private function _add() { use_helper('Validate'); $data = $_POST['event']; Flash::set('event_postdata', $data); // Add pre-save checks here $errors = false; // CSRF checks if (isset($_POST['csrf_token'])) { $csrf_token = $_POST['csrf_token']; if (!SecureToken::validateToken($csrf_token, BASE_URL . 'event/add')) { Flash::set('error', __('Invalid CSRF token found!')); redirect(get_url('event/add')); } } else { Flash::set('error', __('No CSRF token found!')); redirect(get_url('event/add')); } if (empty($data['name'])) { Flash::set('error', __('You have to specify a event name!')); redirect(get_url('event/add')); } if ($errors !== false) { // Set the errors to be displayed. Flash::set('error', implode('<br/>', $errors)); redirect(get_url('event/add')); } $oEvent = new Event(); $last_seq = $oEvent->getLastEventSeq(); $new_event = new Event($data); $new_event->created_by_id = AuthUser::getId(); $new_event->created_on = date('Y-m-d H:i:s'); $new_event->sequence = $last_seq + 1; if ($new_event->save()) { if (isset($_FILES)) { if (strlen($_FILES['upload_file']['name']) > 0) { $event_id = $new_event->lastInsertId(); //okstmtcc 20150827 Replace image filename spaces $_FILES['upload_file']['name'] = str_replace(array(" ", "(", ")"), array("_", "", ""), $_FILES['upload_file']['name']); $overwrite = false; $file = $this->upload_event_main_image($event_id, $_FILES['upload_file']['name'], FILES_DIR . '/event/images/', $_FILES['upload_file']['tmp_name'], $overwrite); if ($file === false) { Flash::set('error', __('Image has not been uploaded!')); redirect(get_url('event/edit/' . $new_event->id)); } } } Flash::set('success', __('Event has been added!')); Observer::notify('event_after_add', $new_event->name); // save and quit or save and continue editing? if (isset($_POST['commit'])) { redirect(get_url('event')); } else { redirect(get_url('event/edit/' . $new_event->id)); } } else { Flash::set('error', __('Event has not been added!')); redirect(get_url('event/add')); } }
public function add_event() { $this->_checkPermission(); $data = $_POST['event']; Flash::set('postdata', $data); $image = $_POST['upload']; $path = str_replace('..', '', $image['path']); $overwrite = false; // verification if (empty($data['title'])) { Flash::set('error', __('You have to specify a event title!')); redirect(get_url('event/create')); } if (empty($data['url'])) { Flash::set('error', __('You have to specify the "Read More" URL!')); redirect(get_url('event/create')); } if (isset($_FILES)) { // no image file selected if (empty($_FILES['upload_file']['name'])) { Flash::set('error', __('You have to select a image to be uploaded!')); redirect(get_url('event/create')); } } else { Flash::set('error', __('You have to select a image to be uploaded!')); redirect(get_url('event/create')); } $event = new Event($data); $event->created_by_id = AuthUser::getId(); $event->created_on = date('Y-m-d H:i:s'); if (!$event->save()) { Flash::set('error', __('Event is not added!')); redirect(get_url('event/create')); } else { if (isset($_FILES)) { $event_id = $event->lastInsertId(); $file = $this->upload_file($_FILES['upload_file']['name'], FILES_DIR . '/event/images/', $_FILES['upload_file']['tmp_name'], $overwrite, $event_id); if ($file === false) { Flash::set('error', __('File has not been uploaded!')); } } Flash::set('success', __('Event has been added!')); } redirect(get_url('event')); }