<?php
// File: $Id: Exp $ $Name: $
// ----------------------------------------------------------------------------
// Envolution Content Management System
// Copyright (C) 2002 by the Envolution Development Team.
// http://www.envolution.com/
// ----------------------------------------------------------------------------
// Based on:
// Postnuke Content Management System - www.postnuke.com
// PHP-NUKE Web Portal System - http://phpnuke.org/
// ----------------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------------
// Original Author of file: Jim McDonald
// Purpose of file: standings administration API
// ----------------------------------------------------------------------------
//////
/// Create a New Tournament
//////
function standings_adminapi_create($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($title)) ||
(!isset($description))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing
if (!pnSecAuthAction(0, 'Standings::Tournament', "::", ACCESS_ADMIN)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standtourntable = $pntable['stand_tourn'];
$standtourncolumn = &$pntable['stand_tourn_column'];
// Get next ID in table - this is required prior to any insert that
// uses a unique ID, and ensures that the ID generation is carried
// out in a database-portable fashion
$nextId = $dbconn->GenId($standtourntable);
// Add item - the formatting here is not mandatory, but it does make
// the SQL statement relatively easy to read. Also, separating out
// the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "INSERT INTO $standtourntable (
$standtourncolumn[cid],
$standtourncolumn[title],
$standtourncolumn[description],
$standtourncolumn[ppv],
$standtourncolumn[ppd],
$standtourncolumn[ppl])
VALUES (
$nextId,
'" . pnVarPrepForStore($title) . "','"
. pnvarPrepForStore($description) . "','"
. pnvarPrepForStore($ppv) . "','"
. pnvarPrepForStore($ppd) . "','"
. pnvarPrepForStore($ppl) . "')";
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _ADDFAILED);
return false;
}
// Get the ID of the item that we inserted. It is possible, although
// very unlikely, that this is different from $nextId as obtained
// above, but it is better to be safe than sorry in this situation
$cid = $dbconn->PO_Insert_ID($standtourntable, $standtourncolumn['cid']);
// Let any hooks know that we have created a new item. As this is a
// create hook we're passing 'tid' as the extra info, which is the
// argument that all of the other functions use to reference this
// item
pnModCallHooks('item', 'create', $cid, 'cid');
// Return the id of the newly created item to the calling process
return $cid;
}
//////
/// Delete a Tournament
//////
function standings_adminapi_delete($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if (!isset($cid)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Load API. Note that this is loading the user API in addition to
// the administration API, that is because the user API contains
// the function to obtain item information which is the first thing
// that we need to do. If the API fails to load an appropriate error
// message is posted and the function returns
if (!pnModAPILoad('Standings', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// The user API function is called. This takes the item ID which
// we obtained from the input and gets us the information on the
// appropriate item. If the item does not exist we post an appropriate
// message and return
$item = pnModAPIFunc('Standings',
'user',
'get',
array('cid' => $cid));
if ($item == false) {
$output->Text(_standingsNOSUCHITEM);
return $output->GetOutput();
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
if (!pnSecAuthAction(0, 'Standings::Tournament', "$item[title]::$cid", ACCESS_DELETE)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
//
// Delete all associated Teams
//
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standteamtable = $pntable['stand_team'];
$standteamcolumn = &$pntable['stand_team_column'];
// Delete the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "DELETE FROM $standteamtable
WHERE $standteamcolumn[cid] = " . pnVarPrepForStore($cid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standtourntable = $pntable['stand_tourn'];
$standtourncolumn = &$pntable['stand_tourn_column'];
// Delete the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "DELETE FROM $standtourntable
WHERE $standtourncolumn[cid] = " . pnVarPrepForStore($cid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
// Let any hooks know that we have deleted an item. As this is a
// delete hook we're not passing any extra info
pnModCallHooks('item', 'delete', $cid, '');
// Let the calling process know that we have finished successfully
return true;
}
//////
/// Create a new Team for the given Tournament
//////
function standings_adminapi_createteam($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($team))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing
if (!pnSecAuthAction(0, 'Standings::Tournament', "::$cid", ACCESS_ADD)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standteamtable = $pntable['stand_team'];
$standteamcolumn = &$pntable['stand_team_column'];
// Get next ID in table - this is required prior to any insert that
// uses a unique ID, and ensures that the ID generation is carried
// out in a database-portable fashion
$nextId = $dbconn->GenId($standtourntable);
// Add item - the formatting here is not mandatory, but it does make
// the SQL statement relatively easy to read. Also, separating out
// the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "INSERT INTO $standteamtable (
$standteamcolumn[tid],
$standteamcolumn[cid],
$standteamcolumn[team],
$standteamcolumn[city],
$standteamcolumn[shorts],
$standteamcolumn[tshirt],
$standteamcolumn[contact],
$standteamcolumn[phone],
$standteamcolumn[paddress],
$standteamcolumn[email],
$standteamcolumn[homepage])
VALUES (
$nextId,
$cid,
'" . pnVarPrepForStore($team) . "','" . pnVarPrepForStore($city) . "','"
. pnVarPrepForStore($shorts) . "','" . pnVarPrepForStore($tshirt) . "','"
. pnVarPrepForStore($contact) . "','" . pnVarPrepForStore($phone) . "','"
. pnVarPrepForStore($paddress) . "','" . pnVarPrepForStore($email) . "','"
. pnVarPrepForStore($homepage) . "')";
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _ADDFAILED);
return false;
}
// Get the ID of the item that we inserted. It is possible, although
// very unlikely, that this is different from $nextId as obtained
// above, but it is better to be safe than sorry in this situation
$cid = $dbconn->PO_Insert_ID($standtourntable, $standtourncolumn['cid']);
// Let any hooks know that we have created a new item. As this is a
// create hook we're passing 'tid' as the extra info, which is the
// argument that all of the other functions use to reference this
// item
pnModCallHooks('item', 'createteam', $tid, 'tid');
// Return the id of the newly created item to the calling process
return $tid;
}
//////
/// Create a new Player for the given Team
//////
function standings_adminapi_createplayer($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($fname)) || (!isset($pname))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing
if (!pnSecAuthAction(0, 'Standings::Team', "::$tid", ACCESS_ADD)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standplayerstable = $pntable['stand_players'];
$standplayerscolumn = &$pntable['stand_players_column'];
// Get next ID in table - this is required prior to any insert that
// uses a unique ID, and ensures that the ID generation is carried
// out in a database-portable fashion
$nextId = $dbconn->GenId($standplayerstable);
// Add item - the formatting here is not mandatory, but it does make
// the SQL statement relatively easy to read. Also, separating out
// the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "INSERT INTO $standplayerstable (
$standplayerscolumn[pid],
$standplayerscolumn[tid],
$standplayerscolumn[cid],
$standplayerscolumn[number],
$standplayerscolumn[name],
$standplayerscolumn[fname],
$standplayerscolumn[role],
$standplayerscolumn[birth],
$standplayerscolumn[height],
$standplayerscolumn[weight],
$standplayerscolumn[notes],
$standplayerscolumn[from])
VALUES (
$nextId,
$tid,$cid,'"
. pnVarPrepForStore($number) .
"','" . pnVarPrepForStore($pname) . "','" . pnVarPrepForStore($fname) . "','"
. pnVarPrepForStore($role) . "','" . pnVarPrepForStore($birth) . "','"
. pnVarPrepForStore($height) . "','" . pnVarPrepForStore($weight) . "','"
. pnVarPrepForStore($notes) . "','" . pnVarPrepForStore($from) . "')";
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _ADDFAILED);
return false;
}
// Get the ID of the item that we inserted. It is possible, although
// very unlikely, that this is different from $nextId as obtained
// above, but it is better to be safe than sorry in this situation
$pid = $dbconn->PO_Insert_ID($standplayerstable, $standplayerscolumn['pid']);
// Let any hooks know that we have created a new item. As this is a
// create hook we're passing 'tid' as the extra info, which is the
// argument that all of the other functions use to reference this
// item
pnModCallHooks('item', 'createplayer', $pid, 'pid');
// Return the id of the newly created item to the calling process
return $pid;
}
//////
/// Create a new Scout for the given Player
//////
function standings_adminapi_createscout($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($pid))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing
if (!pnSecAuthAction(0, 'Standings::Team', "::$tid", ACCESS_ADD)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standscoutstable = $pntable['stand_scouts'];
$standscoutscolumn = &$pntable['stand_scouts_column'];
// Get next ID in table - this is required prior to any insert that
// uses a unique ID, and ensures that the ID generation is carried
// out in a database-portable fashion
$nextId = $dbconn->GenId($standscoutstable);
// Calculate total points
$pts = $fgm * 2 + $tpm * 3 + $ftm;
// Add item - the formatting here is not mandatory, but it does make
// the SQL statement relatively easy to read. Also, separating out
// the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "INSERT INTO $standscoutstable (
$standscoutscolumn[sid],
$standscoutscolumn[tcid],
$standscoutscolumn[pid],
$standscoutscolumn[tid],
$standscoutscolumn[date],
$standscoutscolumn[rid],
$standscoutscolumn[start],
$standscoutscolumn[mins],
$standscoutscolumn[fgm],
$standscoutscolumn[fga],
$standscoutscolumn[tpm],
$standscoutscolumn[tpa],
$standscoutscolumn[ftm],
$standscoutscolumn[fta],
$standscoutscolumn[or],
$standscoutscolumn[dr],
$standscoutscolumn[ass],
$standscoutscolumn[ste],
$standscoutscolumn[blk],
$standscoutscolumn[blkr],
$standscoutscolumn[to],
$standscoutscolumn[pf],
$standscoutscolumn[pfr],
$standscoutscolumn[pts])
VALUES (
$nextId,"
. pnVarPrepForStore($tcid) . "," . pnVarPrepForStore($pid) .
"," . pnVarPrepForStore($tid) . ",'" . pnVarPrepForStore($date) . "',"
. pnVarPrepForStore($rid) . ",'" . pnVarPrepForStore($start) . "','"
. pnVarPrepForStore($mins) . "','" . pnVarPrepForStore($fgm) . "','"
. pnVarPrepForStore($fga) . "','" . pnVarPrepForStore($tpm) . "','"
. pnVarPrepForStore($tpa) . "','" . pnVarPrepForStore($ftm) . "','"
. pnVarPrepForStore($fta) . "','" . pnVarPrepForStore($or) . "','"
. pnVarPrepForStore($dr) . "','" . pnVarPrepForStore($ass) . "','"
. pnVarPrepForStore($ste) . "','" . pnVarPrepForStore($blk) . "','"
. pnVarPrepForStore($blkr) . "','" . pnVarPrepForStore($to) . "','"
. pnVarPrepForStore($pf) . "','" . pnVarPrepForStore($pfr) . "','"
. pnVarPrepForStore($pts) . "')";
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _ADDFAILED);
return false;
}
// Get the ID of the item that we inserted. It is possible, although
// very unlikely, that this is different from $nextId as obtained
// above, but it is better to be safe than sorry in this situation
$sid = $dbconn->PO_Insert_ID($standscoutstable, $standscoutscolumn['sid']);
// Let any hooks know that we have created a new item. As this is a
// create hook we're passing 'tid' as the extra info, which is the
// argument that all of the other functions use to reference this
// item
pnModCallHooks('item', 'createscout', $sid, 'sid');
// Return the id of the newly created item to the calling process
return $sid;
}
//////
/// Create a new Schedule entry for the given Tournament
//////
function standings_adminapi_createcal($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($cid))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing
if (!pnSecAuthAction(0, 'Standings::Tournament', "::$cid", ACCESS_ADMIN)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standtourncaltable = $pntable['stand_tourncal'];
$standtourncalcolumn = &$pntable['stand_tourncal_column'];
// Get next ID in table - this is required prior to any insert that
// uses a unique ID, and ensures that the ID generation is carried
// out in a database-portable fashion
$nextId = $dbconn->GenId($standtourncaltable);
// Add item - the formatting here is not mandatory, but it does make
// the SQL statement relatively easy to read. Also, separating out
// the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "INSERT INTO $standtourncaltable (
$standtourncalcolumn[tcid],
$standtourncalcolumn[cid],
$standtourncalcolumn[rid],
$standtourncalcolumn[date],
$standtourncalcolumn[time],
$standtourncalcolumn[teama],
$standtourncalcolumn[teamb])
VALUES (
$nextId,
$cid,
$rid,
'" . pnVarPrepForStore($date) . "','"
. pnvarPrepForStore($time) . "',
" . pnvarPrepForStore($teama) . ",
" . pnvarPrepForStore($teamb) . ")";
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _ADDFAILED);
return false;
}
// Get the ID of the item that we inserted. It is possible, although
// very unlikely, that this is different from $nextId as obtained
// above, but it is better to be safe than sorry in this situation
$tcid = $dbconn->PO_Insert_ID($standtourncaltable, $standtourncalcolumn['tcid']);
// Let any hooks know that we have created a new item. As this is a
// create hook we're passing 'tid' as the extra info, which is the
// argument that all of the other functions use to reference this
// item
pnModCallHooks('item', 'createcal', $tcid, 'tcid');
// Return the id of the newly created item to the calling process
return $tcid;
}
//////
/// Delete a team
//////
function standings_adminapi_deleteteam($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if (!isset($tid)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Load API. Note that this is loading the user API in addition to
// the administration API, that is because the user API contains
// the function to obtain item information which is the first thing
// that we need to do. If the API fails to load an appropriate error
// message is posted and the function returns
if (!pnModAPILoad('Standings', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// The user API function is called. This takes the item ID which
// we obtained from the input and gets us the information on the
// appropriate item. If the item does not exist we post an appropriate
// message and return
$item = pnModAPIFunc('Standings',
'user',
'getteam',
array('tid' => $tid));
if ($item == false) {
$output->Text(_STANDINGSNOSUCHITEM);
return $output->GetOutput();
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
if (!pnSecAuthAction(0, 'Standings::Tournament', "::$cid", ACCESS_ADMIN)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standteamtable = $pntable['stand_team'];
$standteamcolumn = &$pntable['stand_team_column'];
// Delete the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "DELETE FROM $standteamtable
WHERE $standteamcolumn[tid] = " . pnVarPrepForStore($tid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
// Let any hooks know that we have deleted an item. As this is a
// delete hook we're not passing any extra info
pnModCallHooks('item', 'delete', $tid, '');
// Let the calling process know that we have finished successfully
return true;
}
//////
/// Delete a Player
//////
function standings_adminapi_deleteplayer($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if (!isset($pid)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Load API. Note that this is loading the user API in addition to
// the administration API, that is because the user API contains
// the function to obtain item information which is the first thing
// that we need to do. If the API fails to load an appropriate error
// message is posted and the function returns
if (!pnModAPILoad('Standings', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// The user API function is called. This takes the item ID which
// we obtained from the input and gets us the information on the
// appropriate item. If the item does not exist we post an appropriate
// message and return
$item = pnModAPIFunc('Standings',
'user',
'getplayer',
array('pid' => $pid));
if ($item == false) {
$output->Text(_STANDINGSNOSUCHITEM);
return $output->GetOutput();
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
if (!pnSecAuthAction(0, 'Standings::Team', "::$item[tid]", ACCESS_DELETE)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standplayerstable = $pntable['stand_players'];
$standplayerscolumn = &$pntable['stand_players_column'];
// Delete the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "DELETE FROM $standplayerstable
WHERE $standplayerscolumn[pid] = " . pnVarPrepForStore($pid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
// Let any hooks know that we have deleted an item. As this is a
// delete hook we're not passing any extra info
pnModCallHooks('item', 'delete', $pid, '');
// Let the calling process know that we have finished successfully
return true;
}
//////
/// Delete a Tournament Schedule
//////
function standings_adminapi_deletecal($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if (!isset($cid) || !isset($rid)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
if (!pnSecAuthAction(0, 'Standings::Tournament', "::$cid", ACCESS_ADMIN)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standtourncaltable = $pntable['stand_tourncal'];
$standtourncalcolumn = &$pntable['stand_tourncal_column'];
// Delete the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "DELETE FROM $standtourncaltable
WHERE $standtourncalcolumn[cid] = " . pnVarPrepForStore($cid) .
" AND $standtourncalcolumn[rid] = " . pnVarPrepForStore($rid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
// Let any hooks know that we have deleted an item. As this is a
// delete hook we're not passing any extra info
pnModCallHooks('item', 'deletecal', $rid, '');
// Let the calling process know that we have finished successfully
return true;
}
//////
/// Delete a Scout
//////
function standings_adminapi_deletescout($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if (!isset($sid)) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
if (!pnSecAuthAction(0, 'Standings::Team', "::$tid", ACCESS_DELETE)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standscoutstable = $pntable['stand_scouts'];
$standscoutscolumn = &$pntable['stand_scouts_column'];
// Delete the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "DELETE FROM $standscoutstable
WHERE $standscoutscolumn[sid] = " . pnVarPrepForStore($sid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
// Let any hooks know that we have deleted an item. As this is a
// delete hook we're not passing any extra info
pnModCallHooks('item', 'deletescout', $sid, '');
// Let the calling process know that we have finished successfully
return true;
}
//////
/// Update a Tournament
//////
function standings_adminapi_update($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($cid)) ||
(!isset($title)) ||
(!isset($description))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Load API. Note that this is loading the user API in addition to
// the administration API, that is because the user API contains
// the function to obtain item information which is the first thing
// that we need to do. If the API fails to load an appropriate error
// message is posted and the function returns
if (!pnModAPILoad('Standings', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// The user API function is called. This takes the item ID which
// we obtained from the input and gets us the information on the
// appropriate item. If the item does not exist we post an appropriate
// message and return
$item = pnModAPIFunc('Standings',
'user',
'get',
array('cid' => $cid));
if ($item == false) {
$output->Text(_STANDINGSNOSUCHITEM);
return $output->GetOutput();
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
// Note that at this stage we have two sets of item information, the
// pre-modification and the post-modification. We need to check against
// both of these to ensure that whoever is doing the modification has
// suitable permissions to edit the item otherwise people can potentially
// edit areas to which they do not have suitable access
if (!pnSecAuthAction(0, 'Standings::Tournament', "$item[title]::$cid", ACCESS_EDIT)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standtourntable = $pntable['stand_tourn'];
$standtourncolumn = &$pntable['stand_tourn_column'];
// Update the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "UPDATE $standtourntable
SET $standtourncolumn[title] = '" . pnVarPrepForStore($title) . "',
$standtourncolumn[description] = '" . pnVarPrepForStore($description) . "',
$standtourncolumn[ppv] = '" . pnVarPrepForStore($ppv) . "',
$standtourncolumn[ppd] = '" . pnVarPrepForStore($ppd) . "',
$standtourncolumn[ppl] = '" . pnVarPrepForStore($ppl) . "'
WHERE $standtourncolumn[cid] = " . pnVarPrepForStore($cid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _DELETEFAILED);
return false;
}
// Let the calling process know that we have finished successfully
return true;
}
//////
/// Update a Team
//////
function standings_adminapi_updateteam($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($tid)) ||
(!isset($team))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Load API. Note that this is loading the user API in addition to
// the administration API, that is because the user API contains
// the function to obtain item information which is the first thing
// that we need to do. If the API fails to load an appropriate error
// message is posted and the function returns
if (!pnModAPILoad('Standings', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// The user API function is called. This takes the item ID which
// we obtained from the input and gets us the information on the
// appropriate item. If the item does not exist we post an appropriate
// message and return
$item = pnModAPIFunc('Standings',
'user',
'getteam',
array('tid' => $tid));
if ($item == false) {
$output->Text(_STANDINGSNOSUCHITEM);
return $output->GetOutput();
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
// Note that at this stage we have two sets of item information, the
// pre-modification and the post-modification. We need to check against
// both of these to ensure that whoever is doing the modification has
// suitable permissions to edit the item otherwise people can potentially
// edit areas to which they do not have suitable access
if (!pnSecAuthAction(0, 'Standings::Team', "$team::$tid", ACCESS_EDIT)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standteamtable = $pntable['stand_team'];
$standteamcolumn = &$pntable['stand_team_column'];
// Update the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "UPDATE $standteamtable
SET $standteamcolumn[team] = '" . pnVarPrepForStore($team) . "',
$standteamcolumn[city] = '" . pnVarPrepForStore($city) . "',
$standteamcolumn[shorts] = '" . pnVarPrepForStore($shorts) . "',
$standteamcolumn[tshirt] = '" . pnVarPrepForStore($tshirt) . "',
$standteamcolumn[contact] = '" . pnVarPrepForStore($contact) . "',
$standteamcolumn[phone] = '" . pnVarPrepForStore($phone) . "',
$standteamcolumn[paddress] = '" . pnVarPrepForStore($paddress) . "',
$standteamcolumn[email] = '" . pnVarPrepForStore($email) . "',
$standteamcolumn[homepage] = '" . pnVarPrepForStore($homepage) . "'
WHERE $standteamcolumn[tid] = " . pnVarPrepForStore($tid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _UPDATEFAILED);
return false;
}
// Let the calling process know that we have finished successfully
return true;
}
//////
/// Update a Schedule
//////
function standings_adminapi_updatecal($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($tcid)) ||
(!isset($rid))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Load API. Note that this is loading the user API in addition to
// the administration API, that is because the user API contains
// the function to obtain item information which is the first thing
// that we need to do. If the API fails to load an appropriate error
// message is posted and the function returns
if (!pnModAPILoad('Standings', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
// Note that at this stage we have two sets of item information, the
// pre-modification and the post-modification. We need to check against
// both of these to ensure that whoever is doing the modification has
// suitable permissions to edit the item otherwise people can potentially
// edit areas to which they do not have suitable access
if ((!pnSecAuthAction(0, 'Standings::Team', "::$teama", ACCESS_EDIT)) &&
(!pnSecAuthAction(0, 'Standings::Team', "::$teamb", ACCESS_EDIT))) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standtourncaltable = $pntable['stand_tourncal'];
$standtourncalcolumn = &$pntable['stand_tourncal_column'];
// Update the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "UPDATE $standtourncaltable
SET $standtourncalcolumn[rid] = '" . pnVarPrepForStore($rid) . "',
$standtourncalcolumn[date] = '" . pnVarPrepForStore($date) . "',
$standtourncalcolumn[time] = '" . pnVarPrepForStore($time) . "',
$standtourncalcolumn[teama] = '" . pnVarPrepForStore($teama) . "',
$standtourncalcolumn[teamb] = '" . pnVarPrepForStore($teamb) . "',
$standtourncalcolumn[scorea] = '" . pnVarPrepForStore($scorea) . "',
$standtourncalcolumn[scoreb] = '" . pnVarPrepForStore($scoreb) . "',
$standtourncalcolumn[q1a] = '" . pnVarPrepForStore($q1a) . "',
$standtourncalcolumn[q1b] = '" . pnVarPrepForStore($q1b) . "',
$standtourncalcolumn[q2a] = '" . pnVarPrepForStore($q2a) . "',
$standtourncalcolumn[q2b] = '" . pnVarPrepForStore($q2b) . "',
$standtourncalcolumn[q3a] = '" . pnVarPrepForStore($q3a) . "',
$standtourncalcolumn[q3b] = '" . pnVarPrepForStore($q3b) . "',
$standtourncalcolumn[q4a] = '" . pnVarPrepForStore($q4a) . "',
$standtourncalcolumn[q4b] = '" . pnVarPrepForStore($q4b) . "',
$standtourncalcolumn[ot1a] = '" . pnVarPrepForStore($ot1a) . "',
$standtourncalcolumn[ot1b] = '" . pnVarPrepForStore($ot1b) . "',
$standtourncalcolumn[ot2a] = '" . pnVarPrepForStore($ot2a) . "',
$standtourncalcolumn[ot2b] = '" . pnVarPrepForStore($ot2b) . "',
$standtourncalcolumn[ot3a] = '" . pnVarPrepForStore($ot3a) . "',
$standtourncalcolumn[ot3b] = '" . pnVarPrepForStore($ot3b) . "',
$standtourncalcolumn[offic1] = '" . pnVarPrepForStore($offic1) . "',
$standtourncalcolumn[offic2] = '" . pnVarPrepForStore($offic2) . "',
$standtourncalcolumn[offic3] = '" . pnVarPrepForStore($offic3) . "'
WHERE $standtourncalcolumn[tcid] = " . pnVarPrepForStore($tcid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _UPDATEFAILED);
return false;
}
// Let the calling process know that we have finished successfully
return true;
}
//////
/// Update a Player
//////
function standings_adminapi_updateplayer($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($pid)) ||
(!isset($tid))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Load API. Note that this is loading the user API in addition to
// the administration API, that is because the user API contains
// the function to obtain item information which is the first thing
// that we need to do. If the API fails to load an appropriate error
// message is posted and the function returns
if (!pnModAPILoad('Standings', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
// Note that at this stage we have two sets of item information, the
// pre-modification and the post-modification. We need to check against
// both of these to ensure that whoever is doing the modification has
// suitable permissions to edit the item otherwise people can potentially
// edit areas to which they do not have suitable access
if (!pnSecAuthAction(0, 'Standings::Team', "::$tid", ACCESS_EDIT)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standplayerstable = $pntable['stand_players'];
$standplayerscolumn = &$pntable['stand_players_column'];
// Update the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "UPDATE $standplayerstable
SET $standplayerscolumn[tid] = " . pnVarPrepForStore($tid) . ",
$standplayerscolumn[cid] = " . pnVarPrepForStore($cid) . ",
$standplayerscolumn[name] = '" . pnVarPrepForStore($name) . "',
$standplayerscolumn[fname] = '" . pnVarPrepForStore($fname) . "',
$standplayerscolumn[number] = " . pnVarPrepForStore($number) . ",
$standplayerscolumn[role] = '" . pnVarPrepForStore($role) . "',
$standplayerscolumn[birth] = '" . pnVarPrepForStore($birth) . "',
$standplayerscolumn[height] = '" . pnVarPrepForStore($height) . "',
$standplayerscolumn[weight] = '" . pnVarPrepForStore($weight) . "',
$standplayerscolumn[notes] = '" . pnVarPrepForStore($notes) . "',
$standplayerscolumn[from] = '" . pnVarPrepForStore($from) . "'
WHERE $standplayerscolumn[pid] = " . pnVarPrepForStore($pid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _UPDATEFAILED);
return false;
}
// Let the calling process know that we have finished successfully
return true;
}
//////
/// Update a Scout
//////
function standings_adminapi_updatescout($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($sid))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Load API. Note that this is loading the user API in addition to
// the administration API, that is because the user API contains
// the function to obtain item information which is the first thing
// that we need to do. If the API fails to load an appropriate error
// message is posted and the function returns
if (!pnModAPILoad('Standings', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
// Note that at this stage we have two sets of item information, the
// pre-modification and the post-modification. We need to check against
// both of these to ensure that whoever is doing the modification has
// suitable permissions to edit the item otherwise people can potentially
// edit areas to which they do not have suitable access
if (!pnSecAuthAction(0, 'Standings::Team', "::$tid", ACCESS_EDIT)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standscoutstable = $pntable['stand_scouts'];
$standscoutscolumn = &$pntable['stand_scouts_column'];
// Calculate total points
$pts = $fgm * 2 + $tpm * 3 + $ftm;
// Update the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sql = "UPDATE $standscoutstable
SET $standscoutscolumn[start] = '" . pnVarPrepForStore($start) . "',
$standscoutscolumn[mins] = " . pnVarPrepForStore($mins) . ",
$standscoutscolumn[fgm] = " . pnVarPrepForStore($fgm) . ",
$standscoutscolumn[fga] = " . pnVarPrepForStore($fga) . ",
$standscoutscolumn[tpm] = " . pnVarPrepForStore($tpm) . ",
$standscoutscolumn[tpa] = " . pnVarPrepForStore($tpa) . ",
$standscoutscolumn[ftm] = " . pnVarPrepForStore($ftm) . ",
$standscoutscolumn[fta] = " . pnVarPrepForStore($fta) . ",
$standscoutscolumn[or] = " . pnVarPrepForStore($or) . ",
$standscoutscolumn[dr] = " . pnVarPrepForStore($dr) . ",
$standscoutscolumn[ass] = " . pnVarPrepForStore($ass) . ",
$standscoutscolumn[ste] = " . pnVarPrepForStore($ste) . ",
$standscoutscolumn[blk] = " . pnVarPrepForStore($blk) . ",
$standscoutscolumn[blkr] = " . pnVarPrepForStore($blkr) . ",
$standscoutscolumn[to] = " . pnVarPrepForStore($to) . ",
$standscoutscolumn[pf] = " . pnVarPrepForStore($pf) . ",
$standscoutscolumn[pfr] = " . pnVarPrepForStore($pfr) . ",
$standscoutscolumn[pts] = " . pnVarPrepForStore($pts) . "
WHERE $standscoutscolumn[sid] = " . pnVarPrepForStore($sid);
$dbconn->Execute($sql);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _UPDATEFAILED);
return false;
}
// Let the calling process know that we have finished successfully
return true;
}
//////
/// update the Ranking for a given Tournament
//////
function standings_adminapi_updaterank($args)
{
// Get arguments from argument array - all arguments to this function
// should be obtained from the $args array, getting them from other
// places such as the environment is not allowed, as that makes
// assumptions that will not hold in future versions of PostNuke
extract($args);
// Argument check - make sure that all required arguments are present,
// if not then set an appropriate error message and return
if ((!isset($cid))) {
pnSessionSetVar('errormsg', _MODARGSERROR);
return false;
}
// Security check - important to do this as early on as possible to
// avoid potential security holes or just too much wasted processing.
// However, in this case we had to wait until we could obtain the item
// name to complete the instance information so this is the first
// chance we get to do the check
// Note that at this stage we have two sets of item information, the
// pre-modification and the post-modification. We need to check against
// both of these to ensure that whoever is doing the modification has
// suitable permissions to edit the item otherwise people can potentially
// edit areas to which they do not have suitable access
if (!pnSecAuthAction(0, 'Standings::Tournament', "::$cid", ACCESS_ADMIN)) {
pnSessionSetVar('errormsg', _STANDINGSNOAUTH);
return false;
}
// Load API. Note that this is loading the user API, that is because the
// user API contains the function to obtain item information which is the
// first thing that we need to do. If the API fails to load an appropriate
// error message is posted and the function returns
if (!pnModAPILoad('Standings', 'user')) {
$output->Text(_LOADFAILED);
return $output->GetOutput();
}
// Get Tournament info
$tourn = pnModAPIFunc('Standings',
'user',
'get',
array('cid' => $cid));
if ($tourn == false) {
$output->Text(_STANDINGSNOSUCHITEM);
return $output->GetOutput();
}
// points per victory
$ppv = $tourn[ppv];
$ppd = $tourn[ppd];
$ppl = $tourn[ppl];
// The user API function is called. This takes the item ID which we
// obtained from the input and gets us the information on the appropriate
// item. If the item does not exist we post an appropriate message and
// return
$tms = pnModAPIFunc('Standings',
'user',
'getteams',
array('cid' => $cid));
if ($tms == false) {
$output->Text(_STANDINGSNOSUCHITEM);
return $output->GetOutput();
}
// The user API function is called. This takes the item ID which we
// obtained from the input and gets us the information on the appropriate
// item. If the item does not exist we post an appropriate message and
// return
$scheds = pnModAPIFunc('Standings',
'user',
'getcals',
array('cid' => $cid));
if ($scheds == false) {
$output->Text(_STANDINGSNOSUCHITEM);
return $output->GetOutput();
}
// Get datbase setup - note that both pnDBGetConn() and pnDBGetTables()
// return arrays but we handle them differently. For pnDBGetConn()
// we currently just want the first item, which is the official
// database handle. For pnDBGetTables() we want to keep the entire
// tables array together for easy reference later on
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// It's good practice to name the table and column definitions you
// are getting - $table and $column don't cut it in more complex
// modules
$standteamtable = $pntable['stand_team'];
$standteamcolumn = &$pntable['stand_team_column'];
///
/// Start Stats reset loop
///
foreach ($tms as $tm)
{
$sql = "UPDATE $standteamtable
SET $standteamcolumn[pts] = 0,
$standteamcolumn[totg] = 0,
$standteamcolumn[totw] = 0,
$standteamcolumn[totl] = 0,
$standteamcolumn[totd] = 0,
$standteamcolumn[totpd] = 0,
$standteamcolumn[totpr] = 0,
$standteamcolumn[hg] = 0,
$standteamcolumn[hw] = 0,
$standteamcolumn[hl] = 0,
$standteamcolumn[hd] = 0,
$standteamcolumn[hpd] = 0,
$standteamcolumn[hpr] = 0,
$standteamcolumn[ag] = 0,
$standteamcolumn[aw] = 0,
$standteamcolumn[al] = 0,
$standteamcolumn[ad] = 0,
$standteamcolumn[apd] = 0,
$standteamcolumn[apr] = 0
WHERE $standteamcolumn[cid] = " . pnVarPrepForStore($cid) . "
AND $standteamcolumn[tid] = " . pnVarPrepForStore($tm[tid]);
$dbconn->Execute($sql);
}
///
/// Start Main update loop
///
foreach ($scheds as $sched)
{
if ($sched[scorea] >= 0) {
$ta = pnModAPIFunc('Standings',
'user',
'getteam',
array('tid' => $sched[teama]));
$tb = pnModAPIFunc('Standings',
'user',
'getteam',
array('tid' => $sched[teamb]));
if ($sched[scorea] > $sched[scoreb]) {
// Home team victory
// Home Stats
$ptsa = $ta[pts] + $ppv;
$totwa = $ta[totw] + 1;
$hwa = $ta[hw] + 1;
$extraa = "$standteamcolumn[pts] = " . pnVarPrepForStore($ptsa) . ",
$standteamcolumn[totw] = " . pnVarPrepForStore($totwa) . ",
$standteamcolumn[hw] = " . pnVarPrepForStore($hwa) . " ";
// Away Stats
$ptsb = $tb[pts] + $ppl;
$totlb = $tb[totl] + 1;
$alb = $tb[al] + 1;
$extrab = "$standteamcolumn[pts] = " . pnVarPrepForStore($ptsb) . ",
$standteamcolumn[totl] = " . pnVarPrepForStore($totlb) . ",
$standteamcolumn[al] = " . pnVarPrepForStore($alb) . " ";
} elseif ($sched[scorea] < $sched[scoreb]) {
// Away team victory
// Home Stats
$ptsa = $ta[pts] + $ppl;
$totla = $ta[totl] + 1;
$hla = $ta[hl] + 1;
$extraa = "$standteamcolumn[pts] = " . pnVarPrepForStore($ptsa) . ",
$standteamcolumn[totl] = " . pnVarPrepForStore($totla) . ",
$standteamcolumn[hl] = " . pnVarPrepForStore($hla) . " ";
// Away Stats
$ptsb = $tb[pts] + $ppv;
$totwb = $tb[totw] + 1;
$awb = $tb[aw] + 1;
$extrab = "$standteamcolumn[pts] = " . pnVarPrepForStore($ptsb) . ",
$standteamcolumn[totw] = " . pnVarPrepForStore($totwb) . ",
$standteamcolumn[aw] = " . pnVarPrepForStore($awb) . " ";
} else {
// draw (if allowed)
// Home Stats
$ptsa = $ta[pts] + $ppd;
$totda = $ta[totd] + 1;
$hda = $ta[hd] + 1;
$extraa = "$standteamcolumn[pts] = " . pnVarPrepForStore($ptsa) . ",
$standteamcolumn[totd] = " . pnVarPrepForStore($totda) . ",
$standteamcolumn[hd] = " . pnVarPrepForStore($hda) . " ";
// Away Stats
$ptsb = $tb[pts] + $ppd;
$totdb = $tb[totd] + 1;
$adb = $tb[ad] + 1;
$extrab = "$standteamcolumn[pts] = " . pnVarPrepForStore($ptsb) . ",
$standteamcolumn[totd] = " . pnVarPrepForStore($totdb) . ",
$standteamcolumn[ad] = " . pnVarPrepForStore($adb) . " ";
}
$totga = $ta[totg] + 1;
$totpda = $ta[totpd] + $sched[scorea];
$totpra = $ta[totpr] + $sched[scoreb];
$hga = $ta[hg] + 1;
$hpda = $ta[hpd] + $sched[scorea];
$hpra = $ta[hpr] + $sched[scoreb];
$totgb = $tb[totg] + 1;
$totpdb = $tb[totpd] + $sched[scoreb];
$totprb = $tb[totpr] + $sched[scorea];
$agb = $tb[ag] + 1;
$apdb = $tb[apd] + $sched[scoreb];
$aprb = $tb[apr] + $sched[scorea];
// Update the item - the formatting here is not mandatory, but it does
// make the SQL statement relatively easy to read. Also, separating
// out the sql statement from the Execute() command allows for simpler
// debug operation if it is ever needed
$sqla = "UPDATE $standteamtable
SET $standteamcolumn[totg] = " . pnVarPrepForStore($totga) . ",
$standteamcolumn[totpd] = " . pnVarPrepForStore($totpda) . ",
$standteamcolumn[totpr] = " . pnVarPrepForStore($totpra) . ",
$standteamcolumn[hg] = " . pnVarPrepForStore($hga) . ",
$standteamcolumn[hpd] = " . pnVarPrepForStore($hpda) . ",
$standteamcolumn[hpr] = " . pnVarPrepForStore($hpra) . ",
$extraa
WHERE $standteamcolumn[cid] = " . pnVarPrepForStore($cid) . "
AND $standteamcolumn[tid] = " . pnVarPrepForStore($sched[teama]);
$dbconn->Execute($sqla);
$sqlb = "UPDATE $standteamtable
SET $standteamcolumn[totg] = " . pnVarPrepForStore($totgb) . ",
$standteamcolumn[totpd] = " . pnVarPrepForStore($totpdb) . ",
$standteamcolumn[totpr] = " . pnVarPrepForStore($totprb) . ",
$standteamcolumn[ag] = " . pnVarPrepForStore($agb) . ",
$standteamcolumn[apd] = " . pnVarPrepForStore($apdb) . ",
$standteamcolumn[apr] = " . pnVarPrepForStore($aprb) . ",
$extrab
WHERE $standteamcolumn[cid] = " . pnVarPrepForStore($cid) . "
AND $standteamcolumn[tid] = " . pnVarPrepForStore($sched[teamb]);
$dbconn->Execute($sqlb);
// Check for an error with the database code, and if so set an
// appropriate error message and return
if ($dbconn->ErrorNo() != 0) {
pnSessionSetVar('errormsg', _UPDATEFAILED);
return false;
}
} // end if scorea >=0
}
// Let the calling process know that we have finished successfully
return true;
}
?>