Beispiel #1
0
        $consumer_key = mysql_result($result, 2, 0);
        $consumer_secret = mysql_result($result, 3, 0);
    } else {
        $apiFail = true;
        echo $hc_lang_event['APITwitterSettings'];
    }
    if ($consumer_key != '' && $consumer_secret != '') {
        $tweetID = '';
        $twtrMsg = cleanQuotes($_POST['tweetThis']) . ' ' . $shortLink . ' ' . $hc_cfg[59];
        require_once HCPATH . HCINC . '/api/twitter/PostTweet.php';
        if ($tweetID != '') {
            doQuery("INSERT INTO " . HC_TblPrefix . "eventnetwork(EventID,NetworkID,NetworkType,IsActive)\r\n\t\t\t\t\t\tVALUES('" . $newPkID . "','" . cIn($tweetID) . "',3,1);");
        }
    }
}
if (isset($_POST['doFacebook']) && isset($_POST['facebookStatus'])) {
    $fbStatusID = '';
    $fbStatus = cleanQuotes($_POST['fbThis']);
    $fbLink = CalRoot . "/index.php?eID=" . $eID;
    include HCPATH . HCINC . '/api/facebook/StatusPost.php';
    if ($fbStatusID != '') {
        doQuery("INSERT INTO " . HC_TblPrefix . "eventnetwork(EventID,NetworkID,NetworkType,IsActive)\r\n\t\t\t\t\tVALUES('" . $newPkID . "','" . cIn($fbStatusID) . "',4,1);");
    }
}
clearCache();
if ($apiFail == false) {
    header("Location: " . AdminRoot . "/index.php?com=eventedit&msg=" . $msgID . "&eID=" . $eID);
} else {
    echo '<br /><br />' . $hc_lang_event['APIError'] . '<br /><br />';
    echo '<a href="' . AdminRoot . '/index.php?com=eventedit&msg=' . $msgID . '&eID=' . $eID . '">' . $hc_lang_event['APIErrorLink'] . '</a>';
}
Beispiel #2
0
 * @license GNU General Public License version 2 or later; see LICENSE
 */
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
$token = '';
$token = $token == '' && isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : $token;
$token = $token == '' && isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : $token;
if (!check_form_token($token)) {
    go_home();
}
if (!isset($_GET['dID'])) {
    $gID = isset($_POST['gID']) && is_numeric($_POST['gID']) ? cIn($_POST['gID']) : 0;
    $name = isset($_POST['name']) ? cIn($_POST['name']) : '';
    $description = isset($_POST['description']) ? cIn(cleanQuotes($_POST['description']), 1) : '';
    $status = isset($_POST['status']) ? cIn($_POST['status']) : '';
    $result = doQuery("SELECT * FROM " . HC_TblPrefix . "mailgroups WHERE PkID = '" . $gID . "'");
    if (hasRows($result)) {
        doQuery("UPDATE " . HC_TblPrefix . "mailgroups\r\n\t\t\t\t\tSET Name = '" . $name . "',\r\n\t\t\t\t\t\tDescription = '" . $description . "',\r\n\t\t\t\t\t\tIsPublic = '" . $status . "'\r\n\t\t\t\t\tWHERE PkID = '" . $gID . "'");
        header("Location: " . AdminRoot . "/index.php?com=subgrps&msg=2");
    } else {
        doQuery("INSERT INTO " . HC_TblPrefix . "mailgroups(Name,Description,IsPublic,IsActive)\r\n\t\t\t\t\tValues(\t'" . $name . "',\r\n\t\t\t\t\t\t\t'" . $description . "',\r\n\t\t\t\t\t\t\t'" . $status . "',1)");
        header("Location: " . AdminRoot . "/index.php?com=subgrps&msg=3");
    }
} else {
    if ($_GET['dID'] != 1) {
        doQuery("UPDATE " . HC_TblPrefix . "mailgroups SET IsActive = 0 WHERE PkiD = '" . cIn(strip_tags($_GET['dID'])) . "'");
    }
    header("Location: " . AdminRoot . "/index.php?com=subgrps&msg=1");
}
Beispiel #3
0
$contactURL = isset($_POST['contactURL']) ? cIn(htmlspecialchars(strip_tags($_POST['contactURL']))) : NULL;
$contactURL = preg_match('/^https?:\\/\\//', $contactURL) || $contactURL == '' ? $contactURL : 'http://' . $contactURL;
$cost = isset($_POST['cost']) ? htmlspecialchars(strip_tags($_POST['cost'])) : NULL;
$startTimeHour = isset($_POST['startTimeHour']) ? strip_tags($_POST['startTimeHour']) : NULL;
$endTimeHour = isset($_POST['endTimeHour']) ? strip_tags($_POST['endTimeHour']) : NULL;
$adminMessage = isset($_POST['adminmessage']) ? cIn(htmlspecialchars(cleanQuotes(strip_tags($_POST['adminmessage'])))) : '';
$rsvp_type = isset($_POST['rsvp_type']) && is_numeric($_POST['rsvp_type']) ? htmlspecialchars(strip_tags($_POST['rsvp_type'])) : 0;
$rsvp_space = isset($_POST['rsvp_space']) && is_numeric($_POST['rsvp_space']) ? htmlspecialchars(strip_tags($_POST['rsvp_space'])) : 0;
$rsvp_disp = isset($_POST['rsvpFor']) && is_numeric($_POST['rsvpFor']) ? htmlspecialchars(strip_tags($_POST['rsvpFor'])) : 0;
$rsvp_open = isset($_POST['openDate']) ? dateToMySQL(htmlspecialchars(strip_tags($_POST['openDate'])), $hc_cfg[24]) : '';
$rsvp_close = isset($_POST['closeDate']) ? dateToMySQL(htmlspecialchars(strip_tags($_POST['closeDate'])), $hc_cfg[24]) : '';
$rsvp_notice = isset($_POST['rsvpEmail']) && is_numeric($_POST['rsvpEmail']) ? htmlspecialchars(strip_tags($_POST['rsvpEmail'])) : 0;
if ($locID > 0) {
    $locName = $locAddress = $locAddress2 = $locCity = $locState = $locZip = $locCountry = '';
} else {
    $locName = htmlspecialchars(strip_tags(cleanQuotes($_POST['locName'])));
    $locAddress = htmlspecialchars(strip_tags($_POST['locAddress']));
    $locAddress2 = htmlspecialchars(strip_tags($_POST['locAddress2']));
    $locCity = htmlspecialchars(strip_tags($_POST['locCity']));
    $locState = htmlspecialchars(strip_tags($_POST['locState']));
    $locZip = htmlspecialchars(strip_tags($_POST['locZip']));
    $locCountry = htmlspecialchars(strip_tags($_POST['locCountry']));
}
$stop += $subName != '' ? 0 : 1;
$stop += preg_match('/^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$/', $subEmail) == 1 ? 0 : 1;
$stop += $eventTitle != '' ? 0 : 1;
$stop += $eventDesc != '' ? 0 : 1;
$stop += $locName != '' || $locID > 0 ? 0 : 1;
if (!isset($_POST['overridetime'])) {
    $stop += is_numeric($_POST['startTimeHour']) && is_numeric($_POST['startTimeMins']) ? 0 : 1;
}
Beispiel #4
0
$token = '';
$token = $token == '' && isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : $token;
$token = $token == '' && isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : $token;
if (!check_form_token($token)) {
    go_home();
}
include HCLANG . '/admin/newsletter.php';
if (!isset($_GET['dID'])) {
    $mID = isset($_POST['mID']) && is_numeric($_POST['mID']) ? cIn($_POST['mID']) : 0;
    $title = isset($_POST['mailTitle']) ? cIn($_POST['mailTitle']) : '';
    $subject = isset($_POST['mailSubj']) ? cIn($_POST['mailSubj']) : '';
    $startDate = isset($_POST['startDate']) ? dateToMySQL(cIn($_POST['startDate']), $hc_cfg[24]) : '';
    $endDate = isset($_POST['endDate']) ? dateToMySQL(cIn($_POST['endDate']), $hc_cfg[24]) : '';
    $template = isset($_POST['templateID']) && is_numeric($_POST['templateID']) ? cIn($_POST['templateID']) : 0;
    $archive = isset($_POST['archStatus']) && is_numeric($_POST['archStatus']) ? cIn($_POST['archStatus']) : 0;
    $message = isset($_POST['mailMsg']) ? cIn(cleanQuotes($_POST['mailMsg'], 0), 0) : '';
    $result = doQuery("SELECT PkID FROM " . HC_TblPrefix . "mailers WHERE PkID = '" . $mID . "'");
    if (hasRows($result)) {
        $msg = 1;
        doQuery("UPDATE " . HC_TblPrefix . "mailers\r\n\t\t\t\t\tSET Title = '" . $title . "',\r\n\t\t\t\t\t\tSubject = '" . $subject . "',\r\n\t\t\t\t\t\tStartDate = '" . $startDate . "',\r\n\t\t\t\t\t\tEndDate = '" . $endDate . "',\r\n\t\t\t\t\t\tTemplateID = '" . $template . "',\r\n\t\t\t\t\t\tMessage = '" . $message . "',\r\n\t\t\t\t\t\tLastModDate = '" . date("Y-m-d") . "',\r\n\t\t\t\t\t\tIsArchive = '" . $archive . "'\r\n\t\t\t\t\tWHERE PkID = '" . $mID . "'");
    } else {
        $msg = 2;
        doQuery("INSERT INTO " . HC_TblPrefix . "mailers(Title,Subject,StartDate,EndDate,TemplateID,Message,CreatedDate,LastModDate,IsArchive,IsActive)\r\n\t\t\t\t\tVALUES('" . $title . "',\r\n\t\t\t\t\t\t'" . $subject . "',\r\n\t\t\t\t\t\t'" . $startDate . "',\r\n\t\t\t\t\t\t'" . $endDate . "',\r\n\t\t\t\t\t\t'" . $template . "',\r\n\t\t\t\t\t\t'" . $message . "',\r\n\t\t\t\t\t\t'" . date("Y-m-d") . "',\r\n\t\t\t\t\t\t'" . date("Y-m-d") . "',\r\n\t\t\t\t\t\t'" . $archive . "',\r\n\t\t\t\t\t\t1)");
        $result = doQuery("SELECT LAST_INSERT_ID() FROM " . HC_TblPrefix . "events");
        $mID = mysql_result($result, 0, 0);
    }
    if (isset($_POST['grpID'])) {
        doQuery("DELETE FROM " . HC_TblPrefix . "mailersgroups WHERE MailerID = '" . $mID . "'");
        foreach ($_POST['grpID'] as $val) {
            doQuery("INSERT INTO " . HC_TblPrefix . "mailersgroups(MailerID,GroupID) VALUES('" . $mID . "','" . $val . "')");
        }
Beispiel #5
0
if (!defined('hcAdmin')) {
    header("HTTP/1.1 403 No Direct Access");
    exit;
}
include HCLANG . '/admin/newsletter.php';
$token = set_form_token(1);
$result = doQuery("SELECT COUNT(*) FROM " . HC_TblPrefix . "subscribers WHERE IsConfirm = 0");
$num = hasRows($result) && mysql_result($result, 0, 0) > 0 ? mysql_result($result, 0, 0) : 0;
$hc_Side[] = array(AdminRoot . '/components/MailSubEditAction.php?dID=uc&a=1&tkn=' . $token, 'user_delete.png', $hc_lang_news['DeleteNoConfirm'] . ' <b>' . $num . '</b>', 0);
$hc_Side[] = array(AdminRoot . '/components/MailSubDownload.php?tkn=' . $token, 'download_csv.png', $hc_lang_news['DownloadSub'], 0);
$resDiff = 6;
$resLimit = isset($_GET['a']) && is_numeric($_GET['a']) && abs($_GET['a']) <= 100 && $_GET['a'] % 25 == 0 ? cIn(abs($_GET['a'])) : 25;
$resOffset = isset($_GET['p']) && is_numeric($_GET['p']) ? cIn(abs($_GET['p'])) : 0;
$term = $save = $queryS = '';
if (isset($_GET['s']) && $_GET['s'] != '') {
    $term = cIn(cleanQuotes(strip_tags($_GET['s'])));
    $save = '&s=' . $term;
    $queryS = " AND (FirstName LIKE('%" . $term . "%') OR LastName LIKE('%" . $term . "%') OR Email LIKE('%" . $term . "%'))";
}
$resultC = doQuery("SELECT COUNT(*) FROM " . HC_TblPrefix . "subscribers WHERE IsConfirm = 1 {$queryS}");
$pages = ceil(mysql_result($resultC, 0, 0) / $resLimit);
$resOffset = $pages <= $resOffset && $pages > 0 ? $pages - 1 : $resOffset;
if (isset($_GET['msg'])) {
    switch ($_GET['msg']) {
        case "1":
            feedback(1, $hc_lang_news['Feed05']);
            break;
        case "2":
            feedback(1, $hc_lang_news['Feed18']);
            break;
    }
Beispiel #6
0
/**
 * Filter special characters that break CSV files in most editors.
 * @since 2.2.0
 * @version 2.2.0
 * @param string $value string to be filtered
 * @return string filtered string
 */
function cleanCSV($value)
{
    $value = cleanQuotes($value, 1);
    $badChars = array('/\'/', '/,/');
    $goodChars = array("\\'", "\\,");
    $value = preg_replace($badChars, $goodChars, $value);
    return $value;
}
    global $quote_count;
    $record = array('QUOTE_ID' => ++$quote_count, 'QUOTE_TEXT' => $txt, 'QUOTE_AUTHOR' => $author);
    scraperwiki::save(array('QUOTE_ID'), $record);
}
require 'scraperwiki/simple_html_dom.php';
$root_url = "http://www.values.com";
$quote_count = 0;
// All other pages upto Last Page ($last_page)
$last_page = 500;
for ($page = 1; $page <= $last_page; $page++) {
    $url = $root_url . "/inspirational-quotes?page=" . $page;
    $html = file_get_html($url);
    foreach ($html->find('.index_card') as $card) {
        $quote = $card->find('.quotation', 0)->innertext;
        $author = $card->find('.quotation_author', 0)->plaintext;
        $quote = cleanQuotes($quote);
        $author = cleanAuthor($author);
        //echo "<br>".$quote."<br>";
        //echo '-'.$author."<hr>";
        try {
            saveIt($quote, $author);
        } catch (Exception $e) {
            saveIt("{$e}", "NOTHING");
        }
    }
    $html->clear();
    unset($html);
}
function cleanQuotes($str)
{
    $str = str_replace("&ldquo;", "", $str);
/**
 * @package Helios Calendar
 * @license GNU General Public License version 2 or later; see LICENSE
 */
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
$token = '';
$token = $token == '' && isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : $token;
$token = $token == '' && isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : $token;
if (!check_form_token($token)) {
    go_home();
}
if (!isset($_GET['dID'])) {
    $nID = isset($_POST['nID']) && is_numeric($_POST['nID']) ? cIn(strip_tags($_POST['nID'])) : 0;
    $name = isset($_POST['tempname']) ? cIn($_POST['tempname']) : '';
    $source = isset($_POST['tempsource']) ? cIn(cleanQuotes($_POST['tempsource'], 0), 0) : '';
    $result = doQuery("SELECT * FROM " . HC_TblPrefix . "templatesnews WHERE PkID = '" . $nID . "'");
    if (hasRows($result)) {
        doQuery("UPDATE " . HC_TblPrefix . "templatesnews\r\n\t\t\t\t\t\tSET TemplateName = '" . $name . "', TemplateSource = '" . $source . "'\r\n\t\t\t\t\t\tWHERE PkID = '" . $nID . "'");
        header("Location: " . AdminRoot . "/index.php?com=mailtmplt&msg=2");
    } else {
        doQuery("INSERT INTO " . HC_TblPrefix . "templatesnews(TemplateName, TemplateSource, IsActive)\r\n\t\t\t\t\t\tValues('" . $name . "','" . $source . "', 1)");
        header("Location: " . AdminRoot . "/index.php?com=mailtmplt&msg=3");
    }
} else {
    doQuery("UPDATE " . HC_TblPrefix . "templatesnews SET IsActive = 0 WHERE PkiD = '" . cIn(strip_tags($_GET['dID'])) . "'");
    header("Location: " . AdminRoot . "/index.php?com=mailtmplt&msg=1");
}
Beispiel #9
0
<?php

/**
 * @package Helios Calendar
 * @license GNU General Public License version 2 or later; see LICENSE
 */
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
$token = isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : '';
if (!check_form_token($token)) {
    go_home();
}
$status = isset($_POST['status']) && is_numeric($_POST['status']) ? cIn($_POST['status']) : 0;
$welcomeMsg = isset($_POST['welcomeMsg']) ? cleanQuotes($_POST['welcomeMsg'], 0) : '';
$newFor = isset($_POST['newFor']) && is_numeric($_POST['newFor']) ? cIn($_POST['newFor']) : 0;
doQuery("UPDATE " . HC_TblPrefix . "settings SET SettingValue = '" . $status . "' WHERE PkID = 97");
doQuery("UPDATE " . HC_TblPrefix . "settings SET SettingValue = '" . cIn($welcomeMsg, 0) . "' WHERE PkID = 98");
doQuery("UPDATE " . HC_TblPrefix . "settings SET SettingValue = '" . $newFor . "' WHERE PkID = 99");
clearCache();
header('Location: ' . AdminRoot . '/index.php?com=digest&msg=1');
Beispiel #10
0
 $state = isset($_POST['locState']) ? cIn(strip_tags($_POST['locState'])) : '';
 $country = isset($_POST['doEventbrite']) && isset($_POST['selCountry']) && $_POST['selCountry'] != '' ? cIn(strip_tags($_POST['selCountry'])) : cIn(strip_tags($_POST['country']));
 $zip = isset($_POST['zip']) ? cIn(strip_tags($_POST['zip'])) : '';
 $website = isset($_POST['website']) ? cIn(strip_tags($_POST['website'])) : '';
 $website = preg_match('/^https?:\\/\\//', $website) || $website == '' ? $website : 'http://' . $website;
 $email = isset($_POST['email']) ? cIn(strip_tags($_POST['email'])) : '';
 $phone = isset($_POST['phone']) ? cIn(strip_tags($_POST['phone'])) : '';
 $status = isset($_POST['status']) ? cIn(strip_tags($_POST['status'])) : '';
 $descript = isset($_POST['descript']) ? cIn(cleanQuotes($_POST['descript'], 0)) : '';
 $lat = isset($_POST['lat']) ? cIn(strip_tags($_POST['lat'])) : '';
 $lon = isset($_POST['lat']) ? cIn(strip_tags($_POST['lon'])) : '';
 $gQuality = '0';
 $imageURL = isset($_POST['imageURL']) ? cIn($_POST['imageURL']) : '';
 $imageURL = preg_match('/^https?:\\/\\//', $imageURL) || $imageURL == '' ? $imageURL : 'http://' . $imageURL;
 $follow_up = isset($_POST['follow_up']) ? cIn($_POST['follow_up']) : 0;
 $fnote = isset($_POST['follow_note']) ? cIn(cleanQuotes($_POST['follow_note'])) : '';
 if (isset($_POST['updateMap'])) {
     $locString = str_replace("<br />", ", ", buildAddress($address, $address2, $city, $state, $zip, $country, $hc_lang_config['AddressType']));
     require_once HCPATH . HCINC . '/api/google/GetGeocode.php';
 }
 $result = doQuery("SELECT PkID FROM " . HC_TblPrefix . "locations WHERE PkID = '" . $lID . "' AND IsActive = 1");
 if (hasRows($result)) {
     doQuery("UPDATE " . HC_TblPrefix . "locations\r\n\t\t\t\t\tSET Name = '" . $name . "',\r\n\t\t\t\t\t\tAddress = '" . $address . "',Address2 = '" . $address2 . "',City = '" . $city . "',State = '" . $state . "',Country = '" . $country . "',Zip = '" . $zip . "',\r\n\t\t\t\t\t\tURL = '" . $website . "',Phone = '" . $phone . "',Email = '" . $email . "',Descript = '" . $descript . "',\r\n\t\t\t\t\t\tIsPublic = '" . $status . "',Lat = '" . $lat . "',Lon = '" . $lon . "',GoogleAcc = '" . $gQuality . "', LastMod = '" . SYSDATE . ' ' . SYSTIME . "',\r\n\t\t\t\t\t\tImage = '" . $imageURL . "'\r\n\t\t\t\t\tWHERE PkID = '" . $lID . "'");
     $msgID = 2;
 } else {
     doQuery("INSERT INTO " . HC_TblPrefix . "locations(Name, Address, Address2, City, State, Country, Zip, URL, Phone, Email, Descript, IsPublic, IsActive, Lat, Lon, GoogleAcc, LastMod, Image)\r\n\t\t\t\t\tVALUES(\t'" . $name . "','" . $address . "','" . $address2 . "','" . $city . "','" . $state . "','" . $country . "','" . $zip . "',\r\n\t\t\t\t\t\t\t'" . $website . "','" . $phone . "','" . $email . "','" . $descript . "'," . $status . ",1,'" . $lat . "','" . $lon . "','" . $gQuality . "','" . SYSDATE . ' ' . SYSTIME . "',\r\n\t\t\t\t\t\t\t'" . $imageURL . "')");
     $result = doQuery("SELECT LAST_INSERT_ID() FROM " . HC_TblPrefix . "locations");
     $lID = mysql_result($result, 0, 0);
     $msgID = 1;
 }
 $efID = $ebID = $efFetched = '';
Beispiel #11
0
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
$token = isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : '';
if (!check_form_token($token)) {
    go_home();
}
include HCLANG . '/admin/register.php';
$target = AdminRoot . '/index.php';
$eID = isset($_GET['eID']) && is_numeric($_GET['eID']) ? cIn(strip_tags($_GET['eID'])) : 0;
$result = doQuery("SELECT e.Title, e.StartDate, e.StartTime, e.TBD, e.ContactName, e.ContactEmail, er.Space, COUNT(r.PkID) as SpacesTaken\r\n\t\t\t\t\tFROM " . HC_TblPrefix . "events e\r\n\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "eventrsvps er ON (e.PkID = er.EventID)\r\n\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "registrants r ON (e.PkID = r.EventID)\r\n\t\t\t\t\tWHERE e.PkID = '" . $eID . "' AND r.IsActive = 1\r\n\t\t\t\t\tGROUP BY e.Title, e.StartDate, e.StartTime, e.TBD, e.ContactName, e.ContactEmail, er.Space");
if (hasRows($result)) {
    $eName = mysql_result($result, 0, 4);
    $eEmail = mysql_result($result, 0, 5);
    $filename = clean_filename(cleanQuotes(strip_tags(mysql_result($result, 0, 0))));
    if (mysql_result($result, 0, 3) == 0) {
        $eventTime = stampToDate("1980-01-01 " . mysql_result($result, 0, 2), $hc_cfg[23]);
    } elseif (mysql_result($result, 0, 3) == 1) {
        $eventTime = $hc_lang_register['AllDay'];
    } elseif (mysql_result($result, 0, 3) == 2) {
        $eventTime = $hc_lang_register['TBA'];
    }
    $rsvps = array(fetch_event_rsvp($eID, $hc_lang_register['CSVHeader']), cIn($filename) . ".csv", 'text/csv');
    if (hasRows($result)) {
        $subject = $hc_lang_register['RosterSubject'] . ' - ' . CalName;
        $message = '<p>
	' . $hc_lang_register['RosterEmailA'] . '
</p>
<p>
	' . $hc_lang_register['RosterEmailC'] . ' ' . strftime($hc_cfg[24] . ' ' . $hc_cfg[23], strtotime(SYSDATE . ' ' . SYSTIME)) . '
Beispiel #12
0
<?php

/**
 * @package Helios Calendar
 * @license GNU General Public License version 2 or later; see LICENSE
 */
define('isHC', true);
define('isAction', true);
include dirname(__FILE__) . '/loader.php';
$eID = isset($_GET['eID']) && is_numeric($_GET['eID']) ? cIn(strip_tags($_GET['eID'])) : 0;
if (user_check_status() == 0 || !$eID > 0) {
    go_home();
}
$result = doQuery("SELECT Title FROM " . HC_TblPrefix . "events WHERE PkID = '" . $eID . "' AND OwnerID = '" . cIn(strip_tags($_SESSION['UserPkID'])) . "'");
if (!hasRows($result)) {
    go_home();
}
header('Content-type: application/csv');
header('Content-Disposition: inline; filename="' . clean_filename(cleanQuotes(strip_tags(mysql_result($result, 0, 0)))) . '.csv"');
echo fetch_event_rsvp($eID, $hc_lang_core['RSVPHeader']);