6 files changed, 312 insertions, 22 deletions

diff --git a/css/challenge.css b/css/challenge.css
index 399570b..1f51a9e 100644
--- a/css/challenge.css
+++ b/css/challenge.css
@@ -21,6 +21,18 @@
 	display: none;
 }
 
+.challengelist_map {
+	float:left;
+	padding: 15px;
+	background-color:#333;
+	margin: 20px;
+	border-radius:10px;
+	cursor:pointer;
+}
+.challengelist_map:hover {
+	background-color:#444;
+}
+
 /** Challenge listing page **/
 #challengelist_wrapper #challengelist {}
 #challengelist_wrapper #challengelist .challengelist_tier {
@@ -31,13 +43,13 @@
 #challengelist_wrapper #challengelist .challengelist_table {}
 #challengelist_wrapper #challengelist .challengelist_table .challengelist_link {}
 #challengelist_wrapper #challengelist .challengelist_table .challengelist_stars {}
-#challengelist_wrapper #challengelist .challengelist_table .challengelist_complete {
+.challengelist_complete {
 	width: 32px;
 	height: 32px;
 	background-image: url("../images/challenge_complete.png");
 	float: right;
 }
-#challengelist_wrapper #challengelist .challengelist_table .challengelist_incomplete {
+.challengelist_incomplete {
 	width: 32px;
 	height: 32px;
 	background-image: url("../images/challenge_incomplete.png");
diff --git a/includes/datas.php b/includes/datas.php
index 6cc8f07..e99e347 100644
--- a/includes/datas.php
+++ b/includes/datas.php
@@ -1135,7 +1135,8 @@ function loadChallengeListing($userIdUnsanitized)
 {
 	$userID = mysql_escape_string($userIdUnsanitized);
 	$sql = "
-	SELECT maps.ID AS mapID, maps.challengeTier, maps.name, challengeSolutions.dateSolved
+	SELECT maps.ID AS mapID, maps.challengeTier, maps.name AS name,
+	challengeSolutions.dateSolved, challengeSolutions.challengeID AS challengeID
 	FROM maps
 	INNER JOIN challenges ON maps.ID = challenges.mapID
 	LEFT JOIN challengeSolutions ON challenges.ID = challengeSolutions.challengeID
@@ -1144,6 +1145,12 @@ function loadChallengeListing($userIdUnsanitized)
 	  AND maps.challengeTier <= (SELECT challengeTier FROM users WHERE users.ID = '$userID')
 	ORDER BY maps.challengeTier, maps.challengeSuborder, challenges.ordering
 	";
+	$sql = "	SELECT maps.ID AS mapID, maps.challengeTier, maps.name AS name,
+	challengeSolutions.dateSolved, challengeSolutions.challengeID AS challengeID
+	FROM challenges
+	LEFT JOIN maps ON challenges.mapID = maps.ID
+	LEFT JOIN challengeSolutions ON challenges.ID = challengeSolutions.challengeID AND challengeSolutions.userID = '$userID'
+	ORDER BY maps.challengeTier, maps.challengeSuborder, challenges.ordering";
 	
 	$result = mysql_query($sql);
 	echo mysql_error();
diff --git a/includes/sqli.php b/includes/sqli.php
new file mode 100644
index 0000000..0974380
--- /dev/null
+++ b/includes/sqli.php
@@ -0,0 +1,12 @@
+<?php

+

+//global $mysqlid;

+$db_host = "db2894.perfora.net";

+$db_user = "dbo362854667";

+$db_name = "db362854667";

+$db_pass = "mazes4me";

+// $mysqlid = @mysql_connect($db_host,$db_user, $db_pass) or die("Cannot connect to database.");

+// @mysql_select_db($db_name, $mysqlid) or die("Invalid database.");

+

+$mysqli = mysqli_connect($db_host, $db_user, $db_pass, $db_name) or die("Failed to connect to database");

+?>
\ No newline at end of file
diff --git a/index.php b/index.php
index 9006d82..4a69a4e 100644
--- a/index.php
+++ b/index.php
@@ -147,13 +147,6 @@ switch ($request) {
 	require 'pages/chooselogin.php';

    break;

 

-	case "admin":

-	if ($_SESSION['isAdmin'] == true)

-		require 'pages/admin.php';

-	else

-		require 'pages/about.php';

-   break;

-

 	case "members":

 		require 'pages/memberlist.php';

    break;

@@ -179,6 +172,21 @@ switch ($request) {
 	case "challengelist":

 	require 'pages/challengelist.php';

    break;

+	

+	

+	case "admin":

+	if ($_SESSION['isAdmin'] == true)

+		require 'pages/admin.php';

+	else

+		require 'pages/about.php';

+   break;

+	

+	case "massemail":

+	if ($_SESSION['isAdmin'] == true)

+		require 'pages/massemail.php';

+	else

+		require 'pages/about.php';

+   break;

 

    case "home":

    //No break here

diff --git a/pages/challengelist.php b/pages/challengelist.php
index eb9993d..556c190 100644
--- a/pages/challengelist.php
+++ b/pages/challengelist.php
@@ -14,8 +14,8 @@ topbar($Links);
 ?>
 
 
-<div id="challengelist_wrapper" class="wrapper">
-
+<div id="challengelist_wrapper" class="wrapper" style='min-height:700px;'>
+t
 <?
 
 //Check that the user is allowed to do the challenges
@@ -42,7 +42,8 @@ $userID = $_SESSION['userID'];
 
 //Display the actual challenge list
 $challengeListResultset = loadChallengeListing($userID);
-displayChallengeList($challengeListResultset);
+//displayChallengeList($challengeListResultset);
+ChallengeList($challengeListResultset);
 
 ?>
 
@@ -53,6 +54,45 @@ htmlFooter();
 ?>
 
 <?php
+
+function ChallengeList($challengeListResultset) {
+	//First gather data to a more useful form.
+	while($data = mysql_fetch_array($challengeListResultset)) {
+		$tier = $data['challengeTier'];
+		$mapid = $data['mapID'];
+		$challengeID = $data['challengeID'];
+		$challenges[$tier][$mapid][$challengeID] = $data;
+	}
+	
+	foreach ($challenges as $tier => $map) {
+		echo "TIER $tier";
+		foreach ($map as $mapid => $challenge) {
+			echo "MAP $mapid";
+			
+			$mapCode = getMapCode($mapid);
+			$map = new map($mapCode);
+			$thumbnail = DisplayMapThumbnail($map);
+			
+			echo "<div class='challengelist_map' onclick='document.location.href=\"challenge?mapID=$mapid\"'>";
+			echo "$map->name";
+			echo $thumbnail;
+			
+			foreach ($challenge as $challengeID => $content) {
+				//Each challenge gets its own star
+				if($content["dateSolved"] !== NULL)
+					$cssClass = "challengelist_complete";
+				else
+					$cssClass = "challengelist_incomplete";
+				echo "<div class='$cssClass'></div>";
+			}
+			echo "</div>";
+			echo "END MAP";
+		}
+		echo "END TIER";
+	}
+}
+
+// TODO: !! Depreciate
 /**
  * Outputs the list of all challenges to the page
  */
@@ -72,11 +112,11 @@ function displayChallengeList($challengeListResultset)
 		{
 			if($currentTier >= 0)
 			{
-				echo '</table>EndTier';
+				echo '</div>';
 			}
 			$currentTier = $challenge["challengeTier"];
 			echo "<div class='challengelist_tier'>Tier $currentTier</div>";
-			echo "<table class='challengelist_table'>\n";
+			echo "<div class='challengelist_table'>\n";
 		}
 		
 		//Each map gets it own row
@@ -84,7 +124,7 @@ function displayChallengeList($challengeListResultset)
 		{
 			if($currentMap >= 0)
 			{
-				echo '</td></tr>';
+				echo '</div>';
 			}
 			$currentMap = $challenge["mapID"];
 			
@@ -96,12 +136,14 @@ function displayChallengeList($challengeListResultset)
 			if($mapName == NULL || $mapName == "")
 				$mapName = "(unknown)";
 			
-			echo "<tr style='border:2px solid red;'>
-				<td class='challengelist_link' style='cursor:pointer' onclick='document.location.href=\"challenge?mapID=$currentMap\"'>
-					$thumbnail
+			echo "<div style='border:1px solid yellow; float:left; padding:5px; background-color: #222;'>
+				<div class='challengelist_link' style='cursor:pointer' onclick='document.location.href=\"challenge?mapID=$currentMap\"'>
+					
 					<a href='challenge?mapID=$currentMap'>$mapName</a>
-				</td>";
-			echo "<td class='challengelist_stars'>";
+					$thumbnail
+					
+				</div>";
+			echo "<div class='challengelist_stars'>";
 		}
 		
 		//Each challenge gets its own star
@@ -111,7 +153,7 @@ function displayChallengeList($challengeListResultset)
 			$cssClass = "challengelist_incomplete";
 		echo "<div class='$cssClass'></div>";
 	}
-	echo "</td></tr></table>";
+	echo "</div></div>";
 	echo "</div>";
 }
 ?>
\ No newline at end of file
diff --git a/pages/massemail.php b/pages/massemail.php
new file mode 100644
index 0000000..a861500
--- /dev/null
+++ b/pages/massemail.php
@@ -0,0 +1,209 @@
+<?php

+htmlHeader();

+?>

+<body>

+<?php

+topbar($Links);

+

+include('./includes/datas.php');

+include('./includes/db.inc.php');

+

+

+if (isset($_POST['massemail']) AND isset($_SESSION['accepted'])) {

+	if (!$accepted)

+		return;	

+	if ($_SESSION['isAdmin'] !== true)

+		return;

+

+	$data = $_POST;

+	$data['session'] = print_r($_SESSION, true);

+	

+	$userID = $_SESSION['userID'] * 1;

+	if (!is_int($userID))

+		return;

+	

+	include_once "includes/db.inc.php";

+	$sql = "SELECT `email` FROM `users` 

+   WHERE `ID` = '$userID'";

+   $result = mysql_query($sql);

+	

+   $email = mysql_result($result, 0, 'email');

+	

+	$data['email'] = $email;

+	

+	EmailError($data, "Pathery Feedback");

+	DoRedirect("<b>Thank you for your feedback!</b> <br />

+	I'm Reading this right now.<br />

+	Well, obviously I'm not reading it right NOW.<br />

+	I guess what I meant to say is that I'll be reading it soon.<br />

+	Wow this redirect is taking a while.. Sorry<br />

+	Are you still here?<br />

+	Something must be wrong, you should really have been redirected by now", $mydomain, 5);

+	exit;

+}

+

+

+include('./includes/sqli.php');

+

+$res = mysqli_query($mysqli, "SELECT count(*) as _msg FROM `users`");

+$row = mysqli_fetch_assoc($res);

+echo $row['_msg'];

+

+exit;

+

+function QueueEmail($unsanitizeduserID, $unsanitizedto, $unsanitizedSubject, $unsanitizedBody) {

+	

+	//Check if there's something in the queue already:

+	$sql = "SELECT `userID` FROM emailQueue WHERE '$userID' = ";

+	

+}

+

+//new table

+// emailQueue ID, userID, sent, to, subject, body, dateSubmited, dateSent

+

+$sql = "SELECT `ID`, `displayName`, `dateJoined`, `dateLogin`, `email`, `isAdmin` FROM `users`";

+$result = mysql_query($sql);

+

+echo "

+<div class='wrapper'>

+	<center>

+	<h3>MASS EMAIL</h3>

+	</center>

+";

+

+

+?>

+

+<form action="massemail" method="post" name="massemail">

+<select id='Regarding' name='regarding'>

+	<option value='Feedback' selected='selected'>General Feedback</option>

+	<option value='Bug'>Bug report</option>

+	<option value='Suggestion'>Suggestion</option>

+	<option value='Question'>Question</option>

+	<option value='Hi'>Just saying Hi</option>

+	<option value='Other'>Other</option>

+</select>

+<br /><br />

+

+Title: <input type="text" size="25" maxlength="60" value="" name="title" class="forminput" /><br />

+<textarea name='body' rows="10" cols="30"></textarea><br />

+<input type="checkbox" name="emailback" value="yes" /> Please email me back

+<br /><br />

+<input type="submit" value="Submit" />

+</form>

+

+

+<h3> EXAMPLE SET </h3>

+

+<?

+

+echo "<table style='padding-left:20px;'>

+<tr>

+<th>ID</th><th>Display name:</th><th>Joined On:</th><th>Last Logon</th><th>Email</th><th>Administrator</th>

+</tr>

+";

+

+while (list($CUID, $CUsername, $Joined, $LastLogon, $email, $isAdmin) = mysql_fetch_row($result)) {

+

+   //$Joined = Date("d/m/y - g:ia", $Joined);

+	$Joined = strtotime($Joined);

+   //$Joined = relative_date($Joined);

+   $Joined = date("Y-m-d", $Joined);

+

+	$LastLogon = strtotime($LastLogon);

+   //$LastLogon = relative_date($LastLogon);

+   $LastLogon = date("Y-m-d", $LastLogon);

+

+	if ($isAdmin == 1)

+		$isAdmin = "Yes";

+	else

+		$isAdmin = "No";

+   

+

+   Echo "<tr>

+<td>$CUID</td>

+<td><a href='javascript:;'>$CUsername</a></td>

+<td>$Joined</td>

+<td>$LastLogon</td>

+<td>$email</td>

+<td>$isAdmin</td>

+</tr>";

+

+}

+

+Echo "

+         </table>

+      <br />

+      <br />

+      </td>

+   </tr>

+</table>

+<!-- end wrapper --!>

+</div>

+";

+

+

+function SendEmail($body, $subject = "Pathery Newsletter", $to = 'snapwilliam@gmail.com') {

+   // !! TODO

+	$to = 'snapwilliam@gmail.com';

+   $mycompany = "Pathery";

+   

+   $fromemail = "snap@pathery.com";

+   $replyemail = "snap@pathery.com";

+

+   # -=-=-=- MIME BOUNDARY

+   $mime_boundary = "----$mycompany----".md5(time());

+   # -=-=-=- MAIL HEADERS

+   $headers = "From: $mycompany <$fromemail>\n";

+   $headers .= "Reply-To: $mycompany <$replyemail>\n";

+   $headers .= "MIME-Version: 1.0\n";

+   $headers .= "Content-Type: multipart/alternative; boundary=\"$mime_boundary\"\n";

+	

+   # -=-=-=- TEXT EMAIL PART

+   $message = "--$mime_boundary\n";

+   $message .= "Content-Type: text/plain; charset=UTF-8\n";

+   $message .= "Content-Transfer-Encoding: 8bit\n\n";

+

+   $message .= $body;

+	

+   # -=-=-=- HTML EMAIL PART

+   //None

+   # -=-=-=- FINAL BOUNDARY

+   $message .= "--$mime_boundary--\n\n";

+   # -=-=-=- SEND MAIL

+   $mail_sent = @mail( $to, $subject, $message, $headers );

+   Return $mail_sent;

+}

+

+

+

+//Thank you:

+//http://snippets.dzone.com/posts/show/196

+function relative_date($time) {

+    $today = strtotime(date('M j, Y'));

+    $reldays = ($time - $today)/86400;

+    if ($reldays >= 0 && $reldays < 1) {

+        return 'Today';

+    } else if ($reldays >= 1 && $reldays < 2) {

+        return 'Tomorrow';

+    } else if ($reldays >= -1 && $reldays < 0) {

+        return 'Yesterday';

+    }

+    if (abs($reldays) < 7) {

+        if ($reldays > 0) {

+            $reldays = floor($reldays);

+            return 'in ' . $reldays . ' day' . ($reldays != 1 ? 's' : '');

+        } else {

+            $reldays = abs(floor($reldays));

+            return $reldays . ' day'  . ($reldays != 1 ? 's' : '') . ' ago';

+        }

+    }

+    if (abs($reldays) < 182) {

+        return date('l, F j',$time ? $time : time());

+    } else {

+        return date('l, F j, Y',$time ? $time : time());

+    }

+}

+

+htmlFooter();

+?>
\ No newline at end of file