Issues in editlog.php - All Issues - Inspection of "Merge pull request #705 from nlubisch/feature/move..." - OpencachingDeutschland/oc-server3 - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — development ( f93eb8...ffa1a0 )

by Thomas

created 2017-11-26 19:47 UTC

htdocs/editlog.php (2 issues)

Labels

Severity

Minor 2

Upgrade to new PHP Analysis Engine

These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more

<?php
/****************************************************************************
 * for license information see LICENSE.md
 *
 *  edit a cache log
 *
 *  used template(s): editlog
 *  GET/POST Parameter: logid
 *
 *  Note: when changing recommendation, the last_modified-date of log-record
 *        has to be updated to trigger resync via xml-interface
 *
 *****************************************************************************/

use OcLegacy\GeoCache\Recommendation;
use Oc\GeoCache\StatisticPicture;

require __DIR__ . '/lib2/web.inc.php';
require_once __DIR__ . '/lib2/logic/user.class.php';
require_once __DIR__ . '/lib2/edithelper.inc.php';

$tpl->name = 'log_cache';
$tpl->menuitem = MNU_CACHES_EDITLOG;
$tpl->caching = false;

// check login
$login->verify();
if ($login->userid == 0) {
    $tpl->redirect_login();
}
$user = new user($login->userid);
$useradmin = ($login->hasAdminPriv() ? 1 : 0);

// fetch log entry
$log_id = 0;
if (isset($_REQUEST['logid'])) { // Ocprop
    $log_id = $_REQUEST['logid'];
}

$rs = sql('SELECT `id` FROM `log_types` WHERE `maintenance_logs`');
$logtype_allows_nm = sql_fetch_column($rs);

$log_rs = sql(
    "
        SELECT
            `cache_logs`.`id` AS `log_id`,
            `cache_logs`.`cache_id`,
            `cache_logs`.`node`,
            `cache_logs`.`text`,
            `cache_logs`.`date`,
            `cache_logs`.`needs_maintenance`,
            `cache_logs`.`listing_outdated`,
            `cache_logs`.`user_id`,
            `cache_logs`.`type` AS `logtype`,
            `cache_logs`.`oc_team_comment`,
            `cache_logs`.`text_html`,
            `cache_logs`.`text_htmledit`,
            `caches`.`name` AS `cachename`,
            `caches`.`type` AS `cachetype`,
            `caches`.`user_id` AS `cache_user_id`,
            `caches`.`logpw` AS `logpw`,
            `caches`.`status` AS `status`,
            `log_types`.`cache_status` > 0 AS `is_status_log`
        FROM `cache_logs`
        JOIN `log_types` ON `log_types`.`id`=`cache_logs`.`type`
        INNER JOIN `caches` ON `caches`.`cache_id`=`cache_logs`.`cache_id`
        WHERE `cache_logs`.`id`='&1'",
    $log_id
);
$log_record = sql_fetch_array($log_rs);
sql_free_result($log_rs);

// catch errors
if ($log_record === false) {
    $tpl->error(ERROR_INVALID_OPERATION);
}
if ($log_record['user_id'] != $login->userid ||
    ($log_record['status'] == 6 && $log_record['cache_user_id'] != $login->userid && !$useradmin) ||
    ($log_record['status'] == 7 && !$useradmin)
) {
    $tpl->error(ERROR_NO_ACCESS);
}
if ($log_record['node'] != $opt['logic']['node']['id']) {
    $tpl->error(ERROR_WRONG_NODE);
}

// load cache data
$cache = new cache($log_record['cache_id']);

// process url parametes
// Ocprop: logtype, logday, logmonth, logyear, rating, submitform
$log_type = isset($_POST['logtype']) ? $_POST['logtype'] : $log_record['logtype'];
$log_date_day =
    isset($_POST['logday']) ? trim($_POST['logday']) : date('d', strtotime($log_record['date']));
$log_date_month =
    isset($_POST['logmonth']) ? trim($_POST['logmonth']) : date('m', strtotime($log_record['date']));
$log_date_year =
    isset($_POST['logyear']) ? trim($_POST['logyear']) : date('Y', strtotime($log_record['date']));
$log_time_hour =
    isset($_POST['loghour'])
    ? trim($_POST['loghour'])
    : (substr($log_record['date'], 11) == '00:00:00' ? '' : date('H', strtotime($log_record['date'])));
$log_time_minute =
    isset($_POST['logminute'])
    ? trim($_POST['logminute'])
    : (substr($log_record['date'], 11) == "00:00:00" ? "" : date('i', strtotime($log_record['date'])));
$top_option = isset($_POST['ratingoption']) ? $_POST['ratingoption'] + 0 : 0;
$top_cache = isset($_POST['rating']) ? $_POST['rating'] + 0 : 0;
$log_pw = isset($_POST['log_pw']) ? $_POST['log_pw'] : '';

if (isset($_POST['submitform']) ||
    (
        isset($_POST['oldDescMode']) && isset($_POST['descMode'])
        && $_POST['oldDescMode'] != $_POST['descMode']
    )
) {
    $oc_team_comment = isset($_POST['teamcomment']) ? $_POST['teamcomment'] != '' : false;
    $needsMaintenance = isset($_POST['needs_maintenance2']) ? $_POST['needs_maintenance2'] + 0 : (isset($_POST['needs_maintenance']) ? $_POST['needs_maintenance'] + 0 : 0);
    $listingOutdated = isset($_POST['listing_outdated2']) ? $_POST['listing_outdated2'] + 0 : (isset($_POST['listing_outdated']) ? $_POST['listing_outdated'] + 0 : 0);
    $confirmListingOk = isset($_POST['confirm_listing_ok']) ? $_POST['confirm_listing_ok'] + 0 : 0;

    // validate NM and LO flags
    if (!in_array($log_type, $logtype_allows_nm) || $cache->getType() == 6) {
        $needsMaintenance = $listingOutdated = 0;
    } else {
        if ($needsMaintenance != 1 && $needsMaintenance != 2) {
            $needsMaintenance = 0;
        }
        if ($listingOutdated != 1 && $listingOutdated != 2) {
            $listingOutdated = 0;
        }
    }
} else {
    $oc_team_comment = ($log_record['oc_team_comment'] == 1);
    $needsMaintenance = $log_record['needs_maintenance'];
    $listingOutdated = $log_record['listing_outdated'];
    $confirmListingOk = ($listingOutdated == 1);
}

// do not ask for PW again if it was alredy supplied when submitting the log
$use_log_pw = $log_record['logpw'] != '' && $log_record['logtype'] != 1;

// editor mode switching
if (isset($_POST['descMode'])) {
    $descMode = $_POST['descMode'] + 0; // Ocprop: 2
    if (($descMode < 1) || ($descMode > 3)) {
        $descMode = 3;
    }
    if (isset($_POST['oldDescMode'])) {
        $oldDescMode = $_POST['oldDescMode'];
        if (($oldDescMode < 1) || ($oldDescMode > 3)) {
            $oldDescMode = $descMode;
        }
    } else {
        $oldDescMode = $descMode;
    }
} else {
    if ($log_record['text_html'] == 1) {
        if ($log_record['text_htmledit'] == 1) {
            $descMode = 3;
        } else {
            $descMode = 2;
        }
    } else {
        $descMode = 1;
    }

    $oldDescMode = $descMode;
}

// Text from textarea; Ocprop
if (isset($_POST['logtext'])) {
    $log_text = trim($_POST['logtext']);
} else {
    $log_text = $log_record['text'];
    if ($descMode == 1) {
        $oldDescMode = 0;
    }   // plain text with encoded HTML entities
}

$log_text = processEditorInput($oldDescMode, $descMode, $log_text, $represent_text);

// validate input
$validate = [];

$validate['dateOk'] = cachelog::validateDate(
    $log_date_year, $log_date_month, $log_date_day,
    $log_time_hour, $log_time_minute,
    isset($_POST['submitform'])
);

$validate['logType'] = logtype_ok($log_record['cache_id'], $log_type, $log_record['logtype']);

// not a found log? then ignore the recommendation
if ($log_type != 1 && $log_type != 7) {
    $top_option = 0;
}

// validate log password
if ($use_log_pw && $log_type == 1 && isset($_POST['submitform'])) {
    $validate['logPw'] = $cache->validateLogPW($log_type, $log_pw);
} else {
    $validate['logPw'] = true;
}

// ignore unauthorized team comments
if (!teamcomment_allowed($log_record['cache_id'], $log_type, $log_record['oc_team_comment'])) {
    $oc_team_comment = 0;
}

$validate['confirmListingOk'] =
    $listingOutdated != 1 || $confirmListingOk || $log_record['listing_outdated'] == 1 ||
    !$cache->getListingOutdatedRelativeToLog($log_id);

// check for errors
$loggable = array_product($validate);

// store?
if ($loggable && isset($_POST['submitform'])) { // Ocprop
    // 00:00:01 = "00:00 was logged"

    // 00:00:00 = "no time was logged"

    if ("$log_time_hour$log_time_minute" != "" &&
        $log_time_hour == 0 && $log_time_minute == 0
    ) {
        $log_time_second = 1;
    } else {
        $log_time_second = 0;
    }

    $log_date = date(
        'Y-m-d H:i:s',
        mktime(
            $log_time_hour + 0,
            $log_time_minute + 0,
            $log_time_second,
            $log_date_month,
            $log_date_day,
            $log_date_year
        )
    );

    // evtl. discard cache recommendation if the log type was changed from
    // 'found' or 'attended' to something else
    if (!$top_option) {
        Recommendation::discardRecommendation($log_id);
    }

    // store changed data
    sql(
        "UPDATE `cache_logs`
         SET `type`='&1',
             `oc_team_comment`='&2',
             `date`='&3',
             `needs_maintenance`='&4',
             `listing_outdated`='&5',
             `text`='&6',
             `text_html`='&7',
             `text_htmledit`='&8'
         WHERE `id`='&9'",
        $log_type,
        $oc_team_comment,
        $log_date,
        $needsMaintenance,
        $listingOutdated,
        $log_text,
        (($descMode != 1) ? 1 : 0),
        (($descMode == 3) ? 1 : 0),
        $log_id
    );

    // Update cache status if changed by logtype. To keep things simple, we implement
    // this feature only for the latest log.
    $statusChangeAllowed = $cache->statusChangeAllowedForLog($log_record['log_id']);
    if ($statusChangeAllowed) {
        $cache->updateCacheStatusFromLatestLog($log_id, $log_record['logtype'], $log_type);
        $cache->save();
    }

    // update user-stat if type changed
    if ($log_record['logtype'] != $log_type) {
        StatisticPicture::deleteStatisticPicture($user->getUserId());
    }

    // update recommendation list
    if ($top_option) {
        if ($top_cache) {
            sql(
                "INSERT INTO `cache_rating` (`user_id`, `cache_id`, `rating_date`)
                 VALUES('&1','&2','&3')
                 ON DUPLICATE KEY UPDATE `rating_date`='&3'",
                $user->getUserId(),
                $log_record['cache_id'],
                $log_date
            );
            // cache_rating.rating_date is updated when it already exists, so that
            // it stays consistent with cache_logs.date when editing a log date.

            // When editing one of multiple found logs, this will move rating_date
            // to the last edited record. While this may not always be what the user
            // expects, it makes sense for two reasons:
            //   1. It is a safeguard for the case that the log date and rating_date
            //      have gotten out of sync for some reason (which has happend in the
            //      past, probably due to a log-deletion related bug).
            //   2. It can be used as a tweak to control which log's date is relevant
            //      for the rating, e.g. when logging a second found on a recycled or
            //      renewed cache [listing].
        } else {
            sql(
                "DELETE FROM `cache_rating` WHERE `user_id`='&1' AND `cache_id`='&2'",
                $user->getUserId(),
                $log_record['cache_id']
            );
        }
    }

    // display cache page
    $tpl->redirect(
        'viewcache.php?cacheid=' . urlencode($log_record['cache_id'])
        . '&log=A#log' . urlencode($log_id)
    );
    exit;
}


// build logtype options
$disable_statuschange = !$cache->statusChangeAllowedForLog($log_record['log_id']);
$disable_typechange = $disable_statuschange && $log_record['is_status_log'];
$tpl->assign('typeEditDisabled', $disable_typechange);

$tpl->assign('validate', $validate);

// cache data
$tpl->assign('cacheid', $log_record['cache_id']);
$tpl->assign('cachename', htmlspecialchars($cache->getName(), ENT_COMPAT, 'UTF-8'));
$tpl->assign('cachetype', $cache->getType());
$tpl->assign('gcwp', $cache->getWPGC_maintained());

// log entry data
$tpl->assign('logid', $log_id);

$tpl->assign('logtypes', $cache->getUserLogTypes($log_type, $log_record['logtype'], !$disable_statuschange));
$tpl->assign('logday', htmlspecialchars($log_date_day, ENT_COMPAT, 'UTF-8'));
$tpl->assign('logmonth', htmlspecialchars($log_date_month, ENT_COMPAT, 'UTF-8'));
$tpl->assign('logyear', htmlspecialchars($log_date_year, ENT_COMPAT, 'UTF-8'));
$tpl->assign('loghour', htmlspecialchars($log_time_hour, ENT_COMPAT, 'UTF-8'));
$tpl->assign('logminute', htmlspecialchars($log_time_minute, ENT_COMPAT, 'UTF-8'));
$tpl->assign('logtext', $represent_text);

// admin
$tpl->assign('octeamcommentallowed', $cache->teamcommentAllowed(3, $log_record['oc_team_comment']));
$tpl->assign('is_teamcomment', $oc_team_comment);
$tpl->assign('adminAction', $user->getUserId() != $cache->getUserId() || $cache->teamcommentAllowed(3));

// cache condition flags
$tpl->assign('cache_needs_maintenance', $cache->getNeedsMaintenance());
$tpl->assign('cache_listing_is_outdated', $cache->getListingOutdatedRelativeToLog($log_id));
$tpl->assign('cache_listing_outdated_log', $cache->getListingOutdatedLogUrl());
$tpl->assign('needs_maintenance', $needsMaintenance);
$tpl->assign('listing_outdated', $listingOutdated);
$tpl->assign('old_listing_outdated', $log_record['listing_outdated']);
$tpl->assign('condition_history', $cache->getConditionHistory());
$tpl->assign('logtype_allows_nm', implode(',', $logtype_allows_nm));

// user data
$tpl->assign('ownerlog', $login->userid == $cache->getUserId());
$tpl->assign('userFound', $user->getStatFound());
$tpl->assign('showstatfounds', $user->showStatFounds());

// recommendation-related data
$ratingParams = $user->getRatingParameters();
$tpl->assign('ratingallowed', $ratingParams['givenRatings'] < $ratingParams['maxRatings']);
$tpl->assign('givenratings', $ratingParams['givenRatings']);
$tpl->assign('maxratings', $ratingParams['maxRatings']);
$tpl->assign('israted', $cache->isRecommendedByUser($user->getUserId()) || isset($_REQUEST['rating']));
$tpl->assign('findsuntilnextrating', $ratingParams['findsUntilNextRating']);
$tpl->assign('isowner', $user->getUserId() == $cache->getUserId());

// password
$tpl->assign('log_pw', $log_pw);

// DNF state
$dnf_by_logger = sql_value(
        "SELECT `type`
         FROM `cache_logs`
         WHERE `cache_id`='&1' AND `user_id`='&2' AND `type` IN (1,2)
         ORDER BY `order_date` DESC, `date_created` DESC, `id` DESC
         LIMIT 1",
        0,
        $cache->getCacheId(),
        $login->userid
    ) == 2;
$tpl->assign('dnf_by_logger', $dnf_by_logger);

// Text / normal HTML / HTML editor
$tpl->assign('use_tinymce', (($descMode == 3) ? 1 : 0));

if ($descMode == 1) {
    $tpl->assign('descMode', 1);
} else {
    if ($descMode == 2) {
        $tpl->assign('descMode', 2);
    } else {
        // TinyMCE
        $tpl->add_header_javascript('resource2/tinymce/tiny_mce_gzip.js');
        $tpl->add_header_javascript(
            'resource2/tinymce/config/log.js.php?lang=' . strtolower($opt['template']['locale'])
        );
        $tpl->assign('descMode', 3);
    }
}
$tpl->add_header_javascript(editorJsPath());

$tpl->assign('use_log_pw', $use_log_pw);
$tpl->assign('smileypath', $opt['template']['smiley']);
$tpl->assign('smilies', $smiley_a);

$tpl->assign('scrollposx', isset($_REQUEST['scrollposx']) ? $_REQUEST['scrollposx'] + 0 : 0);
$tpl->assign('scrollposy', isset($_REQUEST['scrollposy']) ? $_REQUEST['scrollposy'] + 0 : 0);

// select template mode and send it out
$tpl->assign('editlog', true);

$tpl->acceptsAndPurifiesHtmlInput();
$tpl->display();


1		<?php
2		/****************************************************************************
3		* for license information see LICENSE.md
4		*
5		* edit a cache log
6		*
7		* used template(s): editlog
8		* GET/POST Parameter: logid
9		*
10		* Note: when changing recommendation, the last_modified-date of log-record
11		* has to be updated to trigger resync via xml-interface
12		*
13		*****************************************************************************/
14
15		use OcLegacy\GeoCache\Recommendation;
16		use Oc\GeoCache\StatisticPicture;
17
18		require __DIR__ . '/lib2/web.inc.php';
19		require_once __DIR__ . '/lib2/logic/user.class.php';
20		require_once __DIR__ . '/lib2/edithelper.inc.php';
21
22		$tpl->name = 'log_cache';
23		$tpl->menuitem = MNU_CACHES_EDITLOG;
24		$tpl->caching = false;
25
26		// check login
27		$login->verify();
28		if ($login->userid == 0) {
29		$tpl->redirect_login();
30		}
31		$user = new user($login->userid);
32		$useradmin = ($login->hasAdminPriv() ? 1 : 0);
33
34		// fetch log entry
35		$log_id = 0;
36		if (isset($_REQUEST['logid'])) { // Ocprop
37		$log_id = $_REQUEST['logid'];
38		}
39
40		$rs = sql('SELECT `id` FROM `log_types` WHERE `maintenance_logs`');
41		$logtype_allows_nm = sql_fetch_column($rs);
42
43		$log_rs = sql(
44		"
45		SELECT
46		`cache_logs`.`id` AS `log_id`,
47		`cache_logs`.`cache_id`,
48		`cache_logs`.`node`,
49		`cache_logs`.`text`,
50		`cache_logs`.`date`,
51		`cache_logs`.`needs_maintenance`,
52		`cache_logs`.`listing_outdated`,
53		`cache_logs`.`user_id`,
54		`cache_logs`.`type` AS `logtype`,
55		`cache_logs`.`oc_team_comment`,
56		`cache_logs`.`text_html`,
57		`cache_logs`.`text_htmledit`,
58		`caches`.`name` AS `cachename`,
59		`caches`.`type` AS `cachetype`,
60		`caches`.`user_id` AS `cache_user_id`,
61		`caches`.`logpw` AS `logpw`,
62		`caches`.`status` AS `status`,
63		`log_types`.`cache_status` > 0 AS `is_status_log`
64		FROM `cache_logs`
65		JOIN `log_types` ON `log_types`.`id`=`cache_logs`.`type`
66		INNER JOIN `caches` ON `caches`.`cache_id`=`cache_logs`.`cache_id`
67		WHERE `cache_logs`.`id`='&1'",
68		$log_id
69		);
70		$log_record = sql_fetch_array($log_rs);
71		sql_free_result($log_rs);
72
73		// catch errors
74		if ($log_record === false) {
75		$tpl->error(ERROR_INVALID_OPERATION);
76		}
77		if ($log_record['user_id'] != $login->userid \|\|
78		($log_record['status'] == 6 && $log_record['cache_user_id'] != $login->userid && !$useradmin) \|\|
79		($log_record['status'] == 7 && !$useradmin)
80		) {
81		$tpl->error(ERROR_NO_ACCESS);
82		}
83		if ($log_record['node'] != $opt['logic']['node']['id']) {
84		$tpl->error(ERROR_WRONG_NODE);
85		}
86
87		// load cache data
88		$cache = new cache($log_record['cache_id']);
89
90		// process url parametes
91		// Ocprop: logtype, logday, logmonth, logyear, rating, submitform
92		$log_type = isset($_POST['logtype']) ? $_POST['logtype'] : $log_record['logtype'];
93		$log_date_day =
94		isset($_POST['logday']) ? trim($_POST['logday']) : date('d', strtotime($log_record['date']));
95		$log_date_month =
96		isset($_POST['logmonth']) ? trim($_POST['logmonth']) : date('m', strtotime($log_record['date']));
97		$log_date_year =
98		isset($_POST['logyear']) ? trim($_POST['logyear']) : date('Y', strtotime($log_record['date']));
99		$log_time_hour =
100		isset($_POST['loghour'])
101		? trim($_POST['loghour'])
102		: (substr($log_record['date'], 11) == '00:00:00' ? '' : date('H', strtotime($log_record['date'])));
103		$log_time_minute =
104		isset($_POST['logminute'])
105		? trim($_POST['logminute'])
106		: (substr($log_record['date'], 11) == "00:00:00" ? "" : date('i', strtotime($log_record['date'])));
107		$top_option = isset($_POST['ratingoption']) ? $_POST['ratingoption'] + 0 : 0;
108		$top_cache = isset($_POST['rating']) ? $_POST['rating'] + 0 : 0;
109		$log_pw = isset($_POST['log_pw']) ? $_POST['log_pw'] : '';
110
111		if (isset($_POST['submitform']) \|\|
112		(
113		isset($_POST['oldDescMode']) && isset($_POST['descMode'])
114		&& $_POST['oldDescMode'] != $_POST['descMode']
115		)
116		) {
117		$oc_team_comment = isset($_POST['teamcomment']) ? $_POST['teamcomment'] != '' : false;
118		$needsMaintenance = isset($_POST['needs_maintenance2']) ? $_POST['needs_maintenance2'] + 0 : (isset($_POST['needs_maintenance']) ? $_POST['needs_maintenance'] + 0 : 0);
119		$listingOutdated = isset($_POST['listing_outdated2']) ? $_POST['listing_outdated2'] + 0 : (isset($_POST['listing_outdated']) ? $_POST['listing_outdated'] + 0 : 0);
120		$confirmListingOk = isset($_POST['confirm_listing_ok']) ? $_POST['confirm_listing_ok'] + 0 : 0;
121
122		// validate NM and LO flags
123	View Code Duplication	if (!in_array($log_type, $logtype_allows_nm) \|\| $cache->getType() == 6) {
124		$needsMaintenance = $listingOutdated = 0;
125		} else {
126		if ($needsMaintenance != 1 && $needsMaintenance != 2) {
127		$needsMaintenance = 0;
128		}
129		if ($listingOutdated != 1 && $listingOutdated != 2) {
130		$listingOutdated = 0;
131		}
132		}
133		} else {
134		$oc_team_comment = ($log_record['oc_team_comment'] == 1);
135		$needsMaintenance = $log_record['needs_maintenance'];
136		$listingOutdated = $log_record['listing_outdated'];
137		$confirmListingOk = ($listingOutdated == 1);
138		}
139
140		// do not ask for PW again if it was alredy supplied when submitting the log
141		$use_log_pw = $log_record['logpw'] != '' && $log_record['logtype'] != 1;
142
143		// editor mode switching
144		if (isset($_POST['descMode'])) {
145		$descMode = $_POST['descMode'] + 0; // Ocprop: 2
146		if (($descMode < 1) \|\| ($descMode > 3)) {
147		$descMode = 3;
148		}
149		if (isset($_POST['oldDescMode'])) {
150		$oldDescMode = $_POST['oldDescMode'];
151		if (($oldDescMode < 1) \|\| ($oldDescMode > 3)) {
152		$oldDescMode = $descMode;
153		}
154		} else {
155		$oldDescMode = $descMode;
156		}
157		} else {
158		if ($log_record['text_html'] == 1) {
159		if ($log_record['text_htmledit'] == 1) {
160		$descMode = 3;
161		} else {
162		$descMode = 2;
163		}
164		} else {
165		$descMode = 1;
166		}
167
168		$oldDescMode = $descMode;
169		}
170
171		// Text from textarea; Ocprop
172		if (isset($_POST['logtext'])) {
173		$log_text = trim($_POST['logtext']);
174		} else {
175		$log_text = $log_record['text'];
176		if ($descMode == 1) {
177		$oldDescMode = 0;
178		} // plain text with encoded HTML entities
179		}
180
181		$log_text = processEditorInput($oldDescMode, $descMode, $log_text, $represent_text);
182
183		// validate input
184		$validate = [];
185
186		$validate['dateOk'] = cachelog::validateDate(
187		$log_date_year, $log_date_month, $log_date_day,
188		$log_time_hour, $log_time_minute,
189		isset($_POST['submitform'])
190		);
191
192		$validate['logType'] = logtype_ok($log_record['cache_id'], $log_type, $log_record['logtype']);
193
194		// not a found log? then ignore the recommendation
195		if ($log_type != 1 && $log_type != 7) {
196		$top_option = 0;
197		}
198
199		// validate log password
200		if ($use_log_pw && $log_type == 1 && isset($_POST['submitform'])) {
201		$validate['logPw'] = $cache->validateLogPW($log_type, $log_pw);
202		} else {
203		$validate['logPw'] = true;
204		}
205
206		// ignore unauthorized team comments
207		if (!teamcomment_allowed($log_record['cache_id'], $log_type, $log_record['oc_team_comment'])) {
208		$oc_team_comment = 0;
209		}
210
211		$validate['confirmListingOk'] =
212		$listingOutdated != 1 \|\| $confirmListingOk \|\| $log_record['listing_outdated'] == 1 \|\|
213		!$cache->getListingOutdatedRelativeToLog($log_id);
214
215		// check for errors
216		$loggable = array_product($validate);
217
218		// store?
219		if ($loggable && isset($_POST['submitform'])) { // Ocprop
220		// 00:00:01 = "00:00 was logged"
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-05-24 20:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this `60%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
221		// 00:00:00 = "no time was logged"
		0 ignored issues – show Unused Code Comprehensibility introduced 2016-05-24 20:17 UTC by Report Bug Copy Issue Report Show Similar Issues like this `60%` of this comment could be valid code. Did you maybe forget this after debugging? Sometimes obsolete code just ends up commented out instead of removed. In this case it is better to remove the code once you have checked you do not need it. The code might also have been commented out for debugging purposes. In this case it is vital that someone uncomments it again or your project may behave in very unexpected ways in production. This check looks for comments that seem to be mostly valid code and reports them. Loading history...
222		if ("$log_time_hour$log_time_minute" != "" &&
223		$log_time_hour == 0 && $log_time_minute == 0
224		) {
225		$log_time_second = 1;
226		} else {
227		$log_time_second = 0;
228		}
229
230		$log_date = date(
231		'Y-m-d H:i:s',
232		mktime(
233		$log_time_hour + 0,
234		$log_time_minute + 0,
235		$log_time_second,
236		$log_date_month,
237		$log_date_day,
238		$log_date_year
239		)
240		);
241
242		// evtl. discard cache recommendation if the log type was changed from
243		// 'found' or 'attended' to something else
244		if (!$top_option) {
245		Recommendation::discardRecommendation($log_id);
246		}
247
248		// store changed data
249		sql(
250		"UPDATE `cache_logs`
251		SET `type`='&1',
252		`oc_team_comment`='&2',
253		`date`='&3',
254		`needs_maintenance`='&4',
255		`listing_outdated`='&5',
256		`text`='&6',
257		`text_html`='&7',
258		`text_htmledit`='&8'
259		WHERE `id`='&9'",
260		$log_type,
261		$oc_team_comment,
262		$log_date,
263		$needsMaintenance,
264		$listingOutdated,
265		$log_text,
266		(($descMode != 1) ? 1 : 0),
267		(($descMode == 3) ? 1 : 0),
268		$log_id
269		);
270
271		// Update cache status if changed by logtype. To keep things simple, we implement
272		// this feature only for the latest log.
273		$statusChangeAllowed = $cache->statusChangeAllowedForLog($log_record['log_id']);
274		if ($statusChangeAllowed) {
275		$cache->updateCacheStatusFromLatestLog($log_id, $log_record['logtype'], $log_type);
276		$cache->save();
277		}
278
279		// update user-stat if type changed
280		if ($log_record['logtype'] != $log_type) {
281		StatisticPicture::deleteStatisticPicture($user->getUserId());
282		}
283
284		// update recommendation list
285		if ($top_option) {
286		if ($top_cache) {
287		sql(
288		"INSERT INTO `cache_rating` (`user_id`, `cache_id`, `rating_date`)
289		VALUES('&1','&2','&3')
290		ON DUPLICATE KEY UPDATE `rating_date`='&3'",
291		$user->getUserId(),
292		$log_record['cache_id'],
293		$log_date
294		);
295		// cache_rating.rating_date is updated when it already exists, so that
296		// it stays consistent with cache_logs.date when editing a log date.
297
298		// When editing one of multiple found logs, this will move rating_date
299		// to the last edited record. While this may not always be what the user
300		// expects, it makes sense for two reasons:
301		// 1. It is a safeguard for the case that the log date and rating_date
302		// have gotten out of sync for some reason (which has happend in the
303		// past, probably due to a log-deletion related bug).
304		// 2. It can be used as a tweak to control which log's date is relevant
305		// for the rating, e.g. when logging a second found on a recycled or
306		// renewed cache [listing].
307		} else {
308		sql(
309		"DELETE FROM `cache_rating` WHERE `user_id`='&1' AND `cache_id`='&2'",
310		$user->getUserId(),
311		$log_record['cache_id']
312		);
313		}
314		}
315
316		// display cache page
317		$tpl->redirect(
318		'viewcache.php?cacheid=' . urlencode($log_record['cache_id'])
319		. '&log=A#log' . urlencode($log_id)
320		);
321		exit;
322		}
323
324
325		// build logtype options
326		$disable_statuschange = !$cache->statusChangeAllowedForLog($log_record['log_id']);
327		$disable_typechange = $disable_statuschange && $log_record['is_status_log'];
328		$tpl->assign('typeEditDisabled', $disable_typechange);
329
330		$tpl->assign('validate', $validate);
331
332		// cache data
333		$tpl->assign('cacheid', $log_record['cache_id']);
334		$tpl->assign('cachename', htmlspecialchars($cache->getName(), ENT_COMPAT, 'UTF-8'));
335		$tpl->assign('cachetype', $cache->getType());
336		$tpl->assign('gcwp', $cache->getWPGC_maintained());
337
338		// log entry data
339		$tpl->assign('logid', $log_id);
340
341		$tpl->assign('logtypes', $cache->getUserLogTypes($log_type, $log_record['logtype'], !$disable_statuschange));
342		$tpl->assign('logday', htmlspecialchars($log_date_day, ENT_COMPAT, 'UTF-8'));
343		$tpl->assign('logmonth', htmlspecialchars($log_date_month, ENT_COMPAT, 'UTF-8'));
344		$tpl->assign('logyear', htmlspecialchars($log_date_year, ENT_COMPAT, 'UTF-8'));
345		$tpl->assign('loghour', htmlspecialchars($log_time_hour, ENT_COMPAT, 'UTF-8'));
346		$tpl->assign('logminute', htmlspecialchars($log_time_minute, ENT_COMPAT, 'UTF-8'));
347		$tpl->assign('logtext', $represent_text);
348
349		// admin
350		$tpl->assign('octeamcommentallowed', $cache->teamcommentAllowed(3, $log_record['oc_team_comment']));
351		$tpl->assign('is_teamcomment', $oc_team_comment);
352		$tpl->assign('adminAction', $user->getUserId() != $cache->getUserId() \|\| $cache->teamcommentAllowed(3));
353
354		// cache condition flags
355		$tpl->assign('cache_needs_maintenance', $cache->getNeedsMaintenance());
356		$tpl->assign('cache_listing_is_outdated', $cache->getListingOutdatedRelativeToLog($log_id));
357		$tpl->assign('cache_listing_outdated_log', $cache->getListingOutdatedLogUrl());
358		$tpl->assign('needs_maintenance', $needsMaintenance);
359		$tpl->assign('listing_outdated', $listingOutdated);
360		$tpl->assign('old_listing_outdated', $log_record['listing_outdated']);
361		$tpl->assign('condition_history', $cache->getConditionHistory());
362		$tpl->assign('logtype_allows_nm', implode(',', $logtype_allows_nm));
363
364		// user data
365		$tpl->assign('ownerlog', $login->userid == $cache->getUserId());
366		$tpl->assign('userFound', $user->getStatFound());
367		$tpl->assign('showstatfounds', $user->showStatFounds());
368
369		// recommendation-related data
370		$ratingParams = $user->getRatingParameters();
371		$tpl->assign('ratingallowed', $ratingParams['givenRatings'] < $ratingParams['maxRatings']);
372		$tpl->assign('givenratings', $ratingParams['givenRatings']);
373		$tpl->assign('maxratings', $ratingParams['maxRatings']);
374		$tpl->assign('israted', $cache->isRecommendedByUser($user->getUserId()) \|\| isset($_REQUEST['rating']));
375		$tpl->assign('findsuntilnextrating', $ratingParams['findsUntilNextRating']);
376		$tpl->assign('isowner', $user->getUserId() == $cache->getUserId());
377
378		// password
379		$tpl->assign('log_pw', $log_pw);
380
381		// DNF state
382		$dnf_by_logger = sql_value(
383		"SELECT `type`
384		FROM `cache_logs`
385		WHERE `cache_id`='&1' AND `user_id`='&2' AND `type` IN (1,2)
386		ORDER BY `order_date` DESC, `date_created` DESC, `id` DESC
387		LIMIT 1",
388		0,
389		$cache->getCacheId(),
390		$login->userid
391		) == 2;
392		$tpl->assign('dnf_by_logger', $dnf_by_logger);
393
394		// Text / normal HTML / HTML editor
395		$tpl->assign('use_tinymce', (($descMode == 3) ? 1 : 0));
396
397		if ($descMode == 1) {
398		$tpl->assign('descMode', 1);
399		} else {
400		if ($descMode == 2) {
401		$tpl->assign('descMode', 2);
402		} else {
403		// TinyMCE
404		$tpl->add_header_javascript('resource2/tinymce/tiny_mce_gzip.js');
405		$tpl->add_header_javascript(
406		'resource2/tinymce/config/log.js.php?lang=' . strtolower($opt['template']['locale'])
407		);
408		$tpl->assign('descMode', 3);
409		}
410		}
411		$tpl->add_header_javascript(editorJsPath());
412
413		$tpl->assign('use_log_pw', $use_log_pw);
414		$tpl->assign('smileypath', $opt['template']['smiley']);
415		$tpl->assign('smilies', $smiley_a);
416
417		$tpl->assign('scrollposx', isset($_REQUEST['scrollposx']) ? $_REQUEST['scrollposx'] + 0 : 0);
418		$tpl->assign('scrollposy', isset($_REQUEST['scrollposy']) ? $_REQUEST['scrollposy'] + 0 : 0);
419
420		// select template mode and send it out
421		$tpl->assign('editlog', true);
422
423		$tpl->acceptsAndPurifiesHtmlInput();
424		$tpl->display();
425

OpencachingDeutschland / oc-server3

Push — development ( f93eb8...ffa1a0 )

htdocs/editlog.php (2 issues)

Labels

Severity

Introduced By

Upgrade to new PHP Analysis Engine

Duplication Side-by-Side

Filter issues like