public function validate()
 {
     $return = true;
     if ($this->user_id == "") {
         $this->errors[] = "You must enter a user ID";
         $return = false;
     }
     if ($this->survey_id == "") {
         $this->errors[] = "You must enter a survey ID";
         $return = false;
     }
     $user_id = mysql_real_escape_string($this->user_id);
     $survey_id = mysql_real_escape_string($this->survey_id);
     $and_not_self = "";
     if ($this->id) {
         $id = mysql_real_escape_string($this->id);
         $and_not_self = " AND `id` != '{$id}'";
     }
     $result = mysql_query("SELECT `id` FROM `survey_responses` WHERE `user_id` = '{$user_id}' AND `survey_id` = '{$survey_id}'{$and_not_self} AND `deleted` = false");
     if (mysql_num_rows($result) > 0) {
         $this->errors[] = "This user has already responded to this survey.";
         $return = false;
     }
     if (!$this->survey) {
         if ($this->survey_id) {
             $this->survey = Survey::find_by_id($this->survey_id);
         }
     }
     if (!$this->survey) {
         $this->errors[] = "You must enter a survey ID";
         $return = false;
     } else {
         if ($this->survey->event_id) {
             // Survey user must have been to the event
             $event_id = mysql_real_escape_string($this->survey->event_id);
             $result = EventSignup::find("events.id = '{$event_id}' AND users.id = '{$user_id}' AND event_signups.paid");
             if (!$result) {
                 $this->errors[] = "You must have attended {$event->name} to complete this survey";
                 $return = false;
             }
         }
     }
     if (count($this->errors) > 0) {
         $return = false;
     }
     return $return;
 }
 public function move($permalink = null)
 {
     $event = self::load_event($permalink);
     $event_id = mysql_real_escape_string($event->id);
     $signup_id = mysql_real_escape_string($_GET['seat']);
     $signup = EventSignup::find("event_signups.event_id = '{$event_id}' AND event_tickets.participant = true AND event_signups.paid = true AND event_signups.id = '{$signup_id}'");
     if (!$signup) {
         Error404();
     }
     if (isset($_GET['destination'])) {
         $anchor = '';
         if ($_GET['destination'] == "unseat") {
             $signup->event_seat_id = null;
             if ($signup->save()) {
                 Site::Flash("notice", "{$signup->user->nickname} has been unseated");
             } else {
                 Site::Flash("error", "Unable to unseat {$signup->user->nickname}");
             }
         } else {
             $destination = self::load_seat($_GET['destination'], $event);
             if ($destination) {
                 $anchor = "#{$destination->seating_plan->permalink}-";
                 if ($destination->event_signup->id) {
                     $destination->event_signup->event_seat_id = null;
                     $destination->event_signup->save();
                 }
                 $signup->event_seat_id = $destination->id;
                 if ($signup->save()) {
                     //Email::send_event_checkin($signup);
                     Site::Flash("notice", "{$signup->user->nickname} has been moved to {$destination->label}");
                 } else {
                     Site::Flash("error", "Unable to move {$signup->user->nickname}");
                 }
             }
         }
         Redirect("admin/events/{$event->permalink}/seating{$anchor}");
     }
     $this->assign("event", $event);
     $this->assign("signup", $signup);
     $this->title = "{$event->name} Seating";
     $this->render("event_seat/move.tpl");
 }
 public function __get($name)
 {
     switch ($name) {
         case 'requiresContactData':
             if (!$this->id) {
                 $this->requiresContactData = false;
                 return false;
             }
             $id = mysql_real_escape_string($this->id);
             $count = EventSignup::find("users.id = '{$id}'");
             $this->requiresContactData = false;
             if ($count) {
                 $this->requiresContactData = true;
             }
             return $this->requiresContactData;
             break;
         case 'hasContactData':
             $fields = array('address1', 'towncity', 'county', 'postcode', 'phone');
             $this->hasContactData = true;
             foreach ($fields as $field) {
                 if (!$this->{$field}) {
                     $this->hasContactData = false;
                     break;
                 }
             }
             return $this->hasContactData;
         case 'forumPmLink':
             global $config;
             return $config['forums']['url'] . 'index.php?app=core&module=epic&section=profile&feature=pm&id=' . $this->id;
         case 'forumProfileLink':
             global $config;
             return $config['forums']['url'] . 'index.php?app=core&module=epic&section=profile&feature=profile&id=' . $this->id;
         case 'steam_id':
             // Calculate traditional Steam ID
             if (!$this->steamid64bit) {
                 return '';
             }
             $offset = bcsub($this->steamid64bit, '76561197960265728');
             $id = bcdiv($offset, '2');
             $idParts = explode('.', $id);
             $id = array_shift($idParts);
             if (bcmod($offset, '2')) {
                 $steamid = 'STEAM_0:1:' . $id;
             } else {
                 $steamid = "STEAM_0:0:" . $id;
             }
             return $steamid;
         default:
             return $this->{$name};
     }
 }
 public function redeem()
 {
     if (!Site::CurrentUser()->hasContactData) {
         Site::Flash('error', 'You must complete your contact information before you can redeem a voucher');
         Site::Flash('forceContactInfo', true);
         Redirect('account');
     }
     if ($this->post and !$this->csrf) {
         global $site;
         $site['flash']['error'] = "Invalid form submission";
     } elseif ($this->post) {
         $code = mysql_real_escape_string($_POST['code']);
         $signup = EventSignup::find("event_signups.voucher = true AND event_signups.voucher_code = '{$code}'");
         if ($signup) {
             // We have a signup matching this voucher code, let's unvoucher it and transfer it to the user (if they don't have a ticket already);
             $user_id = mysql_real_escape_string(Site::CurrentUser()->id);
             $event_id = mysql_real_escape_string($signup->event_id);
             $existing_signup = EventSignup::find("event_signups.event_id = '{$event_id}' AND event_signups.voucher = false AND event_signups.user_id = '{$user_id}'");
             if ($existing_signup) {
                 if ($existing_signup->paid) {
                     // The signup is paid for, we can't redeem it
                     Site::Flash("error", "You have already signed up and paid for " . $existing_signup->event->name);
                     Redirect("bookings/{$existing_signup->id}");
                 } else {
                     // We'll delete the existing signup
                     $existing_signup->destroy();
                 }
             }
             $signup->user_id = Site::CurrentUser()->id;
             $signup->voucher = false;
             $signup->voucher_code = null;
             $signup->save();
             Site::Flash("notice", "The event booking has been transferred to you");
             Redirect("bookings/{$signup->id}");
         } else {
             Site::Flash("error", "Unable to find a voucher with that code");
         }
     }
     $this->render("event_signup/redeem.tpl");
 }
 protected static function load_signup($id = null)
 {
     if (!$id) {
         $id = $_GET['id'];
     }
     $id = mysql_real_escape_string($id);
     $signup = EventSignup::find("event_signups.id = '{$id}'");
     if ($signup) {
         return $signup;
     } else {
         Error404();
     }
 }
 public function show($permalink = null)
 {
     if (isset($_GET['permalink'])) {
         $permalink = $_GET['permalink'];
     }
     $survey = Survey::find_by_permalink($permalink);
     if (!$survey or !$survey->active && Site::CurrentUser()->isAdmin() == 0) {
         Error404();
     }
     if ($survey->event->id) {
         $event_id = mysql_real_escape_string($survey->event_id);
         $user_id = mysql_real_escape_string(Site::CurrentUser()->id);
         $result = EventSignup::find("events.id = '{$event_id}' AND users.id = '{$user_id}' AND event_signups.paid");
         if (!$result) {
             Site::Flash("error", "You must have attended {$survey->event->name} to take this survey");
             RedirectBack();
         }
     }
     $user_id = mysql_real_escape_string(Site::CurrentUser()->id);
     $survey_id = mysql_real_escape_string($survey->id);
     $response = SurveyResponse::find("surveys.id = '{$survey_id}' AND users.id = '{$user_id}'");
     if ($response) {
         Site::Flash("error", "You have already completed this survey");
         Redirect("surveys");
     }
     $response = new SurveyResponse();
     $response->survey = $survey;
     $response->survey_id = $survey->id;
     $response->user = Site::CurrentUser();
     $response->user_id = Site::CurrentUser()->id;
     $answers = array();
     $choices = array();
     $valid = true;
     $errors = array();
     if ($this->post) {
         foreach ($survey->questions() as $question) {
             $answer = new SurveyAnswer();
             $answer->survey_question_id = $question->id;
             if (in_array($question->type, array("sqtTextbox", "sqtTextArea"))) {
                 // Free-text input
                 if (isset($_POST['question'][$question->id])) {
                     $answer->value = $_POST['question'][$question->id];
                 } elseif (!$question->required) {
                     continue;
                 }
             } else {
                 if (isset($_POST['question'][$question->id])) {
                     $chosen = array();
                     if ($question->type == "sqtCheckbox") {
                         // Checkboxes
                         $chosen = $_POST['question'][$question->id];
                     } else {
                         // Radio/Select
                         $chosen = array($_POST['question'][$question->id]);
                     }
                     foreach ($chosen as $id) {
                         $option = SurveyQuestionOption::find_by_id($id);
                         if (!$option or $option->question->id != $question->id) {
                             if (!$question->required) {
                                 continue;
                             }
                             $valid = false;
                             $answer->add_error("Answer for question {$question->position} is invalid");
                             $errors[] = $question->id;
                             break;
                         }
                         $choice = new SurveyAnswerChoice();
                         $choice->survey_question_option_id = $option->id;
                         $choices[$question->id][$option->id] = $choice;
                     }
                 } elseif ($question->required) {
                     $valid = false;
                     $answer->add_error("You must enter an answer for question {$question->position}");
                     $errors[] = $question->id;
                 } else {
                     continue;
                 }
             }
             $result = $answer->validate();
             if (!$result) {
                 $valid = false;
             }
             $answers[$question->id] = $answer;
         }
         if ($valid) {
             // This is valid, let's save everything!
             if ($response->save()) {
                 foreach ($answers as $answer) {
                     $answer->survey_response_id = $response->id;
                     $answer->save();
                     $answers[$answer->survey_question_id] = $answer;
                 }
                 foreach ($choices as $question_id => $answer_choices) {
                     foreach ($answer_choices as $choice) {
                         $choice->survey_answer_id = $answers[$question_id]->id;
                         $choice->save();
                     }
                 }
                 $account = TwitterAccount::find_by_code('site');
                 if ($account) {
                     $message = "{$response->user->nickname} has completed the {$survey->name} Survey";
                     $account->add_tweet($message);
                 }
                 Redirect("surveys/{$survey->permalink}/complete");
             }
             $valid = false;
         }
     }
     $this->assign("answers", $answers);
     $this->assign("choices", $choices);
     $this->assign("valid", $valid);
     $this->assign("survey", $survey);
     $this->assign("response", $response);
     $this->assign("errors", $errors);
     $this->title = $survey->name;
     $this->render("survey/show.tpl");
 }