function get_booking_options($event_id)
{
//get the id's and descriptions for options chosen by the user
$savedUserBookingOptions = null;
$userBookingResult = wrap_db_query("SELECT e.option_id, o.description FROM " . BOOKING_EVENT_OPTIONS_TABLE . " AS e, " . BOOKING_OPTIONS_TABLE . " AS o WHERE e.event_id='" . $event_id . "' AND e.option_id=o.option_id");
if ($userBookingResult && wrap_db_num_rows($userBookingResult) > 0) {
while ($userBookingFields = wrap_db_fetch_array($userBookingResult)) {
$savedUserBookingOptions[] = array('id' => $userBookingFields['option_id'], 'desc' => $userBookingFields['description']);
}
}
return $savedUserBookingOptions;
}
//booking credits remaining
$_SESSION['booking_credits'] = remaining_booking_credits($_REQUEST['username']);
// Member check
// check if the user is a member or not - but only if they are not an admin as this flag is not used for admins
if (!wrap_session_is_registered("admin_user")) {
$_SESSION['is_member'] = is_member($_REQUEST['username']);
}
//can they view other users bookings?
if (is_admin($_REQUEST['username'])) {
//admins can always see everyone elses bookings
$_SESSION['SHOW_USER_DETAILS'] = true;
} else {
//how about regular users? This will depend on the site wide value set by an admin
$result = wrap_db_query("SELECT function_value FROM " . SETTINGS_TABLE . " WHERE name = 'user_details_viewing' LIMIT 0,1 ;");
if ($result) {
if ($fields = wrap_db_fetch_array($result)) {
//change 1's and 0's to true and false
if ($fields['function_value'] == "1") {
$_SESSION['SHOW_USER_DETAILS'] = true;
} else {
$_SESSION['SHOW_USER_DETAILS'] = false;
}
}
}
}
} else {
// login failed, show error page
$display_login_form = true;
$page_error_message = "You could not be logged in. Please try again.";
}
} elseif (wrap_session_is_registered("valid_user")) {
?>
" nowrap="nowrap">
<?php
$event_count = 0;
while (list($event_row_key, $event_row_value) = each($event_row_data[$count_date])) {
if (strlen($event_row_value) > 1) {
$event_count++;
@(list($db_row_id, $row_span, $start_time, $end_time) = explode("|", $event_row_value));
// To Cater for the AM PM Hour display
if (DEFINE_AM_PM) {
$start_time = format_time_to_ampm($start_time);
$end_time = format_time_to_ampm($end_time);
}
// Use the $db_row_id to data seek to the data for this event.
$rv = wrap_db_data_seek($event_data, $db_row_id);
$this_event = wrap_db_fetch_array($event_data);
//is this user allowed to see the booking details?
if (!$_SESSION['SHOW_USER_DETAILS'] && $this_event['user_id'] != $currentUsersID) {
//user not allowed to see these details, overwrite the subject string
$this_event['subject'] = 'Booking Confirmed';
} else {
//add the booking option data into the event array
$this_event['booking_options'] = get_booking_options($this_event['event_id']);
}
$event_url = href_link(FILENAME_DETAILS_VIEW, 'event_id=' . $this_event['event_id'] . '&' . make_hidden_fields_workstring(array('date', 'view', 'loc')), 'NONSSL');
$over_text = 'Event ID#: ' . $this_event['event_id'] . '<br />Subject: ' . $this_event['subject'];
$numBookingOptions = count($this_event['booking_options']);
if ($numBookingOptions > 0) {
$over_text .= '<br />Options: ';
for ($o = 0; $o < $numBookingOptions; $o++) {
//handle commas to separate the list
$res = wrap_db_query($sql);
$numMails = wrap_db_num_rows($res);
if ($numMails > 0) {
?>
- Edit or delete a previous e-mail mailshot:<br>
<br>
<table border="0" cellpadding="4" cellspacing="2" style="margin-left: 10px;">
<tr>
<th class="BgcolorDull2" width="150">Subject</th>
<th class="BgcolorDull2">Sent</th>
<th class="BgcolorDull2">Control</th>
</tr>
<?php
$i = 0;
while ($row = wrap_db_fetch_array($res)) {
$class = 'BgcolorNormal';
if ($i % 2 == 1) {
$class = 'BgcolorBody';
}
?>
<tr>
<td align="left" class="<?php
echo $class;
?>
"><?php
echo $row['subject'];
?>
</td>
<td align="left" class="<?php
echo $class;
$user_info = get_user(get_user_id($_SESSION['valid_user']));
// Check we have permissions to buy credits
if (wrap_session_is_registered("admin_user") || $user_info['booking_credits'] == 'Not used' || $_SESSION['PAYMENT_GATEWAY'] != '1' || !is_numeric($user_info['user_id'])) {
echo "<p>You do not have permission to purchase booking credits. Please contact an Administrator.</p>";
include_once "footer.php";
include_once "application_bottom.php";
die;
}
// Load the products based on the users group membership
$result = wrap_db_query("SELECT DISTINCT bpi.id, bpi.product_name, bpi.quantity, bpi.mc_gross, bpi.mc_currency \n\t\t\t\t\t\t\tFROM (" . BOOKING_PRODUCT_ITEM . " bpi LEFT JOIN " . BOOKING_PRODUCT_GROUPS . " bpg ON bpg.product_id = bpi.id ) \n\t\t\t\t\t\t\tWHERE group_id IN (SELECT DISTINCT group_id FROM " . BOOKING_USER_GROUPS_TABLE . " WHERE user_id = " . $user_info['user_id'] . ") ORDER BY bpi.product_name, bpi.quantity");
// If there are no products assigned, load the default
if (!(wrap_db_num_rows($result) >= 1) || !$result) {
$result = wrap_db_query("SELECT DISTINCT id, product_name, quantity, mc_gross, mc_currency FROM " . BOOKING_PRODUCT_ITEM . " WHERE id = '1' LIMIT 1");
}
if ($result) {
while ($products = wrap_db_fetch_array($result)) {
// LIVE
// https://www.sandbox.paypal.com/cgi-bin/webscr
?>
<p>
<form action="https://www.paypal.com/cgi-bin/webscr" method="post">
<input type="hidden" name="notify_url" value="<?php
echo DOMAIN_NAME . substr(DIR_WS_SCRIPTS, 1) . "paypal_ipn_res.php";
?>
">
<input type="hidden" name="cmd" value="_xclick">
<input type="hidden" name="business" value="<?php
echo $_SESSION['PAYPAL_BUSINESS_EMAIL'];
?>
">
<input type="hidden" name="item_name" value="<?php
<table border="0" cellpadding="0" cellspacing="2">
<?php
//load any saved booking option preferences this user may have
$savedUserPrefOptions = null;
//only non-admins can save their preferences, admins should have to tick them each time
if (!$is_admin) {
$userPrefResult = wrap_db_query("SELECT option_id FROM " . BOOKING_USER_OPTIONS_TABLE . " WHERE user_id='" . $bookingByUserID . "'");
if ($userPrefResult && wrap_db_num_rows($userPrefResult) > 0) {
while ($userPrefFields = wrap_db_fetch_array($userPrefResult)) {
$savedUserPrefOptions[] = $userPrefFields['option_id'];
}
}
}
$rightCol = false;
for ($r = 0; $fields = wrap_db_fetch_array($result); $r++) {
//is this a left or right column?
if ($r % 2 == 0) {
//left column
echo '<tr align="left"><td>';
$rightCol = false;
} else {
//right column
echo '<td width="20"> </td><td>';
$rightCol = true;
}
echo '<input type="checkbox" name="bookingOptions[]" id="bocb-' . str_replace('"', "'", $fields['description']) . '" value="' . $fields['option_id'] . '" onclick="updateBookingOptions();"';
//check if returning from a post (eg, after error from missing a field)
if (isset($_POST['bookingOptions']) && count($_POST['bookingOptions']) > 0) {
if (in_array($fields['option_id'], $_POST['bookingOptions'])) {
echo ' checked="checked"';
$page_info_message = 'Group deleted successfully.';
break;
default:
break;
}
}
//get all our current groups
$sql = 'SELECT group_id, group_name FROM ' . BOOKING_GROUPS_TABLE . ' ORDER BY group_name ASC';
//it would be neater to include a count of the number of members at the same time but it is impossible to get groups with 0 members to be returned this way, hence the extra query for each group done later in the loop.
//$sql = 'SELECT g.group_id, g.group_name, COUNT(m.user_group_id) AS num_members FROM ' . BOOKING_GROUPS_TABLE . ' AS g, ' . BOOKING_USER_GROUPS_TABLE . ' AS m WHERE m.group_id=g.group_id GROUP BY g.group_id ORDER BY g.group_name ASC' ;
$res = wrap_db_query($sql);
if ($res) {
while ($row = wrap_db_fetch_array($res)) {
$membershipSql = 'SELECT COUNT(user_group_id) AS numMembers FROM ' . BOOKING_USER_GROUPS_TABLE . ' WHERE group_id=' . $row['group_id'];
if ($membershipRes = wrap_db_query($membershipSql)) {
if ($membershipRow = wrap_db_fetch_array($membershipRes)) {
$row['num_members'] = $membershipRow['numMembers'];
}
}
$groups[] = $row;
}
}
include_once "header.php";
?>
<br />
Use the controls below to add/edit or delete user groups (as used when sending mailshots).<br />
<br />
<form name="form1" method="post" action="<?php
echo FILENAME_ADMIN_MODIFY_GROUPS;
?>
">
function update_user_information($username, $firstname, $lastname, $email)
{
// check if username is unique
$result = wrap_db_query("SELECT user_id FROM " . BOOKING_USER_TABLE . " WHERE username='******'");
if (!$result) {
return false;
// no result
} else {
if (wrap_db_num_rows($result) == 1) {
// one result row
$fields = wrap_db_fetch_array($result);
$user_id = $fields['user_id'];
} else {
return false;
}
}
if (empty($user_id)) {
return false;
}
// if ok, put in db and return result
$result = wrap_db_query("UPDATE " . BOOKING_USER_TABLE . " SET \r\n\t\t\t\t\t\tfirstname = '" . wrap_db_escape_string($firstname) . "',\r\n\t\t\t\t\t\tlastname = '" . wrap_db_escape_string($lastname) . "',\r\n\t\t\t\t\t\temail = '" . wrap_db_escape_string($email) . "' \r\n\t\t\t\t\t\tWHERE username = '******' " . " AND user_id = '" . wrap_db_escape_string($user_id) . "'");
if (!$result) {
return false;
} else {
return true;
}
}
function get_credit_types()
{
$result = wrap_db_query("SELECT * FROM " . BOOKING_CREDIT_TYPES);
$returnArray = null;
if (!$result) {
return false;
// general connection or query error
} else {
if (wrap_db_num_rows($result) == 0) {
return false;
// no results - odd!
} else {
while ($fields = wrap_db_fetch_array($result)) {
$returnArray[] = array('credit_type_id' => $fields['credit_type_id'], 'credit_type_name' => $fields['credit_type_name'], 'credit_type_booking_days' => $fields['credit_type_booking_days']);
}
}
}
return $returnArray;
}
<b>Current Bookings:</b><br>
<br>
<?php
// Check how many upcoming bookings the user already has reserved in the system
$showedABooking = false;
$user_events_result = get_user_events($user_info['username'], true, 50);
//get a max of 50 results
$num_events_results = wrap_db_num_rows($user_events_result);
if ($num_events_results >= 50) {
echo "NOTE: You currently have more than 50 advance bookings. Only the next 50 are shown below.<br><br>";
}
?>
<table cellpadding="2" cellspacing="0" border="0" style="margin-left: 20px;">
<?php
while ($user_events_row = wrap_db_fetch_array($user_events_result)) {
// echo '<pre>' ;
// print_r( $user_events_row ) ;
// echo '</pre>' ;
$display_dates_and_time_ranges = get_event_dates_and_time_ranges($user_events_row['event_id'], $user_events_row['location']);
if (count($display_dates_and_time_ranges) > 0) {
reset($display_dates_and_time_ranges);
foreach ($display_dates_and_time_ranges as $display_date_and_time) {
list($date, $time_range) = explode(" ", $display_date_and_time);
list($from_time, $to_time) = explode("-", $time_range);
?>
<tr>
<td align="left" valign="top" nowrap="nowrap"><?php
echo short_date_format_with_day_of_week($date);
?>
</td>
if ($BuddyRes) {
while ($row = wrap_db_fetch_array($BuddyRes)) {
$buddyCount = $row[0];
}
}
$pendingBuddyCountSql = "SELECT COUNT(user_id) FROM " . BOOKING_BUDDIES_PENDING . " ";
$pendingBuddyRes = wrap_db_query($pendingBuddyCountSql);
if ($pendingBuddyRes) {
while ($row1 = wrap_db_fetch_array($pendingBuddyRes)) {
$pendingBuddyCount = $row1[0];
}
}
$userCountSql = "SELECT COUNT(user_id) FROM " . BOOKING_USER_TABLE . " WHERE is_admin = '0'";
$UserRes = wrap_db_query($userCountSql);
if ($UserRes) {
while ($row2 = wrap_db_fetch_array($UserRes)) {
$userCount = $row2[0];
}
}
// calculate percentage of users using BLN
$decimal = $buddyCount / $userCount;
$percentage = $decimal * 100;
?>
<br>
Usage Statistics:
</p>
<table border="0" cellpadding="4" cellspacing="2" id="booking_email_table" style="filter: progid:DXImageTransform.Microsoft.Alpha(opacity=<?php
echo $_SESSION['BUDDY_LIST_EMAILS_SEND'] ? '100' : '50';
?>
);">
<tr>
function get_user($user_id)
{
// get user_id based on $id
$result = wrap_db_query("SELECT * FROM " . BOOKING_USER_TABLE . " \r\n\t\t\t\t\t\tWHERE user_id = '" . wrap_db_escape_string($user_id) . "' LIMIT 1");
return wrap_db_fetch_array($result);
}
$myBuddyBuddyIDs[] = $myBuddies['buddy_id'];
}
// get pending buddies for our user
$pendingBuddies = wrap_db_query("SELECT user_id, buddy_id FROM " . BOOKING_BUDDIES_PENDING . " where buddy_id = '" . $user_info['user_id'] . "' OR user_id='" . $user_info['user_id'] . "'");
while ($myPendingBuddies = wrap_db_fetch_array($pendingBuddies)) {
$myPendingUserBuddyIDs[] = $myPendingBuddies['user_id'];
$myPendingBuddyBuddyIDs[] = $myPendingBuddies['buddy_id'];
}
// if the user does not have any pending buddies, set the pending session variable to false
// so that the indicator flag in the control panel does not show
if (!is_array($myPendingBuddyBuddyIDs)) {
$_SESSION['number_pending_buddies'] = false;
}
// get our current buddies
$allUsers = wrap_db_query("SELECT user_id, username, firstname, lastname, email FROM " . BOOKING_USER_TABLE . " where user_id <> '" . $user_info['user_id'] . "' AND is_admin = '0' ORDER BY lastname, firstname, username");
while ($myUsers = wrap_db_fetch_array($allUsers)) {
foreach ($myUsers as $item) {
$my_users[$myUsers['user_id']]['user_id'] = $myUsers['user_id'];
$my_users[$myUsers['user_id']]['username'] = $myUsers['username'];
$my_users[$myUsers['user_id']]['firstname'] = $myUsers['firstname'];
$my_users[$myUsers['user_id']]['lastname'] = $myUsers['lastname'];
$my_users[$myUsers['user_id']]['email'] = $myUsers['email'];
}
}
// java script for allow or deny links
?>
<script language="JavaScript" type="text/javascript">
<!--
function allow ( selectedtype )
{
document.submit_pending.allow_selected.value = selectedtype ;
