speaker_agreement/speaker_agreement.php (-1 / +1 lines)
158	* not signed..	158	* not signed..
159	* if the person logged in is the same as this speaker agreement	159	* if the person logged in is the same as this speaker agreement
160	*/	160	*/
161	if($PersonID == $context->theuser->getFoundationID() and $PersonID != ""){	161	if($PersonID == $context->theuser->getBugzillaUserID() and $PersonID != ""){
162	/*	162	/*
163	* ...show the accpeted check box and info	163	* ...show the accpeted check box and info
164	*/	164	*/

Lines 91-96 Link Here

(-)conferences/2011/subsystem.css (+4 lines)
91	background-color: red;	91	background-color: red;
92	}	92	}
93		93
		94	#nav {
		95	background-color: #f0f0f0; padding: 6px 5px;
		96	}
		97
94		98
95	#main{	99	#main{
96	border: 1px solid grey;	100	border: 1px solid grey;




	function on_update_slot_allocation($context,$allocations){
		//LOG - updating category slot allocations per type
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "allocations",
							  "category",
							  null,

	
		//LOG - updating category slot allocations per type
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "adding",
							  "program_committee",
							  NULL,

	
		//LOG - updating category slot allocations per type
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "removing",
							  "program_committee",
							  NULL,

		* Log who set the tentative_status of submission
		*/
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "tentative_status",
							  "submission",
							  $submission_id,

	
		//LOG - submission was accepted
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "status",
							  "submission",
							  $submission_id,

	
		//LOG - submission was declined
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "status",
							  "submission",
							  $submission_id,

		 * log the scheduling
		 */
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "scheduled",
							  "submission",
							  $submission_id,

		 * 	   watchers of all
		 */
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "update",
							  "type",
							  "",

		 * 	   watchers of all
		 */
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "update",
							  "type2",
							  "",

		 * 	   watchers of all
		 */
	log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "remove",
							  "type",
							  "",

		 * 	   watchers of all
		 */
	log_conference_action($context->theconference->getConferenceID(),
					  $context->theuser->getBugzillaUserID(),
					  "add",
					  "type",
					  "",

		 * 	   watchers of all
		 */
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "update",
							  "category",
							  "",

		 * 	   watchers of all
		 */
	log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "remove",
							  "category",
							  "",

	function on_add_category($context,$category_id,$category){
		//LOG - add a new category
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "create",
							  "category",
							  $category_id,

	function on_add_pctag($context,$tag){
		//LOG - add a new category
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "create",
							  "pctag",
							  $tag,

	function on_change_pctag($context,$tag){
		//LOG - add a new category
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "update",
							  "pctag",
							  $tag,

	function on_remove_pctag($context,$tag){
		//LOG - add a new category
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "remove",
							  "pctag",
							  $tag,




		
		//LOG - proposing a talk
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "create",
							  "submission",
							  $submission_id,

		* Log changes made to the submission
		*/
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "save",
							  "submission",
							  $submission_id,

		/*
		 * get the commenter details
		 */
		$commenter = get_people_information($comment['BugzillaUserID']);
		
		/*
		 * get the submission info

		*	Send out email to everyone interested in this submission
		*/
		$params = serialize(array($commenter['name'],$comment['comment'],$submission_id,$sub['_title'],$comment['ts'],$is_private));
		foreach($people as $person){
			//SEND CREATE SUBMISSION EMAILS 
			send_immediate_email_from ( $context, "info@eclipsecon.org", "conferences/".$GLOBALS['CONFERENCE'], "talk_comment", $person['email'] , $params, null, null);
		}

		* Log the who made the comment
		*/
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "comment",
							  "submission",
							  $submission_id,

		* Log who was added to cc list for what talk
		*/
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "add_$role",
							  "submission",
							  $submission_id,

		* Log who was added to cc list for what talk
		*/
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "add_cc",
							  "submission",
							  $submission_id,

		* Log who was removed from cc list for what talk
		*/
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "remove_cc",
							  "submission",
							  $submission_id,

		* Log who changed the order of authors on what talk
		*/
		log_conference_action($context->theconference->getConferenceID(),
							  $context->theuser->getBugzillaUserID(),
							  "reorder_$action",
							  "submission",
							  $submission_id,

Lines 1-5 Link Here

(-)schedulingTool/generateDays.php (-1 / +1 lines)
1	<?php	1	<?php
2	require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( false );	3	external_entry( false );
4	include_once("funcs.php");	4	include_once("funcs.php");
5		5

Return to bug 303756

Lines 45-51 Link Here

(-)bigbutton.php (-20 / +9 lines)
45	/*	45	/*
46	* ..if not display a message and exit	46	* ..if not display a message and exit
47	*/	47	*/
48	?>This page is for the conference staff only, nice try.<?	48	echo "This page is for the conference staff only.";
49	exit();	49	exit();
50	}	50	}
51		51
Lines 213-237 Link Here
213	/*	213	/*
214	* ...find all the submissions where the tenetative_status is not empty	214	* ...find all the submissions where the tenetative_status is not empty
215	*/	215	*/
216	$query = "select	216	$query = "select /* bigbutton.php:get_submissions_with_actionable_status() /
217	*	217	FROM submissions AS S
218	from	218	INNER JOIN submission_types AS T ON T.type = S._type
219	submissions,	219	WHERE tentative_status != ''
220	submission_types	220	AND S.conference_id = '".addslashes($context->theconference->getConferenceID())."'
221	where	221	AND T.conference_id = '".addslashes($context->theconference->getConferenceID())."'
222	tentative_status != ''	222	AND T.internal_type in ('".implode('\',\'',$types)."')
223	and	223	GROUP BY tentative_status, submission_id";
224	submissions.conference_id = '".addslashes($context->theconference->getConferenceID())."'
225	and
226	submission_types.conference_id = '".addslashes($context->theconference->getConferenceID())."'
227	and
228	submission_types.type = submissions._type
229	and
230	submission_types.internal_type in ('".implode('\',\'',$types)."')
231	group by
232	tentative_status,
233	submission_id
234	";
235	}else{	224	}else{
236	/*	225	/*
237	* there are no submission to take action on	226	* there are no submission to take action on

Lines 94-100 Link Here

(-)check_speaker_overlap.php (-6 / +6 lines)
94	echo $conflict['type']	94	echo $conflict['type']
95	?></li><?php	95	?></li><?php
96	?><li class="<?=$class?>"><?php	96	?><li class="<?=$class?>"><?php
97	$person = get_people_information($conflict['PersonID']);	97	$person = get_people_information($conflict['BugzillaUserID']);
98	echo $person['name'];	98	echo $person['name'];
99	?></li><?php	99	?></li><?php
100		100
Lines 122-128 Link Here
122	$conflicts = array();	122	$conflicts = array();
123		123
124	$query = "select	124	$query = "select
125	PersonID,	125	BugzillaUserID,
126	".$tentative."date as date,	126	".$tentative."date as date,
127	".$tentative."start_time as start_time,	127	".$tentative."start_time as start_time,
128	".$tentative."end_time as end_time,	128	".$tentative."end_time as end_time,
Lines 149-155 Link Here
149	";	149	";
150		150
151		151
152	// print $query;	152	# print $query;
153		153
154	$res = conference_sql($query);	154	$res = conference_sql($query);
155		155
Lines 161-167 Link Here
161	$times['submission_id'] = $row['submission_id'];	161	$times['submission_id'] = $row['submission_id'];
162	$times['room'] = $row['room'];	162	$times['room'] = $row['room'];
163	$times['type'] = $row['_type'];	163	$times['type'] = $row['_type'];
164	$f[$row['PersonID']][$row['submission_id']] = $times;	164	$f[$row['BugzillaUserID']][$row['submission_id']] = $times;
165	// }	165	// }
166	// print $tentative;	166	// print $tentative;
167	// print_pre($row);	167	// print_pre($row);
Lines 181-187 Link Here
181	/*	181	/*
182	* case where the start times are the same	182	* case where the start times are the same
183	*/	183	*/
184	$cur['PersonID'] = $next['PersonID'] = $personid;	184	$cur['BugzillaUserID'] = $next['BugzillaUserID'] = $personid;
185	$conflict['a'] = $cur;	185	$conflict['a'] = $cur;
186	$conflict['b'] = $next;	186	$conflict['b'] = $next;
187	$conflicts[] = $conflict;	187	$conflicts[] = $conflict;
Lines 189-195 Link Here
189	/*	189	/*
190	* case where the start time of next is within the start end of cur	190	* case where the start time of next is within the start end of cur
191	*/	191	*/
192	$cur['PersonID'] = $next['PersonID'] = $personid;	192	$cur['BugzillaUserID'] = $next['BugzillaUserID'] = $personid;
193	$conflict['a'] = $cur;	193	$conflict['a'] = $cur;
194	$conflict['b'] = $next;	194	$conflict['b'] = $next;
195	$conflicts[] = $conflict;	195	$conflicts[] = $conflict;

Lines 165-171 Link Here

(-)edit_talk.php (-8 / +8 lines)
165	* If the user specified a talk id in the url..	165	* If the user specified a talk id in the url..
166	*/	166	*/
167	if(isset($_GET['id'])){	167	if(isset($_GET['id'])){
168	if(!can_user_edit_submission($_GET['id'],$context->theuser->getFoundationID() )){	168	if(!can_user_edit_submission($_GET['id'],$context->theuser->getBugzillaUserID() )){
169	?><h2>You are not authorized to edit this talk.</h2><?	169	?><h2>You are not authorized to edit this talk.</h2><?
170	exit();	170	exit();
171	}	171	}
Lines 217-227 Link Here
217	/*	217	/*
218	* if the current use is not listed as a author or assistant	218	* if the current use is not listed as a author or assistant
219	*/	219	*/
220	if(!in_array($context->theuser->getFoundationID(),$auths_assistants)){	220	if(!in_array($context->theuser->getBugzillaUserID(),$auths_assistants)){
221	/*	221	/*
222	* .. then add them as an author	222	* .. then add them as an author
223	*/	223	*/
224	$auths[] = $context->theuser->getFoundationID();	224	$auths[] = $context->theuser->getBugzillaUserID();
225	$_POST['authors'] = implode(",",$auths);	225	$_POST['authors'] = implode(",",$auths);
226	}	226	}
227		227
Lines 605-615 Link Here
605	<input id="hidden-authors" type="hidden" name="authors" value="<?= $_POST['authors'];?>">	605	<input id="hidden-authors" type="hidden" name="authors" value="<?= $_POST['authors'];?>">
606	<input id="hidden-assistants" type="hidden" name="assistants" value="<?=$_POST['assistants'];?>">	606	<input id="hidden-assistants" type="hidden" name="assistants" value="<?=$_POST['assistants'];?>">
607		607
608	<tr >	608	<tr>
609	<td align="right" valign="top">Authors:</td>	609	<td align="right" valign="top">Authors:</td>
610	<td id="author">	610	<td id="author">
611	<div id="talk-author">	611	<div id="talk-author">
612	<?	612	<?php
613	$found = hiddenPeopleToArrayofPeopleIDorEmail($a_talk['authors'],'authors');	613	$found = hiddenPeopleToArrayofPeopleIDorEmail($a_talk['authors'],'authors');
614	show_editable_people($a_talk['submission_id'] ? $a_talk['submission_id'] : 0 ,'author', $found['authors'],$found['invited_authors']);	614	show_editable_people($a_talk['submission_id'] ? $a_talk['submission_id'] : 0 ,'author', $found['authors'],$found['invited_authors']);
615	?>	615	?>
Lines 810-816 Link Here
810	$query = "insert into submission_authors set	810	$query = "insert into submission_authors set
811	rank = '".addslashes($rank)."',	811	rank = '".addslashes($rank)."',
812	submission_id = '".addslashes($submission_id)."',	812	submission_id = '".addslashes($submission_id)."',
813	PersonID = '".addslashes($auth)."',	813	BugzillaUserID = '".addslashes($auth)."',
814	role = 'author'	814	role = 'author'
815	";	815	";
816	$res = conference_sql($query);	816	$res = conference_sql($query);
Lines 830-836 Link Here
830	$query = "insert into submission_authors set	830	$query = "insert into submission_authors set
831	rank = 0,	831	rank = 0,
832	submission_id = '".addslashes($submission_id)."',	832	submission_id = '".addslashes($submission_id)."',
833	PersonID = '".addslashes($auth)."',	833	BugzillaUserID = '".addslashes($auth)."',
834	role = 'assistant'	834	role = 'assistant'
835	";	835	";
836	$res = conference_sql($query);	836	$res = conference_sql($query);
Lines 861-867 Link Here
861	if(trim($need_extra_time) != ""){	861	if(trim($need_extra_time) != ""){
862	$query = "insert into submission_comments set	862	$query = "insert into submission_comments set
863	submission_id = '".addslashes($submission_id)."',	863	submission_id = '".addslashes($submission_id)."',
864	PersonID = '".addslashes($context->theuser->getFoundationID())."',	864	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
865	comment = '".addslashes($need_extra_time)."',	865	comment = '".addslashes($need_extra_time)."',
866	ts = NOW(),	866	ts = NOW(),
867	is_private = true";	867	is_private = true";

Lines 1-4 Link Here

(-)index.php (-25 / +17 lines)
1	<?php	1	<?php
2	require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( false );	3	external_entry( false );
4		4
Lines 9-31 Link Here
9		9
10		10
11	<?php	11	<?php
12	$query = "
13	select * from submissions, submission_authors
14	where
15	submissions.submission_id = submission_authors.submission_id
16	and
17	PersonID = '".$context->theuser->getFoundationID()."'
18	and
19	submissions.conference_id = ".$context->theconference->getConferenceID()."
20	and
21	conference_id = ".$context->theconference->getConferenceID()."
22	order by submissions.submission_id";
23	$res = conference_sql($query);
24	$title = "Your Submission" . (mysql_num_rows($res) > 1 ? 's' : '');
25	if(is_user_logged_in()){	12	if(is_user_logged_in()){
26	/*	13	$query = "select /* index.php:13 / from submissions AS S
27	* get all the results	14	INNER JOIN submission_authors AS A on A.submission_id = S.submission_id
28	*/	15	WHERE A.BugzillaUserID = " . $context->theuser->getBugzillaUserID() . "
		16	AND S.conference_id = ".$context->theconference->getConferenceID()."
		17	ORDER BY S.submission_id";
		18	$res = conference_sql($query);
		19	$title = "Your Submission" . (mysql_num_rows($res) > 1 ? 's' : '');
		20
29	$results = array();	21	$results = array();
30	while( $row = mysql_fetch_assoc($res) ) {	22	while( $row = mysql_fetch_assoc($res) ) {
31	$results[$row['submission_id']] = $row;	23	$results[$row['submission_id']] = $row;
Lines 47-56 Link Here
47	<?php	39	<?php
48		40
49	if($context->theuser->getPicture() == true){	41	if($context->theuser->getPicture() == true){
50	$_GET['PersonID'] = $context->theuser->getFoundationID();	42	$_GET['PersonID'] = $context->theuser->getBugzillaUserID();
51	include("callbacks/image-upload.php");	43	include("callbacks/image-upload.php");
52	}else{	44	}else{
53	?><h3><a href="" onclick="showUpload('<?=$context->theuser->getFoundationID();?>');return false;">upload your photo</a></h3><?	45	?><h3><a href="" onclick="showUpload('<?=$context->theuser->getBugzillaUserID();?>');return false;">upload your photo</a></h3><?php
54	}	46	}
55	?>	47	?>
56	</div>	48	</div>
Lines 58-77 Link Here
58		50
59	<div style='width: 630px;'>	51	<div style='width: 630px;'>
60	<h2 style='margin: 0px; margin-bottom: 10px;'>Your Bio</h2>	52	<h2 style='margin: 0px; margin-bottom: 10px;'>Your Bio</h2>
61	<b><?=show_person( $context->theuser->getFoundationID(),true )?></b>	53	<b><?=show_person( $context->theuser->getBugzillaUserID(),true )?></b>
62	<?php	54	<?php
63	if(get_speakers_accepted_submissions($context->theuser->getFoundationID())){	55	if(get_speakers_accepted_submissions($context->theuser->getBugzillaUserID())){
64	?>	56	?>
65	<div style='font-size: 10px;'>	57	<div style='font-size: 10px;'>
66	<a href="speaker_agreement.php?PersonID=<?=$context->theuser->getFoundationID()?>">Speaker Agreement</a>	58	<a href="speaker_agreement.php?PersonID=<?=$context->theuser->getBugzillaUserID()?>">Speaker Agreement</a>
67	</div>	59	</div>
68	<?php	60	<?php
69	} ?>	61	} ?>
70	<div id="bio" class="bio">	62	<div id="bio" class="bio">
71	<span style='float: right; margin-right: 10px;'><a href="" onclick="editBio('edit','<?=$context->theuser->getFoundationID();?>'); return false;"><?=$bio ? "edit" : "create" ?> bio</a></span>	63	<span style='float: right; margin-right: 10px;'><a href="" onclick="editBio('edit','<?=$context->theuser->getBugzillaUserID();?>'); return false;"><?=$bio ? "edit" : "create" ?> bio</a></span>
72	<br>	64	<br>
73	<p>	65	<p>
74	<?	66	<?php
75	if( ($bio) ){	67	if( ($bio) ){
76	echo $bio;	68	echo $bio;
77	}else{	69	}else{
Lines 83-89 Link Here
83	</div>	75	</div>
84	<div style='clear: both;'></div>	76	<div style='clear: both;'></div>
85	</div>	77	</div>
86	<?}?>	78	<?php }?>
87		79
88		80
89		81

Lines 2-33 Link Here

(-)user.php (-49 / +37 lines)
2	require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( false );	3	external_entry( false );
4		4
5	if(isset($_GET['id'])){	5	# sanitize - incoming should be an integer
6	$person = get_people_information($_GET['id']);	6	if(!preg_match("/^[0-9]+$/", $_GET['id'])) {
7	}	7	unset($_GET['id']);
		8	}
8		9
9	/*	10	# Array of talks for this user
10	* From here down, we are generating an HTML page for the user.	11	$a_talks = array();
11	*/
12	conference_include($GLOBALS['FRAGMENTS_DIRECTORY'] . "header.php");
13	do_header(false);
14		12
15	$bio = "";
16	/*
17	* if the id is set for this user
18	*/
19	if(isset($_GET['id'])){	13	if(isset($_GET['id'])){
20	/*	14	/*
21	* load their bio	15	* load their bio
22	*/	16	*/
23	$query = "select * from speakers where PersonID = '".addslashes($_GET['id'])."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";	17	$query = "select * from speakers where BugzillaUserID = '".addslashes($_GET['id'])."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
24	$res = conference_sql($query);	18	$res = conference_sql($query);
25	$author_info = mysql_fetch_assoc($res);	19	$author_info = mysql_fetch_assoc($res);
26		20
27	if($author_info['bio'] != ""){	21	if($author_info['bio'] != ""){
28	$bio = $author_info['bio'];	22	$bio = $author_info['bio'];
29	}	23	}
		24
		25	# Load up talks for this user
		26	$query = "select /* user.php:95 / S.
		27	FROM submissions AS S
		28	INNER JOIN submission_authors AS A ON A.submission_id = S.submission_id
		29	AND BugzillaUserID = ".addslashes($_GET['id'])."
		30	AND role IN ('author','assistant')
		31	AND conference_id = ".$context->theconference->getConferenceID()." order by rank asc";
		32	$res = conference_sql($query);
		33
		34	while( $row = mysql_fetch_assoc($res) ) {
		35	$a_talks[$row['submission_id']] = $row;
		36	}
		37
30	}	38	}
		39
		40	conference_include($GLOBALS['FRAGMENTS_DIRECTORY'] . "header.php");
		41	do_header(false);
		42
		43	/*
		44	* From here down, we are generating an HTML page for the user.
		45	*/
		46
		47	$bio = "";
		48	/*
		49	* if the id is set for this user
		50	*/
31	?>	51	?>
32	<div id="bodytext">	52	<div id="bodytext">
33	<div>	53	<div>
Lines 36-42 Link Here
36	<div id="picture" style="text-align: center;">	56	<div id="picture" style="text-align: center;">
37	<?	57	<?
38		58
39	if($context->theuser->getFoundationID() == $_GET['id'] \|\| current_user_has_role("conference_chair") ){	59	if($context->theuser->getBugzillaUserID() == $_GET['id'] \|\| current_user_has_role("conference_chair") ){
40	$_GET['PersonID'] = $_GET['id'];	60	$_GET['PersonID'] = $_GET['id'];
41	include("callbacks/image-upload.php");	61	include("callbacks/image-upload.php");
42	}else{	62	}else{
Lines 51-57 Link Here
51		71
52	<div style='width: 600px;'>	72	<div style='width: 600px;'>
53	<h2 style='margin: 0px; margin-bottom: 10px;'>Bio</h2>	73	<h2 style='margin: 0px; margin-bottom: 10px;'>Bio</h2>
54	<b><?=show_person( $_GET['id'],true, true,true )?></b>	74	<b><?= show_person( $_GET['id'],true, true,true )?></b>
55	<?php	75	<?php
56	if(get_speakers_accepted_submissions($_GET['id'])){	76	if(get_speakers_accepted_submissions($_GET['id'])){
57	if($context->theuser->getFoundationID() == $_GET['id'] \|\| current_user_has_role("conference_chair") \|\| current_user_has_role("program_committee") \|\| current_user_has_role("registration_master") ){	77	if($context->theuser->getFoundationID() == $_GET['id'] \|\| current_user_has_role("conference_chair") \|\| current_user_has_role("program_committee") \|\| current_user_has_role("registration_master") ){
Lines 84-118 Link Here
84		104
85	<div style='clear: both;'></div>	105	<div style='clear: both;'></div>
86	</div>	106	</div>
87		107	<?php
88		108	show_table_of_talks($a_talks,"Submissions","view_talk.php");
89
90	<?
91	$query = "select
92	submissions.*
93	from
94	submissions,
95	submission_authors
96	where
97	submissions.submission_id = submission_authors.submission_id
98	and
99	PersonID = '".addslashes($_GET['id'])."'
100	and
101	role in ('author','assistant')
102	and
103	conference_id = ".$context->theconference->getConferenceID()."
104
105	order by rank asc
106	";
107	$res = conference_sql($query);
108	/*
109	* get all the results
110	*/
111	$results = array();
112	while( $row = mysql_fetch_assoc($res) ) {
113	$results[$row['submission_id']] = $row;
114	}
115	show_table_of_talks($results,"Submissions","view_talk.php");
116	?>	109	?>
117		110
118	</div>	111	</div>
Lines 141-151 Link Here
141	}	134	}
142	?></div><?php	135	?></div><?php
143	}	136	}
144
145
146	?>	137	?>
147
148
149
150	<?php /* bodytext */ ?>	138	<?php /* bodytext */ ?>
151	<?php conference_include($GLOBALS['FRAGMENTS_DIRECTORY'] . "footer.php"); ?>	139	<?php conference_include($GLOBALS['FRAGMENTS_DIRECTORY'] . "footer.php"); ?>

Lines 28-34 Link Here

(-)watch_lists.php (-6 / +6 lines)
28	* Gather data for types/categories	28	* Gather data for types/categories
29	*/	29	*/
30	$types = $context->theconference->getTalkTypes();	30	$types = $context->theconference->getTalkTypes();
31	$query = "select * from watching_types where PersonID = '".addslashes($context->theuser->getFoundationID())."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";	31	$query = "select * from watching_types where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
32	$res = conference_sql($query);	32	$res = conference_sql($query);
33	$watching_types = array();	33	$watching_types = array();
34	while($row = mysql_fetch_assoc($res)){	34	while($row = mysql_fetch_assoc($res)){
Lines 36-42 Link Here
36	}	36	}
37		37
38	$categories = get_talk_categories();	38	$categories = get_talk_categories();
39	$query = "select * from watching_categories,categories where PersonID = '".addslashes($context->theuser->getFoundationID())."' and watching_categories.category_id = categories.category_id and watching_categories.conference_id = '".addslashes($context->theconference->getConferenceID())."'";	39	$query = "select * from watching_categories,categories where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and watching_categories.category_id = categories.category_id and watching_categories.conference_id = '".addslashes($context->theconference->getConferenceID())."'";
40	$res = conference_sql($query);	40	$res = conference_sql($query);
41	$watching_categories = array();	41	$watching_categories = array();
42	while($row = mysql_fetch_assoc($res)){	42	while($row = mysql_fetch_assoc($res)){
Lines 44-50 Link Here
44	}	44	}
45		45
46	$tags = get_tags('talk_tag');	46	$tags = get_tags('talk_tag');
47	$query = "select * from watching_tags,tags where PersonID = '".addslashes($context->theuser->getFoundationID())."' and watching_tags.tag_id = tags.tag_id and watching_tags.conference_id = '".addslashes($context->theconference->getConferenceID())."'";	47	$query = "select * from watching_tags,tags where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and watching_tags.tag_id = tags.tag_id and watching_tags.conference_id = '".addslashes($context->theconference->getConferenceID())."'";
48	$res = conference_sql($query);	48	$res = conference_sql($query);
49	$watching_tags = array();	49	$watching_tags = array();
50	while($row = mysql_fetch_assoc($res)){	50	while($row = mysql_fetch_assoc($res)){
Lines 52-65 Link Here
52	}	52	}
53		53
54		54
55	$query = "select * from watching_new_submissions where PersonID = '".addslashes($context->theuser->getFoundationID())."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";	55	$query = "select * from watching_new_submissions where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
56	$res = conference_sql($query);	56	$res = conference_sql($query);
57	$watching_new_submissions = false;	57	$watching_new_submissions = false;
58	if(mysql_num_rows($res) > 0){	58	if(mysql_num_rows($res) > 0){
59	$watching_new_submissions = true;	59	$watching_new_submissions = true;
60	}	60	}
61		61
62	$query = "select * from watching_everything where PersonID = '".addslashes($context->theuser->getFoundationID())."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";	62	$query = "select * from watching_everything where BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
63	$res = conference_sql($query);	63	$res = conference_sql($query);
64	$watching_everything = false;	64	$watching_everything = false;
65	if(mysql_num_rows($res) > 0){	65	if(mysql_num_rows($res) > 0){
Lines 90-96 Link Here
90	?>	90	?>
91	</div>	91	</div>
92	</div>	92	</div>
93		93	<div style='clear: both;'></div>
94	<p><b>Talk Tags</b><br>Receive email notification when changes occur to talk tags.</p>	94	<p><b>Talk Tags</b><br>Receive email notification when changes occur to talk tags.</p>
95		95
96	<div class="blue-corner-box" style='margin: 0px;'>	96	<div class="blue-corner-box" style='margin: 0px;'>

Lines 25-31 Link Here

(-)callbacks/add_author.php (-5 / +4 lines)
25	if( isset($_POST['role']) and	25	if( isset($_POST['role']) and
26	isset($_POST['PersonID']) and	26	isset($_POST['PersonID']) and
27	isset($_POST['submission_id']) and	27	isset($_POST['submission_id']) and
28	can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){	28	can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){
29		29
30	/*	30	/*
31	* Find max rank for this submission	31	* Find max rank for this submission
Lines 34-47 Link Here
34	/*	34	/*
35	* insert the data into the database	35	* insert the data into the database
36	*/	36	*/
37	$query = "insert into	37	$query = "insert /* add_author.php:37 */ INTO
38	submission_authors	38	submission_authors
39	set	39	set
40	submission_id = '".addslashes($_POST['submission_id'])."',	40	submission_id = '".addslashes($_POST['submission_id'])."',
41	PersonID = '".addslashes($_POST['PersonID'])."',	41	BugzillaUserID = '".addslashes($_POST['PersonID'])."',
42	rank = '".addslashes($rank)."',	42	rank = '".addslashes($rank)."',
43	role = '".addslashes($_POST['role'])."'	43	role = '".addslashes($_POST['role'])."'";
44	";
45	$res = conference_sql($query);	44	$res = conference_sql($query);
46		45
47	/*	46	/*

Lines 2-19 Link Here

(-)callbacks/add_conference_queen.php (-6 / +7 lines)
2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( true );	3	external_entry( true );
4		4
5	/*	5	# sanitize - incoming should be an integer
6	* By the time we get, there is a user logged in.	6	if(!preg_match("/^[0-9]+$/", $_POST['PersonID'])) {
7	*/	7	unset($_POST['PersonID']);
		8	}
8		9
9	/*	10	/*
10	* Check to see if the person accessing this page is the conference chair	11	* Check to see if the person accessing this page is the conference chair
11	*/	12	*/
12	if(!current_user_has_role("conference_chair")){	13	if(!current_user_has_role("conference_chair") \|\| !isset($_POST['PersonID'])) {
13	/*	14	/*
14	* ..if not display a message and exit	15	* ..if not display a message and exit
15	*/	16	*/
16	?>error<?	17	echo "An error has occurred with your request. You are not authorized, or your request was malformed.";
17	exit();	18	exit();
18	}	19	}
19		20
Lines 23-29 Link Here
23	//conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");	24	//conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");
24	//$workflow = new conference_chair_workflow();	25	//$workflow = new conference_chair_workflow();
25		26
26	$query = "insert into people_roles set PersonID = '".addslashes($_POST['PersonID'])."', role='registration_master', conference_id = '".addslashes($context->theconference->getConferenceID())."'";	27	$query = "insert into people_roles set BugzillaUserID = '".addslashes($_POST['PersonID'])."', role='registration_master', conference_id = '".addslashes($context->theconference->getConferenceID())."'";
27	$res = conference_sql($query);	28	$res = conference_sql($query);
28		29
29	//$workflow->on_add_program_committee($context,$_POST['PersonID']);	30	//$workflow->on_add_program_committee($context,$_POST['PersonID']);

Lines 2-19 Link Here

(-)callbacks/add_program_committee.php (-7 / +8 lines)
2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( true );	3	external_entry( true );
4		4
5	/*	5	# sanitize - incoming should be an integer
6	* By the time we get, there is a user logged in.	6	if(!preg_match("/^[0-9]+$/", $_POST['PersonID'])) {
7	*/	7	unset($_POST['PersonID']);
		8	}
8		9
9	/*	10	/*
10	* Check to see if the person accessing this page is the conference chair	11	* Check to see if the person accessing this page is the conference chair
11	*/	12	*/
12	if(!current_user_has_role("conference_chair")){	13	if(!current_user_has_role("conference_chair") \|\| !isset($_POST['PersonID'])) {
13	/*	14	/*
14	* ..if not display a message and exit	15	* ..if not display a message and exit
15	*/	16	*/
16	?>error<?	17	echo "An error has occurred with your request. You are not authorized, or your request was malformed.";
17	exit();	18	exit();
18	}	19	}
19		20
Lines 23-32 Link Here
23	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");	24	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");
24	$workflow = new conference_chair_workflow();	25	$workflow = new conference_chair_workflow();
25		26
26	$query = "insert into people_roles set PersonID = '".addslashes($_POST['PersonID'])."', role='program_committee', conference_id = '".addslashes($context->theconference->getConferenceID())."'";	27	$query = "insert into people_roles set BugzillaUserID = '".addslashes($_POST['PersonID'])."', role='program_committee', conference_id = '".addslashes($context->theconference->getConferenceID())."'";
27	$res = conference_sql($query);	28	$res = conference_sql($query);
28		29
29	$workflow->on_add_program_committee($context,$_POST['PersonID']);	30	$workflow->on_add_program_committee($context,$_POST['BugzillaUserID']);
30		31
31	show_program_committee_list();	32	show_program_committee_list();
32	?>	33	?>

Lines 5-21 Link Here

(-)callbacks/edit_bio.php (-20 / +18 lines)
5	* By the time we get, there is a user logged in.	5	* By the time we get, there is a user logged in.
6	*/	6	*/
7		7
		8	# sanitize - incoming should be an integer
		9	if(!preg_match("/^[0-9]+$/", $_GET['PersonID'])) {
		10	unset($_GET['id']);
		11	}
		12	if(!preg_match("/^[a-z]+$/", $_GET['action'])) {
		13	unset($_GET['id']);
		14	}
		15
8	if(isset($_GET['action']) and isset($_GET['PersonID'])){	16	if(isset($_GET['action']) and isset($_GET['PersonID'])){
9	if($context->theuser->getFoundationID() == $_GET['PersonID'] or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){	17	if($context->theuser->getBugzillaUserID() == $_GET['PersonID'] or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){
10	$query = "select	18	$query = "select * from speakers where
11	*
12	from
13	speakers
14	where
15	conference_id = ".$context->theconference->getConferenceID()."	19	conference_id = ".$context->theconference->getConferenceID()."
16	and	20	and BugzillaUserID = '".addslashes($_GET['PersonID'])."'";
17	PersonID = '".addslashes($_GET['PersonID'])."'
18	";
19	$res = conference_sql($query);	21	$res = conference_sql($query);
20	$speaker = mysql_fetch_assoc($res);	22	$speaker = mysql_fetch_assoc($res);
21	$bio = $speaker['bio'];	23	$bio = $speaker['bio'];
Lines 55-87 Link Here
55	}	57	}
56	if(empty($speaker)){	58	if(empty($speaker)){
57		59
58	$query = "insert into	60	$query = "insert into speakers
59	speakers
60	set	61	set
61	bio = '".addslashes($value)."',	62	bio = '".addslashes($value)."',
62	conference_id = ".$context->theconference->getConferenceID().",	63	conference_id = ".$context->theconference->getConferenceID().",
63	PersonID = '".addslashes($_GET['PersonID'])."'	64	BugzillaUserID = '".addslashes($_GET['PersonID'])."'
64	";	65	";
65		66
66	conference_sql($query);	67	conference_sql($query);
67	}else{	68	}else{
68	$query = "update	69	$query = "update speakers
69	speakers
70	set	70	set
71	bio = '".addslashes($value)."'	71	bio = '".addslashes($value)."'
72	where	72	where conference_id = ".$context->theconference->getConferenceID()."
73	conference_id = ".$context->theconference->getConferenceID()."	73	and BugzillaUserID = '".addslashes($_GET['PersonID'])."'
74	and
75	PersonID = '".addslashes($_GET['PersonID'])."'
76	";	74	";
77	conference_sql($query);	75	conference_sql($query);
78	}	76	}
79		77
80	//LOG BIO CHANGES	78	//LOG BIO CHANGES
81	if($bio){	79	if($bio){
82	log_conference_action($context->theconference->getConferenceID(),$context->theuser->getFoundationID(),"update bio","",$_GET['PersonID'],$_GET['value']);	80	log_conference_action($context->theconference->getConferenceID(),$context->theuser->getBugzillaUserID(),"update bio","",$_GET['PersonID'],$_GET['value']);
83	}else{	81	}else{
84	log_conference_action($context->theconference->getConferenceID(),$context->theuser->getFoundationID(),"create bio","",$_GET['PersonID'],$_GET['value']);	82	log_conference_action($context->theconference->getConferenceID(),$context->theuser->getBugzillaUserID(),"create bio","",$_GET['PersonID'],$_GET['value']);
85	}	83	}
86		84
87	?><span style='float: right; margin-right: 10px;'><a href="" onclick="editBio('edit','<?=$_GET['PersonID']?>'); return false;">edit bio</a></span><br><?	85	?><span style='float: right; margin-right: 10px;'><a href="" onclick="editBio('edit','<?=$_GET['PersonID']?>'); return false;">edit bio</a></span><br><?

Lines 28-34 Link Here

(-)callbacks/find_author.php (-16 / +12 lines)
28	/*	28	/*
29	* .. then author is going to be added to a new submission	29	* .. then author is going to be added to a new submission
30	*/	30	*/
31	$exclude[$context->theuser->getFoundationID()] = $context->theuser->getFoundationID();	31	$exclude[$context->theuser->getBugzillaUserID()] = $context->theuser->getBugzillaUserID();
32	/*	32	/*
33	* Figure out if we are finding a author or a assistant	33	* Figure out if we are finding a author or a assistant
34	*/	34	*/
Lines 45-51 Link Here
45	$exclude[$k] = $k;	45	$exclude[$k] = $k;
46	}	46	}
47	}elseif( isset($_POST['role']) and isset($_POST['submission_id']) and	47	}elseif( isset($_POST['role']) and isset($_POST['submission_id']) and
48	can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID()) ){	48	can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID()) ){
49	/*	49	/*
50	* get all the authors on this talk	50	* get all the authors on this talk
51	* use this list to remove them from the list	51	* use this list to remove them from the list
Lines 69-75 Link Here
69	?>	69	?>
70	<div class="blue-corner-box" style='margin-left:0px;'>	70	<div class="blue-corner-box" style='margin-left:0px;'>
71	<form onSubmit="search_for_auth(<?=$_POST['submission_id'] ? $_POST['submission_id'] : 0 ;?>,this.search.value,'<?=$_POST['role'];?>'); return false;" style="padding: 0px; margin: 0px;">	71	<form onSubmit="search_for_auth(<?=$_POST['submission_id'] ? $_POST['submission_id'] : 0 ;?>,this.search.value,'<?=$_POST['role'];?>'); return false;" style="padding: 0px; margin: 0px;">
72	Search for people by their first or last name<br>	72	Search for a person by their first or last name<br>
73	<input name="search" value="<?=$_POST['search'];?>">	73	<input name="search" value="<?=$_POST['search'];?>">
74	<input type="submit" value="Search for <?=ucfirst($_POST['role'])?>">	74	<input type="submit" value="Search for <?=ucfirst($_POST['role'])?>">
75	<?php	75	<?php
Lines 89-95 Link Here
89	* Parse the search string with our search parser	89	* Parse the search string with our search parser
90	*/	90	*/
91	$keywords = full_text_keywords( $_POST['search'] );	91	$keywords = full_text_keywords( $_POST['search'] );
92	$searchable_fields = array('FName',"LName");	92	$searchable_fields = array('realname');
93	$ands = array();	93	$ands = array();
94	foreach( $keywords as $keyword ) {	94	foreach( $keywords as $keyword ) {
95	$pieces = array();	95	$pieces = array();
Lines 103-118 Link Here
103	/*	103	/*
104	* Perform the query to find all the matching people	104	* Perform the query to find all the matching people
105	*/	105	*/
106	$query = "select	106	$query = "select /* find_author.php:107 */ userid AS BugzillaUserID, realname
107	PersonID,FName,LName	107	from profiles
108	from	108	where " .
109	People
110	where
111	" .
112	implode( " AND ", $ands )."	109	implode( " AND ", $ands )."
113	order by LName,FName	110	order by realname";
114	";	111	$res = bugzilla_sql($query);
115	$res = foundation_sql($query);
116	?><div style='margin-left: 10px;'><?	112	?><div style='margin-left: 10px;'><?
117		113
118	/*	114	/*
Lines 128-137 Link Here
128	* .. show all the people found with link to add them to this submission an author/assistant	124	* .. show all the people found with link to add them to this submission an author/assistant
129	*/	125	*/
130	while($person = mysql_fetch_assoc($res)){	126	while($person = mysql_fetch_assoc($res)){
131	if(isset($exclude[$person['PersonID']])){	127	if(isset($exclude[$person['BugzillaUserID']])){
132	?><?= ucwords($person['FName'])." ".ucwords($person['LName']);?> <em>(already author)</em><br><?	128	?><?= ucwords($person['realname'])?> <em>(already author)</em><br><?
133	}else{	129	}else{
134	?><a href="" onClick="add_author(<?=$_POST['submission_id'];?>,'<?=$person['PersonID'];?>','<?=$_POST['role'];?>'); return false;"><?= ucwords($person['FName'])." ".ucwords($person['LName']);?> <img src="image/plus.gif"> </a><br><?	130	?><a href="" onClick="add_author(<?=$_POST['submission_id'];?>,'<?=$person['BugzillaUserID'];?>','<?=$_POST['role'];?>'); return false;"><?= ucwords($person['realname']);?> <img src="image/plus.gif"> </a><br><?
135	}	131	}
136	}	132	}
137	}	133	}

Lines 27-33 Link Here

(-)callbacks/find_people_for_conference_queen.php (-14 / +11 lines)
27	* If a search has been made	27	* If a search has been made
28	*/	28	*/
29	if($_POST['search']){	29	if($_POST['search']){
30	$query = "select PersonID from people_roles where role='registration_master' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";	30	$query = "select BugzillaUserID from people_roles where role='registration_master' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
31	$res = conference_sql($query);	31	$res = conference_sql($query);
32	while($row = mysql_fetch_assoc($res)){	32	while($row = mysql_fetch_assoc($res)){
33	$exclude[$row['PersonID']] = $row['PersonID'];	33	$exclude[$row['PersonID']] = $row['PersonID'];
Lines 36-42 Link Here
36	* Parse the search string with our search parser	36	* Parse the search string with our search parser
37	*/	37	*/
38	$keywords = full_text_keywords( $_POST['search'] );	38	$keywords = full_text_keywords( $_POST['search'] );
39	$searchable_fields = array('FName',"LName");	39	$searchable_fields = array('realname');
40	$ands = array();	40	$ands = array();
41	foreach( $keywords as $keyword ) {	41	foreach( $keywords as $keyword ) {
42	$pieces = array();	42	$pieces = array();
Lines 50-65 Link Here
50	/*	50	/*
51	* Perform the query to find all the matching people	51	* Perform the query to find all the matching people
52	*/	52	*/
53	$query = "select	53	$query = "select /* find_people_for_conference_queen.php:53 */ userid AS BugzillaUserID, realname
54	PersonID,FName,LName	54	from profiles
55	from	55	where " .
56	People
57	where
58	" .
59	implode( " AND ", $ands )."	56	implode( " AND ", $ands )."
60	order by LName,FName	57	order by realname";
61	";	58	$res = bugzilla_sql($query);
62	$res = foundation_sql($query);
63	?><div style='margin-left: 10px;'><?	59	?><div style='margin-left: 10px;'><?
64		60
65	/*	61	/*
Lines 68-73 Link Here
68	if(mysql_num_rows($res) == 0){	64	if(mysql_num_rows($res) == 0){
69	/*	65	/*
70	* .. show an not resutls found message	66	* .. show an not resutls found message
		67	* TODO: sanitize this!!
71	*/	68	*/
72	?><em>No results found for '<?=$_POST['search'];?>'</em><br><?	69	?><em>No results found for '<?=$_POST['search'];?>'</em><br><?
73	}else{	70	}else{
Lines 75-84 Link Here
75	* .. show all the people found with link to add them to this submission an author/assistant	72	* .. show all the people found with link to add them to this submission an author/assistant
76	*/	73	*/
77	while($person = mysql_fetch_assoc($res)){	74	while($person = mysql_fetch_assoc($res)){
78	if(isset($exclude[$person['PersonID']])){	75	if(isset($exclude[$person['BugzillaUserID']])){
79	?><?= ucwords($person['FName'])." ".ucwords($person['LName']);?> <em>(already selected)</em><br><?	76	?><?= ucwords($person['realname']);?> <em>(already selected)</em><br><?
80	}else{	77	}else{
81	?><a href="" onClick="add_conference_queen('<?=$person['PersonID'];?>'); return false;"><?= ucwords($person['FName'])." ".ucwords($person['LName']);?> <img src="image/plus.gif"> </a><br><?	78	?><a href="" onClick="add_conference_queen('<?=$person['BugzillaUserID'];?>'); return false;"><?= ucwords($person['realname']);?> <img src="image/plus.gif"> </a><br><?
82	}	79	}
83	}	80	}
84	}	81	}

Lines 27-42 Link Here

(-)callbacks/find_people_for_program_committee.php (-18 / +12 lines)
27	* If a search has been made	27	* If a search has been made
28	*/	28	*/
29	if($_POST['search']){	29	if($_POST['search']){
30	$query = "select PersonID from people_roles where role='program_committee' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";	30	$query = "select BugzillaUserID from people_roles where role='program_committee' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
31	$res = conference_sql($query);	31	$res = conference_sql($query);
32	while($row = mysql_fetch_assoc($res)){	32	while($row = mysql_fetch_assoc($res)){
33	$exclude[$row['PersonID']] = $row['PersonID'];	33	$exclude[$row['BugzillaUserID']] = $row['BugzillaUserID'];
34	}	34	}
35	/*	35	/*
36	* Parse the search string with our search parser	36	* Parse the search string with our search parser
37	*/	37	*/
38	$keywords = full_text_keywords( $_POST['search'] );	38	$keywords = full_text_keywords( $_POST['search'] );
39	$searchable_fields = array('FName',"LName");	39	$searchable_fields = array("realname");
40	$ands = array();	40	$ands = array();
41	foreach( $keywords as $keyword ) {	41	foreach( $keywords as $keyword ) {
42	$pieces = array();	42	$pieces = array();
Lines 47-65 Link Here
47	$ands[] = $str;	47	$ands[] = $str;
48	}	48	}
49		49
50	/*	50	$query = "select /* find_people_for_program_committee.php:50 */ userid AS BugzillaUserID, realname
51	* Perform the query to find all the matching people	51	from profiles
52	*/	52	where " .
53	$query = "select
54	PersonID,FName,LName
55	from
56	People
57	where
58	" .
59	implode( " AND ", $ands )."	53	implode( " AND ", $ands )."
60	order by LName,FName	54	order by realname";
61	";	55	$res = bugzilla_sql($query);
62	$res = foundation_sql($query);
63	?><div style='margin-left: 10px;'><?	56	?><div style='margin-left: 10px;'><?
64		57
65	/*	58	/*
Lines 68-73 Link Here
68	if(mysql_num_rows($res) == 0){	61	if(mysql_num_rows($res) == 0){
69	/*	62	/*
70	* .. show an not resutls found message	63	* .. show an not resutls found message
		64	* TODO: sanitize this!!
71	*/	65	*/
72	?><em>No results found for '<?=$_POST['search'];?>'</em><br><?	66	?><em>No results found for '<?=$_POST['search'];?>'</em><br><?
73	}else{	67	}else{
Lines 75-84 Link Here
75	* .. show all the people found with link to add them to this submission an author/assistant	69	* .. show all the people found with link to add them to this submission an author/assistant
76	*/	70	*/
77	while($person = mysql_fetch_assoc($res)){	71	while($person = mysql_fetch_assoc($res)){
78	if(isset($exclude[$person['PersonID']])){	72	if(isset($exclude[$person['BugzillaUserID']])){
79	?><?= ucwords($person['FName'])." ".ucwords($person['LName']);?> <em>(already selected)</em><br><?	73	?><?= ucwords($person['realname']);?> <em>(already selected)</em><br><?
80	}else{	74	}else{
81	?><a href="" onClick="add_program_committee('<?=$person['PersonID'];?>'); return false;"><?= ucwords($person['FName'])." ".ucwords($person['LName']);?> <img src="image/plus.gif"> </a><br><?	75	?><a href="" onClick="add_program_committee('<?=$person['BugzillaUserID'];?>'); return false;"><?= ucwords($person['realname']);?> <img src="image/plus.gif"> </a><br><?
82	}	76	}
83	}	77	}
84	}	78	}

Lines 18-39 Link Here

(-)callbacks/image-upload.php (-13 / +20 lines)
18	/*	18	/*
19	* get the PersonID	19	* get the PersonID
20	*/	20	*/
21	$PersonID = $_GET['PersonID'];
22		21
23	if($context->theuser->getFoundationID() != $PersonID and !current_user_has_role("conference_chair")){	22	# sanitize - incoming should be an integer
		23	if(!preg_match("/^[0-9]+$/", $_GET['PersonID'])) {
		24	unset($_GET['PersonID']);
		25	}
		26	$BugzillaUserID = $_GET['PersonID'];
		27
		28	if($context->theuser->getBugzillaUserID() != $BugzillaUserID and !current_user_has_role("conference_chair")){
24	/*	29	/*
25	* show their image	30	* show their image
26	*/	31	*/
27	?>	32	?>
28	<img src='callbacks/show_image.php?PersonID=<?=$PersonID;?>&seed=<?=rand();?>'>	33	<img src='callbacks/show_image.php?PersonID=<?= $BugzillaUserID ?>&seed=<?=rand();?>'>
29	<?	34	<?
30	}else{	35	}else{
31		36
32	/*	37	/*
33	* get the current Picture of the user if there is one	38	* get the current Picture of the user if there is one
34	*/	39	*/
35	$query = "select Picture from People where PersonID = '".addslashes($PersonID)."'";	40	$query = "select Picture from people where BugzillaUserID = '".addslashes($BugzillaUserID)."'";
36	$res = foundation_sql($query);	41	$res = conference_sql($query);
37	$picture = mysql_fetch_assoc($res);//$context->theuser->getPicture();	42	$picture = mysql_fetch_assoc($res);//$context->theuser->getPicture();
38	$picture = $picture['Picture'];	43	$picture = $picture['Picture'];
39		44
Lines 51-57 Link Here
51	/*	56	/*
52	* then try and caputre the new image	57	* then try and caputre the new image
53	*/	58	*/
54	if(uploadNewImage($_FILES['image_path']['tmp_name'],$PersonID)){	59	if(uploadNewImage($_FILES['image_path']['tmp_name'],$BugzillaUserID)){
55	$picture = true;	60	$picture = true;
56	}else{	61	}else{
57	/*	62	/*
Lines 66-72 Link Here
66	if( ($picture == false \|\| $_GET['upload_new_image'] == 'true') ){	71	if( ($picture == false \|\| $_GET['upload_new_image'] == 'true') ){
67		72
68	if($picture != false){	73	if($picture != false){
69	?><a style='float: left; margin-left: 10px;' href="" onClick="showImage('<?=$PersonID?>'); return false;">back</a><?	74	?><a style='float: left; margin-left: 10px;' href="" onClick="showImage('<?= $BugzillaUserID ?>'); return false;">back</a><?
70	}	75	}
71		76
72	/*	77	/*
Lines 80-86 Link Here
80	<br/><input type="file" size="10" name="image_path"/>	85	<br/><input type="file" size="10" name="image_path"/>
81	<br/>	86	<br/>
82	<p>	87	<p>
83	<input type="button" value="Upload new Photo" onClick="uploadNewImage('<?=$PersonID?>');" />	88	<input type="button" value="Upload new Photo" onClick="uploadNewImage('<?= $BugzillaUserID ?>');" />
84	</p>	89	</p>
85	<?= $error;?>	90	<?= $error;?>
86	</form>	91	</form>
Lines 90-98 Link Here
90	* show their image	95	* show their image
91	*/	96	*/
92	?>	97	?>
93	<img src='callbacks/show_image.php?PersonID=<?=$PersonID;?>&seed=<?=rand();?>'>	98	<img src='callbacks/show_image.php?PersonID=<?= $BugzillaUserID ?>&seed=<?=rand();?>'>
94	<br>	99	<br>
95	<a href="?upload_new_image=true" onclick="showUpload('<?=$PersonID?>');return false;">Upload new Photo</a>	100	<a href="?upload_new_image=true" onclick="showUpload('<?= $BugzillaUserID ?>');return false;">Upload new Photo</a>
96	<?	101	<?
97	}else{	102	}else{
98	/*	103	/*
Lines 102-108 Link Here
102	}	107	}
103		108
104		109
105	function uploadNewImage($fullname,$PersonID){	110	function uploadNewImage($fullname,$BugzillaUserID){
106	global $context;	111	global $context;
107		112
108	$image_cache_dir = $context->getImageCacheDir();	113	$image_cache_dir = $context->getImageCacheDir();
Lines 141-150 Link Here
141		146
142	$bits = addslashes( $bits );	147	$bits = addslashes( $bits );
143		148
144	$query = "update People$suffic set Picture_mime = '$mime', Picture = '...' where PersonID = '".addslashes($PersonID)."'";	149	# Not sure what $suffic was for
		150	# $query = "update People$suffic set Picture_mime = '$mime', Picture = '...' where PersonID = '".addslashes($PersonID)."'";
		151	$query = "REPLACE into people set PictureMime = '$mime', Picture = '...', BugzillaUserID = '".addslashes($BugzillaUserID)."'";
145		152
146	$query = str_replace( "...", $bits, $query );	153	$query = str_replace( "...", $bits, $query );
147	foundation_sql($query,$dbh);	154	conference_sql($query,$dbh);
148		155
149	return true;	156	return true;
150	}	157	}

Lines 2-10 Link Here

(-)callbacks/manage_cc_list.php (-13 / +14 lines)
2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( false );	3	external_entry( false );
4		4
5	/*	5	# sanitize - incoming should be an string
6	* By the time we get, there is a user logged in.	6	if(!preg_match("/^[a-zA-Z0-9]+$/", $_POST['id'])) {
7	*/	7	unset($_POST['id']);
		8	}
8		9
9	/*	10	/*
10	* Valid input:	11	* Valid input:
Lines 20-26 Link Here
20		21
21	case 'category' :	22	case 'category' :
22	$queries['add'] = $query = "insert into watching_categories set	23	$queries['add'] = $query = "insert into watching_categories set
23	PersonID = '".addslashes($context->theuser->getFoundationID())."',	24	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
24	category_id = '".addslashes($_POST[id])."',	25	category_id = '".addslashes($_POST[id])."',
25	conference_id = '".addslashes($context->theconference->getConferenceID())."',	26	conference_id = '".addslashes($context->theconference->getConferenceID())."',
26	ts = now();	27	ts = now();
Lines 29-35 Link Here
29	$queries['remove'] = $query = "delete from	30	$queries['remove'] = $query = "delete from
30	watching_categories	31	watching_categories
31	where	32	where
32	PersonID = '".addslashes($context->theuser->getFoundationID())."'	33	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
33	and	34	and
34	category_id = '".addslashes($_POST[id])."'	35	category_id = '".addslashes($_POST[id])."'
35	and	36	and
Lines 39-45 Link Here
39		40
40	case 'talk_tag' :	41	case 'talk_tag' :
41	$queries['add'] = $query = "insert into watching_tags set	42	$queries['add'] = $query = "insert into watching_tags set
42	PersonID = '".addslashes($context->theuser->getFoundationID())."',	43	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
43	tag_id = '".addslashes($_POST[id])."',	44	tag_id = '".addslashes($_POST[id])."',
44	conference_id = '".addslashes($context->theconference->getConferenceID())."',	45	conference_id = '".addslashes($context->theconference->getConferenceID())."',
45	ts = now();	46	ts = now();
Lines 48-54 Link Here
48	$queries['remove'] = $query = "delete from	49	$queries['remove'] = $query = "delete from
49	watching_tags	50	watching_tags
50	where	51	where
51	PersonID = '".addslashes($context->theuser->getFoundationID())."'	52	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
52	and	53	and
53	tag_id = '".addslashes($_POST[id])."'	54	tag_id = '".addslashes($_POST[id])."'
54	and	55	and
Lines 57-63 Link Here
57	break;	58	break;
58	case 'type' :	59	case 'type' :
59	$queries['add'] = $query = "insert into watching_types set	60	$queries['add'] = $query = "insert into watching_types set
60	PersonID = '".addslashes($context->theuser->getFoundationID())."',	61	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
61	type = '".addslashes($_POST[id])."',	62	type = '".addslashes($_POST[id])."',
62	conference_id = '".addslashes($context->theconference->getConferenceID())."',	63	conference_id = '".addslashes($context->theconference->getConferenceID())."',
63	ts = now();	64	ts = now();
Lines 66-72 Link Here
66	$queries['remove'] = $query = "delete from	67	$queries['remove'] = $query = "delete from
67	watching_types	68	watching_types
68	where	69	where
69	PersonID = '".addslashes($context->theuser->getFoundationID())."'	70	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
70	and	71	and
71	type = '".addslashes($_POST[id])."'	72	type = '".addslashes($_POST[id])."'
72	and	73	and
Lines 75-81 Link Here
75	break;	76	break;
76	case 'new_submission' :	77	case 'new_submission' :
77	$queries['add'] = $query = "insert into watching_new_submissions set	78	$queries['add'] = $query = "insert into watching_new_submissions set
78	PersonID = '".addslashes($context->theuser->getFoundationID())."',	79	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
79	conference_id = '".addslashes($context->theconference->getConferenceID())."',	80	conference_id = '".addslashes($context->theconference->getConferenceID())."',
80	ts = now();	81	ts = now();
81	";	82	";
Lines 83-96 Link Here
83	$queries['remove'] = $query = "delete from	84	$queries['remove'] = $query = "delete from
84	watching_new_submissions	85	watching_new_submissions
85	where	86	where
86	PersonID = '".addslashes($context->theuser->getFoundationID())."'	87	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
87	and	88	and
88	conference_id = '".addslashes($context->theconference->getConferenceID())."' ";	89	conference_id = '".addslashes($context->theconference->getConferenceID())."' ";
89		90
90	break;	91	break;
91	case 'everything' :	92	case 'everything' :
92	$queries['add'] = $query = "insert into watching_everything set	93	$queries['add'] = $query = "insert into watching_everything set
93	PersonID = '".addslashes($context->theuser->getFoundationID())."',	94	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
94	conference_id = '".addslashes($context->theconference->getConferenceID())."',	95	conference_id = '".addslashes($context->theconference->getConferenceID())."',
95	ts = now();	96	ts = now();
96	";	97	";
Lines 98-104 Link Here
98	$queries['remove'] = $query = "delete from	99	$queries['remove'] = $query = "delete from
99	watching_everything	100	watching_everything
100	where	101	where
101	PersonID = '".addslashes($context->theuser->getFoundationID())."'	102	BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'
102	and	103	and
103	conference_id = '".addslashes($context->theconference->getConferenceID())."' ";	104	conference_id = '".addslashes($context->theconference->getConferenceID())."' ";
104	break;	105	break;

Lines 2-19 Link Here

(-)callbacks/remove_conference_queen.php (-6 / +7 lines)
2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( true );	3	external_entry( true );
4		4
5	/*	5	# sanitize - incoming should be an integer
6	* By the time we get, there is a user logged in.	6	if(!preg_match("/^[0-9]+$/", $_POST['PersonID'])) {
7	*/	7	unset($_POST['PersonID']);
		8	}
8		9
9	/*	10	/*
10	* Check to see if the person accessing this page is the conference chair	11	* Check to see if the person accessing this page is the conference chair
11	*/	12	*/
12	if(!current_user_has_role("conference_chair")){	13	if(!current_user_has_role("conference_chair") \|\| !isset($_POST['PersonID'])){
13	/*	14	/*
14	* ..if not display a message and exit	15	* ..if not display a message and exit
15	*/	16	*/
16	?>error<?	17	echo "An error has occurred with your request. You are not authorized, or your request was malformed.";
17	exit();	18	exit();
18	}	19	}
19		20
Lines 23-29 Link Here
23	//conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");	24	//conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");
24	//$workflow = new conference_chair_workflow();	25	//$workflow = new conference_chair_workflow();
25		26
26	$query = "delete from people_roles where PersonID = '".addslashes($_POST['PersonID'])."' and role='registration_master' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";	27	$query = "delete from people_roles where BugzillaUserID = '".addslashes($_POST['PersonID'])."' and role='registration_master' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
27	$res = conference_sql($query);	28	$res = conference_sql($query);
28		29
29	//$workflow->on_remove_program_committee($context,$_POST['PersonID']);	30	//$workflow->on_remove_program_committee($context,$_POST['PersonID']);

Lines 2-19 Link Here

(-)callbacks/remove_program_committee.php (-6 / +7 lines)
2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	2	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
3	external_entry( true );	3	external_entry( true );
4		4
5	/*	5	# sanitize - incoming should be an integer
6	* By the time we get, there is a user logged in.	6	if(!preg_match("/^[0-9]+$/", $_POST['PersonID'])) {
7	*/	7	unset($_POST['PersonIDID']);
		8	}
8		9
9	/*	10	/*
10	* Check to see if the person accessing this page is the conference chair	11	* Check to see if the person accessing this page is the conference chair
11	*/	12	*/
12	if(!current_user_has_role("conference_chair")){	13	if(!current_user_has_role("conference_chair") \|\| !isset($_POST['PersonID'])){
13	/*	14	/*
14	* ..if not display a message and exit	15	* ..if not display a message and exit
15	*/	16	*/
16	?>error<?	17	echo "An error has occurred with your request. You are not authorized, or your request was malformed.";
17	exit();	18	exit();
18	}	19	}
19		20
Lines 23-29 Link Here
23	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");	24	conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."conference_chair_workflow.class.php");
24	$workflow = new conference_chair_workflow();	25	$workflow = new conference_chair_workflow();
25		26
26	$query = "delete from people_roles where PersonID = '".addslashes($_POST['PersonID'])."' and role='program_committee' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";	27	$query = "delete from people_roles where BugzillaUserID = '".addslashes($_POST['PersonID'])."' and role='program_committee' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
27	$res = conference_sql($query);	28	$res = conference_sql($query);
28		29
29	$workflow->on_remove_program_committee($context,$_POST['PersonID']);	30	$workflow->on_remove_program_committee($context,$_POST['PersonID']);

Lines 4-10 Link Here

(-)callbacks/show_image.php (-3 / +2 lines)
4	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement	4	require_once( "../classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
5	external_entry( false );	5	external_entry( false );
6	}	6	}
7
8	if($context->devmode == false){	7	if($context->devmode == false){
9	$image_cache_dir = $context->getImageCacheDir();	8	$image_cache_dir = $context->getImageCacheDir();
10		9
Lines 81-89 Link Here
81		80
82		81
83	function getPictureFromDB(){	82	function getPictureFromDB(){
84	$query = "select Picture,Picture_mime from People where PersonID = '".addslashes($_GET['PersonID'])."'";	83	$query = "select Picture,PictureMime from people where BugzillaUserID = '".addslashes($_GET['PersonID'])."'";
85		84
86	$result = foundation_sql( $query);	85	$result = conference_sql( $query);
87	mysql_error_check();	86	mysql_error_check();
88	/*	87	/*
89	* If the user has a photo	88	* If the user has a photo

Lines 92-108 Link Here

(-)classes/conference.class.php (-3 / +3 lines)
92	break;	92	break;
93	}	93	}
94	}	94	}
95	?><div style="float: left"><a href="search.php?search=<?=stripslashes($href);?>">back to list</a></div><?	95	?><div style="float: left"><a href="search.php?search=<?=stripslashes($href);?>"> < Back to list </a></div><?
96	}elseif(strpos($_POST['back_to_list'],"search=")){	96	}elseif(strpos($_POST['back_to_list'],"search=")){
97	/*	97	/*
98	* ...there was a POST refer page, so show link to back to their search	98	* ...there was a POST refer page, so show link to back to their search
99	*/	99	*/
100	?><div style="float: left"><a href="<?=stripslashes($_POST['back_to_list']);?>">back to list</a></div><?	100	?><div style="float: left"><a href="<?=stripslashes($_POST['back_to_list']);?>"> < Back to list </a></div><?
101	}elseif($_GET['login'] == 'true' or strpos($_SERVER['SCRIPT_FILENAME'],"index.php") == 0 ){	101	}elseif($_GET['login'] == 'true' or strpos($_SERVER['SCRIPT_FILENAME'],"index.php") == 0 ){
102	/*	102	/*
103	* NO refer search to link back to, so a show link back home	103	* NO refer search to link back to, so a show link back home
104	*/	104	*/
105	?><div style="float: left"><a href="index.php">back to home</a></div><?	105	?><div style="float: left"><a href="index.php"> < Back home </a></div><?
106	}	106	}
107	}	107	}
108		108

Lines 14-20 Link Here

(-)classes/user.class.php (-35 / +38 lines)
14	require_once( $GLOBALS['CLASSES_DIRECTORY'] . "functions.php" );	14	require_once( $GLOBALS['CLASSES_DIRECTORY'] . "functions.php" );
15		15
16	class user {	16	class user {
17	public $user_id;	17	public $user_id; // email address
18	public $first_name;	18	public $first_name;
19	public $last_name;	19	public $last_name;
20	public $full_name;	20	public $full_name;
Lines 22-28 Link Here
22	public $email_addresses;	22	public $email_addresses;
23	public $is_committer;	23	public $is_committer;
24	public $PersonID;	24	public $PersonID;
25	public $bugzilla_id;	25	public $bugzilla_id; // also the email address
		26	public $bugzilla_userid; // integer... bugs.profiles.userid
26		27
27	public $unknown_from_address = 'portal-noreply@eclipse.org';	28	public $unknown_from_address = 'portal-noreply@eclipse.org';
28		29
Lines 49-67 Link Here
49	//CHECK IF BUGZILLA EMAIL MATCHES THE PRIMARY FOUNDATION EMAIL ADDRESS	50	//CHECK IF BUGZILLA EMAIL MATCHES THE PRIMARY FOUNDATION EMAIL ADDRESS
50	//FOR SERCURITY REASONS NEVER MATCH ON ANY EMAIL BUT THE PRIMARY FOUNDATION EMAIL	51	//FOR SERCURITY REASONS NEVER MATCH ON ANY EMAIL BUT THE PRIMARY FOUNDATION EMAIL
51	$this->foundation_login = false;	52	$this->foundation_login = false;
52	$query = "SELECT PersonID FROM People WHERE EMail = '" . addslashes($this->primary_email) . "'";	53	#$query = "SELECT PersonID FROM People WHERE EMail = '" . addslashes($this->primary_email) . "'";
53	$res = foundation_sql($query);	54	#$res = foundation_sql($query);
54		55
55	if($row = mysql_fetch_assoc($res)){	56	#if($row = mysql_fetch_assoc($res)){
56	$this->getUserInfoFromFoundationID($row['PersonID']);	57	# $this->getUserInfoFromFoundationID($row['PersonID']);
57	}	58	#}
58	}	59	}
59		60
60	if($this->getUserInfoFromFoundationID($user_id)){	61	#if($this->getUserInfoFromFoundationID($user_id)){
61	//CHECK IF THE PRIMARY FOUNDATION EMAIL ADDRESS MATCHES A BUGZILLA EMAIL	62	//CHECK IF THE PRIMARY FOUNDATION EMAIL ADDRESS MATCHES A BUGZILLA EMAIL
62	//FOR SERCURITY REASONS NEVER MATCH ON ANY EMAIL BUT THE PRIMARY FOUNDATION EMAIL	63	//FOR SERCURITY REASONS NEVER MATCH ON ANY EMAIL BUT THE PRIMARY FOUNDATION EMAIL
63	$this->getUserInfoFromBugzillaID($this->primary_email);	64	# $this->getUserInfoFromBugzillaID($this->primary_email);
64	}	65	#}
65		66
66	/* Check to see if the speaker has been created for this conference	67	/* Check to see if the speaker has been created for this conference
67	* If not the ceate one in the conference database	68	* If not the ceate one in the conference database
Lines 71-88 Link Here
71	}	72	}
72	}	73	}
73		74
		75	function getBugzillaUserID() {
		76	return $this->bugzilla_userid;
		77	}
		78
74	function getSpeakerInfo(){	79	function getSpeakerInfo(){
75	global $context;	80	global $context;
76	if(!isset($this->speakerinfo)){	81	if(!isset($this->speakerinfo)){
77	$query = "select	82	$query = "SELECT /* user.class.php:getSpeakerInfo/ from speakers
78	*	83	where conference_id = ".$context->theconference->getConferenceID()."
79	from	84	and BugzillaUserID = ".$this->getBugzillaUserID();
80	speakers
81	where
82	conference_id = ".$context->theconference->getConferenceID()."
83	and
84	PersonID = '".$this->getFoundationID(true)."'
85	";
86	$res = conference_sql($query);	85	$res = conference_sql($query);
87	$speaker = mysql_fetch_assoc($res);	86	$speaker = mysql_fetch_assoc($res);
88	if(empty($speaker)){	87	if(empty($speaker)){
Lines 180-185 Link Here
180		179
181		180
182	public function getFoundationID($force_creation_if_use_is_nobdoy = false){	181	public function getFoundationID($force_creation_if_use_is_nobdoy = false){
		182	php_backtrace();
183	if (isset($this->PersonID)) {	183	if (isset($this->PersonID)) {
184	return $this->PersonID;	184	return $this->PersonID;
185	} else {	185	} else {
Lines 284-289 Link Here
284	$this->last_name = $names['LName'];	284	$this->last_name = $names['LName'];
285	$this->addEmail($row['login_name']);	285	$this->addEmail($row['login_name']);
286	$this->bugzilla_id = $user_id;	286	$this->bugzilla_id = $user_id;
		287	$this->bugzilla_userid = $row['userid'];
287	$this->bugzilla_login = true;	288	$this->bugzilla_login = true;
288	return true;	289	return true;
289	}	290	}
Lines 291-319 Link Here
291	}	292	}
292		293
293	private function getUserInfoFromFoundationID($user_id){	294	private function getUserInfoFromFoundationID($user_id){
		295	# We're not doing this anymore.
294	if(check_bugzilla_profiles_table_exists() === false){	296	if(check_bugzilla_profiles_table_exists() === false){
295	return false;	297	return false;
296	}	298	}
297		299
298	$query = "select * from People where PersonID = '".addslashes($user_id)."'";	300	#$query = "select * from People where PersonID = '".addslashes($user_id)."'";
299	$res = foundation_sql($query);	301	#$res = foundation_sql($query);
300	if(mysql_num_rows($res)){	302	#if(mysql_num_rows($res)){
301	$row = mysql_fetch_assoc($res);	303	# $row = mysql_fetch_assoc($res);
302	$this->first_name = $row['FName'];	304	# $this->first_name = $row['FName'];
303	$this->last_name = $row['LName'];	305	# $this->last_name = $row['LName'];
304	$this->full_name = $this->first_name." ".$this->last_name;	306	# $this->full_name = $this->first_name." ".$this->last_name;
305	$this->addEmail($row['EMail']);	307	# $this->addEmail($row['EMail']);
306	//TODO - CONFIRM IF THEIR PRIMAMRY SHOULD BE FOUNDATION IN A CASES (IE BUGZILLA LOGIN)	308	# //TODO - CONFIRM IF THEIR PRIMAMRY SHOULD BE FOUNDATION IN A CASES (IE BUGZILLA LOGIN)
307	$this->primary_email = $row['EMail'];	309	#$this->primary_email = $row['EMail'];
308	$this->PersonID = $user_id;	310	#$this->PersonID = $user_id;
309	$this->foundation_login = true;	311	# $this->foundation_login = true;
310		312
311	return true;	313	return true;
312	}	314	#}
313	return false;	315	#return false;
314	}	316	}
315		317
316	public function makeFoundationID($fname, $lname, $email) {	318	public function makeFoundationID($fname, $lname, $email) {
		319	php_backtrace();
317	$salt = '';	320	$salt = '';
318	// Create Foundation DB ID and make sure it's unique	321	// Create Foundation DB ID and make sure it's unique
319	if(strlen($lname) > 0) {	322	if(strlen($lname) > 0) {
Lines 362-369 Link Here
362	}	365	}
363		366
364	function getPicture(){	367	function getPicture(){
365	$sql = "SELECT Picture FROM People WHERE PersonID = '".$this->PersonID."'";	368	$sql = "SELECT Picture FROM people WHERE BugzillaUserID = '".$this->bugzilla_userid."'";
366	$res = foundation_sql($sql);	369	$res = conference_sql($sql);
367	$row = mysql_fetch_assoc($res);	370	$row = mysql_fetch_assoc($res);
368	if($row['Picture'] != ""){	371	if($row['Picture'] != ""){
369	return $row['Picture'];	372	return $row['Picture'];

Lines 22-28 Link Here

(-)conferences/2011/workflow/conference_chair_workflow.class.php (-17 / +17 lines)
22	function on_update_slot_allocation($context,$allocations){	22	function on_update_slot_allocation($context,$allocations){
23	//LOG - updating category slot allocations per type	23	//LOG - updating category slot allocations per type
24	log_conference_action($context->theconference->getConferenceID(),	24	log_conference_action($context->theconference->getConferenceID(),
25	$context->theuser->getFoundationID(),	25	$context->theuser->getBugzillaUserID(),
26	"allocations",	26	"allocations",
27	"category",	27	"category",
28	null,	28	null,
Lines 38-44 Link Here
38		38
39	//LOG - updating category slot allocations per type	39	//LOG - updating category slot allocations per type
40	log_conference_action($context->theconference->getConferenceID(),	40	log_conference_action($context->theconference->getConferenceID(),
41	$context->theuser->getFoundationID(),	41	$context->theuser->getBugzillaUserID(),
42	"adding",	42	"adding",
43	"program_committee",	43	"program_committee",
44	NULL,	44	NULL,
Lines 54-60 Link Here
54		54
55	//LOG - updating category slot allocations per type	55	//LOG - updating category slot allocations per type
56	log_conference_action($context->theconference->getConferenceID(),	56	log_conference_action($context->theconference->getConferenceID(),
57	$context->theuser->getFoundationID(),	57	$context->theuser->getBugzillaUserID(),
58	"removing",	58	"removing",
59	"program_committee",	59	"program_committee",
60	NULL,	60	NULL,
Lines 67-73 Link Here
67	* Log who set the tentative_status of submission	67	* Log who set the tentative_status of submission
68	*/	68	*/
69	log_conference_action($context->theconference->getConferenceID(),	69	log_conference_action($context->theconference->getConferenceID(),
70	$context->theuser->getFoundationID(),	70	$context->theuser->getBugzillaUserID(),
71	"tentative_status",	71	"tentative_status",
72	"submission",	72	"submission",
73	$submission_id,	73	$submission_id,
Lines 154-160 Link Here
154		154
155	//LOG - submission was accepted	155	//LOG - submission was accepted
156	log_conference_action($context->theconference->getConferenceID(),	156	log_conference_action($context->theconference->getConferenceID(),
157	$context->theuser->getFoundationID(),	157	$context->theuser->getBugzillaUserID(),
158	"status",	158	"status",
159	"submission",	159	"submission",
160	$submission_id,	160	$submission_id,
Lines 302-308 Link Here
302		302
303	//LOG - submission was declined	303	//LOG - submission was declined
304	log_conference_action($context->theconference->getConferenceID(),	304	log_conference_action($context->theconference->getConferenceID(),
305	$context->theuser->getFoundationID(),	305	$context->theuser->getBugzillaUserID(),
306	"status",	306	"status",
307	"submission",	307	"submission",
308	$submission_id,	308	$submission_id,
Lines 371-377 Link Here
371	* log the scheduling	371	* log the scheduling
372	*/	372	*/
373	log_conference_action($context->theconference->getConferenceID(),	373	log_conference_action($context->theconference->getConferenceID(),
374	$context->theuser->getFoundationID(),	374	$context->theuser->getBugzillaUserID(),
375	"scheduled",	375	"scheduled",
376	"submission",	376	"submission",
377	$submission_id,	377	$submission_id,
Lines 387-393 Link Here
387	* watchers of all	387	* watchers of all
388	*/	388	*/
389	log_conference_action($context->theconference->getConferenceID(),	389	log_conference_action($context->theconference->getConferenceID(),
390	$context->theuser->getFoundationID(),	390	$context->theuser->getBugzillaUserID(),
391	"update",	391	"update",
392	"type",	392	"type",
393	"",	393	"",
Lines 404-410 Link Here
404	* watchers of all	404	* watchers of all
405	*/	405	*/
406	log_conference_action($context->theconference->getConferenceID(),	406	log_conference_action($context->theconference->getConferenceID(),
407	$context->theuser->getFoundationID(),	407	$context->theuser->getBugzillaUserID(),
408	"update",	408	"update",
409	"type2",	409	"type2",
410	"",	410	"",
Lines 420-426 Link Here
420	* watchers of all	420	* watchers of all
421	*/	421	*/
422	log_conference_action($context->theconference->getConferenceID(),	422	log_conference_action($context->theconference->getConferenceID(),
423	$context->theuser->getFoundationID(),	423	$context->theuser->getBugzillaUserID(),
424	"remove",	424	"remove",
425	"type",	425	"type",
426	"",	426	"",
Lines 433-439 Link Here
433	* watchers of all	433	* watchers of all
434	*/	434	*/
435	log_conference_action($context->theconference->getConferenceID(),	435	log_conference_action($context->theconference->getConferenceID(),
436	$context->theuser->getFoundationID(),	436	$context->theuser->getBugzillaUserID(),
437	"add",	437	"add",
438	"type",	438	"type",
439	"",	439	"",
Lines 453-459 Link Here
453	* watchers of all	453	* watchers of all
454	*/	454	*/
455	log_conference_action($context->theconference->getConferenceID(),	455	log_conference_action($context->theconference->getConferenceID(),
456	$context->theuser->getFoundationID(),	456	$context->theuser->getBugzillaUserID(),
457	"update",	457	"update",
458	"category",	458	"category",
459	"",	459	"",
Lines 467-473 Link Here
467	* watchers of all	467	* watchers of all
468	*/	468	*/
469	log_conference_action($context->theconference->getConferenceID(),	469	log_conference_action($context->theconference->getConferenceID(),
470	$context->theuser->getFoundationID(),	470	$context->theuser->getBugzillaUserID(),
471	"remove",	471	"remove",
472	"category",	472	"category",
473	"",	473	"",
Lines 480-486 Link Here
480	function on_add_category($context,$category_id,$category){	480	function on_add_category($context,$category_id,$category){
481	//LOG - add a new category	481	//LOG - add a new category
482	log_conference_action($context->theconference->getConferenceID(),	482	log_conference_action($context->theconference->getConferenceID(),
483	$context->theuser->getFoundationID(),	483	$context->theuser->getBugzillaUserID(),
484	"create",	484	"create",
485	"category",	485	"category",
486	$category_id,	486	$category_id,
Lines 490-496 Link Here
490	function on_add_pctag($context,$tag){	490	function on_add_pctag($context,$tag){
491	//LOG - add a new category	491	//LOG - add a new category
492	log_conference_action($context->theconference->getConferenceID(),	492	log_conference_action($context->theconference->getConferenceID(),
493	$context->theuser->getFoundationID(),	493	$context->theuser->getBugzillaUserID(),
494	"create",	494	"create",
495	"pctag",	495	"pctag",
496	$tag,	496	$tag,
Lines 500-506 Link Here
500	function on_change_pctag($context,$tag){	500	function on_change_pctag($context,$tag){
501	//LOG - add a new category	501	//LOG - add a new category
502	log_conference_action($context->theconference->getConferenceID(),	502	log_conference_action($context->theconference->getConferenceID(),
503	$context->theuser->getFoundationID(),	503	$context->theuser->getBugzillaUserID(),
504	"update",	504	"update",
505	"pctag",	505	"pctag",
506	$tag,	506	$tag,
Lines 509-515 Link Here
509	function on_remove_pctag($context,$tag){	509	function on_remove_pctag($context,$tag){
510	//LOG - add a new category	510	//LOG - add a new category
511	log_conference_action($context->theconference->getConferenceID(),	511	log_conference_action($context->theconference->getConferenceID(),
512	$context->theuser->getFoundationID(),	512	$context->theuser->getBugzillaUserID(),
513	"remove",	513	"remove",
514	"pctag",	514	"pctag",
515	$tag,	515	$tag,

Lines 151-157 Link Here

(-)conferences/2011/workflow/talk_workflow.class.php (-9 / +9 lines)
151		151
152	//LOG - proposing a talk	152	//LOG - proposing a talk
153	log_conference_action($context->theconference->getConferenceID(),	153	log_conference_action($context->theconference->getConferenceID(),
154	$context->theuser->getFoundationID(),	154	$context->theuser->getBugzillaUserID(),
155	"create",	155	"create",
156	"submission",	156	"submission",
157	$submission_id,	157	$submission_id,
Lines 276-282 Link Here
276	* Log changes made to the submission	276	* Log changes made to the submission
277	*/	277	*/
278	log_conference_action($context->theconference->getConferenceID(),	278	log_conference_action($context->theconference->getConferenceID(),
279	$context->theuser->getFoundationID(),	279	$context->theuser->getBugzillaUserID(),
280	"save",	280	"save",
281	"submission",	281	"submission",
282	$submission_id,	282	$submission_id,
Lines 329-335 Link Here
329	/*	329	/*
330	* get the commenter details	330	* get the commenter details
331	*/	331	*/
332	$commenter = get_people_information($comment['PersonID']);	332	$commenter = get_people_information($comment['BugzillaUserID']);
333		333
334	/*	334	/*
335	* get the submission info	335	* get the submission info
Lines 340-346 Link Here
340	* Send out email to everyone interested in this submission	340	* Send out email to everyone interested in this submission
341	*/	341	*/
342	$params = serialize(array($commenter['name'],$comment['comment'],$submission_id,$sub['_title'],$comment['ts'],$is_private));	342	$params = serialize(array($commenter['name'],$comment['comment'],$submission_id,$sub['_title'],$comment['ts'],$is_private));
343	foreach($people as $person){	343	foreach($people as $person){
344	//SEND CREATE SUBMISSION EMAILS	344	//SEND CREATE SUBMISSION EMAILS
345	send_immediate_email_from ( $context, "info@eclipsecon.org", "conferences/".$GLOBALS['CONFERENCE'], "talk_comment", $person['email'] , $params, null, null);	345	send_immediate_email_from ( $context, "info@eclipsecon.org", "conferences/".$GLOBALS['CONFERENCE'], "talk_comment", $person['email'] , $params, null, null);
346	}	346	}
Lines 350-356 Link Here
350	* Log the who made the comment	350	* Log the who made the comment
351	*/	351	*/
352	log_conference_action($context->theconference->getConferenceID(),	352	log_conference_action($context->theconference->getConferenceID(),
353	$context->theuser->getFoundationID(),	353	$context->theuser->getBugzillaUserID(),
354	"comment",	354	"comment",
355	"submission",	355	"submission",
356	$submission_id,	356	$submission_id,
Lines 422-428 Link Here
422	* Log who was added to cc list for what talk	422	* Log who was added to cc list for what talk
423	*/	423	*/
424	log_conference_action($context->theconference->getConferenceID(),	424	log_conference_action($context->theconference->getConferenceID(),
425	$context->theuser->getFoundationID(),	425	$context->theuser->getBugzillaUserID(),
426	"add_$role",	426	"add_$role",
427	"submission",	427	"submission",
428	$submission_id,	428	$submission_id,
Lines 595-601 Link Here
595	* Log who was added to cc list for what talk	595	* Log who was added to cc list for what talk
596	*/	596	*/
597	log_conference_action($context->theconference->getConferenceID(),	597	log_conference_action($context->theconference->getConferenceID(),
598	$context->theuser->getFoundationID(),	598	$context->theuser->getBugzillaUserID(),
599	"add_cc",	599	"add_cc",
600	"submission",	600	"submission",
601	$submission_id,	601	$submission_id,
Lines 608-614 Link Here
608	* Log who was removed from cc list for what talk	608	* Log who was removed from cc list for what talk
609	*/	609	*/
610	log_conference_action($context->theconference->getConferenceID(),	610	log_conference_action($context->theconference->getConferenceID(),
611	$context->theuser->getFoundationID(),	611	$context->theuser->getBugzillaUserID(),
612	"remove_cc",	612	"remove_cc",
613	"submission",	613	"submission",
614	$submission_id,	614	$submission_id,
Lines 662-668 Link Here
662	* Log who changed the order of authors on what talk	662	* Log who changed the order of authors on what talk
663	*/	663	*/
664	log_conference_action($context->theconference->getConferenceID(),	664	log_conference_action($context->theconference->getConferenceID(),
665	$context->theuser->getFoundationID(),	665	$context->theuser->getBugzillaUserID(),
666	"reorder_$action",	666	"reorder_$action",
667	"submission",	667	"submission",
668	$submission_id,	668	$submission_id,