<?php

//projeto/delete_categoria.php
session_start();
require_once 'includes/funcoes.php';
require_once 'includes/Classes/Model/Materia.php';
//acesso indevido
protectPage();
$idmateria = (int) (isset($_GET['id']) ? $_GET['id'] : 0);
if ($idmateria) {
    $materia = new Materia();
    if ($nrows = $materia->delete(compact('idmateria'))) {
        addMsg("{$nrows} materia(s) deletada(s) com sucesso.");
    } else {
        addMsg("Não foi possível deletar a categoria.");
    }
} else {
    addMsg("Categoria inválida!");
}
header('Location: materias.php');

<?php

require_once "../../lib/init.php";
protectPage(9);
@($id = DB::Safe($_GET['id']));
// Verify...
if (!$id) {
    fail("Could not delete permission; please specify a valid ID.");
}
// Load the permission and make sure it belongs in the ward
$p = Permission::Load($id);
if (!$p->InWard($MEMBER->WardID)) {
    fail("That permission is not within your own ward...");
}
// Delete this permission.
$p->Delete(true);
Response::Send(200);

<?php

require_once "lib/init.php";
protectPage(0, true);
if (!isset($_GET['id'])) {
    header("Location: /directory");
}
$mem = Member::Load($_GET['id']);
if (!$mem) {
    header("Location: /directory");
}
// No member with given ID number, or member is not in the same ward
$memInWard = $mem->WardID != $WARD->ID();
$memInLeaderStake = false;
if ($LEADER != null) {
    $r = DB::Run("SELECT StakeID FROM Wards WHERE ID='{$mem->WardID}'");
    $row = mysql_fetch_object($r);
    if ($row->StakeID == $LEADER->StakeID) {
        $memInLeaderStake = true;
    }
}
if (!$memInWard && !$memInLeaderStake) {
    header("Location: /directory");
}
$isCurrent = $MEMBER && $MEMBER->ID() == $mem->ID();
// Get parts of the birth date
$bdate = strtotime($mem->Birthday);
$mm = date("F", $bdate);
$dd = date("j", $bdate);
$ordinal = date("S", $bdate);
// Load survey questions in order to get the answers

<?php

require_once "../../lib/init.php";
protectPage(11);
@($id = DB::Safe($_GET['id']));
$c = Calling::Load($id);
if (!is_object($c)) {
    fail("Bad calling ID.");
}
if ($c->Preset()) {
    fail("Can't delete a pre-defined calling.");
}
if ($c->WardID() != $MEMBER->WardID) {
    Response::Send(403, "Can't delete a calling which does not belong to your ward.");
}
if ($c->Delete(true)) {
    Response::Send(200);
} else {
    fail("Oops, something went wrong. Please report this error.");
}

<?php

require_once "../../lib/init.php";
protectPage(13);
if (!$_GET['id'] == $_SESSION['userID']) {
    fail("Please specify a user ID to delete");
}
if ($_GET['id'] == $_SESSION['userID']) {
    fail("ERROR > Sorry; you can't delete your own account (yet...)");
}
@($mem = Member::Load($_GET['id']));
if (!$mem) {
    fail("That user couldn't be loaded. Are you sure the account exists?");
}
if ($mem->WardID != $MEMBER->WardID) {
    fail("You can only delete accounts of members in your own ward.");
}
if (!$mem->Delete(true)) {
    fail("Could not delete member; probably forgot to be set confirmation flag to 'true', or bad ID was supplied.");
}
header("Location: ../../directory");

<?php

require_once "../../lib/init.php";
protectPage(12);
// Grab the variables from the form
@($memberID = $_GET['member']);
if (!$memberID) {
    fail("No member was specified; nothing to do.");
}
$mem = Member::Load($memberID);
if (!$mem) {
    fail("Could not load member with ID " . $memberID . " - please report this.");
}
if ($mem->WardID != $MEMBER->WardID) {
    fail("Member " . $memberID . " is not in your ward.");
}
if ($mem->DeletePictureFile()) {
    Response::Send(200, $memberID);
} else {
    fail("Could not delete profile picture, probably because the user doesn't have a picture, or it is already the default one.");
}

<?php

require_once "../../lib/init.php";
protectPage(8);
// Grab the variables from the form
@($question = $_POST['question']);
@($qtype = $_POST['qtype']);
$ansArray = isset($_POST['ans']) ? $_POST['ans'] : null;
$req = isset($_POST['req']) ? true : false;
$visible = isset($_POST['visible']) ? true : false;
// Validation
if (!$question || strlen(trim($question)) < 3) {
    Response::Send(401, "Oops - did you type a question (at least 3 characters long)? Go BACK and try again.");
}
// Ready the answer options array; is it empty?
$ansEmpty = true;
if ($ansArray) {
    foreach ($ansArray as &$opt) {
        $opt = trim($opt);
        if ($opt != '') {
            $ansEmpty = false;
            break;
        }
    }
}
// Is this question designed to have answer choices/options?
$multAns = $qtype == QuestionType::MultipleChoice || $qtype == QuestionType::MultipleAnswer;
// Make sure that multiple-answer/choice questions have at least one
// to choose from
if ($multAns && $ansEmpty) {
    Response::Send(401, "Oops - for that type of question, it requires at least one possible answer (you have to add one). Go BACK and try again.");

<?php

require_once "../../lib/init.php";
protectPage(7);
// Find out what we're expecting to do here:
// create, delete, assign a leader, or edit the group.
$action = "";
if (isset($_GET['new'])) {
    $action = "new";
} elseif (isset($_GET['del'])) {
    $action = "del";
} elseif (isset($_GET['assign'])) {
    $action = "assign";
} elseif (isset($_GET['edit'])) {
    $action = "edit";
} else {
    Response::Send(400, "Not sure what to do.");
}
if ($action == "new") {
    @($name = $_POST['groupname']);
    @($ldr1 = $_POST['ldr1']);
    @($ldr2 = $_POST['ldr2']);
    @($ldr3 = $_POST['ldr3']);
    if (!$name) {
        Response::Send(400, "Can't create a group unless there's a name for it.");
    }
    if ($ldr1 == $ldr2 && $ldr1 != 0 || $ldr2 == $ldr3 && $ldr2 != 0 || $ldr1 == $ldr3 && $ldr3 != 0) {
        Response::Send(400, "Each leader of the group must be different.");
    }
    $fhe = new FheGroup();
    $fhe->GroupName = $name;

<?php

require_once "../lib/init.php";
protectPage(10);
$r1 = DB::Run("SELECT ID FROM Privileges ORDER BY Privilege ASC");
$r2 = DB::Run("SELECT ID FROM Members WHERE WardID='{$MEMBER->WardID}' ORDER BY FirstName ASC, LastName ASC");
$r3 = DB::Run("SELECT ID FROM Callings WHERE WardID='{$MEMBER->WardID}' ORDER BY Name ASC");
$maxLen = 65;
// Maximum display length of a calling name
?>
<!DOCTYPE html>
<html>
	<head>
		<title>Manage site privileges &mdash; <?php 
echo $WARD ? $WARD->Name . " Ward" : SITE_NAME;
?>
</title>
		<?php 
include "../includes/head.php";
?>
		<style>
		.privlist {
			width: 100%;
		}

		form, label {
			font-size: 12px;
			line-height: 1.75em;
		}

		.privList td, .privList th {

<?php

// Include common functions and declarations
require_once "../../include/common.php";
require_once "../include/config.php";
// Create blog object
$blog = new Blog(!empty($_GET["blogId"]) ? $_GET["blogId"] : 0);
if (!empty($blog->id)) {
    // Include language
    include scriptPath . "/" . folderBlog . "/include/language/" . $blog->language . "/general.php";
    // Protect page
    if (!empty($blog->userlevel)) {
        protectPage($blog->userlevel);
    }
    // Get the post list
    $items = array();
    $result = $dbi->query("SELECT id FROM " . blogPostTableName . " WHERE blogId=" . $blog->id . " AND draft=0 ORDER BY posted DESC LIMIT 15");
    for ($i = 0; list($id) = $result->fetchrow_array(); $i++) {
        $post = new Post($id);
        // Get categories
        $categories = array();
        for ($i = 0; $i < sizeof($post->categories); $i++) {
            $categories[] = $post->categories[$i][1];
        }
        // Create new item
        $item = new RSSItem($post->id, $post->user->name, $categories, $post->getPostLink() . "#comments", scriptUrl . "/" . folderBlog . "/" . fileBlogCommentRSS . "?postId=" . $post->id, $post->getPostLink(), stripHtml(!empty($post->text) ? $post->text : $post->summary), $post->printRSSPostSummary(), $post->posted, $post->subject);
        $items[] = $item;
    }
    // Print feed
    $rss = new RSS($blog->title, $blog->description, $blog->getBlogLink(), scriptUrl . "/" . folderBlog . "/" . fileBlogPostRSS . "?blogId=" . $blog->id, $items);
    $rss->printRSSFeed();