function GetBookingTypeAvailability($eventid, $bookingtype, $spaces)
{
//Returns -1 if no booking allowed
//Returns 1 if booking allowed
//Returns 0 if booking will be placed in queue as speaces are full.
global $link, $today, $db_prefix;
$sql = "select count(itItemID) from {$db_prefix}items where itTicket = 1 and itAvailableFrom <= '{$today}' and itAvailableTo >= '{$today}' and itAvailability in ('All', '{$bookingtype}') and itEventID = {$eventid}";
$result = ba_db_query($link, $sql);
$TicketTypeAvailable = ba_db_fetch_row($result);
$TicketTypeAvailableCount = $TicketTypeAvailable[0];
if ($TicketTypeAvailableCount == 0 && $bookingtype != "All") {
return -1;
}
$sql = "select count(bkID) as BookingCount from {$db_prefix}bookings where bkInQueue = 0 and bkEventID = {$eventid} ";
if ($bookingtype != "All") {
$sql .= " and bkBookAs = '{$bookingtype}'";
}
$result = ba_db_query($link, $sql);
$BookingCount = ba_db_fetch_assoc($result);
$BookingCount = $BookingCount['BookingCount'];
if ($BookingCount >= $spaces) {
if (QUEUE_OVER_LIMIT) {
return 0;
} else {
return -1;
}
}
return 1;
}
</p>
<table class = 'sortable' border = 1>
<tr>
<th>Player ID</th>
<th>OOC First Name</th>
<th>OOC Surname</th>
<th>E-mail</th>
<th>Car Registration</th>
<th>Character Name</th>
<th colspan = '4'>Actions</th>
</tr>
<?php
//$bNone is True if no rows were displayed
$bNone = True;
while ($row = ba_db_fetch_assoc($result)) {
echo "<tr class = 'highlight'><td>" . PID_PREFIX . sprintf('%03s', $row['plPlayerID']);
if ($row['plPassword'] == 'ACCOUNT DISABLED') {
echo " (account disabled)";
}
echo "</td>";
echo "<td>" . htmlentities(stripslashes($row["plFirstName"])) . "</td>\n";
echo "<td>" . htmlentities(stripslashes($row["plSurname"])) . "</td>\n";
$sMail = htmlentities(stripslashes($row["plEmail"]));
echo "<td><a href = 'mailto:{$sMail}'>{$sMail}</a></td>\n";
echo "<td>" . htmlentities(stripslashes($row["plCarRegistration"])) . "</td>\n";
echo "<td>" . htmlentities(stripslashes($row["chName"])) . "</td>\n";
echo "<td><a href = 'admin_edit_ooc.php?pid=" . $row['plPlayerID'] . "'>edit OOC data</a></td>\n";
echo "<td><a href = 'admin_edit_ic.php?pid=" . $row['plPlayerID'] . "'>edit IC data</a></td>\n";
echo "<td><a href = 'admin_viewdetails.php?pid=" . $row['plPlayerID'] . "'>view OOC & IC details</a></td>\n";
echo "<td><a href = 'admin_pw_reset.php?pid=" . $row['plPlayerID'] . "'>reset password</a></td></tr>\n";
<h2><?php
echo htmlentities(stripslashes($eventinfo['evEventName']));
?>
</h2>
<p>
Required for the pre-booked characters:
</p>
<h3>Booked Item Summary</h3>
<?php
$sql = "select itDescription, itAvailability, ifnull(sum(biQuantity),0) as itBookingCount from {$db_prefix}items left outer join {$db_prefix}bookingitems on itItemID = biItemID inner join {$db_prefix}bookings on bkID = biBookingID where itEventID = {$eventid} and bkDatePaymentConfirmed <> '' AND bkDatePaymentConfirmed <> '0000-00-00' group by itItemID";
$result = ba_db_query($link, $sql);
echo "<table><tr><th>Item name</th><th>Availability</th><th>Booking Count</th></tr>";
while ($itembooking = ba_db_fetch_assoc($result)) {
echo "<tr><td>" . $itembooking['itDescription'] . "</td><td>" . $itembooking['itAvailability'] . "</td><td>" . $itembooking['itBookingCount'] . "</td></tr>";
}
echo "</table>";
echo "<h3>Power Cards</h3>\n";
echo "<p>{$iCards} Power cards per day\n<br>";
echo $iHerbLore * 5 . " Herb cards\n</p>\n";
echo "<h3>Lore Sheets</h3>\n";
echo "<p>{$iSenseMagic} Sense Magic lore sheets<br>\n";
echo "{$iEvaluate} Evaluate lore sheets<br>\n";
echo "{$iPotionLore} Potion Lore lore sheets<br>\n";
echo "{$iPoisonLore} Poison Lore lore sheets<br>\n";
echo "{$iRecForgery} Recognise Forgery lore sheets<br>\n";
echo "{$iHerbLore} Herb Lore lore sheets<br>\n</p>\n";
echo "<h3>Other</h3>\n";
echo "<p>{$iTranslate} characters have the Translate Named Script OSP<br>\n";
//Mark as paid.
//Custom value is the bookingid
//Don't set bkAmountExpected, and we add to amount paid, allowing potential for partial payments in future.
$custom = (int) $custom;
$sql = "UPDATE {$db_prefix}bookings SET bkDatePaymentConfirmed = '" . date('Y-m-d') . "', bkAmountPaid = bkAmountPaid + " . $payment_amount . " WHERE bkID = " . $custom;
//Run UPDATE query to set paid date
ba_db_query($link, $sql);
//Mark bunk as allocated if one was requested
$sql = "UPDATE {$db_prefix}bookings SET bkBunkAllocated = 1 WHERE bkBunkRequested = 1 and bkID = " . $custom;
//Run UPDATE query to set assign bunk
ba_db_query($link, $sql);
}
//Get details for e-mail
$sql_select = "SELECT plFirstName, plSurname, plEmail FROM {$db_prefix}players WHERE plPlayerID = " . $item_number;
$result = ba_db_query($link, $sql_select);
$row = ba_db_fetch_assoc($result);
//Send e-mail
$sBody = "Your payment for the upcoming event has been received.\n";
if (PAYPAL_AUTO_MARK_PAID) {
$sBody .= "You are now fully booked.\n\n";
} else {
$sBody .= "You will be fully booked once your booking has been confirmed by a system administrator.\n\n";
}
$sBody .= "Thank you.\n\n";
$sBody .= "Player ID: " . PID_PREFIX . sprintf('%03s', $iPlayerID) . "\n";
$sBody .= "OOC Name: " . $row['plFirstName'] . " " . $row['plSurname'];
if ($bEmailPaymentReceived) {
mail($row['plEmail'], SYSTEM_NAME . ' - payment received', $sBody, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");
}
//Clear any payment requests for this booking
$sql = "delete from {$db_prefix}paymentrequests where prBookingID = " . $custom;
}
//Do not redirect if there are any warnings (required fields not filled in, etc)
if ($sWarn == '') {
//Make up URL & redirect
$sURL = fnSystemURL() . "admin_viewdetails.php?pid={$admin_player_id}&green=" . urlencode("OOC details updated");
header("Location: {$sURL}");
}
} else {
$sWarn = "There was a problem updating the OOC details";
LogError("Error updating OOC information (admin_edit_ooc.php). Player ID: {$admin_player_id}");
}
}
//Get existing details if there are any
$sql = "SELECT plFirstName, " . "plSurname, " . "AES_DECRYPT(pleAddress1, '{$key}') AS dAddress1, " . "AES_DECRYPT(pleAddress2, '{$key}') AS dAddress2, " . "AES_DECRYPT(pleAddress3, '{$key}') AS dAddress3, " . "AES_DECRYPT(pleAddress4, '{$key}') AS dAddress4, " . "AES_DECRYPT(plePostcode, '{$key}') AS dPostcode, " . "AES_DECRYPT(pleTelephone, '{$key}') AS dTelephone, " . "AES_DECRYPT(pleMobile, '{$key}') AS dMobile, " . "plEmail, " . "plDOB, " . "AES_DECRYPT(pleMedicalInfo, '{$key}') AS dMedicalInfo, " . "plEmergencyName, " . "AES_DECRYPT(pleEmergencyNumber, '{$key}') AS dEmergencyNumber, " . "plEmergencyRelationship, " . "plCarRegistration, " . "plDietary, " . "plNotes, " . "plAdminNotes, " . "plEventPackByPost, " . "plRefNumber, " . "plMarshal " . "FROM {$db_prefix}players WHERE plPlayerID = {$admin_player_id}";
$result = ba_db_query($link, $sql);
$playerrow = ba_db_fetch_assoc($result);
include '../inc/inc_head_html.php';
include '../inc/inc_js_forms.php';
?>
<h1><?php
echo TITLE;
?>
- Admin OOC Edit</h1>
<?php
if ($sWarn != '') {
echo "<p class = 'warn'>{$sWarn}</p>";
}
?>
' /></td></tr>
<tr><td>Staff Bunks</td><td><input type='text' name='txtStaffBunks' value='<?php
echo $eventinfo['evStaffBunks'];
?>
' /></td></tr>
<tr><td>Total Bunks</td><td><input type='text' name='txtTotalBunks' value='<?php
echo $eventinfo['evTotalBunks'];
?>
' /></td></tr>
<tr><td>Event Items<br>To allow players to get a reduction, add an item with a negative price (eg "Pot washing: -10")</td><td>
<table id='itemtable'>
<tr><th>Item name</th><th>Availability</th><th>Ticket</th><th>Meal</th><th>Bunk</th><th>From</th><th>To</th><th>Cost</th><th>Multiple</th><th>Mandatory</th></tr>
<?php
$sql = "Select * from {$db_prefix}items where itEventID = {$eventid}";
$result = ba_db_query($link, $sql);
while ($item = ba_db_fetch_assoc($result)) {
echo "<tr id='rowItem" . $item['itItemID'] . "'>";
echo "<td><input type='hidden' name='hItemID" . $item['itItemID'] . "' value='" . $item['itItemID'] . "'/>";
echo "<input type='text' name='txtItemDescription" . $item['itItemID'] . "' value='" . $item['itDescription'] . "' /></td>";
echo "<td><select name='cboAvailability" . $item['itItemID'] . "'>";
echo "<option ";
if ($item['itAvailability'] == 'All') {
echo 'selected ';
}
echo "value='All'>All</option>";
echo "<option ";
if ($item['itAvailability'] == 'Player') {
echo 'selected ';
}
echo "value='Player'>Player</option>";
echo "<option ";
$queuereason = "your character is not a member of the default faction.";
}
//Deal with being over the limit
if (QUEUE_OVER_LIMIT) {
if ($bookinginfo['bkBookAs'] == "Player") {
$spaces = $eventinfo['evPlayerSpaces'];
}
if ($bookinginfo['bkBookAs'] == "Monster") {
$spaces = $eventinfo['evMonsterSpaces'];
}
if ($bookinginfo['bkBookAs'] == "Staff") {
$spaces = $eventinfo['evStaffSpaces'];
}
$limitsql = "select count(bkID) as BookingCount from {$db_prefix}bookings where bkInQueue = 0 and bkBookAs ='" . $bookinginfo['bkBookAs'] . "' and bkEventID = {$eventid} ";
$limitresult = ba_db_query($link, $limitsql);
$BookingCount = ba_db_fetch_assoc($limitresult);
$BookingCount = $BookingCount['BookingCount'];
if ($BookingCount > $spaces) {
$bookinginfo['bkInQueue'] = 1;
$queuereason = "there are no spaces remaining of your booking type.";
}
}
}
if ($bookinginfo['bkInQueue'] == 0) {
if ($bookingtotal > 0) {
echo "<table class='payment'>";
echo "<tr><td>Pay Later</td><td><a href='start.php'>Pay later</a></td></tr>";
if (USE_PAY_PAL) {
echo "<tr><td>Pay balance of £{$bookingtotal} via Paypal:</td><td>";
generatePaypalButton("Event booking - " . $bookinginfo['evEventName'] . " (" . PID_PREFIX . sprintf('%03s', $PLAYER_ID) . ")", $PLAYER_ID, $bookingtotal, $bookinginfo['bkID']);
echo "</td></tr>";
$iYear = substr($dPaid, 0, 4);
$iMonth = substr($dPaid, 5, 2);
$iDate = substr($dPaid, 8, 2);
$sPaid = "{$iDate}-{$iMonth}-{$iYear}";
echo '"' . $sPaid . '",';
//Amounts paid
echo '"' . $row['bkAmountPaid'] . '",';
echo '"' . $row['bkAmountExpected'] . '",';
//OSPs - one per column
if (USE_SHORT_OS_NAMES) {
$osps = ba_db_query($link, "SELECT ospShortName as ospExportName, otOspID, otAdditionalText FROM {$db_prefix}ospstaken, {$db_prefix}osps " . "WHERE otPlayerID = {$row['plPlayerID']} AND ospID = otOspID ORDER BY ospShortName");
} else {
$osps = ba_db_query($link, "SELECT ospName as ospExportName, otOspID, otAdditionalText FROM {$db_prefix}ospstaken, {$db_prefix}osps " . "WHERE otPlayerID = {$row['plPlayerID']} AND ospID = otOspID ORDER BY ospName");
}
$sOSList = "";
while ($record = ba_db_fetch_assoc($osps)) {
$sOSList .= '"' . stripslashes($record['ospExportName']);
if ($record['otAdditionalText'] != "") {
$sOSList .= " (" . stripslashes($record['otAdditionalText']) . ")";
}
$sOSList .= '",';
//Extra spell card OSPs
if ($record['otOspID'] == 6) {
$iCards = $iCards + 4;
}
if ($record['otOspID'] == 7) {
$iCards = $iCards + 8;
}
if ($record['otOspID'] == 3) {
$iCards = $iCards + 12;
}
if ($row['plFirstName'] == '' || $row['plSurname'] == '') {
$bAllOOCInfo = False;
}
if ($row['dAddress1'] == '' || $row['plEmergencyName'] == '') {
$bAllOOCInfo = False;
}
if ($row['dEmergencyNumber'] == '' || $row['plEmergencyRelationship'] == '') {
$bAllOOCInfo = False;
}
if ($row['plCarRegistration'] == '' || $row['plDietary'] == 'Select one') {
$bAllOOCInfo = False;
}
//Get bookings details. Determine if player is booked
$booking_sql = "SELECT * FROM {$db_prefix}bookings WHERE bkPlayerID = {$PLAYER_ID}";
$booking_result = ba_db_query($link, $booking_sql);
$booking_row = ba_db_fetch_assoc($booking_result);
$sOOC = $booking_row['bkDateOOCConfirmed'];
if ($sOOC == '' || $sOOC == '0000-00-00') {
$bConfirmed = False;
} else {
$bConfirmed = True;
}
if (strtolower($_POST['btnSubmit']) == 'edit' && CheckReferrer('ooc_view.php')) {
//Make up URL
$sURL = fnSystemURL() . 'ooc_form.php';
header("Location: {$sURL}");
} elseif (strtolower($_POST['btnSubmit']) == 'confirm' && CheckReferrer('ooc_view.php')) {
$sDate = date('Y-m-d');
//Check if player already has an entry in bookings table
$sql = "SELECT * FROM {$db_prefix}bookings WHERE bkPlayerID = {$PLAYER_ID}";
$result = ba_db_query($link, $sql);
} else {
echo $cellstart . formatdata($row['chAncestor'], $bHTML) . $cellend . $separator;
}
echo $cellstart . formatdata($row['chNotes'], $bHTML) . $cellend . $separator;
//Get OSPs
$db_prefix = DB_PREFIX;
$ospSql = "SELECT otID, ospName, otAdditionalText FROM {$db_prefix}osps, {$db_prefix}ospstaken " . "WHERE otPlayerID = " . $row['plPlayerID'] . " AND otospID = ospID order by ospName";
$rOSPs = ba_db_query($link, $ospSql);
echo $cellstart;
while ($record = ba_db_fetch_assoc($rOSPs)) {
$celldata = $record['ospName'];
if ($record['otAdditionalText'] != "") {
$celldata .= " (" . $record['otAdditionalText'] . ")";
}
echo formatdata($celldata, $bHTML) . '; ';
}
echo $cellend . $separator;
//Get skills
$db_prefix = DB_PREFIX;
$skSql = "SELECT stSkillID, skName FROM {$db_prefix}skills, {$db_prefix}skillstaken " . "WHERE stPlayerID = " . $row['plPlayerID'] . " AND stSkillID = skID order by skName";
$rSkills = ba_db_query($link, $skSql);
echo $cellstart;
while ($record = ba_db_fetch_assoc($rSkills)) {
echo formatdata($record['skName'], $bHTML) . '; ';
}
echo $cellend . $rowend;
}
if ($_GET['action'] == 'view') {
echo "</table>\n";
include '../inc/inc_foot.php';
}
function resetExpectedAmount($bookingid)
{
global $today, $db_prefix, $link;
$sql = "select sum(biQuantity * itItemCost) as Expected from {$db_prefix}bookingitems inner join {$db_prefix}items on biItemID = itItemID where biBookingID = {$bookingid}";
$result = ba_db_query($link, $sql);
$expected = ba_db_fetch_assoc($result);
$expected = $expected['Expected'];
$sql = "update {$db_prefix}bookings set bkAmountExpected = {$expected} where bkID = {$bookingid}";
$result = ba_db_query($link, $sql);
}
}
if ($PLAYER_ID != 0) {
if ($sOOC == '' || $sOOC == '0000-00-00') {
echo "<li><a href = '{$CSS_PREFIX}ooc_form.php'>OOC information</a></li>\n";
} else {
echo "<li><a href = '{$CSS_PREFIX}ooc_view.php'>OOC information</a></li>\n";
}
if ($sDateIC == '' || $sDateIC == '0000-00-00') {
echo "<li><a href = '{$CSS_PREFIX}ic_form.php'>IC information</a></li>\n";
} else {
echo "<li><a href = '{$CSS_PREFIX}ic_view.php'>IC information</a></li>\n";
}
//Show link to admin page if user is an admin or root user
$sql = "SELECT plAccess FROM " . DB_PREFIX . "players WHERE plPlayerID = {$PLAYER_ID}";
$result = ba_db_query($link, $sql);
$inc_head_html_row = ba_db_fetch_assoc($result);
if ($inc_head_html_row['plAccess'] == 'admin' || ROOT_USER_ID == $PLAYER_ID) {
echo "<li><a href = '{$CSS_PREFIX}admin/admin.php'>Admin</a></li>\n";
}
}
echo "</ul>";
echo "</div>";
if (($inc_head_html_row['plAccess'] == 'admin' || ROOT_USER_ID == $PLAYER_ID) && $PLAYER_ID != 0) {
//Check for install & NON_WEB directories
if (file_exists(dirname($_SERVER["SCRIPT_FILENAME"]) . "/install")) {
echo "<span class = 'sans-warn'>The <a href = 'install/'>install</a> directory is present. It should be removed if the system is live</span><br />";
}
if (file_exists(dirname($_SERVER["SCRIPT_FILENAME"]) . "/NON_WEB")) {
echo "<span class = 'sans-warn'>The NON_WEB directory is present. It should be removed</span><br />";
}
}
| Bitsand. If not, see <http://www.gnu.org/licenses/>.
+---------------------------------------------------------------------------*/
include 'inc/inc_head_db.php';
include 'inc/inc_head_html.php';
$bookingid = (int) htmlentities(stripslashes($_GET['BookingID']));
if ($bookingid == 0) {
$bookingid = (int) htmlentities(stripslashes($_POST['BookingID']));
}
$sql = "Select * FROM {$db_prefix}bookings inner join {$db_prefix}events on evEventID = bkEventID where bkPlayerID = {$PLAYER_ID} and bkID = " . $bookingid;
$result = ba_db_query($link, $sql);
if (ba_db_num_rows($result) == 0) {
$sMsg = "You cannot view this booking";
$sURL = fnSystemURL() . 'start.php?warn=' . urlencode($sMsg);
header("Location: {$sURL}");
}
$bookinginfo = ba_db_fetch_assoc($result);
if ($_POST['cancel'] != null) {
$sURL = fnSystemURL() . 'booking.php?BookingID=' . $bookingid;
header("Location: {$sURL}");
} else {
if ($_POST['delete'] != null || $_POST['rebook'] != null) {
$sql = "DELETE FROM {$db_prefix}bookingitems WHERE biBookingID = " . $bookingid;
ba_db_query($link, $sql);
$sql = "DELETE FROM {$db_prefix}paymentrequests WHERE prBookingID = " . $bookingid;
ba_db_query($link, $sql);
$sql = "DELETE FROM {$db_prefix}bookings WHERE bkID = " . $bookingid;
ba_db_query($link, $sql);
if ($_POST['delete'] != null) {
$sMsg = "Your booking has been cancelled for " . htmlentities(stripslashes($bookinginfo['evEventName']));
$sURL = fnSystemURL() . 'start.php?warn=' . urlencode($sMsg);
header("Location: {$sURL}");
