<?php
// $Id$
require "defaultincludes.inc";
require_once "mrbs_sql.inc";
// Get non-standard form variables
$name = get_form_var('name', 'string');
$description = get_form_var('description', 'string');
$capacity = get_form_var('capacity', 'int');
$type = get_form_var('type', 'string');
// Check the user is authorised for this page
checkAuthorised();
// This file is for adding new areas/rooms
$error = '';
// First of all check that we've got an area or room name
if (!isset($name) || $name === '') {
$error = "empty_name";
} elseif ($type == "area") {
$area = mrbsAddArea($name, $error);
} elseif ($type == "room") {
$room = mrbsAddRoom($name, $area, $error, $description, $capacity);
}
$returl = "admin.php?area={$area}" . (!empty($error) ? "&error={$error}" : "");
header("Location: {$returl}");
function get_room_id($location, &$error)
{
global $area_room_order, $area_room_delimiter, $area_room_create;
global $tbl_room, $tbl_area;
// If there's no delimiter we assume we've just been given a room name (that will
// have to be unique). Otherwise we split the location into its area and room parts
if (strpos($location, $area_room_delimiter) === FALSE) {
$location_area = '';
$location_room = $location;
} elseif ($area_room_order == 'area_room') {
list($location_area, $location_room) = explode($area_room_delimiter, $location);
} else {
list($location_room, $location_area) = explode($area_room_delimiter, $location);
}
$location_area = trim($location_area);
$location_room = trim($location_room);
// Now search the database for the room
// Case 1: we've just been given a room name, in which case we hope it happens
// to be unique, because if we find more than one we won't know which one is intended
// and if we don't find one at all we won't be able to create it because we won't
// know which area to put it in.
if ($location_area == '') {
$sql = "SELECT COUNT(*) FROM {$tbl_room} WHERE room_name='" . sql_escape($location_room) . "'";
$count = sql_query1($sql);
if ($count < 0) {
trigger_error(sql_error(), E_USER_WARNING);
fatal_error(FALSE, get_vocab("fatal_db_error"));
} elseif ($count == 0) {
$error = "'{$location_room}': " . get_vocab("room_does_not_exist_no_area");
return FALSE;
} elseif ($count > 1) {
$error = "'{$location_room}': " . get_vocab("room_not_unique_no_area");
return FALSE;
} else {
$sql = "SELECT id FROM {$tbl_room} WHERE room_name='" . sql_escape($location_room) . "' LIMIT 1";
$id = sql_query1($sql);
if ($id < 0) {
trigger_error(sql_error(), E_USER_WARNING);
fatal_error(FALSE, get_vocab("fatal_db_error"));
}
return $id;
}
} else {
// First of all get the area id
$sql = "SELECT id\n FROM {$tbl_area}\n WHERE area_name='" . sql_escape($location_area) . "'\n LIMIT 1";
$area_id = sql_query1($sql);
if ($area_id < 0) {
$sql_error = sql_error();
if (!empty($sql_error)) {
trigger_error(sql_error(), E_USER_WARNING);
fatal_error(FALSE, get_vocab("fatal_db_error"));
} else {
// The area does not exist - create it if we are allowed to
if (!$area_room_create) {
$error = get_vocab("area_does_not_exist") . " '{$location_area}'";
return FALSE;
} else {
echo get_vocab("creating_new_area") . " '{$location_area}'<br>\n";
$error_add_area = '';
$area_id = mrbsAddArea($location_area, $error_add_area);
if ($area_id === FALSE) {
$error = get_vocab("could_not_create_area") . " '{$location_area}'";
return FALSE;
}
}
}
}
}
// Now we've got the area_id get the room_id
$sql = "SELECT id\n FROM {$tbl_room}\n WHERE room_name='" . sql_escape($location_room) . "'\n AND area_id={$area_id}\n LIMIT 1";
$room_id = sql_query1($sql);
if ($room_id < 0) {
$sql_error = sql_error();
if (!empty($sql_error)) {
trigger_error(sql_error(), E_USER_WARNING);
fatal_error(FALSE, get_vocab("fatal_db_error"));
} else {
// The room does not exist - create it if we are allowed to
if (!$area_room_create) {
$error = get_vocab("room_does_not_exist") . " '{$location_room}'";
return FALSE;
} else {
echo get_vocab("creating_new_room") . " '{$location_room}'<br>\n";
$error_add_room = '';
$room_id = mrbsAddRoom($location_room, $area_id, $error_add_room);
if ($room_id === FALSE) {
$error = get_vocab("could_not_create_room") . " '{$location_room}'";
return FALSE;
}
}
}
}
return $room_id;
}
