Merge pull request #15 from greatergoodcharities/master

Merge BioKIC/Symbiota developments
BioKIC · Dec 22, 2022 · d26d9b0 · d26d9b0
2 parents 0ba451a + b10ef7d
commit d26d9b0
Show file tree

Hide file tree

Showing 378 changed files with 6,161 additions and 4,599 deletions.
diff --git a/admin/index.php b/admin/index.php
@@ -7,7 +7,6 @@
 	<head>
 		<title>Forbidden</title>
 		<?php
-		$activateJQuery = false;
 		include_once($SERVER_ROOT.'/includes/head.php');
 		?>
 	</head>

diff --git a/admin/install.php b/admin/install.php
diff --git a/admin/portalindex.php b/admin/portalindex.php
@@ -6,15 +6,10 @@
 
 if(!$SYMB_UID) header('Location: '.$CLIENT_ROOT.'/profile/index.php?refurl=../admin/portalindex.php?'.htmlspecialchars($_SERVER['QUERY_STRING'], ENT_QUOTES));
 
-$portalID = array_key_exists('portalid',$_REQUEST)?$_REQUEST['portalid']:0;
-$remoteID = array_key_exists('remoteid',$_REQUEST)?$_REQUEST['remoteid']:0;
-$remotePath = array_key_exists('remotePath',$_POST)?$_POST['remotePath']:'';
-$formSubmit = array_key_exists('formsubmit',$_POST)?$_POST['formsubmit']:'';
-
-//Sanitation
-if(!is_numeric($portalID)) $portalID = 0;
-if(!is_numeric($remoteID)) $remoteID = 0;
-$remotePath = filter_var($remotePath, FILTER_SANITIZE_URL);
+$portalID = array_key_exists('portalid', $_REQUEST) ? filter_var($_REQUEST['portalid'], FILTER_SANITIZE_NUMBER_INT : 0;
+$remoteID = array_key_exists('remoteid', $_REQUEST) ? filter_var($_REQUEST['remoteid'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$remotePath = array_key_exists('remotePath', $_POST) ? filter_var($_POST['remotePath'], FILTER_SANITIZE_URL) : '';
+$formSubmit = array_key_exists('formsubmit', $_POST) ? $_POST['formsubmit'] : '';
 
 $portalManager = new PortalIndex();
 
@@ -24,8 +19,8 @@
 <html>
 	<head>
 		<title><?php echo $DEFAULT_TITLE; ?> Portal Index Control Panel</title>
+		<link href="<?php echo $CSS_BASE_PATH; ?>/jquery-ui.css" type="text/css" rel="stylesheet">
 		<?php
-		$activateJQuery = true;
 		include_once($SERVER_ROOT.'/includes/head.php');
 		?>
 		<script src="<?php echo $CLIENT_ROOT; ?>/js/jquery.js" type="text/javascript"></script>

diff --git a/admin/schemamanager.php b/admin/schemamanager.php
@@ -0,0 +1,75 @@
+<?php
+include_once('../config/symbini.php');
+include_once($SERVER_ROOT.'/classes/SchemaManager.php');
+header("Content-Type: text/html; charset=".$CHARSET);
+
+$schemaManager = new SchemaManager();
+$verHistory = $schemaManager->getVersionHistory();
+$currentVers = $schemaManager->getCurrentVersion();
+?>
+<html>
+	<head>
+		<title>Database Schema Manager</title>
+		<?php
+		include_once($SERVER_ROOT.'/includes/head.php');
+		?>
+		<style type="text/css">
+			label{ font-weight:bold }
+		</style>
+	</head>
+	<body>
+		<?php
+		include($SERVER_ROOT.'/includes/header.php');
+		?>
+		<div id="innertext">
+			<h1>Database Schema Manager</h1>
+			<div style="margin:15px;">
+				<label>Current version: </label>
+				<?php echo $currentVers; ?>
+			</div>
+			<div style="margin:15px">
+				<table class="styledtable" style="width:300px;">
+					<tr><th>Version</th><th>Date Applied</th></tr>
+					<?php
+					foreach($verHistory as $ver => $date){
+						echo '<tr><td>'.$ver.'</td><td>'.$date.'</td></tr>';
+					}
+					?>
+				</table>
+			</div>
+			<form name="databaseMaintenanceForm" action="schemamanager.php" method="post">
+				<fieldset>
+					<legend>Database Schema Assistant</legend>
+					<div class="form-section">
+						<label>Database name:</label>
+						<input name="database" type="text" value="<?php echo $database; ?>" required>
+					</div>
+					<div class="form-section">
+						<label>Username:</label>
+						<input name="database" type="text" value="<?php echo $database; ?>" required>
+						<div>*Must have all DDL pivileges</div>
+					</div>
+					<div class="form-section">
+						<label>Database name: </label>
+						<input name="database" type="text" value="<?php echo $database; ?>" required>
+					</div>
+					<div class="form-section">
+						<label>Schema: </label>
+						<select name="schemaPatch">
+							<option value="1.0">Base Schema 1.0</option>
+							<option value="1.1">Schema Patch 1.1</option>
+							<option value="1.2">Schema Patch 1.2</option>
+							<option value="1.3">Schema Patch 1.3</option>
+						</select>
+					</div>
+					<div class="form-section">
+						<button>Install Patch</button>
+					</div>
+				</fieldset>
+			</form>
+		</div>
+		<?php
+		include($SERVER_ROOT.'/includes/footer.php');
+		?>
+	</body>
+</html>
diff --git a/agents/agent.php b/agents/agent.php
@@ -142,8 +142,8 @@ function pageheader($agent) {
 	<title>'.$DEFAULT_TITLE.' - '.$spDisplay. '</title>
 	<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $CHARSET; ?>"/>
 	<meta name="keywords" content='. $spDisplay .' />
-	<link href="../css/base.css?ver='.$CSS_VERSION.'" type="text/css" rel="stylesheet" />
-	<link href="../css/main.css'.(isset($CSS_VERSION_LOCAL)?'?ver='.$CSS_VERSION_LOCAL:'').'" type="text/css" rel="stylesheet" />
+	<link href="../css/base.css" type="text/css" rel="stylesheet" />
+	<link href="../css/main.css" type="text/css" rel="stylesheet" />
 	<link href="../css/jquery-ui_accordian.css" type="text/css" rel="stylesheet" />
 	<script type="text/javascript" src="../js/jquery.js"></script>
 	<script type="text/javascript" src="../js/jquery-ui.js"></script>';

diff --git a/agents/index.php b/agents/index.php
@@ -95,8 +95,8 @@ function pageheader($name) {
 	<title>'.$DEFAULT_TITLE.' - '.$spDisplay. '</title>
 	<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $CHARSET; ?>"/>
 	<meta name="keywords" content='. $spDisplay .' />
-	<link href="../css/base.css?ver=<?php echo $CSS_VERSION; ?>" type="text/css" rel="stylesheet" />
-	<link href="../css/main.css'.(isset($CSS_VERSION_LOCAL)?'?ver='.$CSS_VERSION_LOCAL:'').'" type="text/css" rel="stylesheet" />
+	<link href="../css/base.css" type="text/css" rel="stylesheet" />
+	<link href="../css/main.css" type="text/css" rel="stylesheet" />
 	<script type="text/javascript" src="../js/jquery.js"></script>
 	<script type="text/javascript" src="../js/jquery-ui.js"></script>';
     // include_once($SERVER_ROOT.'/includes/googleanalytics.php');

diff --git a/agents/rpc/index.php b/agents/rpc/index.php
@@ -7,14 +7,7 @@
 	<head>
 		<title>Forbidden</title>
 		<?php
-		$activateJQuery = false;
-		if(file_exists($SERVER_ROOT.'/includes/head.php')){
-			include_once($SERVER_ROOT.'/includes/head.php');
-		}
-		else{
-			echo '<link href="'.$CLIENT_ROOT.'/css/base.css?ver=1" type="text/css" rel="stylesheet" />';
-			echo '<link href="'.$CLIENT_ROOT.'/css/main.css?ver=1" type="text/css" rel="stylesheet" />';
-		}
+		include_once($SERVER_ROOT.'/includes/head.php');
 		?>
 	</head>
 	<body>

diff --git a/checklists/checklist.php b/checklists/checklist.php
@@ -6,43 +6,24 @@
 header('Content-Type: text/html; charset='.$CHARSET);
 
 $action = array_key_exists('submitaction',$_REQUEST)?$_REQUEST['submitaction']:'';
-$clid = array_key_exists('clid',$_REQUEST)?$_REQUEST['clid']:0;
+$clid = array_key_exists('clid', $_REQUEST) ? filter_var($_REQUEST['clid'], FILTER_SANITIZE_NUMBER_INT) : 0;
 if(!$clid && array_key_exists('cl',$_REQUEST)) $clid = $_REQUEST['cl'];
-$dynClid = array_key_exists('dynclid',$_REQUEST)?$_REQUEST['dynclid']:0;
-$pageNumber = array_key_exists('pagenumber',$_REQUEST)?$_REQUEST['pagenumber']:1;
-$pid = array_key_exists('pid',$_REQUEST)?$_REQUEST['pid']:'';
-$thesFilter = array_key_exists('thesfilter',$_REQUEST)?$_REQUEST['thesfilter']:0;
-$taxonFilter = array_key_exists('taxonfilter',$_REQUEST)?$_REQUEST['taxonfilter']:'';
-$showAuthors = array_key_exists('showauthors',$_REQUEST)?$_REQUEST['showauthors']:0;
-$showSynonyms = array_key_exists('showsynonyms',$_REQUEST)?$_REQUEST['showsynonyms']:0;
-$showCommon = array_key_exists('showcommon',$_REQUEST)?$_REQUEST['showcommon']:0;
-$showImages = array_key_exists('showimages',$_REQUEST)?$_REQUEST['showimages']:0;
-$limitImagesToVouchers = array_key_exists('voucherimages',$_REQUEST)?$_REQUEST['voucherimages']:0;
-$showVouchers = array_key_exists('showvouchers',$_REQUEST)?$_REQUEST['showvouchers']:0;
-$showAlphaTaxa = array_key_exists('showalphataxa',$_REQUEST)?$_REQUEST['showalphataxa']:0;
-$searchCommon = array_key_exists('searchcommon',$_REQUEST)?$_REQUEST['searchcommon']:0;
-$searchSynonyms = array_key_exists('searchsynonyms',$_REQUEST)?$_REQUEST['searchsynonyms']:0;
-$defaultOverride = array_key_exists('defaultoverride',$_REQUEST)?$_REQUEST['defaultoverride']:0;
-$printMode = array_key_exists('printmode',$_REQUEST)?$_REQUEST['printmode']:0;
-
-//Sanitation
-if(!is_numeric($clid)) $clid = 0;
-if(!is_numeric($dynClid)) $dynClid = 0;
-if(!is_numeric($pid)) $pid = 0;
-if(!is_numeric($pageNumber)) $pageNumber = 1;
-if(!is_numeric($thesFilter)) $thesFilter = 0;
-if(!preg_match('/^[a-z\-\s]+$/i', $taxonFilter)) $taxonFilter = '';
-if(!is_numeric($showAuthors)) $showAuthors = 0;
-if(!is_numeric($showSynonyms)) $showSynonyms = 0;
-if(!is_numeric($showCommon)) $showCommon = 0;
-if(!is_numeric($showImages)) $showImages = 0;
-if(!is_numeric($limitImagesToVouchers)) $limitImagesToVouchers = 0;
-if(!is_numeric($showVouchers)) $showVouchers = 0;
-if(!is_numeric($showAlphaTaxa)) $showAlphaTaxa = 0;
-if(!is_numeric($searchCommon)) $searchCommon = 0;
-if(!is_numeric($searchSynonyms)) $searchSynonyms = 0;
-if(!is_numeric($defaultOverride)) $defaultOverride = 0;
-if(!is_numeric($printMode)) $printMode = 0;
+$dynClid = array_key_exists('dynclid', $_REQUEST) ? filter_var($_REQUEST['dynclid'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$pageNumber = array_key_exists('pagenumber', $_REQUEST) ? filter_var($_REQUEST['pagenumber'], FILTER_SANITIZE_NUMBER_INT) : 1;
+$pid = array_key_exists('pid', $_REQUEST) ? filter_var($_REQUEST['pid'], FILTER_SANITIZE_NUMBER_INT) : '';
+$thesFilter = array_key_exists('thesfilter', $_REQUEST) ? filter_var($_REQUEST['thesfilter'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$taxonFilter = array_key_exists('taxonfilter', $_REQUEST) ? filter_var($_REQUEST['taxonfilter'], FILTER_SANITIZE_STRING) : '';
+$showAuthors = array_key_exists('showauthors', $_REQUEST) ? filter_var($_REQUEST['showauthors'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$showSynonyms = array_key_exists('showsynonyms', $_REQUEST) ? filter_var($_REQUEST['showsynonyms'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$showCommon = array_key_exists('showcommon', $_REQUEST) ? filter_var($_REQUEST['showcommon'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$showImages = array_key_exists('showimages', $_REQUEST) ? filter_var($_REQUEST['showimages'], FILTER_SANITIZE_NUMBER_INT) : 0 ;
+$limitImagesToVouchers = array_key_exists('voucherimages', $_REQUEST) ? filter_var($_REQUEST['voucherimages'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$showVouchers = array_key_exists('showvouchers', $_REQUEST) ? filter_var($_REQUEST['showvouchers'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$showAlphaTaxa = array_key_exists('showalphataxa', $_REQUEST) ? filter_var($_REQUEST['showalphataxa'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$searchCommon = array_key_exists('searchcommon', $_REQUEST) ? filter_var($_REQUEST['searchcommon'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$searchSynonyms = array_key_exists('searchsynonyms', $_REQUEST) ? filter_var($_REQUEST['searchsynonyms'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$defaultOverride = array_key_exists('defaultoverride', $_REQUEST) ? filter_var($_REQUEST['defaultoverride'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$printMode = array_key_exists('printmode', $_REQUEST) ? filter_var($_REQUEST['printmode'], FILTER_SANITIZE_NUMBER_INT) : 0;
 
 $statusStr='';
 
@@ -113,14 +94,14 @@
 <head>
 	<meta charset="<?php echo $CHARSET; ?>">
 	<title><?php echo $DEFAULT_TITLE.' '.(isset($LANG['CHECKLIST'])?$LANG['CHECKLIST']:'Checklist').': '.$clManager->getClName(); ?></title>
+	<link href="<?php echo $CSS_BASE_PATH; ?>/jquery-ui.css" type="text/css" rel="stylesheet">
 	<?php
-	$activateJQuery = true;
 	include_once($SERVER_ROOT.'/includes/head.php');
 	include_once($SERVER_ROOT.'/includes/googleanalytics.php');
 	?>
-	<link href="<?php echo $CSS_BASE_PATH; ?>/checklist.css?ver=1" type="text/css" rel="stylesheet" />
-	<script type="text/javascript" src="../js/jquery.js"></script>
-	<script type="text/javascript" src="../js/jquery-ui.js"></script>
+	<link href="<?php echo $CSS_BASE_PATH; ?>/symbiota/checklists/checklist.css" type="text/css" rel="stylesheet" />
+	<script src="../js/jquery.js" type="text/javascript"></script>
+	<script src="../js/jquery-ui.js" type="text/javascript"></script>
 	<script type="text/javascript">
 		<?php
 		if($clid) echo 'var clid = '.$clid.';'."\n";
@@ -160,23 +141,15 @@ function changeImageSource(elem){
 	if(!$printMode) include($SERVER_ROOT.'/includes/header.php');
 	echo '<div class="navpath printoff">';
 	if($pid){
-		echo '<a href="../index.php">'.$LANG['NAV_HOME'].'</a> &gt; ';
-		echo '<a href="'.$CLIENT_ROOT.'/projects/index.php?pid='.$pid.'">';
+		echo '<a href="../index.php">' . $LANG['NAV_HOME'] . '</a> &gt; ';
+		echo '<a href="' . $CLIENT_ROOT . '/projects/index.php?pid=' . $pid . '">';
 		echo $clManager->getProjName();
 		echo '</a> &gt; ';
-		echo '<b>'.$clManager->getClName().'</b>';
+		echo '<b>' . $clManager->getClName() . '</b>';
 	}
 	else{
-		if(isset($checklists_checklistCrumbs)){
-			if($checklists_checklistCrumbs){
-				echo $checklists_checklistCrumbs;
-				echo " <b>".$clManager->getClName()."</b>";
-			}
-		}
-		else{
-			echo '<a href="../index.php">'.$LANG['NAV_HOME'].'</a> &gt;&gt; ';
-			echo ' <b>'.$clManager->getClName().'</b>';
-		}
+		echo '<a href="../index.php">' . $LANG['NAV_HOME'] . '</a> &gt;&gt; ';
+		echo '<a href="checklist.php?clid='. $clid . '&pid=' . $pid . ($dynClid ? '&dynclid=' . $dynClid : $dynClid) . '"><b>' . $clManager->getClName() . '</b></a>';
 	}
 	echo '</div>';
 	?>
@@ -204,9 +177,7 @@ function changeImageSource(elem){
 			}
 			?>
 			<div id="title-div">
-				<a href="checklist.php?clid=<?php echo $clid."&pid=".$pid."&dynclid=".$dynClid; ?>">
-					<?php echo $clManager->getClName(); ?>
-				</a>
+				<?php echo $clManager->getClName(); ?>
 			</div>
 			<?php
 			if($activateKey){

diff --git a/checklists/checklistadmin.php b/checklists/checklistadmin.php
@@ -5,25 +5,15 @@
 header('Content-Type: text/html; charset='.$CHARSET);
 if(!$SYMB_UID) header('Location: ../profile/index.php?refurl=../checklists/checklistadmin.php?'.htmlspecialchars($_SERVER['QUERY_STRING'], ENT_QUOTES));
 
-$clid = array_key_exists('clid',$_REQUEST)?$_REQUEST['clid']:0;
-$pid = array_key_exists('pid',$_REQUEST)?$_REQUEST['pid']:0;
-$targetClid = array_key_exists('targetclid',$_REQUEST)?$_REQUEST['targetclid']:0;
-$transferMethod = array_key_exists('transmethod',$_POST)?$_POST['transmethod']:0;
-$parentClid = array_key_exists('parentclid',$_REQUEST)?$_REQUEST['parentclid']:0;
-$targetPid = array_key_exists('targetpid',$_REQUEST)?$_REQUEST['targetpid']:'';
-$copyAttributes = array_key_exists('copyattributes',$_REQUEST)?$_REQUEST['copyattributes']:0;
-$tabIndex = array_key_exists('tabindex',$_REQUEST)?$_REQUEST['tabindex']:0;
-$action = array_key_exists('submitaction',$_REQUEST)?$_REQUEST['submitaction']:'';
-
-//Sanitation
-if(!is_numeric($clid)) $clid = 0;
-if(!is_numeric($pid)) $pid = 0;
-if(!is_numeric($targetClid)) $targetClid = 0;
-if(!is_numeric($transferMethod)) $transferMethod = 0;
-if(!is_numeric($parentClid)) $parentClid = '';
-if(!is_numeric($targetPid)) $targetPid = 0;
-if(!is_numeric($copyAttributes)) $copyAttributes = 0;
-if(!is_numeric($tabIndex)) $tabIndex = 0;
+$clid = array_key_exists('clid', $_REQUEST) ? filter_var($_REQUEST['clid'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$pid = array_key_exists('pid', $_REQUEST) ? filter_var($_REQUEST['pid'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$targetClid = array_key_exists('targetclid', $_REQUEST) ? filter_var($_REQUEST['targetclid'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$transferMethod = array_key_exists('transmethod', $_POST) ? filter_var($_POST['transmethod'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$parentClid = array_key_exists('parentclid', $_REQUEST) ? filter_var($_REQUEST['parentclid'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$targetPid = array_key_exists('targetpid', $_REQUEST) ? filter_var($_REQUEST['targetpid'], FILTER_SANITIZE_NUMBER_INT) : '';
+$copyAttributes = array_key_exists('copyattributes', $_REQUEST) ? filter_var($_REQUEST['copyattributes'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$tabIndex = array_key_exists('tabindex', $_REQUEST) ? filter_var($_REQUEST['tabindex'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$action = array_key_exists('submitaction', $_REQUEST) ? $_REQUEST['submitaction'] : '';
 
 $clManager = new ChecklistAdmin();
 if(!$clid && isset($_POST['delclid'])) $clid = $_POST['delclid'];
@@ -108,13 +98,13 @@
 <head>
 	<meta http-equiv="Content-Type" content="text/html; charset=<?php echo $CHARSET; ?>"/>
 	<title><?php echo $DEFAULT_TITLE.' - '.$LANG['CHECKLIST_ADMIN'];?></title>
+	<link href="<?php echo $CSS_BASE_PATH; ?>/jquery-ui.css" type="text/css" rel="stylesheet">
 	<?php
-	$activateJQuery = true;
 	include_once($SERVER_ROOT.'/includes/head.php');
 	?>
-	<script type="text/javascript" src="../js/jquery.js"></script>
-	<script type="text/javascript" src="../js/jquery-ui.js"></script>
-	<script type="text/javascript" src="../js/tinymce/tinymce.min.js"></script>
+	<script src="../js/jquery.js type="text/javascript""></script>
+	<script src="../js/jquery-ui.js type="text/javascript""></script>
+	<script src="../js/tinymce/tinymce.min.js" type="text/javascript"></script>
 	<script type="text/javascript">
 		var clid = <?php echo $clid; ?>;
 		var tabIndex = <?php echo $tabIndex; ?>;

diff --git a/checklists/checklistadminmeta.php b/checklists/checklistadminmeta.php
@@ -4,12 +4,8 @@
 @include_once($SERVER_ROOT.'/content/lang/checklists/checklistadminmeta.'.$LANG_TAG.'.php');
 header('Content-Type: text/html; charset='.$CHARSET);
 
-$clid = array_key_exists('clid',$_REQUEST)?$_REQUEST['clid']:0;
-$pid = array_key_exists('pid',$_REQUEST)?$_REQUEST['pid']:0;
-
-//Sanitation
-if(!is_numeric($clid)) $clid = 0;
-if(!is_numeric($pid)) $pid = 0;
+$clid = array_key_exists('clid', $_REQUEST) ? filter_var($_REQUEST['clid'], FILTER_SANITIZE_NUMBER_INT) : 0;
+$pid = array_key_exists('pid', $_REQUEST) ? filter_var($_REQUEST['pid'], FILTER_SANITIZE_NUMBER_INT) : 0;
 
 $clManager = new ChecklistAdmin();
 $clManager->setClid($clid);
-Original file line number
+Diff line change
@@ Expand Up / @@ -7,7 +7,6 @@ @@
     	<head>
     		<title>Forbidden</title>
     		<?php
-    		$activateJQuery = false;
     		include_once($SERVER_ROOT.'/includes/head.php');
     		?>
     	</head>
@@ Expand Down @@