/**
* Performs actions on init. This works for both ajax and normal requests, the return results depends if an em_ajax flag is passed via POST or GET.
*/
function em_init_actions()
{
global $wpdb, $EM_Notices, $EM_Event;
if (defined('DOING_AJAX') && DOING_AJAX) {
$_REQUEST['em_ajax'] = true;
}
//NOTE - No EM objects are globalized at this point, as we're hitting early init mode.
//TODO Clean this up.... use a uniformed way of calling EM Ajax actions
if (!empty($_REQUEST['em_ajax']) || !empty($_REQUEST['em_ajax_action'])) {
if (isset($_REQUEST['em_ajax_action']) && $_REQUEST['em_ajax_action'] == 'get_location') {
if (isset($_REQUEST['id'])) {
$EM_Location = new EM_Location($_REQUEST['id'], 'location_id');
$location_array = $EM_Location->to_array();
$location_array['location_balloon'] = $EM_Location->output(get_option('dbem_location_baloon_format'));
echo EM_Object::json_encode($location_array);
}
die;
}
if (isset($_REQUEST['em_ajax_action']) && $_REQUEST['em_ajax_action'] == 'delete_ticket') {
if (isset($_REQUEST['id'])) {
$EM_Ticket = new EM_Ticket($_REQUEST['id']);
$result = $EM_Ticket->delete();
if ($result) {
$result = array('result' => true);
} else {
$result = array('result' => false, 'error' => $EM_Ticket->feedback_message);
}
} else {
$result = array('result' => false, 'error' => __('No ticket id provided', 'dbem'));
}
echo EM_Object::json_encode($result);
die;
}
if (isset($_REQUEST['query']) && $_REQUEST['query'] == 'GlobalMapData') {
$EM_Locations = EM_Locations::get($_REQUEST);
$json_locations = array();
foreach ($EM_Locations as $location_key => $EM_Location) {
$json_locations[$location_key] = $EM_Location->to_array();
$json_locations[$location_key]['location_balloon'] = $EM_Location->output(get_option('dbem_map_text_format'));
}
echo EM_Object::json_encode($json_locations);
die;
}
if (isset($_REQUEST['ajaxCalendar']) && $_REQUEST['ajaxCalendar']) {
//FIXME if long events enabled originally, this won't show up on ajax call
echo EM_Calendar::output($_REQUEST, false);
die;
}
}
//Event Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 5) == 'event') {
//Load the event object, with saved event if requested
if (!empty($_REQUEST['event_id'])) {
$EM_Event = new EM_Event($_REQUEST['event_id']);
} else {
$EM_Event = new EM_Event();
}
//Save Event, only via BP or via [event_form]
if ($_REQUEST['action'] == 'event_save' && $EM_Event->can_manage('edit_events', 'edit_others_events')) {
//Check Nonces
if (!wp_verify_nonce($_REQUEST['_wpnonce'], 'wpnonce_event_save')) {
exit('Trying to perform an illegal action.');
}
//Grab and validate submitted data
if ($EM_Event->get_post() && $EM_Event->save()) {
//EM_Event gets the event if submitted via POST and validates it (safer than to depend on JS)
$events_result = true;
//Success notice
if (is_user_logged_in()) {
if (empty($_REQUEST['event_id'])) {
$EM_Notices->add_confirm($EM_Event->output(get_option('dbem_events_form_result_success')), true);
} else {
$EM_Notices->add_confirm($EM_Event->output(get_option('dbem_events_form_result_success_updated')), true);
}
} else {
$EM_Notices->add_confirm($EM_Event->output(get_option('dbem_events_anonymous_result_success')), true);
}
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
$redirect = em_add_get_params($redirect, array('success' => 1), false, false);
wp_redirect($redirect);
exit;
} else {
$EM_Notices->add_error($EM_Event->get_errors());
$events_result = false;
}
}
if ($_REQUEST['action'] == 'event_duplicate' && wp_verify_nonce($_REQUEST['_wpnonce'], 'event_duplicate_' . $EM_Event->event_id)) {
$event = $EM_Event->duplicate();
if ($event === false) {
$EM_Notices->add_error($EM_Event->errors, true);
wp_redirect(wp_get_referer());
} else {
$EM_Notices->add_confirm($EM_Event->feedback_message, true);
wp_redirect($event->get_edit_url());
}
exit;
}
if ($_REQUEST['action'] == 'event_delete' && wp_verify_nonce($_REQUEST['_wpnonce'], 'event_delete_' . $EM_Event->event_id)) {
//DELETE action
$selectedEvents = !empty($_REQUEST['events']) ? $_REQUEST['events'] : '';
if (EM_Object::array_is_numeric($selectedEvents)) {
$events_result = EM_Events::delete($selectedEvents);
} elseif (is_object($EM_Event)) {
$events_result = $EM_Event->delete();
}
$plural = count($selectedEvents) > 1 ? __('Events', 'dbem') : __('Event', 'dbem');
if ($events_result) {
$message = !empty($EM_Event->feedback_message) ? $EM_Event->feedback_message : sprintf(__('%s successfully deleted.', 'dbem'), $plural);
$EM_Notices->add_confirm($message, true);
} else {
$message = !empty($EM_Event->errors) ? $EM_Event->errors : sprintf(__('%s could not be deleted.', 'dbem'), $plural);
$EM_Notices->add_error($message, true);
}
wp_redirect(wp_get_referer());
exit;
} elseif ($_REQUEST['action'] == 'event_detach' && wp_verify_nonce($_REQUEST['_wpnonce'], 'event_detach_' . get_current_user_id() . '_' . $EM_Event->event_id)) {
//Detach event and move on
if ($EM_Event->detach()) {
$EM_Notices->add_confirm($EM_Event->feedback_message, true);
} else {
$EM_Notices->add_error($EM_Event->errors, true);
}
wp_redirect(wp_get_referer());
exit;
} elseif ($_REQUEST['action'] == 'event_attach' && !empty($_REQUEST['undo_id']) && wp_verify_nonce($_REQUEST['_wpnonce'], 'event_attach_' . get_current_user_id() . '_' . $EM_Event->event_id)) {
//Detach event and move on
if ($EM_Event->attach($_REQUEST['undo_id'])) {
$EM_Notices->add_confirm($EM_Event->feedback_message, true);
} else {
$EM_Notices->add_error($EM_Event->errors, true);
}
wp_redirect(wp_get_referer());
exit;
}
//AJAX Exit
if (isset($events_result) && !empty($_REQUEST['em_ajax'])) {
if ($events_result) {
$return = array('result' => true, 'message' => $EM_Event->feedback_message);
} else {
$return = array('result' => false, 'message' => $EM_Event->feedback_message, 'errors' => $EM_Event->errors);
}
echo EM_Object::json_encode($return);
edit();
}
}
//Location Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 8) == 'location') {
global $EM_Location, $EM_Notices;
//Load the location object, with saved event if requested
if (!empty($_REQUEST['location_id'])) {
$EM_Location = new EM_Location($_REQUEST['location_id']);
} else {
$EM_Location = new EM_Location();
}
if ($_REQUEST['action'] == 'location_save' && $EM_Location->can_manage('edit_locations', 'edit_others_locations')) {
//Check Nonces
em_verify_nonce('location_save');
//Grab and validate submitted data
if ($EM_Location->get_post() && $EM_Location->save()) {
//EM_location gets the location if submitted via POST and validates it (safer than to depend on JS)
$EM_Notices->add_confirm($EM_Location->feedback_message, true);
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
exit;
} else {
$EM_Notices->add_error($EM_Location->get_errors());
$result = false;
}
} elseif (!empty($_REQUEST['action']) && $_REQUEST['action'] == "location_delete") {
//delete location
//get object or objects
if (!empty($_REQUEST['locations']) || !empty($_REQUEST['location_id'])) {
$args = !empty($_REQUEST['locations']) ? $_REQUEST['locations'] : $_REQUEST['location_id'];
$locations = EM_Locations::get($args);
foreach ($locations as $location) {
if (!$location->delete()) {
$EM_Notices->add_error($location->get_errors());
$errors = true;
}
}
if (empty($errors)) {
$result = true;
$location_term = count($locations) > 1 ? __('Locations', 'dbem') : __('Location', 'dbem');
$EM_Notices->add_confirm(sprintf(__('%s successfully deleted', 'dbem'), $location_term));
} else {
$result = false;
}
}
} elseif (!empty($_REQUEST['action']) && $_REQUEST['action'] == "locations_search" && (!empty($_REQUEST['term']) || !empty($_REQUEST['q']))) {
$results = array();
if (is_user_logged_in() || get_option('dbem_events_anonymous_submissions') && user_can(get_option('dbem_events_anonymous_user'), 'read_others_locations')) {
$location_cond = is_user_logged_in() && !current_user_can('read_others_locations') ? "AND location_owner=" . get_current_user_id() : '';
if (!is_user_logged_in() && get_option('dbem_events_anonymous_submissions')) {
if (!user_can(get_option('dbem_events_anonymous_user'), 'read_private_locations')) {
$location_cond = " AND location_private=0";
}
} elseif (is_user_logged_in() && !current_user_can('read_private_locations')) {
$location_cond = " AND location_private=0";
} elseif (!is_user_logged_in()) {
$location_cond = " AND location_private=0";
}
$location_cond = apply_filters('em_actions_locations_search_cond', $location_cond);
$term = isset($_REQUEST['term']) ? '%' . $_REQUEST['term'] . '%' : '%' . $_REQUEST['q'] . '%';
$sql = $wpdb->prepare("\n\t\t\t\t\tSELECT \n\t\t\t\t\t\tlocation_id AS `id`,\n\t\t\t\t\t\tConcat( location_name ) AS `label`,\n\t\t\t\t\t\tlocation_name AS `value`,\n\t\t\t\t\t\tlocation_address AS `address`, \n\t\t\t\t\t\tlocation_town AS `town`, \n\t\t\t\t\t\tlocation_state AS `state`,\n\t\t\t\t\t\tlocation_region AS `region`,\n\t\t\t\t\t\tlocation_postcode AS `postcode`,\n\t\t\t\t\t\tlocation_country AS `country`\n\t\t\t\t\tFROM " . EM_LOCATIONS_TABLE . " \n\t\t\t\t\tWHERE ( `location_name` LIKE %s ) AND location_status=1 {$location_cond} LIMIT 10\n\t\t\t\t", $term);
$results = $wpdb->get_results($sql);
}
echo EM_Object::json_encode($results);
die;
}
if (isset($result) && $result && !empty($_REQUEST['em_ajax'])) {
$return = array('result' => true, 'message' => $EM_Location->feedback_message);
echo EM_Object::json_encode($return);
die;
} elseif (isset($result) && !$result && !empty($_REQUEST['em_ajax'])) {
$return = array('result' => false, 'message' => $EM_Location->feedback_message, 'errors' => $EM_Notices->get_errors());
echo EM_Object::json_encode($return);
die;
}
}
//Booking Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 7) == 'booking' && (is_user_logged_in() || $_REQUEST['action'] == 'booking_add' && get_option('dbem_bookings_anonymous'))) {
global $EM_Event, $EM_Booking, $EM_Person;
//Load the booking object, with saved booking if requested
$EM_Booking = !empty($_REQUEST['booking_id']) ? em_get_booking($_REQUEST['booking_id']) : em_get_booking();
if (!empty($EM_Booking->event_id)) {
//Load the event object, with saved event if requested
$EM_Event = $EM_Booking->get_event();
} elseif (!empty($_REQUEST['event_id'])) {
$EM_Event = new EM_Event($_REQUEST['event_id']);
}
$allowed_actions = array('bookings_approve' => 'approve', 'bookings_reject' => 'reject', 'bookings_unapprove' => 'unapprove', 'bookings_delete' => 'delete');
$result = false;
$feedback = '';
if ($_REQUEST['action'] == 'booking_add') {
//ADD/EDIT Booking
ob_start();
if (!defined('WP_CACHE') || !WP_CACHE) {
em_verify_nonce('booking_add');
}
if (!is_user_logged_in() || get_option('dbem_bookings_double') || !$EM_Event->get_bookings()->has_booking(get_current_user_id())) {
$EM_Booking->get_post();
$post_validation = $EM_Booking->validate();
do_action('em_booking_add', $EM_Event, $EM_Booking, $post_validation);
if ($post_validation) {
//register the user - or not depending - according to the booking
$registration = em_booking_add_registration($EM_Booking);
$EM_Bookings = $EM_Event->get_bookings();
if ($registration && $EM_Bookings->add($EM_Booking)) {
if (is_user_logged_in() && is_multisite() && !is_user_member_of_blog(get_current_user_id(), get_current_blog_id())) {
add_user_to_blog(get_current_blog_id(), get_current_user_id(), get_option('default_role'));
}
$result = true;
$EM_Notices->add_confirm($EM_Bookings->feedback_message);
$feedback = $EM_Bookings->feedback_message;
} else {
$result = false;
if (!$registration) {
$EM_Notices->add_error($EM_Booking->get_errors());
$feedback = $EM_Booking->feedback_message;
} else {
$EM_Notices->add_error($EM_Bookings->get_errors());
$feedback = $EM_Bookings->feedback_message;
}
}
global $em_temp_user_data;
$em_temp_user_data = false;
//delete registered user temp info (if exists)
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
}
} else {
$result = false;
$feedback = get_option('dbem_booking_feedback_already_booked');
$EM_Notices->add_error($feedback);
}
ob_clean();
} elseif ($_REQUEST['action'] == 'booking_add_one' && is_object($EM_Event) && is_user_logged_in()) {
//ADD/EDIT Booking
em_verify_nonce('booking_add_one');
if (!$EM_Event->get_bookings()->has_booking(get_current_user_id()) || get_option('dbem_bookings_double')) {
$EM_Booking = em_get_booking(array('person_id' => get_current_user_id(), 'event_id' => $EM_Event->event_id, 'booking_spaces' => 1));
//new booking
$EM_Ticket = $EM_Event->get_bookings()->get_tickets()->get_first();
//get first ticket in this event and book one place there. similar to getting the form values in EM_Booking::get_post_values()
$EM_Ticket_Booking = new EM_Ticket_Booking(array('ticket_id' => $EM_Ticket->ticket_id, 'ticket_booking_spaces' => 1));
$EM_Booking->tickets_bookings = new EM_Tickets_Bookings();
$EM_Booking->tickets_bookings->booking = $EM_Ticket_Booking->booking = $EM_Booking;
$EM_Booking->tickets_bookings->add($EM_Ticket_Booking);
//Now save booking
if ($EM_Event->get_bookings()->add($EM_Booking)) {
$result = true;
$EM_Notices->add_confirm($EM_Event->get_bookings()->feedback_message);
$feedback = $EM_Event->get_bookings()->feedback_message;
} else {
$result = false;
$EM_Notices->add_error($EM_Event->get_bookings()->get_errors());
$feedback = $EM_Event->get_bookings()->feedback_message;
}
} else {
$result = false;
$feedback = get_option('dbem_booking_feedback_already_booked');
$EM_Notices->add_error($feedback);
}
} elseif ($_REQUEST['action'] == 'booking_cancel') {
//Cancel Booking
em_verify_nonce('booking_cancel');
if ($EM_Booking->can_manage() || $EM_Booking->person->ID == get_current_user_id() && get_option('dbem_bookings_user_cancellation')) {
if ($EM_Booking->cancel()) {
$result = true;
if (!defined('DOING_AJAX')) {
if ($EM_Booking->person->ID == get_current_user_id()) {
$EM_Notices->add_confirm(get_option('dbem_booking_feedback_cancelled'), true);
} else {
$EM_Notices->add_confirm($EM_Booking->feedback_message, true);
}
wp_redirect($_SERVER['HTTP_REFERER']);
exit;
}
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
$feedback = $EM_Booking->feedback_message;
}
} else {
$EM_Notices->add_error(__('You must log in to cancel your booking.', 'dbem'));
}
//TODO user action shouldn't check permission, booking object should.
} elseif (array_key_exists($_REQUEST['action'], $allowed_actions) && $EM_Event->can_manage('manage_bookings', 'manage_others_bookings')) {
//Event Admin only actions
$action = $allowed_actions[$_REQUEST['action']];
//Just do it here, since we may be deleting bookings of different events.
if (!empty($_REQUEST['bookings']) && EM_Object::array_is_numeric($_REQUEST['bookings'])) {
$results = array();
foreach ($_REQUEST['bookings'] as $booking_id) {
$EM_Booking = em_get_booking($booking_id);
$result = $EM_Booking->{$action}();
$results[] = $result;
if (!in_array(false, $results) && !$result) {
$feedback = $EM_Booking->feedback_message;
}
}
$result = !in_array(false, $results);
} elseif (is_object($EM_Booking)) {
$result = $EM_Booking->{$action}();
$feedback = $EM_Booking->feedback_message;
}
//FIXME not adhereing to object's feedback or error message, like other bits in this file.
//TODO multiple deletion won't work in ajax
if (!empty($_REQUEST['em_ajax'])) {
if ($result) {
echo $feedback;
} else {
echo '<span style="color:red">' . $feedback . '</span>';
}
die;
} else {
if ($result) {
$EM_Notices->add_confirm($feedback);
} else {
$EM_Notices->add_error($feedback);
}
}
} elseif ($_REQUEST['action'] == 'booking_save') {
em_verify_nonce('booking_save_' . $EM_Booking->booking_id);
do_action('em_booking_save', $EM_Event, $EM_Booking);
if ($EM_Booking->can_manage('manage_bookings', 'manage_others_bookings')) {
if ($EM_Booking->get_post(true) && $EM_Booking->validate(true) && $EM_Booking->save(false)) {
$EM_Notices->add_confirm($EM_Booking->feedback_message, true);
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
exit;
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
$feedback = $EM_Booking->feedback_message;
}
}
} elseif ($_REQUEST['action'] == 'booking_set_status') {
em_verify_nonce('booking_set_status_' . $EM_Booking->booking_id);
if ($EM_Booking->can_manage('manage_bookings', 'manage_others_bookings') && $_REQUEST['booking_status'] != $EM_Booking->booking_status) {
if ($EM_Booking->set_status($_REQUEST['booking_status'], false, true)) {
if (!empty($_REQUEST['send_email'])) {
if ($EM_Booking->email()) {
if ($EM_Booking->mails_sent > 0) {
$EM_Booking->feedback_message .= " " . __('Email Sent.', 'dbem');
} else {
$EM_Booking->feedback_message .= " " . _x('No emails to send for this booking.', 'bookings', 'dbem');
}
} else {
$EM_Booking->feedback_message .= ' <span style="color:red">' . __('ERROR : Email Not Sent.', 'dbem') . '</span>';
}
}
$EM_Notices->add_confirm($EM_Booking->feedback_message, true);
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
exit;
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
$feedback = $EM_Booking->feedback_message;
}
}
} elseif ($_REQUEST['action'] == 'booking_resend_email') {
em_verify_nonce('booking_resend_email_' . $EM_Booking->booking_id);
if ($EM_Booking->can_manage('manage_bookings', 'manage_others_bookings')) {
if ($EM_Booking->email(false, true)) {
if ($EM_Booking->mails_sent > 0) {
$EM_Notices->add_confirm(__('Email Sent.', 'dbem'), true);
} else {
$EM_Notices->add_confirm(_x('No emails to send for this booking.', 'bookings', 'dbem'), true);
}
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
exit;
} else {
$result = false;
$EM_Notices->add_error(__('ERROR : Email Not Sent.', 'dbem'));
$feedback = $EM_Booking->feedback_message;
}
}
} elseif ($_REQUEST['action'] == 'booking_modify_person') {
em_verify_nonce('booking_modify_person_' . $EM_Booking->booking_id);
if ($EM_Booking->can_manage('manage_bookings', 'manage_others_bookings')) {
global $wpdb;
$no_user = get_option('dbem_bookings_registration_disable') && $EM_Booking->get_person()->ID == get_option('dbem_bookings_registration_user');
if ($no_user && $EM_Booking->get_person_post() && $wpdb->update(EM_BOOKINGS_TABLE, array('booking_meta' => serialize($EM_Booking->booking_meta)), array('booking_id' => $EM_Booking->booking_id))) {
$EM_Notices->add_confirm($EM_Booking->feedback_message, true);
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
exit;
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
$feedback = $EM_Booking->feedback_message;
}
}
do_action('em_booking_modify_person', $EM_Event, $EM_Booking);
}
if ($result && defined('DOING_AJAX')) {
$return = array('result' => true, 'message' => $feedback);
header('Content-Type: application/javascript; charset=UTF-8', true);
//add this for HTTP -> HTTPS requests which assume it's a cross-site request
echo EM_Object::json_encode(apply_filters('em_action_' . $_REQUEST['action'], $return, $EM_Booking));
die;
} elseif (!$result && defined('DOING_AJAX')) {
$return = array('result' => false, 'message' => $feedback, 'errors' => $EM_Notices->get_errors());
header('Content-Type: application/javascript; charset=UTF-8', true);
//add this for HTTP -> HTTPS requests which assume it's a cross-site request
echo EM_Object::json_encode(apply_filters('em_action_' . $_REQUEST['action'], $return, $EM_Booking));
die;
}
} elseif (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'booking_add' && !is_user_logged_in() && !get_option('dbem_bookings_anonymous')) {
$EM_Notices->add_error(get_option('dbem_booking_feedback_log_in'));
if (!$result && defined('DOING_AJAX')) {
$return = array('result' => false, 'message' => $EM_Booking->feedback_message, 'errors' => $EM_Notices->get_errors());
echo EM_Object::json_encode(apply_filters('em_action_' . $_REQUEST['action'], $return, $EM_Booking));
}
die;
}
//AJAX call for searches
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 6) == 'search') {
//default search arts
if ($_REQUEST['action'] == 'search_states') {
$results = array();
$conds = array();
if (!empty($_REQUEST['country'])) {
$conds[] = $wpdb->prepare("(location_country = '%s' OR location_country IS NULL )", $_REQUEST['country']);
}
if (!empty($_REQUEST['region'])) {
$conds[] = $wpdb->prepare("( location_region = '%s' )", $_REQUEST['region']);
}
$cond = count($conds) > 0 ? "AND " . implode(' AND ', $conds) : '';
$results = $wpdb->get_col("SELECT DISTINCT location_state FROM " . EM_LOCATIONS_TABLE . " WHERE location_state IS NOT NULL AND location_state != '' {$cond} ORDER BY location_state");
if ($_REQUEST['return_html']) {
//quick shortcut for quick html form manipulation
ob_start();
?>
<option value=''><?php
echo get_option('dbem_search_form_states_label');
?>
</option>
<?php
foreach ($results as $result) {
echo "<option>{$result}</option>";
}
$return = ob_get_clean();
echo apply_filters('em_ajax_search_states', $return);
exit;
} else {
echo EM_Object::json_encode($results);
exit;
}
}
if ($_REQUEST['action'] == 'search_towns') {
$results = array();
$conds = array();
if (!empty($_REQUEST['country'])) {
$conds[] = $wpdb->prepare("(location_country = '%s' OR location_country IS NULL )", $_REQUEST['country']);
}
if (!empty($_REQUEST['region'])) {
$conds[] = $wpdb->prepare("( location_region = '%s' )", $_REQUEST['region']);
}
if (!empty($_REQUEST['state'])) {
$conds[] = $wpdb->prepare("(location_state = '%s' )", $_REQUEST['state']);
}
$cond = count($conds) > 0 ? "AND " . implode(' AND ', $conds) : '';
$results = $wpdb->get_col("SELECT DISTINCT location_town FROM " . EM_LOCATIONS_TABLE . " WHERE location_town IS NOT NULL AND location_town != '' {$cond} ORDER BY location_town");
if ($_REQUEST['return_html']) {
//quick shortcut for quick html form manipulation
ob_start();
?>
<option value=''><?php
echo get_option('dbem_search_form_towns_label');
?>
</option>
<?php
foreach ($results as $result) {
echo "<option>{$result}</option>";
}
$return = ob_get_clean();
echo apply_filters('em_ajax_search_towns', $return);
exit;
} else {
echo EM_Object::json_encode($results);
exit;
}
}
if ($_REQUEST['action'] == 'search_regions') {
$results = array();
if (!empty($_REQUEST['country'])) {
$conds[] = $wpdb->prepare("(location_country = '%s' )", $_REQUEST['country']);
}
$cond = count($conds) > 0 ? "AND " . implode(' AND ', $conds) : '';
$results = $wpdb->get_results("SELECT DISTINCT location_region AS value FROM " . EM_LOCATIONS_TABLE . " WHERE location_region IS NOT NULL AND location_region != '' {$cond} ORDER BY location_region");
if ($_REQUEST['return_html']) {
//quick shortcut for quick html form manipulation
ob_start();
?>
<option value=''><?php
echo get_option('dbem_search_form_regions_label');
?>
</option>
<?php
foreach ($results as $result) {
echo "<option>{$result->value}</option>";
}
$return = ob_get_clean();
echo apply_filters('em_ajax_search_regions', $return);
exit;
} else {
echo EM_Object::json_encode($results);
exit;
}
}
}
//EM Ajax requests require this flag.
if (is_user_logged_in()) {
//Admin operations
//Specific Oject Ajax
if (!empty($_REQUEST['em_obj'])) {
switch ($_REQUEST['em_obj']) {
case 'em_bookings_events_table':
include_once 'admin/bookings/em-events.php';
em_bookings_events_table();
exit;
break;
case 'em_bookings_pending_table':
include_once 'admin/bookings/em-pending.php';
em_bookings_pending_table();
exit;
break;
case 'em_bookings_confirmed_table':
//add some admin files just in case
include_once 'admin/bookings/em-confirmed.php';
em_bookings_confirmed_table();
exit;
break;
}
}
}
//Export CSV - WIP
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'export_bookings_csv' && wp_verify_nonce($_REQUEST['_wpnonce'], 'export_bookings_csv')) {
if (!empty($_REQUEST['event_id'])) {
$EM_Event = em_get_event($_REQUEST['event_id']);
}
//sort out cols
if (!empty($_REQUEST['cols']) && is_array($_REQUEST['cols'])) {
$cols = array();
foreach ($_REQUEST['cols'] as $col => $active) {
if ($active) {
$cols[] = $col;
}
}
$_REQUEST['cols'] = $cols;
}
$_REQUEST['limit'] = 0;
//generate bookings export according to search request
$show_tickets = !empty($_REQUEST['show_tickets']);
$EM_Bookings_Table = new EM_Bookings_Table($show_tickets);
header("Content-Type: application/octet-stream; charset=utf-8");
$file_name = !empty($EM_Event->event_slug) ? $EM_Event->event_slug : get_bloginfo();
header("Content-Disposition: Attachment; filename=" . sanitize_title($file_name) . "-bookings-export.csv");
do_action('em_csv_header_output');
echo "";
// UTF-8 for MS Excel (a little hacky... but does the job)
if (!defined('EM_CSV_DISABLE_HEADERS') || !EM_CSV_DISABLE_HEADERS) {
if (!empty($_REQUEST['event_id'])) {
echo __('Event', 'dbem') . ' : ' . $EM_Event->event_name . "\n";
if ($EM_Event->location_id > 0) {
echo __('Where', 'dbem') . ' - ' . $EM_Event->get_location()->location_name . "\n";
}
echo __('When', 'dbem') . ' : ' . $EM_Event->output('#_EVENTDATES - #_EVENTTIMES') . "\n";
}
echo sprintf(__('Exported booking on %s', 'dbem'), date_i18n('D d M Y h:i', current_time('timestamp'))) . "\n";
}
echo '"' . implode('","', $EM_Bookings_Table->get_headers(true)) . '"' . "\n";
//Rows
$EM_Bookings_Table->limit = 150;
//if you're having server memory issues, try messing with this number
$EM_Bookings = $EM_Bookings_Table->get_bookings();
$handle = fopen("php://output", "w");
$delimiter = !defined('EM_CSV_DELIMITER') ? ',' : EM_CSV_DELIMITER;
while (!empty($EM_Bookings->bookings)) {
foreach ($EM_Bookings->bookings as $EM_Booking) {
//Display all values
/* @var $EM_Booking EM_Booking */
/* @var $EM_Ticket_Booking EM_Ticket_Booking */
if ($show_tickets) {
foreach ($EM_Booking->get_tickets_bookings()->tickets_bookings as $EM_Ticket_Booking) {
$row = $EM_Bookings_Table->get_row_csv($EM_Ticket_Booking);
fputcsv($handle, $row, $delimiter);
}
} else {
$row = $EM_Bookings_Table->get_row_csv($EM_Booking);
fputcsv($handle, $row, $delimiter);
}
}
//reiterate loop
$EM_Bookings_Table->offset += $EM_Bookings_Table->limit;
$EM_Bookings = $EM_Bookings_Table->get_bookings();
}
fclose($handle);
exit;
}
}
/**
* Performs actions on init. This works for both ajax and normal requests, the return results depends if an em_ajax flag is passed via POST or GET.
*/
function em_init_actions()
{
global $wpdb, $EM_Notices, $EM_Event;
if (defined('DOING_AJAX') && DOING_AJAX) {
$_REQUEST['em_ajax'] = true;
}
//NOTE - No EM objects are globalized at this point, as we're hitting early init mode.
//TODO Clean this up.... use a uniformed way of calling EM Ajax actions
if (!empty($_REQUEST['em_ajax']) || !empty($_REQUEST['em_ajax_action'])) {
if (isset($_REQUEST['em_ajax_action']) && $_REQUEST['em_ajax_action'] == 'get_location') {
if (isset($_REQUEST['id'])) {
$EM_Location = new EM_Location($_REQUEST['id'], 'location_id');
$location_array = $EM_Location->to_array();
$location_array['location_balloon'] = $EM_Location->output(get_option('dbem_location_baloon_format'));
echo EM_Object::json_encode($location_array);
}
die;
}
if (isset($_REQUEST['em_ajax_action']) && $_REQUEST['em_ajax_action'] == 'delete_ticket') {
if (isset($_REQUEST['id'])) {
$EM_Ticket = new EM_Ticket($_REQUEST['id']);
$result = $EM_Ticket->delete();
if ($result) {
$result = array('result' => true);
} else {
$result = array('result' => false, 'error' => $EM_Ticket->feedback_message);
}
} else {
$result = array('result' => false, 'error' => __('No ticket id provided', 'dbem'));
}
echo EM_Object::json_encode($result);
die;
}
if (isset($_REQUEST['query']) && $_REQUEST['query'] == 'GlobalMapData') {
$EM_Locations = EM_Locations::get($_REQUEST);
$json_locations = array();
foreach ($EM_Locations as $location_key => $EM_Location) {
$json_locations[$location_key] = $EM_Location->to_array();
$json_locations[$location_key]['location_balloon'] = $EM_Location->output(get_option('dbem_map_text_format'));
}
echo EM_Object::json_encode($json_locations);
die;
}
if (isset($_REQUEST['ajaxCalendar']) && $_REQUEST['ajaxCalendar']) {
//FIXME if long events enabled originally, this won't show up on ajax call
echo EM_Calendar::output($_REQUEST, false);
die;
}
}
//Event Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 5) == 'event') {
//Load the event object, with saved event if requested
if (!empty($_REQUEST['event_id'])) {
$EM_Event = new EM_Event($_REQUEST['event_id']);
} else {
$EM_Event = new EM_Event();
}
//Save Event, only via BP or via [event_form]
if ($_REQUEST['action'] == 'event_save' && $EM_Event->can_manage('edit_events', 'edit_others_events')) {
//Check Nonces
if (!wp_verify_nonce($_REQUEST['_wpnonce'], 'wpnonce_event_save')) {
exit('Trying to perform an illegal action.');
}
//Grab and validate submitted data
if ($EM_Event->get_post() && $EM_Event->save()) {
//EM_Event gets the event if submitted via POST and validates it (safer than to depend on JS)
$events_result = true;
//Success notice
if (is_user_logged_in()) {
$EM_Notices->add_confirm($EM_Event->output(get_option('dbem_events_form_result_success')), true);
} else {
$EM_Notices->add_confirm($EM_Event->output(get_option('dbem_events_anonymous_result_success')), true);
}
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
$redirect = em_add_get_params($redirect, array('success' => 1));
wp_redirect($redirect);
exit;
} else {
$EM_Notices->add_error($EM_Event->get_errors());
$events_result = false;
}
}
if ($_REQUEST['action'] == 'event_duplicate' && wp_verify_nonce($_REQUEST['_wpnonce'], 'event_duplicate_' . $EM_Event->event_id)) {
$EM_Event = $EM_Event->duplicate();
if ($EM_Event === false) {
$EM_Notices->add_error($EM_Event->errors, true);
} else {
$EM_Notices->add_confirm($EM_Event->feedback_message, true);
}
wp_redirect(wp_get_referer());
exit;
}
if ($_REQUEST['action'] == 'event_delete' && wp_verify_nonce($_REQUEST['_wpnonce'], 'event_delete_' . $EM_Event->event_id)) {
//DELETE action
$selectedEvents = !empty($_REQUEST['events']) ? $_REQUEST['events'] : '';
if (EM_Object::array_is_numeric($selectedEvents)) {
$events_result = EM_Events::delete($selectedEvents);
} elseif (is_object($EM_Event)) {
$events_result = $EM_Event->delete();
}
$plural = count($selectedEvents) > 1 ? __('Events', 'dbem') : __('Event', 'dbem');
if ($events_result) {
$message = !empty($EM_Event->feedback_message) ? $EM_Event->feedback_message : sprintf(__('%s successfully deleted.', 'dbem'), $plural);
$EM_Notices->add_confirm($message, true);
} else {
$message = !empty($EM_Event->errors) ? $EM_Event->errors : sprintf(__('%s could not be deleted.', 'dbem'), $plural);
$EM_Notices->add_error($message, true);
}
wp_redirect(wp_get_referer());
exit;
} elseif ($_REQUEST['action'] == 'event_detach' && wp_verify_nonce($_REQUEST['_wpnonce'], 'event_detach_' . get_current_user_id() . '_' . $EM_Event->event_id)) {
//Detach event and move on
if ($EM_Event->detach()) {
$EM_Notices->add_confirm($EM_Event->feedback_message, true);
} else {
$EM_Notices->add_error($EM_Event->errors, true);
}
wp_redirect(wp_get_referer());
exit;
} elseif ($_REQUEST['action'] == 'event_attach' && !empty($_REQUEST['undo_id']) && wp_verify_nonce($_REQUEST['_wpnonce'], 'event_attach_' . get_current_user_id() . '_' . $EM_Event->event_id)) {
//Detach event and move on
if ($EM_Event->attach($_REQUEST['undo_id'])) {
$EM_Notices->add_confirm($EM_Event->feedback_message, true);
} else {
$EM_Notices->add_error($EM_Event->errors, true);
}
wp_redirect(wp_get_referer());
exit;
}
//AJAX Exit
if (isset($events_result) && !empty($_REQUEST['em_ajax'])) {
if ($events_result) {
$return = array('result' => true, 'message' => $EM_Event->feedback_message);
} else {
$return = array('result' => false, 'message' => $EM_Event->feedback_message, 'errors' => $EM_Event->errors);
}
}
}
//Location Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 8) == 'location') {
global $EM_Location, $EM_Notices;
//Load the location object, with saved event if requested
if (!empty($_REQUEST['location_id'])) {
$EM_Location = new EM_Location($_REQUEST['location_id']);
} else {
$EM_Location = new EM_Location();
}
if ($_REQUEST['action'] == 'location_save' && current_user_can('edit_locations')) {
if (get_site_option('dbem_ms_mainblog_locations')) {
EM_Object::ms_global_switch();
}
//switch to main blog if locations are global
//Check Nonces
em_verify_nonce('location_save');
//Grab and validate submitted data
if ($EM_Location->get_post() && $EM_Location->save()) {
//EM_location gets the location if submitted via POST and validates it (safer than to depend on JS)
$EM_Notices->add_confirm($EM_Location->feedback_message, true);
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
exit;
} else {
$EM_Notices->add_error($EM_Location->get_errors());
$result = false;
}
if (get_site_option('dbem_ms_mainblog_locations')) {
EM_Object::ms_global_switch_back();
}
} elseif (!empty($_REQUEST['action']) && $_REQUEST['action'] == "location_delete") {
//delete location
//get object or objects
if (!empty($_REQUEST['locations']) || !empty($_REQUEST['location_id'])) {
$args = !empty($_REQUEST['locations']) ? $_REQUEST['locations'] : $_REQUEST['location_id'];
$locations = EM_Locations::get($args);
foreach ($locations as $location) {
if (!$location->delete()) {
$EM_Notices->add_error($location->get_errors());
$errors = true;
}
}
if (empty($errors)) {
$result = true;
$location_term = count($locations) > 1 ? __('Locations', 'dbem') : __('Location', 'dbem');
$EM_Notices->add_confirm(sprintf(__('%s successfully deleted', 'dbem'), $location_term));
} else {
$result = false;
}
}
} elseif (!empty($_REQUEST['action']) && $_REQUEST['action'] == "locations_search" && (!empty($_REQUEST['term']) || !empty($_REQUEST['q']))) {
$results = array();
if (is_user_logged_in() || get_option('dbem_events_anonymous_submissions') && user_can(get_option('dbem_events_anonymous_user'), 'read_others_locations')) {
$location_cond = is_user_logged_in() && !current_user_can('read_others_locations') ? "AND location_owner=" . get_current_user_id() : '';
$term = isset($_REQUEST['term']) ? '%' . $_REQUEST['term'] . '%' : '%' . $_REQUEST['q'] . '%';
$sql = $wpdb->prepare("\r\n\t\t\t\t\tSELECT \r\n\t\t\t\t\t\tlocation_id AS `id`,\r\n\t\t\t\t\t\tConcat( location_name, ', ', location_address, ', ', location_town) AS `label`,\r\n\t\t\t\t\t\tlocation_name AS `value`,\r\n\t\t\t\t\t\tlocation_address AS `address`, \r\n\t\t\t\t\t\tlocation_town AS `town`, \r\n\t\t\t\t\t\tlocation_state AS `state`,\r\n\t\t\t\t\t\tlocation_region AS `region`,\r\n\t\t\t\t\t\tlocation_postcode AS `postcode`,\r\n\t\t\t\t\t\tlocation_country AS `country`\r\n\t\t\t\t\tFROM " . EM_LOCATIONS_TABLE . " \r\n\t\t\t\t\tWHERE ( `location_name` LIKE %s ) AND location_status=1 {$location_cond} LIMIT 10\r\n\t\t\t\t", $term);
$results = $wpdb->get_results($sql);
}
echo EM_Object::json_encode($results);
die;
}
if (isset($result) && $result && !empty($_REQUEST['em_ajax'])) {
$return = array('result' => true, 'message' => $EM_Location->feedback_message);
echo EM_Object::json_encode($return);
die;
} elseif (isset($result) && !$result && !empty($_REQUEST['em_ajax'])) {
$return = array('result' => false, 'message' => $EM_Location->feedback_message, 'errors' => $EM_Notices->get_errors());
echo EM_Object::json_encode($return);
die;
}
}
//Booking Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 7) == 'booking' && (is_user_logged_in() || $_REQUEST['action'] == 'booking_add' && get_option('dbem_bookings_anonymous'))) {
global $EM_Event, $EM_Booking, $EM_Person;
//Load the booking object, with saved booking if requested
$EM_Booking = !empty($_REQUEST['booking_id']) ? new EM_Booking($_REQUEST['booking_id']) : new EM_Booking();
if (!empty($EM_Booking->event_id)) {
//Load the event object, with saved event if requested
$EM_Event = $EM_Booking->get_event();
} elseif (!empty($_REQUEST['event_id'])) {
$EM_Event = new EM_Event($_REQUEST['event_id']);
}
$allowed_actions = array('bookings_approve' => 'approve', 'bookings_reject' => 'reject', 'bookings_unapprove' => 'unapprove', 'bookings_delete' => 'delete');
$result = false;
$feedback = '';
if ($_REQUEST['action'] == 'booking_add') {
//ADD/EDIT Booking
ob_start();
em_verify_nonce('booking_add');
if (!is_user_logged_in() || get_option('dbem_bookings_double') || !$EM_Event->get_bookings()->has_booking(get_current_user_id())) {
$post_validation = $EM_Booking->get_post();
do_action('em_booking_add', $EM_Event, $EM_Booking, $post_validation);
if ($post_validation) {
//Does this user need to be registered first?
$registration = true;
//TODO do some ticket validation before registering the user
if ($EM_Event->get_bookings()->get_available_spaces() >= $EM_Booking->get_spaces(true)) {
if ((!is_user_logged_in() || defined('EM_FORCE_REGISTRATION')) && get_option('dbem_bookings_anonymous') && !get_option('dbem_bookings_registration_disable')) {
//find random username - less options for user, less things go wrong
$username_root = explode('@', $_REQUEST['user_email']);
$username_rand = $username_root[0] . rand(1, 1000);
while (username_exists($username_root[0] . rand(1, 1000))) {
$username_rand = $username_root[0] . rand(1, 1000);
}
$_REQUEST['dbem_phone'] = !empty($_REQUEST['dbem_phone']) ? $_REQUEST['dbem_phone'] : '';
//fix to prevent warnings
$_REQUEST['user_name'] = !empty($_REQUEST['user_name']) ? $_REQUEST['user_name'] : '';
//fix to prevent warnings
$user_data = array('user_login' => $username_rand, 'user_email' => $_REQUEST['user_email'], 'user_name' => $_REQUEST['user_name'], 'dbem_phone' => $_REQUEST['dbem_phone']);
$id = em_register_new_user($user_data);
if (is_numeric($id)) {
$EM_Person = new EM_Person($id);
$EM_Booking->person_id = $id;
$feedback = get_option('dbem_booking_feedback_new_user');
$EM_Notices->add_confirm($feedback);
} else {
$registration = false;
if (is_object($id) && get_class($id) == 'WP_Error') {
/* @var $id WP_Error */
if ($id->get_error_code() == 'email_exists') {
$EM_Notices->add_error(get_option('dbem_booking_feedback_email_exists'));
} else {
$EM_Notices->add_error($id->get_error_messages());
}
} else {
$EM_Notices->add_error(get_option('dbem_booking_feedback_reg_error'));
}
}
} elseif ((!is_user_logged_in() || defined('EM_FORCE_REGISTRATION')) && get_option('dbem_bookings_registration_disable')) {
//Validate name, phone and email
$user_data = array();
if (empty($EM_Booking->booking_meta['registration'])) {
$EM_Booking->booking_meta['registration'] = array();
}
// Check the e-mail address
if ($_REQUEST['user_email'] == '') {
$registration = false;
$EM_Notices->add_error(__('<strong>ERROR</strong>: Please type your e-mail address.', 'dbem'));
} elseif (!is_email($_REQUEST['user_email'])) {
$registration = false;
$EM_Notices->add_error(__('<strong>ERROR</strong>: The email address isn’t correct.', 'dbem'));
} elseif (email_exists($_REQUEST['user_email'])) {
$registration = false;
$EM_Notices->add_error(get_option('dbem_booking_feedback_email_exists'));
} else {
$user_data['user_email'] = $_REQUEST['user_email'];
}
//Check the user name
if (!empty($_REQUEST['user_name'])) {
$name_string = explode(' ', wp_kses($_REQUEST['user_name'], array()));
$user_data['first_name'] = array_shift($name_string);
$user_data['last_name'] = implode(' ', $name_string);
}
//Check the first/last name
if (!empty($_REQUEST['first_name'])) {
$user_data['first_name'] = wp_kses($_REQUEST['first_name'], array());
}
if (!empty($_REQUEST['last_name'])) {
$user_data['last_name'] = wp_kses($_REQUEST['last_name'], array());
}
//Check the phone
if (!empty($_REQUEST['dbem_phone'])) {
$user_data['dbem_phone'] = wp_kses($_REQUEST['dbem_phone'], array());
}
//Add booking meta
$EM_Booking->booking_meta['registration'] = array_merge($EM_Booking->booking_meta['registration'], $user_data);
//in case someone else added stuff
//Save default person to booking
$EM_Booking->person_id = get_option('dbem_bookings_registration_user');
} elseif (!is_user_logged_in()) {
$registration = false;
$EM_Notices->add_error(get_option('dbem_booking_feedback_log_in'));
} elseif (empty($EM_Booking->person_id)) {
//user must be logged in, so we make this person the current user id
$EM_Booking->person_id = get_current_user_id();
}
}
$EM_Bookings = $EM_Event->get_bookings();
if ($registration && $EM_Bookings->add($EM_Booking)) {
$result = true;
$EM_Notices->add_confirm($EM_Bookings->feedback_message);
$feedback = $EM_Bookings->feedback_message;
} else {
$result = false;
$EM_Notices->add_error($EM_Bookings->get_errors());
$feedback = $EM_Bookings->feedback_message;
}
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
}
} else {
$result = false;
$feedback = get_option('dbem_booking_feedback_already_booked');
$EM_Notices->add_error($feedback);
}
ob_clean();
} elseif ($_REQUEST['action'] == 'booking_add_one' && is_object($EM_Event) && is_user_logged_in()) {
//ADD/EDIT Booking
em_verify_nonce('booking_add_one');
if (!$EM_Event->get_bookings()->has_booking(get_current_user_id()) || get_option('dbem_bookings_double')) {
$EM_Booking = new EM_Booking(array('person_id' => get_current_user_id(), 'event_id' => $EM_Event->event_id, 'booking_spaces' => 1));
//new booking
$EM_Ticket = $EM_Event->get_bookings()->get_tickets()->get_first();
//get first ticket in this event and book one place there. similar to getting the form values in EM_Booking::get_post_values()
$EM_Ticket_Booking = new EM_Ticket_Booking(array('ticket_id' => $EM_Ticket->ticket_id, 'ticket_booking_spaces' => 1));
$EM_Booking->tickets_bookings = new EM_Tickets_Bookings();
$EM_Booking->tickets_bookings->booking = $EM_Ticket_Booking->booking = $EM_Booking;
$EM_Booking->tickets_bookings->add($EM_Ticket_Booking);
//Now save booking
if ($EM_Event->get_bookings()->add($EM_Booking)) {
$result = true;
$EM_Notices->add_confirm($EM_Event->get_bookings()->feedback_message);
$feedback = $EM_Event->get_bookings()->feedback_message;
} else {
$result = false;
$EM_Notices->add_error($EM_Event->get_bookings()->get_errors());
$feedback = $EM_Event->get_bookings()->feedback_message;
}
} else {
$result = false;
$feedback = get_option('dbem_booking_feedback_already_booked');
$EM_Notices->add_error($feedback);
}
} elseif ($_REQUEST['action'] == 'booking_cancel') {
//Cancel Booking
em_verify_nonce('booking_cancel');
if ($EM_Booking->can_manage() || $EM_Booking->person->ID == get_current_user_id() && get_option('dbem_bookings_user_cancellation')) {
if ($EM_Booking->cancel()) {
$result = true;
if (!defined('DOING_AJAX')) {
if ($EM_Booking->person->ID == get_current_user_id()) {
$EM_Notices->add_confirm(get_option('dbem_booking_feedback_cancelled'), true);
} else {
$EM_Notices->add_confirm($EM_Booking->feedback_message, true);
}
wp_redirect($_SERVER['HTTP_REFERER']);
exit;
}
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
$feedback = $EM_Booking->feedback_message;
}
} else {
$EM_Notices->add_error(__('You must log in to cancel your booking.', 'dbem'));
}
//TODO user action shouldn't check permission, booking object should.
} elseif (array_key_exists($_REQUEST['action'], $allowed_actions) && $EM_Event->can_manage('manage_bookings', 'manage_others_bookings')) {
//Event Admin only actions
$action = $allowed_actions[$_REQUEST['action']];
//Just do it here, since we may be deleting bookings of different events.
if (!empty($_REQUEST['bookings']) && EM_Object::array_is_numeric($_REQUEST['bookings'])) {
$results = array();
foreach ($_REQUEST['bookings'] as $booking_id) {
$EM_Booking = new EM_Booking($booking_id);
$result = $EM_Booking->{$action}();
$results[] = $result;
if (!in_array(false, $results) && !$result) {
$feedback = $EM_Booking->feedback_message;
}
}
$result = !in_array(false, $results);
} elseif (is_object($EM_Booking)) {
$result = $EM_Booking->{$action}();
$feedback = $EM_Booking->feedback_message;
}
//FIXME not adhereing to object's feedback or error message, like other bits in this file.
//TODO multiple deletion won't work in ajax
if (!empty($_REQUEST['em_ajax'])) {
if ($result) {
echo $feedback;
} else {
echo '<span style="color:red">' . $feedback . '</span>';
}
die;
}
} elseif ($_REQUEST['action'] == 'booking_save') {
em_verify_nonce('booking_save_' . $EM_Booking->booking_id);
do_action('em_booking_save', $EM_Event, $EM_Booking);
if ($EM_Booking->can_manage('manage_bookings', 'manage_others_bookings')) {
if ($EM_Booking->get_post(true) && $EM_Booking->save(false)) {
$EM_Notices->add_confirm($EM_Booking->feedback_message, true);
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
exit;
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
$feedback = $EM_Booking->feedback_message;
}
}
} elseif ($_REQUEST['action'] == 'booking_set_status') {
em_verify_nonce('booking_set_status_' . $EM_Booking->booking_id);
if ($EM_Booking->can_manage('manage_bookings', 'manage_others_bookings') && $_REQUEST['booking_status'] != $EM_Booking->booking_status) {
if ($EM_Booking->set_status($_REQUEST['booking_status'], false)) {
if (!empty($_REQUEST['send_email'])) {
if ($EM_Booking->email(false)) {
$EM_Booking->feedback_message .= " " . __('Mail Sent.', 'dbem');
} else {
$EM_Booking->feedback_message .= ' <span style="color:red">' . __('ERROR : Mail Not Sent.', 'dbem') . '</span>';
}
}
$EM_Notices->add_confirm($EM_Booking->feedback_message, true);
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
exit;
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
$feedback = $EM_Booking->feedback_message;
}
}
} elseif ($_REQUEST['action'] == 'booking_resend_email') {
em_verify_nonce('booking_resend_email_' . $EM_Booking->booking_id);
if ($EM_Booking->can_manage('manage_bookings', 'manage_others_bookings')) {
if ($EM_Booking->email(false, true)) {
$EM_Notices->add_confirm(__('Mail Sent.', 'dbem'), true);
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
exit;
} else {
$result = false;
$EM_Notices->add_error(__('ERROR : Mail Not Sent.', 'dbem'));
$feedback = $EM_Booking->feedback_message;
}
}
}
if ($result && defined('DOING_AJAX')) {
$return = array('result' => true, 'message' => $feedback);
echo EM_Object::json_encode(apply_filters('em_action_' . $_REQUEST['action'], $return, $EM_Booking));
die;
} elseif (!$result && defined('DOING_AJAX')) {
$return = array('result' => false, 'message' => $feedback, 'errors' => $EM_Notices->get_errors());
echo EM_Object::json_encode(apply_filters('em_action_' . $_REQUEST['action'], $return, $EM_Booking));
die;
}
} elseif (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'booking_add' && !is_user_logged_in() && !get_option('dbem_bookings_anonymous')) {
$EM_Notices->add_error(get_option('dbem_booking_feedback_log_in'));
if (!$result && defined('DOING_AJAX')) {
$return = array('result' => false, 'message' => $EM_Booking->feedback_message, 'errors' => $EM_Notices->get_errors());
echo EM_Object::json_encode(apply_filters('em_action_' . $_REQUEST['action'], $return, $EM_Booking));
}
die;
}
//AJAX call for searches
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 6) == 'search') {
if ($_REQUEST['action'] == 'search_states') {
$results = array();
$conds = array();
if (!empty($_REQUEST['country'])) {
$conds[] = $wpdb->prepare("(location_country = '%s' OR location_country IS NULL )", $_REQUEST['country']);
}
if (!empty($_REQUEST['region'])) {
$conds[] = $wpdb->prepare("( location_region = '%s' OR location_region IS NULL )", $_REQUEST['region']);
}
$cond = count($conds) > 0 ? "AND " . implode(' AND ', $conds) : '';
$results = $wpdb->get_col("SELECT DISTINCT location_state FROM " . EM_LOCATIONS_TABLE . " WHERE location_state IS NOT NULL AND location_state != '' {$cond} ORDER BY location_state");
if ($_REQUEST['return_html']) {
//quick shortcut for quick html form manipulation
ob_start();
?>
<option value=''><?php
echo get_option('dbem_search_form_states_label');
?>
</option>
<?php
foreach ($results as $result) {
echo "<option>{$result}</option>";
}
$return = ob_get_clean();
echo apply_filters('em_ajax_search_states', $return);
exit;
} else {
echo EM_Object::json_encode($results);
exit;
}
}
if ($_REQUEST['action'] == 'search_towns') {
$results = array();
$conds = array();
if (!empty($_REQUEST['country'])) {
$conds[] = $wpdb->prepare("(location_country = '%s' OR location_country IS NULL )", $_REQUEST['country']);
}
if (!empty($_REQUEST['region'])) {
$conds[] = $wpdb->prepare("( location_region = '%s' OR location_region IS NULL )", $_REQUEST['region']);
}
if (!empty($_REQUEST['state'])) {
$conds[] = $wpdb->prepare("(location_state = '%s' OR location_state IS NULL )", $_REQUEST['state']);
}
$cond = count($conds) > 0 ? "AND " . implode(' AND ', $conds) : '';
$results = $wpdb->get_col("SELECT DISTINCT location_town FROM " . EM_LOCATIONS_TABLE . " WHERE location_town IS NOT NULL AND location_town != '' {$cond} ORDER BY location_town");
if ($_REQUEST['return_html']) {
//quick shortcut for quick html form manipulation
ob_start();
?>
<option value=''><?php
echo get_option('dbem_search_form_towns_label');
?>
</option>
<?php
foreach ($results as $result) {
echo "<option>{$result}</option>";
}
$return = ob_get_clean();
echo apply_filters('em_ajax_search_towns', $return);
exit;
} else {
echo EM_Object::json_encode($results);
exit;
}
}
if ($_REQUEST['action'] == 'search_regions') {
if (!empty($_REQUEST['country'])) {
$conds[] = $wpdb->prepare("(location_country = '%s' OR location_country IS NULL )", $_REQUEST['country']);
}
$cond = count($conds) > 0 ? "AND " . implode(' AND ', $conds) : '';
$results = $wpdb->get_results("SELECT DISTINCT location_region AS value FROM " . EM_LOCATIONS_TABLE . " WHERE location_region IS NOT NULL AND location_region != '' {$cond} ORDER BY location_region");
if ($_REQUEST['return_html']) {
//quick shortcut for quick html form manipulation
ob_start();
?>
<option value=''><?php
echo get_option('dbem_search_form_regions_label');
?>
</option>
<?php
foreach ($results as $result) {
echo "<option>{$result->value}</option>";
}
$return = ob_get_clean();
echo apply_filters('em_ajax_search_regions', $return);
exit;
} else {
echo EM_Object::json_encode($results);
exit;
}
} elseif ($_REQUEST['action'] == 'search_events' && get_option('dbem_events_page_search') && defined('DOING_AJAX')) {
$args = EM_Events::get_post_search();
$args['owner'] = false;
ob_start();
em_locate_template('templates/events-list.php', true, array('args' => $args));
//if successful, this template overrides the settings and defaults, including search
echo apply_filters('em_ajax_search_events', ob_get_clean(), $args);
exit;
}
}
//EM Ajax requests require this flag.
if (is_user_logged_in()) {
//Admin operations
//Specific Oject Ajax
if (!empty($_REQUEST['em_obj'])) {
switch ($_REQUEST['em_obj']) {
case 'em_bookings_events_table':
case 'em_bookings_pending_table':
case 'em_bookings_confirmed_table':
//add some admin files just in case
include_once 'admin/bookings/em-confirmed.php';
include_once 'admin/bookings/em-events.php';
include_once 'admin/bookings/em-pending.php';
call_user_func($_REQUEST['em_obj']);
exit;
break;
}
}
}
//Export CSV - WIP
if (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'export_bookings_csv' && wp_verify_nonce($_REQUEST['_wpnonce'], 'export_bookings_csv')) {
//sort out cols
if (!empty($_REQUEST['cols']) && is_array($_REQUEST['cols'])) {
$cols = array();
foreach ($_REQUEST['cols'] as $col => $active) {
if ($active) {
$cols[] = $col;
}
}
$_REQUEST['cols'] = $cols;
}
$_REQUEST['limit'] = 0;
//generate bookings export according to search request
$show_tickets = !empty($_REQUEST['show_tickets']);
$EM_Bookings_Table = new EM_Bookings_Table($show_tickets);
header("Content-Type: application/octet-stream; charset=utf-8");
header("Content-Disposition: Attachment; filename=" . sanitize_title(get_bloginfo()) . "-bookings-export.csv");
echo sprintf(__('Exported booking on %s', 'dbem'), date_i18n('D d M Y h:i', current_time('timestamp'))) . "\n";
echo '"' . implode('","', $EM_Bookings_Table->get_headers(true)) . '"' . "\n";
//Rows
$EM_Bookings_Table->limit = 150;
//if you're having server memory issues, try messing with this number
$EM_Bookings = $EM_Bookings_Table->get_bookings();
$handle = fopen("php://output", "w");
while (!empty($EM_Bookings)) {
foreach ($EM_Bookings as $EM_Booking) {
//Display all values
/* @var $EM_Booking EM_Booking */
/* @var $EM_Ticket_Booking EM_Ticket_Booking */
if ($show_tickets) {
foreach ($EM_Booking->get_tickets_bookings()->tickets_bookings as $EM_Ticket_Booking) {
$row = $EM_Bookings_Table->get_row_csv($EM_Ticket_Booking);
fputcsv($handle, $row);
}
} else {
$row = $EM_Bookings_Table->get_row_csv($EM_Booking);
fputcsv($handle, $row);
}
}
//reiterate loop
$EM_Bookings_Table->offset += $EM_Bookings_Table->limit;
$EM_Bookings = $EM_Bookings_Table->get_bookings();
}
fclose($handle);
exit;
}
}
/**
* Performs actions on init. This works for both ajax and normal requests, the return results depends if an em_ajax flag is passed via POST or GET.
*/
function em_init_actions()
{
global $wpdb, $EM_Notices, $EM_Event;
//NOTE - No EM objects are globalized at this point, as we're hitting early init mode.
//TODO Clean this up.... use a uniformed way of calling EM Ajax actions
if (!empty($_REQUEST['em_ajax']) || !empty($_REQUEST['em_ajax_action'])) {
if (isset($_REQUEST['em_ajax_action']) && $_REQUEST['em_ajax_action'] == 'get_location') {
if (isset($_REQUEST['id'])) {
$EM_Location = new EM_Location($_REQUEST['id']);
$location_array = $EM_Location->to_array();
$location_array['location_balloon'] = $EM_Location->output(get_option('dbem_location_baloon_format'));
echo EM_Object::json_encode($location_array);
}
die;
}
if (isset($_REQUEST['em_ajax_action']) && $_REQUEST['em_ajax_action'] == 'delete_ticket') {
if (isset($_REQUEST['id'])) {
$EM_Ticket = new EM_Ticket($_REQUEST['id']);
$result = $EM_Ticket->delete();
if ($result) {
$result = array('result' => true);
} else {
$result = array('result' => false, 'error' => $EM_Ticket->feedback_message);
}
} else {
$result = array('result' => false, 'error' => __('No ticket id provided', 'dbem'));
}
echo EM_Object::json_encode($result);
die;
}
if (isset($_REQUEST['query']) && $_REQUEST['query'] == 'GlobalMapData') {
$EM_Locations = EM_Locations::get($_REQUEST);
$json_locations = array();
foreach ($EM_Locations as $location_key => $EM_Location) {
$json_locations[$location_key] = $EM_Location->to_array();
$json_locations[$location_key]['location_balloon'] = $EM_Location->output(get_option('dbem_map_text_format'));
}
echo EM_Object::json_encode($json_locations);
die;
}
if (isset($_REQUEST['ajaxCalendar']) && $_REQUEST['ajaxCalendar']) {
//FIXME if long events enabled originally, this won't show up on ajax call
echo EM_Calendar::output($_REQUEST);
die;
}
}
//Event Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 5) == 'event') {
//Load the event object, with saved event if requested
if (!empty($_REQUEST['event_id'])) {
$EM_Event = new EM_Event($_REQUEST['event_id']);
} else {
$EM_Event = new EM_Event();
}
if ($_REQUEST['action'] == 'event_save' && current_user_can('edit_events')) {
//Check Nonces
if (is_admin()) {
if (!wp_verify_nonce($_REQUEST['_wpnonce'] && 'event_save')) {
check_admin_referer('trigger_error');
}
} else {
if (!wp_verify_nonce($_REQUEST['_wpnonce'] && 'event_save')) {
exit('Trying to perform an illegal action.');
}
}
//Grab and validate submitted data
if ($EM_Event->get_post() && $EM_Event->save()) {
//EM_Event gets the event if submitted via POST and validates it (safer than to depend on JS)
$EM_Notices->add_confirm($EM_Event->feedback_message);
if (is_admin()) {
$page = !empty($_REQUEST['pno']) ? $_REQUEST['pno'] : '';
$scope = !empty($_REQUEST['scope']) ? $_REQUEST['scope'] : '';
//wp_redirect( get_bloginfo('wpurl').'/wp-admin/admin.php?page=events-manager&pno='.$page.'&scope='.$scope.'&message='.urlencode($EM_Event->feedback_message));
} else {
$redirect = !empty($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : wp_get_referer();
wp_redirect($redirect);
}
$events_result = true;
} else {
$EM_Notices->add_error($EM_Event->get_errors());
$events_result = false;
}
}
if ($_REQUEST['action'] == 'event_duplicate') {
global $EZSQL_ERROR;
$EM_Event = $EM_Event->duplicate();
if ($EM_Event === false) {
$EM_Notices->add_error($EM_Event->errors, true);
} else {
if ($EM_Event->id == $_REQUEST['event_id']) {
$EM_Notices->add_confirm($EM_Event->feedback_message . " " . sprintf(__('You are now viewing the duplicated %s.', 'dbem'), __('event', 'dbem')), true);
} else {
$EM_Notices->add_confirm($EM_Event->feedback_message, true);
}
}
}
if ($_REQUEST['action'] == 'event_delete') {
//DELETE action
$selectedEvents = !empty($_REQUEST['events']) ? $_REQUEST['events'] : '';
if (EM_Object::array_is_numeric($selectedEvents)) {
$events_result = EM_Events::delete($selectedEvents);
} elseif (is_object($EM_Event)) {
$events_result = $EM_Event->delete();
}
$plural = count($selectedEvents) > 1 ? __('Events', 'dbem') : __('Event', 'dbem');
if ($events_result) {
$message = is_object($EM_Event) ? $EM_Event->feedback_message : sprintf(__('%s successfully deleted.', 'dbem'), $plural);
$EM_Notices->add_confirm($message);
} else {
$message = is_object($EM_Event) ? $EM_Event->errors : sprintf(__('%s could not be deleted.', 'dbem'), $plural);
$EM_Notices->add_confirm($message);
}
} elseif ($_REQUEST['action'] == 'event_approve') {
//Approve Action
$events_result = $EM_Event->approve();
if ($events_result) {
$EM_Notices->add_confirm($EM_Event->feedback_message);
} else {
$EM_Notices->add_error($EM_Event->errors);
}
}
//AJAX Exit
if (isset($events_result) && !empty($_REQUEST['em_ajax'])) {
if ($events_result) {
$return = array('result' => true, 'message' => $EM_Event->feedback_message);
} else {
$return = array('result' => false, 'message' => $EM_Event->feedback_message, 'errors' => $EM_Event->errors);
}
}
}
//Location Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 8) == 'location') {
global $EM_Location, $EM_Notices;
//Load the location object, with saved event if requested
if (!empty($_REQUEST['location_id'])) {
$EM_Location = new EM_Location($_REQUEST['location_id']);
} else {
$EM_Location = new EM_Location();
}
if ($_REQUEST['action'] == 'location_save' && current_user_can('edit_locations')) {
//Check Nonces
em_verify_nonce('location_save');
//Grab and validate submitted data
if ($EM_Location->get_post() && $EM_Location->save()) {
//EM_location gets the location if submitted via POST and validates it (safer than to depend on JS)
$EM_Notices->add_confirm($EM_Location->feedback_message);
$result = true;
} else {
$EM_Notices->add_error($EM_Location->get_errors());
$result = false;
}
} elseif (!empty($_REQUEST['action']) && $_REQUEST['action'] == "location_delete") {
//delete location
//get object or objects
if (!empty($_REQUEST['locations']) || !empty($_REQUEST['location_id'])) {
$args = !empty($_REQUEST['locations']) ? $_REQUEST['locations'] : $_REQUEST['location_id'];
$locations = EM_Locations::get($args);
foreach ($locations as $location) {
if (!$location->delete()) {
$EM_Notices->add_error($location->get_errors());
$errors = true;
}
}
if (empty($errors)) {
$result = true;
$location_term = count($locations) > 1 ? __('Locations', 'dbem') : __('Location', 'dbem');
$EM_Notices->add_confirm(sprintf(__('%s successfully deleted', 'dbem'), $location_term));
} else {
$result = false;
}
}
}
if (isset($result) && $result && !empty($_REQUEST['em_ajax'])) {
$return = array('result' => true, 'message' => $EM_Location->feedback_message);
echo EM_Object::json_encode($return);
die;
} elseif (isset($result) && !$result && !empty($_REQUEST['em_ajax'])) {
$return = array('result' => false, 'message' => $EM_Location->feedback_message, 'errors' => $EM_Notices->get_errors());
echo EM_Object::json_encode($return);
die;
}
}
//Category Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 8) == 'category') {
global $EM_Category, $EM_Notices;
//Load the category object, with saved event if requested
if (!empty($_REQUEST['category_id'])) {
$EM_Category = new EM_Category($_REQUEST['category_id']);
} else {
$EM_Category = new EM_Category();
}
if ($_REQUEST['action'] == 'category_save' && current_user_can('edit_categories')) {
//Check Nonces
em_verify_nonce('category_save');
//Grab and validate submitted data
if ($EM_Category->get_post() && $EM_Category->save()) {
//EM_Category gets the category if submitted via POST and validates it (safer than to depend on JS)
$EM_Notices->add_confirm($EM_Category->feedback_message);
$result = true;
} else {
$EM_Notices->add_error($EM_Category->get_errors());
$result = false;
}
} elseif (!empty($_REQUEST['action']) && $_REQUEST['action'] == "category_delete") {
//delete category
//get object or objects
if (!empty($_REQUEST['categories']) || !empty($_REQUEST['category_id'])) {
$args = !empty($_REQUEST['categories']) ? $_REQUEST['categories'] : $_REQUEST['category_id'];
$categories = EM_Categories::get($args);
foreach ($categories as $category) {
if (!$category->delete()) {
$EM_Notices->add_error($category->get_errors());
$errors = true;
}
}
if (empty($errors)) {
$result = true;
$category_term = count($categories) > 1 ? __('EM_Categories', 'dbem') : __('Category', 'dbem');
$EM_Notices->add_confirm(sprintf(__('%s successfully deleted', 'dbem'), $category_term));
} else {
$result = false;
}
}
}
if (isset($result) && $result && !empty($_REQUEST['em_ajax'])) {
$return = array('result' => true, 'message' => $EM_Category->feedback_message);
echo EM_Object::json_encode($return);
die;
} elseif (isset($result) && !$result && !empty($_REQUEST['em_ajax'])) {
$return = array('result' => false, 'message' => $EM_Category->feedback_message, 'errors' => $EM_Notices->get_errors());
echo EM_Object::json_encode($return);
die;
}
}
//Booking Actions
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 7) == 'booking' && (is_user_logged_in() || $_REQUEST['action'] == 'booking_add' && get_option('dbem_bookings_anonymous'))) {
global $EM_Event, $EM_Booking, $EM_Person;
//Load the event object, with saved event if requested
$EM_Event = !empty($_REQUEST['event_id']) ? new EM_Event($_REQUEST['event_id']) : new EM_Event();
//Load the booking object, with saved booking if requested
$EM_Booking = !empty($_REQUEST['booking_id']) ? new EM_Booking($_REQUEST['booking_id']) : new EM_Booking();
$allowed_actions = array('bookings_approve' => 'approve', 'bookings_reject' => 'reject', 'bookings_unapprove' => 'unapprove', 'bookings_delete' => 'delete');
$result = false;
if ($_REQUEST['action'] == 'booking_add') {
//ADD/EDIT Booking
em_verify_nonce('booking_add');
do_action('em_booking_add', $EM_Event, $EM_Booking);
if ($EM_Booking->get_post()) {
//Does this user need to be registered first?
$registration = true;
//TODO do some ticket validation before registering the user
if ($_REQUEST['register_user'] && get_option('dbem_bookings_anonymous')) {
//find random username - less options for user, less things go wrong
$username_root = explode('@', $_REQUEST['user_email']);
$username_rand = $username_root[0] . rand(1, 1000);
while (username_exists($username_root[0] . rand(1, 1000))) {
$username_rand = $username_root[0] . rand(1, 1000);
}
$id = em_register_new_user($username_rand, $_REQUEST['user_email'], $_REQUEST['user_name'], $_REQUEST['user_phone']);
if (is_numeric($id)) {
$EM_Person = new EM_Person($id);
$EM_Booking->person_id = $id;
$EM_Notices->add_confirm(__('A new user account has been created for you. Please check your email for access details.', 'dbem'));
} else {
$registration = false;
if (is_object($id) && get_class($id) == 'WP_Error') {
/* @var $id WP_Error */
if ($id->get_error_code() == 'email_exists') {
$EM_Notices->add_error(__('This email already exists in our system, please log in to register to proceed with your booking.', 'dbem'));
} else {
$EM_Notices->add_error($id->get_error_messages());
}
} else {
$EM_Notices->add_error(__('There was a problem creating a user account, please contact a website administrator.', 'dbem'));
}
}
}
if ($EM_Event->get_bookings()->add($EM_Booking) && $registration) {
$result = true;
$EM_Notices->add_confirm($EM_Event->get_bookings()->feedback_message);
} else {
ob_start();
echo "<pre>";
print_r($id);
echo "</pre>";
$EM_Booking->feedback_message = ob_get_clean();
$EM_Notices->add_error($EM_Event->get_bookings()->get_errors());
}
} else {
$result = false;
$EM_Notices->add_error($EM_Booking->get_errors());
}
} elseif ($_REQUEST['action'] == 'booking_add_one' && is_object($EM_Event) && is_user_logged_in()) {
//ADD/EDIT Booking
em_verify_nonce('booking_add_one');
$EM_Booking = new EM_Booking(array('person_id' => get_current_user_id(), 'event_id' => $EM_Event->id));
//new booking
//get first ticket in this event and book one place there.
$EM_Ticket = $EM_Event->get_bookings()->get_tickets()->get_first();
$EM_Ticket_Booking = new EM_Ticket_Booking(array('ticket_id' => $EM_Ticket->id, 'ticket_booking_spaces' => 1));
$EM_Booking->get_tickets_bookings();
$EM_Booking->tickets_bookings->tickets_bookings[] = $EM_Ticket_Booking;
//Now save booking
if ($EM_Event->get_bookings()->add($EM_Booking)) {
$EM_Booking = $booking;
$result = true;
$EM_Notices->add_confirm($EM_Event->get_bookings()->feedback_message);
} else {
$EM_Notices->add_error($EM_Event->get_bookings()->get_errors());
}
} elseif ($_REQUEST['action'] == 'booking_cancel') {
//Cancel Booking
em_verify_nonce('booking_cancel');
if ($EM_Booking->can_manage() || $EM_Booking->person->ID == get_current_user_id()) {
if ($EM_Booking->cancel()) {
$result = true;
if (!defined('DOING_AJAX')) {
if ($EM_Booking->person->ID == get_current_user_id()) {
$EM_Notices->add_confirm(sprintf(__('Booking %s', 'dbem'), __('Cancelled', 'dbem')), true);
} else {
$EM_Notices->add_confirm($EM_Booking->feedback_message, true);
}
wp_redirect($_SERVER['HTTP_REFERER']);
exit;
}
} else {
$EM_Notices->add_error($EM_Booking->get_errors());
}
} else {
$EM_Notices->add_error(__('You must log in to cancel your booking.', 'dbem'));
}
} elseif (array_key_exists($_REQUEST['action'], $allowed_actions) && $EM_Event->can_manage('manage_bookings', 'manage_others_bookings')) {
//Event Admin only actions
$action = $allowed_actions[$_REQUEST['action']];
//Just do it here, since we may be deleting bookings of different events.
if (!empty($_REQUEST['bookings']) && EM_Object::array_is_numeric($_REQUEST['bookings'])) {
$results = array();
foreach ($_REQUEST['bookings'] as $booking_id) {
$EM_Booking = new EM_Booking($booking_id);
$result = $EM_Booking->{$action}();
$results[] = $result;
if (!in_array(false, $results) && !$result) {
$feedback = $EM_Booking->feedback_message;
}
}
$result = !in_array(false, $results);
} elseif (is_object($EM_Booking)) {
$result = $EM_Booking->{$action}();
$feedback = $EM_Booking->feedback_message;
}
//FIXME not adhereing to object's feedback or error message, like other bits in this file.
//TODO multiple deletion won't work in ajax
if (isset($result) && !empty($_REQUEST['em_ajax'])) {
if ($result) {
echo $feedback;
} else {
echo '<span style="color:red">' . $feedback . '</span>';
}
die;
}
}
if ($result && defined('DOING_AJAX')) {
$return = array('result' => true, 'message' => $EM_Booking->feedback_message);
echo EM_Object::json_encode($return);
die;
} elseif (!$result && defined('DOING_AJAX')) {
$return = array('result' => false, 'message' => $EM_Booking->feedback_message, 'errors' => $EM_Notices->get_errors());
echo EM_Object::json_encode($return);
die;
}
} elseif (!empty($_REQUEST['action']) && $_REQUEST['action'] == 'booking_add' && !is_user_logged_in() && !get_option('dbem_bookings_anonymous')) {
$EM_Notices->add_error(__('You must log in before you make a booking.', 'dbem'));
if (!$result && defined('DOING_AJAX')) {
$return = array('result' => false, 'message' => $EM_Booking->feedback_message, 'errors' => $EM_Notices->get_errors());
echo EM_Object::json_encode($return);
}
die;
}
//AJAX call for searches
if (!empty($_REQUEST['action']) && substr($_REQUEST['action'], 0, 6) == 'search') {
if ($_REQUEST['action'] == 'search_states' && wp_verify_nonce($_REQUEST['_wpnonce'], 'search_states')) {
if (!empty($_REQUEST['country'])) {
$results = $wpdb->get_results($wpdb->prepare("SELECT DISTINCT location_state AS value, location_country AS country, CONCAT(location_state, ', ', location_country) AS label FROM " . EM_LOCATIONS_TABLE . " WHERE location_state IS NOT NULL AND location_state != '' AND location_country=%s", $_REQUEST['country']));
} elseif (!empty($_REQUEST['region'])) {
$results = $wpdb->get_results($wpdb->prepare("SELECT DISTINCT location_state AS value, location_country AS country, CONCAT(location_state, ', ', location_country) AS label FROM " . EM_LOCATIONS_TABLE . " WHERE location_state IS NOT NULL AND location_state != '' AND location_region=%s", $_REQUEST['region']));
} else {
$results = $wpdb->get_results($wpdb->prepare("SELECT DISTINCT location_state AS value, location_country AS country, CONCAT(location_state, ', ', location_country) AS label FROM " . EM_LOCATIONS_TABLE, $_REQUEST['country'] . "WHERE location_state IS NOT NULL AND location_state != ''"));
}
if ($_REQUEST['return_html']) {
//quick shortcut for quick html form manipulation
ob_start();
?>
<option value=''><?php
_e('All States', 'dbem');
?>
</option>
<?php
foreach ($results as $result) {
echo "<option>{$result->value}</option>";
}
$return = ob_get_clean();
echo apply_filters('em_ajax_search_states', $return);
exit;
} else {
echo EM_Object::json_encode($results);
exit;
}
}
if ($_REQUEST['action'] == 'search_regions' && wp_verify_nonce($_REQUEST['_wpnonce'], 'search_regions')) {
if (!empty($_REQUEST['country'])) {
$results = $wpdb->get_results($wpdb->prepare("SELECT DISTINCT location_region AS value, location_country AS country, CONCAT(location_region, ', ', location_country) AS label FROM " . EM_LOCATIONS_TABLE . " WHERE location_region IS NOT NULL AND location_region != '' AND location_country=%s", $_REQUEST['country']));
} else {
$results = $wpdb->get_results($wpdb->prepare("SELECT DISTINCT location_region AS value, location_country AS country, CONCAT(location_region, ', ', location_country) AS label FROM " . EM_LOCATIONS_TABLE . " WHERE location_region IS NOT NULL AND location_region != ''", $_REQUEST['country']));
}
if ($_REQUEST['return_html']) {
//quick shortcut for quick html form manipulation
ob_start();
?>
<option value=''><?php
_e('All Regions', 'dbem');
?>
</option>
<?php
foreach ($results as $result) {
echo "<option>{$result->value}</option>";
}
$return = ob_get_clean();
echo apply_filters('em_ajax_search_regions', $return);
exit;
} else {
echo EM_Object::json_encode($results);
exit;
}
} elseif ($_REQUEST['action'] == 'search_events' && wp_verify_nonce($_POST['_wpnonce'], 'search_events') && get_option('dbem_events_page_search')) {
$args = EM_Events::get_post_search();
ob_start();
em_locate_template('templates/events-list.php', true, array('args' => $args));
//if successful, this template overrides the settings and defaults, including search
echo apply_filters('em_ajax_search_events', ob_get_clean(), $args);
exit;
}
}
//EM Ajax requests require this flag.
if (is_admin() && is_user_logged_in()) {
//Admin operations
//Specific Oject Ajax
if (!empty($_REQUEST['em_obj'])) {
switch ($_REQUEST['em_obj']) {
case 'em_bookings_events_table':
case 'em_bookings_pending_table':
case 'em_bookings_confirmed_table':
call_user_func($_REQUEST['em_obj']);
break;
}
die;
}
}
}