function save($oData)
{
if ($oData['id_reparto']) {
//UPDATE
$sql = "UPDATE repartos SET fecha_reparto = '" . dateToMySQL($oData['fecha_reparto']) . "', id_zona = " . $oData['zona_reparto'] . ", id_repartidor = " . $oData['repartidor_reparto'] . ", id_reparto_estado = " . $oData['estado_reparto'] . ", descripcion_reparto = '" . utf8_decode(addslashes($oData['descripcion_reparto'])) . "' WHERE id_reparto = " . $oData['id_reparto'];
} else {
//INSERT
$sql = "INSERT INTO repartos (fecha_reparto, id_zona, id_repartidor, id_reparto_estado, descripcion_reparto)\n\t\t\t\t\t\t\tVALUES ('" . dateToMySQL($oData['fecha_reparto']) . "', " . $oData['zona_reparto'] . ", " . $oData['repartidor_reparto'] . ", " . $oData['estado_reparto'] . ", '" . utf8_decode(addslashes($oData['descripcion_reparto'])) . "') ";
}
if (!mysql_query($sql)) {
die('Error: ' . mysql_error());
return false;
} else {
return true;
}
}
$ext = mysql_result($result, 0, 5);
$groupBy = mysql_result($result, 0, 7);
$sortBy = mysql_result($result, 0, 8);
$cleanUp = explode("\n", mysql_result($result, 0, 9));
$dateFormat = mysql_result($result, 0, 10);
$curDate = $curCategory = '';
header('Content-Type:text/plain; charset=' . $hc_lang_config['CharSet']);
if ($mID == 2) {
header('Content-Disposition:attachment; filename=' . date("YmdGis") . '_HeliosCalendarOutput' . $ext);
}
$query = 'SELECT e.Title, e.Description, e.StartTime, e.EndTime, e.Cost, e.IsBillboard, e.ContactName, e.ContactEmail, e.ContactPhone, e.ContactURL,
er.Space, e.LocID, e.LocationName, e.LocationAddress, e.LocationAddress2, e.LocationCity, e.LocationState, e.LocationZip, e.LocCountry,
l.Name, l.Address, l.Address2, l.City, l.State, l.Zip, l.Country, l.URL, ';
$query .= $groupBy >= 2 ? 'MIN(e.StartDate), MAX(e.StartDate), NULL, NULL' : 'NULL, NULL, e.PkID, e.StartDate';
$query .= $groupBy == 0 || $groupBy == 3 ? ', c.CategoryName ' : ', NULL';
$query .= " FROM " . HC_TblPrefix . "events e\r\n\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "eventcategories ec ON (e.PkID = ec.EventID)\r\n\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "categories c ON (c.PkID = ec.CategoryID AND c.PkID IN (" . $catIDWhere . "))\r\n\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "locations l ON (e.LocID = l.PkID)\r\n\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "eventrsvps er ON (e.PkID = er.EventID)\r\n\t\t\t\t\tWHERE e.IsActive = 1 AND e.IsApproved = 1 AND\r\n\t\t\t\t\t\t(e.StartDate BETWEEN '" . dateToMySQL($_POST['startDate'], $hc_cfg[24]) . "' AND '" . dateToMySQL($_POST['endDate'], $hc_cfg[24]) . "')\r\n\t\t\t\t\t\tAND c.IsActive = 1 AND e.Title IS NOT NULL\r\n\t\t\t\t\tGROUP BY e.Title, e.Description, e.StartTime, e.EndTime, e.Cost, e.IsBillboard, e.ContactName, e.ContactEmail, e.ContactPhone, e.ContactURL, \r\n\t\t\t\t\t\t\ter.Space, e.LocID, e.LocationName, e.LocationAddress, e.LocationAddress2, e.LocationCity, e.LocationState, e.LocationZip, e.LocCountry, \r\n\t\t\t\t\t\t\tl.Name, l.Address, l.Address2, l.City, l.State, l.Zip, l.Country, l.URL";
switch ($groupBy) {
case 0:
$query .= ", e.PkID, e.StartDate, c.CategoryName";
break;
case 1:
$query .= ", e.PkID, e.StartDate";
break;
case 2:
case 3:
$query .= ", c.CategoryName";
break;
}
switch ($sortBy) {
case 0:
$query .= " ORDER BY c.CategoryName, e.StartDate, e.Title";
if ($hc_cfg[31] == 12) {
$startTimeHour = $startTimeAMPM == 'PM' ? $startTimeHour < 12 ? $startTimeHour + 12 : $startTimeHour : ($startTimeHour == 12 ? 0 : $startTimeHour);
if (!isset($_POST['ignoreendtime'])) {
$endTimeHour = $endTimeAMPM == 'PM' ? $endTimeHour < 12 ? $endTimeHour + 12 : $endTimeHour : ($endTimeHour == 12 ? 0 : $endTimeHour);
}
}
$tbd = 0;
$startTime = "'" . $startTimeHour . ":" . $startTimeMins . ":00'";
$endTime = !isset($_POST['ignoreendtime']) ? "'" . $endTimeHour . ":" . $endTimeMins . ":00'" : 'NULL';
} else {
$startTime = $endTime = 'NULL';
$tbd = $_POST['specialtime'] == 'allday' ? 1 : 2;
}
if (isset($_POST['recurCheck'])) {
$seriesID = "'" . DecHex(microtime() * 9999999) . DecHex(microtime() * 5555555) . DecHex(microtime() * 1111111) . "'";
$stopDate = isset($_POST['recurEndDate']) ? dateToMySQL(cIn($_POST['recurEndDate']), $hc_cfg[24]) : '';
$curDate = $eventDate;
switch ($_POST['recurType']) {
case 'daily':
$days = isset($_POST['dailyDays']) ? cIn($_POST['dailyDays']) : 1;
if ($_POST['dailyOptions'] == 'EveryXDays') {
while (strtotime($curDate) <= strtotime($stopDate)) {
$dates[] = $curDate;
$dateParts = explode("-", $curDate);
$curDate = date("Y-m-d", mktime(0, 0, 0, $dateParts[1], $dateParts[2] + $days, $dateParts[0]));
}
} else {
while (strtotime($curDate) <= strtotime($stopDate)) {
$dateParts = explode("-", $curDate);
$curDayOfWeek = date("w", mktime(0, 0, 0, $dateParts[1], $dateParts[2], $dateParts[0]));
if ($curDayOfWeek != 0 and $curDayOfWeek != 6 or $eventDate == $curDate) {
if (!isset($_POST['ignoreendtime'])) {
$endTimeHour = $_POST['endTimeAMPM'] == 'PM' ? $_POST['endTimeHour'] < 12 ? $_POST['endTimeHour'] + 12 : $_POST['endTimeHour'] : ($_POST['endTimeHour'] == 12 ? 0 : $_POST['endTimeHour']);
}
}
$startTime = "'" . cIn($startTimeHour) . ":" . cIn($_POST['startTimeMins']) . ":00'";
$endTime = !isset($_POST['ignoreendtime']) ? "'" . cIn($endTimeHour) . ":" . cIn($_POST['endTimeMins']) . ":00'" : 'NULL';
} else {
$startTime = $endTime = 'NULL';
$tbd = $_POST['specialtime'] == 'allday' ? 1 : 2;
}
if (isset($_POST['recurCheck'])) {
$seriesID = "'" . DecHex(microtime() * 9999999) . DecHex(microtime() * 5555555) . DecHex(microtime() * 1111111) . "'";
$dateE = explode('-', $eventDate);
$curDate = $eventDate;
if (isset($dateE[2])) {
$stopDate = dateToMySQL(htmlspecialchars($_POST['recurEndDate']), $hc_cfg[24]);
} else {
$stopDate = date("Y-m-d");
}
switch (htmlspecialchars($_POST['recurType'])) {
case 'daily':
$days = isset($_POST['dailyDays']) ? cIn($_POST['dailyDays']) : 1;
if (htmlspecialchars($_POST['dailyOptions']) == 'EveryXDays') {
while (strtotime($curDate) <= strtotime($stopDate)) {
$dates[] = $curDate;
$dateParts = explode("-", $curDate);
$curDate = date("Y-m-d", mktime(0, 0, 0, $dateParts[1], $dateParts[2] + $days, $dateParts[0]));
}
} else {
while (strtotime($curDate) <= strtotime($stopDate)) {
$dateParts = explode("-", $curDate);
function save($oData)
{
if (!$oData["id_orden_compra"]) {
begin();
$detalle = array();
$cabecera = array();
$cabecera = explode("@@", $oData["cabecera"]);
$detalle = explode("||", $oData["detalle"]);
$sql = "INSERT INTO ordenes_compra (id_proveedor, fecha_orden_compra, nro_orden_compra, generada)\r\n\t\t\t\t\tVALUES (" . $cabecera[0] . ", '" . dateToMySQL($cabecera[1]) . "', " . $cabecera[2] . ", 1)";
if (!mysql_query($sql)) {
die('Error: ' . mysql_error());
rollback();
return false;
} else {
$id = mysql_insert_id();
foreach ($detalle as $detail) {
$values = explode("@@", $detail);
$sql = "INSERT INTO detalle_ordenes_compra (id_orden_compra, id_producto, cantidad_detalle_orden_compra) VALUES (" . $id . ", " . $values[0] . ", " . $values[1] . ")";
if (!mysql_query($sql)) {
die('Error: ' . mysql_error());
rollback();
break;
}
}
if ($cabecera[2]) {
$nroVta = $cabecera[2] + 1;
}
$sql = "UPDATE parametros SET valor_parametro = " . $nroVta . " WHERE nombre_parametro='nro_orden_compra'";
if (!mysql_query($sql)) {
die('Error: ' . mysql_error());
rollback();
break;
} else {
commit();
return true;
}
return false;
}
} else {
$sql = "delete from detalle_ordenes_compra where id_orden_compra=" . $oData["id_orden_compra"];
getRS($sql);
$sql = "delete from ordenes_compra where id_orden_compra=" . $oData["id_orden_compra"];
getRS($sql);
begin();
$detalle = array();
$cabecera = array();
$cabecera = explode("@@", $oData["cabecera"]);
$detalle = explode("||", $oData["detalle"]);
$sql = "INSERT INTO ordenes_compra (id_proveedor, fecha_orden_compra, nro_orden_compra, generada)\r\n\t\t\t\t\tVALUES (" . $cabecera[0] . ", '" . dateToMySQL($cabecera[1]) . "', " . $cabecera[2] . ", 1)";
if (!mysql_query($sql)) {
die('Error: ' . mysql_error());
rollback();
return false;
} else {
$id = mysql_insert_id();
foreach ($detalle as $detail) {
$values = explode("@@", $detail);
$sql = "INSERT INTO detalle_ordenes_compra (id_orden_compra, id_producto, cantidad_detalle_orden_compra) VALUES (" . $id . ", " . $values[0] . ", " . $values[1] . ")";
if (!mysql_query($sql)) {
die('Error: ' . mysql_error());
rollback();
break;
}
}
if ($cabecera[2]) {
$nroVta = $cabecera[2] + 1;
}
$sql = "UPDATE parametros SET valor_parametro = " . $nroVta . " WHERE nombre_parametro='nro_orden_compra'";
if (!mysql_query($sql)) {
die('Error: ' . mysql_error());
rollback();
break;
} else {
commit();
return true;
}
return false;
}
}
}
include '../loader.php';
admin_logged_in();
action_headers();
$token = '';
$token = $token == '' && isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : $token;
$token = $token == '' && isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : $token;
if (!check_form_token($token)) {
go_home();
}
include HCLANG . '/admin/newsletter.php';
if (!isset($_GET['dID'])) {
$mID = isset($_POST['mID']) && is_numeric($_POST['mID']) ? cIn($_POST['mID']) : 0;
$title = isset($_POST['mailTitle']) ? cIn($_POST['mailTitle']) : '';
$subject = isset($_POST['mailSubj']) ? cIn($_POST['mailSubj']) : '';
$startDate = isset($_POST['startDate']) ? dateToMySQL(cIn($_POST['startDate']), $hc_cfg[24]) : '';
$endDate = isset($_POST['endDate']) ? dateToMySQL(cIn($_POST['endDate']), $hc_cfg[24]) : '';
$template = isset($_POST['templateID']) && is_numeric($_POST['templateID']) ? cIn($_POST['templateID']) : 0;
$archive = isset($_POST['archStatus']) && is_numeric($_POST['archStatus']) ? cIn($_POST['archStatus']) : 0;
$message = isset($_POST['mailMsg']) ? cIn(cleanQuotes($_POST['mailMsg'], 0), 0) : '';
$result = doQuery("SELECT PkID FROM " . HC_TblPrefix . "mailers WHERE PkID = '" . $mID . "'");
if (hasRows($result)) {
$msg = 1;
doQuery("UPDATE " . HC_TblPrefix . "mailers\r\n\t\t\t\t\tSET Title = '" . $title . "',\r\n\t\t\t\t\t\tSubject = '" . $subject . "',\r\n\t\t\t\t\t\tStartDate = '" . $startDate . "',\r\n\t\t\t\t\t\tEndDate = '" . $endDate . "',\r\n\t\t\t\t\t\tTemplateID = '" . $template . "',\r\n\t\t\t\t\t\tMessage = '" . $message . "',\r\n\t\t\t\t\t\tLastModDate = '" . date("Y-m-d") . "',\r\n\t\t\t\t\t\tIsArchive = '" . $archive . "'\r\n\t\t\t\t\tWHERE PkID = '" . $mID . "'");
} else {
$msg = 2;
doQuery("INSERT INTO " . HC_TblPrefix . "mailers(Title,Subject,StartDate,EndDate,TemplateID,Message,CreatedDate,LastModDate,IsArchive,IsActive)\r\n\t\t\t\t\tVALUES('" . $title . "',\r\n\t\t\t\t\t\t'" . $subject . "',\r\n\t\t\t\t\t\t'" . $startDate . "',\r\n\t\t\t\t\t\t'" . $endDate . "',\r\n\t\t\t\t\t\t'" . $template . "',\r\n\t\t\t\t\t\t'" . $message . "',\r\n\t\t\t\t\t\t'" . date("Y-m-d") . "',\r\n\t\t\t\t\t\t'" . date("Y-m-d") . "',\r\n\t\t\t\t\t\t'" . $archive . "',\r\n\t\t\t\t\t\t1)");
$result = doQuery("SELECT LAST_INSERT_ID() FROM " . HC_TblPrefix . "events");
$mID = mysql_result($result, 0, 0);
}
if (isset($_POST['grpID'])) {
doQuery("DELETE FROM " . HC_TblPrefix . "mailersgroups WHERE MailerID = '" . $mID . "'");
$eventDesc = preg_replace($filter, '', $eventDesc);
$locID = isset($_POST['locPreset']) ? htmlspecialchars(strip_tags($_POST['locPreset'])) : NULL;
$contactName = isset($_POST['contactName']) ? htmlspecialchars(strip_tags($_POST['contactName'])) : NULL;
$contactEmail = isset($_POST['contactEmail']) ? htmlspecialchars(strip_tags($_POST['contactEmail'])) : NULL;
$contactPhone = isset($_POST['contactPhone']) ? htmlspecialchars(strip_tags($_POST['contactPhone'])) : NULL;
$contactURL = isset($_POST['contactURL']) ? cIn(htmlspecialchars(strip_tags($_POST['contactURL']))) : NULL;
$contactURL = preg_match('/^https?:\\/\\//', $contactURL) || $contactURL == '' ? $contactURL : 'http://' . $contactURL;
$cost = isset($_POST['cost']) ? htmlspecialchars(strip_tags($_POST['cost'])) : NULL;
$startTimeHour = isset($_POST['startTimeHour']) ? strip_tags($_POST['startTimeHour']) : NULL;
$endTimeHour = isset($_POST['endTimeHour']) ? strip_tags($_POST['endTimeHour']) : NULL;
$adminMessage = isset($_POST['adminmessage']) ? cIn(htmlspecialchars(cleanQuotes(strip_tags($_POST['adminmessage'])))) : '';
$rsvp_type = isset($_POST['rsvp_type']) && is_numeric($_POST['rsvp_type']) ? htmlspecialchars(strip_tags($_POST['rsvp_type'])) : 0;
$rsvp_space = isset($_POST['rsvp_space']) && is_numeric($_POST['rsvp_space']) ? htmlspecialchars(strip_tags($_POST['rsvp_space'])) : 0;
$rsvp_disp = isset($_POST['rsvpFor']) && is_numeric($_POST['rsvpFor']) ? htmlspecialchars(strip_tags($_POST['rsvpFor'])) : 0;
$rsvp_open = isset($_POST['openDate']) ? dateToMySQL(htmlspecialchars(strip_tags($_POST['openDate'])), $hc_cfg[24]) : '';
$rsvp_close = isset($_POST['closeDate']) ? dateToMySQL(htmlspecialchars(strip_tags($_POST['closeDate'])), $hc_cfg[24]) : '';
$rsvp_notice = isset($_POST['rsvpEmail']) && is_numeric($_POST['rsvpEmail']) ? htmlspecialchars(strip_tags($_POST['rsvpEmail'])) : 0;
$eID = isset($_POST['eID']) ? cIn(htmlspecialchars(strip_tags($_POST['eID']))) : 0;
if ($locID > 0) {
$locName = $locAddress = $locAddress2 = $locCity = $locState = $locZip = $locCountry = '';
} else {
$locName = htmlspecialchars(strip_tags(cleanQuotes($_POST['locName'])));
$locAddress = htmlspecialchars(strip_tags($_POST['locAddress']));
$locAddress2 = htmlspecialchars(strip_tags($_POST['locAddress2']));
$locCity = htmlspecialchars(strip_tags($_POST['locCity']));
$locState = htmlspecialchars(strip_tags($_POST['locState']));
$locZip = htmlspecialchars(strip_tags($_POST['locZip']));
$locCountry = htmlspecialchars(strip_tags($_POST['locCountry']));
}
$stop += $subName != '' ? 0 : 1;
$stop += preg_match('/^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$/', $subEmail) == 1 ? 0 : 1;
* @license GNU General Public License version 2 or later; see LICENSE
*/
define('isHC', true);
define('isAction', true);
include dirname(__FILE__) . '/loader.php';
action_headers();
post_only();
$target = CalRoot;
$uID = isset($_POST['uID']) && is_numeric($_POST['uID']) ? cIn(strip_tags($_POST['uID'])) : 0;
$result = doQuery("SELECT PkID FROM " . HC_TblPrefix . "users WHERE PkID = '" . $uID . "'");
if (!user_check_status() || !hasRows($result)) {
session_destroy();
} else {
$email = isset($_POST['email']) ? cIn(htmlentities(strip_tags($_POST['email']))) : '';
$email = preg_match('/^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$/', $email) == 1 ? $email : '';
$birthdate = isset($_POST['birthdate']) ? cIn(dateToMySQL(htmlentities(strip_tags($_POST['birthdate'])), $hc_cfg[24])) : '';
$birthdate = strtotime($birthdate) <= strtotime('-13 years') ? $birthdate : '';
$location = isset($_POST['user_loc']) ? cIn(htmlentities(strip_tags($_POST['user_loc']))) : '';
$api_key = isset($_POST['regen_apik']) ? ", APIKey = '" . cIn(md5(sha1($email . $birthdate . $location . rand() * date("U")))) . "' " : '';
doQuery("UPDATE " . HC_TblPrefix . "users SET Email = '" . $email . "', Birthdate = '" . $birthdate . "', Location = '" . $location . "'{$api_key} WHERE PkID = '" . $uID . "'");
if ($email != '' && $birthdate != '') {
if (isset($_SESSION['new_user'])) {
unset($_SESSION['new_user']);
}
if (isset($_SESSION['new_user_bday'])) {
unset($_SESSION['new_user_bday']);
}
if (isset($_SESSION['new_user_email'])) {
unset($_SESSION['new_user_email']);
}
}
/**
* Output Event Search Results
* @since 2.0.0
* @version 2.0.0
* @return void
*/
function sr_forms_search_result()
{
global $hc_cfg, $hc_lang_search;
$sQuery = $rQuery = $link = $date = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$startDate = isset($_POST['startDate']) ? strtotime(dateToMySQL(cIn(strip_tags($_POST['startDate'])), $hc_cfg[24])) : strtotime(SYSDATE);
$endDate = isset($_POST['endDate']) ? strtotime(dateToMySQL(cIn(strip_tags($_POST['endDate'])), $hc_cfg[24])) : strtotime(SYSDATE) + 86400 * $hc_cfg[53];
$keyword = isset($_POST['keyword']) ? strip_tags(str_replace("'", "\"", $_POST['keyword'])) : '';
$keyword .= isset($_POST['hc_search_keyword']) ? strip_tags(str_replace("'", "\"", urldecode($_POST['hc_search_keyword']))) : '';
$location = isset($_POST['locPreset']) ? cIn(strip_tags($_POST['locPreset'])) : '';
$city = isset($_POST['city']) ? cIn(strip_tags($_POST['city'])) : '';
$state = isset($_POST['locState']) ? cIn(strip_tags($_POST['locState'])) : '';
$postal = isset($_POST['postal']) ? cIn(strip_tags($_POST['postal'])) : '';
$catIDs = isset($_POST['catID']) ? implode(',', array_filter($_POST['catID'], 'is_numeric')) : '';
$doRecur = isset($_POST['recurSet']) && $_POST['recurSet'] == 1 ? 1 : 0;
} else {
$startDate = isset($_GET['s']) ? cIn(strip_tags(urldecode($_GET['s']))) : strtotime(SYSDATE);
$endDate = isset($_GET['e']) ? cIn(strip_tags(urldecode($_GET['e']))) : strtotime(SYSDATE) + 86400 * $hc_cfg[53];
$keyword = isset($_GET['k']) ? strip_tags(str_replace("\"", "'", html_entity_decode(urldecode($_GET['k'])))) : '';
$location = isset($_GET['l']) ? cIn(strip_tags(urldecode(cIn($_GET['l'])))) : '';
$city = isset($_GET['c']) ? cIn(strip_tags(urldecode($_GET['c']))) : '';
$state = isset($_GET['st']) ? cIn(strip_tags(urldecode($_GET['st']))) : '';
$postal = isset($_GET['p']) ? cIn(strip_tags(urldecode($_GET['p']))) : '';
$catIDs = isset($_GET['t']) ? implode(',', array_filter(explode(',', urldecode($_GET['t'])), 'is_numeric')) : '';
$doRecur = isset($_GET['r']) && $_GET['r'] == 1 ? 1 : 0;
}
if ($keyword != '') {
$sQuery .= " AND MATCH(e.Title,e.LocationName,e.Description) AGAINST('" . cIn($keyword, 0) . "' IN BOOLEAN MODE) ";
$link .= "&k=" . urlencode(cleanXMLChars(cOut($keyword), 1));
}
if (is_numeric($location) && $location > 0) {
$sQuery .= " AND l.PkID = '" . $location . "'";
$link .= "&l=" . urlencode($location);
}
if ($city != '') {
$sQuery .= " AND (l.IsActive = 1 OR l.IsActive is NULL) AND (e.LocationCity = '" . cIn($city) . "' OR l.City = '" . cIn($city) . "')";
$link .= "&c=" . urlencode($city);
}
if ($state != '') {
$sQuery .= " AND (e.LocationState = '" . cIn($state) . "' or l.State = '" . cIn($state) . "')";
$link .= "&st=" . urlencode($state);
}
if ($postal != '') {
$sQuery .= " AND (e.LocationZip = '" . cIn($postal) . "' or l.Zip = '" . cIn($postal) . "')";
$link .= "&p=" . urlencode(cIn($postal));
}
if ($catIDs != '') {
$sQuery .= " AND (ec.CategoryID In(" . cIn($catIDs) . "))";
$link .= "&t=" . urlencode($catIDs);
}
if ($doRecur == 1) {
$rQuery = " AND e.SeriesID IS NULL \r\n UNION\r\n SELECT e.PkID, e.Title, e.StartDate, e.StartTime, e.EndTime, e.TBD, e.Image, e.IsFeature, e.HideDays, \r\n e.LocID, e.LocationName, e.LocationCity, e.LocationState, e.LocCountry,\r\n l.Name, l.City, l.State, l.Country, e.Cost, e.SeriesID, GROUP_CONCAT(c.CategoryName), e.Description, l.Address2\r\n FROM " . HC_TblPrefix . "events e\r\n LEFT JOIN " . HC_TblPrefix . "eventcategories ec ON (ec.EventID = e.PkID)\r\n LEFT JOIN " . HC_TblPrefix . "events e2 ON (e.SeriesID = e2.SeriesID AND e2.StartDate BETWEEN '" . date("Y-m-d", $startDate) . "' AND '" . date("Y-m-d", $endDate) . "' AND e.StartDate > e2.StartDate)\r\n LEFT JOIN " . HC_TblPrefix . "locations l ON (e.LocID = l.PkID)\r\n LEFT JOIN " . HC_TblPrefix . "categories c ON (ec.CategoryID = c.PkID)\r\n WHERE\r\n e2.StartDate IS NULL AND e.StartDate BETWEEN '" . date("Y-m-d", $startDate) . "' AND '" . date("Y-m-d", $endDate) . "'" . $sQuery . " AND e.IsActive = 1 AND e.IsApproved = 1 AND e.SeriesID IS NOT NULL \r\n GROUP BY e.SeriesID, e.PkID";
}
if ($doRecur == 0) {
$rQuery = " GROUP BY e.PkId";
}
$startDate = $startDate == '' || !is_numeric($startDate) ? strtotime(SYSDATE) : $startDate;
$endDate = $endDate == '' || !is_numeric($endDate) ? strtotime(SYSDATE) + $hc_cfg[53] * 86400 : $endDate;
$result = doQuery("SELECT e.PkID, e.Title, e.StartDate, e.StartTime, e.EndTime, e.TBD, e.Image, e.IsFeature, e.HideDays, \r\n e.LocID, e.LocationName, e.LocationCity, e.LocationState, e.LocCountry,\r\n l.Name, l.City, l.State, l.Country, e.Cost, e.SeriesID, GROUP_CONCAT(c.CategoryName), e.Description, l.Address2\r\n FROM " . HC_TblPrefix . "events e\r\n LEFT JOIN " . HC_TblPrefix . "eventcategories ec ON (ec.EventID = e.PkID)\r\n LEFT JOIN " . HC_TblPrefix . "locations l ON (e.LocID = l.PkID)\r\n LEFT JOIN " . HC_TblPrefix . "categories c ON (ec.CategoryID = c.PkID)\r\n WHERE e.StartDate BETWEEN '" . date("Y-m-d", $startDate) . "' AND '" . date("Y-m-d", $endDate) . "'" . $sQuery . " AND e.IsActive = 1 AND e.IsApproved = 1" . $rQuery . " ORDER BY StartDate, TBD, StartTime, Title");
if (!hasRows($result)) {
echo '
<p>' . $hc_lang_search['NoResults'] . '</p>
<p><a href="' . CalRoot . '/index.php?com=search">' . $hc_lang_search['SearchAgain'] . '</a></p>';
return 0;
}
echo '<p>' . $hc_lang_search['ResultLabel'] . ' [<a href="' . CalRoot . '/index.php?com=searchresult&r=' . $doRecur . "&s=" . urlencode($startDate) . "&e=" . urlencode($endDate) . $link . '">' . $hc_lang_search['ResultLink'] . '</a>]';
$cnt = 0;
$row_number = 1;
$show_images = 1;
echo '<div id="events">';
while ($row = mysql_fetch_row($result)) {
if (is_null($row[0])) {
continue;
}
//two matches in query lead to a null
// if(($date != $row[2])){
// $date = $row[2];
// echo ($cnt > 0) ? '
// </ul>' : '';
// echo '
// <header>' . stampToDate($row[2], $hc_cfg[14]) . '</header>
// <ul>';
// $cnt = 1;
// }
// $hl = ($cnt % 2 == 0) ? ' class="hl"' : '';
// if($row[5] == 0){
// $time = ($row[3] != '') ? stampToDate($row[3], $hc_cfg[23]) : '';
// $time .= ($row[4] != '') ? ' - ' . stampToDate($row[4], $hc_cfg[23]) : '';
// $stamp = date("Y-m-d\Th:i:00.0",strtotime($row[2] . trim(' '.$row[3]))) . HCTZ;
// } else {
// $time = ($row[5] == 1) ? $hc_lang_search['AllDay'] : $hc_lang_search['TBA'];
// $stamp = date("Y-m-d",strtotime($row[2]));}
// echo '
// <li'.$hl.'><time datetime="'.$stamp.'">'.$time.'</time><a href="'.CalRoot . '/index.php?eID='.$row[0].'">'.cOut($row[1]).'</a></li>';
// ++$cnt;
$color_class = sr_colorizer($row_number);
$description = $hc_cfg[107] > 0 ? clean_truncate($row[21], $hc_cfg[107]) : $row[21];
$categories = explode(",", $row[20]);
//filtering out ACE
switch (count($categories)) {
case 0:
$category = 'No Category';
break;
case 1:
$category = substr($categories[0], 3);
break;
default:
$category = substr($categories[0], -4) != '_ACE' ? substr($categories[0], 3) : substr($categories[1], 3);
break;
}
$category = '<h4>' . $category . '</h4>';
if ($date != $row[2]) {
$date = $row[2];
echo $cnt > 0 ? '</ul>' : '';
echo '<h2>' . stampToDate($row[2], '%A, %B %d, %Y') . '</h2><ul>';
$cnt = 1;
}
$limit = $row[8] > 0 ? cOut($row[8]) : $hc_cfg[134];
$expire = $limit > 0 ? date("Y-m-d", strtotime($date) + $limit * 86400) : '';
$cls = $cnt % 2 == 0 ? 'hl' : '';
$cls .= $row[7] > 0 ? ' featured' : '';
if ($row[5] == 0) {
$time = $row[3] != '' ? stampToDate($row[3], $hc_cfg[23]) : '';
$time .= $row[4] != '' ? ' - ' . stampToDate($row[4], $hc_cfg[23]) : '';
//$stamp = date("Y-m-d\Th:i:00",strtotime($row[2] . trim(' '.$row[3]))) . HCTZ;
$stamp = stampToDate($row[2], '%A, %B %d');
//$hc_cfg[14]
} else {
$time = $row[5] == 1 ? $hc_lang_event['AllDay'] : $hc_lang_event['TBA'];
$stamp = $row[2];
$stamp = stampToDate($row[2], '%A, %B %d');
}
echo '
<li ' . ($cls != '' ? 'class="' . $color_class . ' ' . trim($cls) . '" ' : 'class="' . $color_class . '"') . 'itemscope itemtype="http://schema.org/Event">
<a href="' . CalRoot . '/index.php?eID=' . $row[0] . '">' . '<div class="event-content-container">' . $category . '<h3 itemprop="name">' . cOut($row[1]) . '</h3><div class="date-time">
<span itemprop="startDate" datetime="' . $stamp . '">' . $stamp . ', ' . $time . '</span>
<span class="location"><i class="fa fa-map-marker"></i> ' . $row[14] . ($row[22] != '' ? ' - ' . $row[22] : '') . '</span></div><p>' . strip_tags(cOut($description)) . '<span class="readmore"> READ MORE</span></p></div>' . ($show_images == 1 && $row[6] != '' ? '<div class="event-image-container" style="background-image: url(' . $row[6] . '); min-width:' . (strlen($row[1]) > 43 ? 325 : 287) . 'px;"></div>' : '') . '</a></li>';
++$cnt;
++$row_number;
//<img itemprop="image" src="'.$row[6].'" class="eimage_b" />
}
echo '</ul></div>';
}
$featured = isset($_POST['eventFeatured']) && is_numeric($_POST['eventFeatured']) ? cIn($_POST['eventFeatured']) : '0';
$hide = isset($_POST['eventHide']) && is_numeric($_POST['eventHide']) ? cIn($_POST['eventHide']) : '0';
$msgID = 2;
$dates = array();
$catID = isset($_POST['catID']) ? array_filter($_POST['catID'], 'is_numeric') : '';
$apiFail = false;
$locName = $locAddress = $locAddress2 = $locCity = $locState = $locZip = $locCountry = '';
$allowRegistration = isset($_POST['eventRegistration']) ? cIn($_POST['eventRegistration']) : '0';
$maxRegistration = $allowRegistration == 1 ? cIn($_POST['eventRegAvailable']) : 0;
$follow_up = isset($_POST['follow_up']) ? cIn($_POST['follow_up']) : 0;
$fnote = isset($_POST['follow_note']) ? cIn(cleanQuotes($_POST['follow_note'])) : '';
$rsvp_type = isset($_POST['rsvp_type']) && is_numeric($_POST['rsvp_type']) ? cIn($_POST['rsvp_type']) : 0;
$rsvp_space = isset($_POST['rsvp_space']) && is_numeric($_POST['rsvp_space']) ? cIn($_POST['rsvp_space']) : 0;
$rsvp_disp = isset($_POST['rsvpFor']) && is_numeric($_POST['rsvpFor']) ? cIn($_POST['rsvpFor']) : 0;
$rsvp_open = isset($_POST['openDate']) ? dateToMySQL(cIn($_POST['openDate']), $hc_cfg[24]) : '';
$rsvp_close = isset($_POST['closeDate']) ? dateToMySQL(cIn($_POST['closeDate']), $hc_cfg[24]) : '';
$rsvp_notice = isset($_POST['rsvpEmail']) && is_numeric($_POST['rsvpEmail']) ? cIn($_POST['rsvpEmail']) : 0;
$subname = isset($_POST['subname']) ? cIn($_POST['subname']) : '';
$subemail = isset($_POST['subemail']) ? cIn($_POST['subemail']) : '';
$sendmsg = isset($_POST['sendmsg']) && $_POST['sendmsg'] != "no" ? 1 : 0;
$message = isset($_POST['message']) ? $_POST['message'] : '';
if ($locID == 0) {
$locName = cIn(cleanQuotes($_POST['locName']));
$locAddress = cIn($_POST['locAddress']);
$locAddress2 = cIn($_POST['locAddress2']);
$locCity = cIn($_POST['locCity']);
$locState = cIn($_POST['locState']);
$locZip = cIn($_POST['locZip']);
$locCountry = cIn($_POST['locCountry']);
if (isset($_POST['newLoc'])) {
$locString = str_replace("<br />", ", ", buildAddress($locAddress, $locAddress2, $locCity, $locState, $locZip, $locCountry, $hc_lang_config['AddressType']));
action_headers();
$token = '';
$token = $token == '' && isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : $token;
$token = $token == '' && isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : $token;
if (!check_form_token($token)) {
go_home();
}
$target = AdminRoot . '/index.php?com=user';
if (!isset($_GET['dID']) && !isset($_GET['bID'])) {
$uID = isset($_POST['uID']) && is_numeric($_POST['uID']) ? cIn(strip_tags($_POST['uID'])) : 0;
$email = isset($_POST['email']) ? cIn(strip_tags($_POST['email'])) : '';
$level = isset($_POST['level']) && is_numeric($_POST['level']) ? cIn(strip_tags($_POST['level'])) : 0;
$banned = isset($_POST['banned']) && is_numeric($_POST['banned']) ? cIn(strip_tags($_POST['banned'])) : 0;
$api = isset($_POST['api']) && is_numeric($_POST['api']) ? cIn(strip_tags($_POST['api'])) : 0;
$location = isset($_POST['location']) ? cIn(strip_tags($_POST['location'])) : '';
$birthdate = isset($_POST['birthdate']) ? dateToMySQL(cIn($_POST['birthdate']), $hc_cfg[24]) : '';
$catID = isset($_POST['catID']) ? array_filter($_POST['catID'], 'is_numeric') : '';
$cats = isset($catID[0]) ? implode(',', $catID) : '';
if ($banned == 1) {
$level = 0;
doQuery("UPDATE " . HC_TblPrefix . "events SET OwnerID = 0 WHERE OwnerID = '" . $uID . "'");
}
doQuery("UPDATE " . HC_TblPrefix . "users SET\r\n\t\t\t\t\tEmail = '" . $email . "',\r\n\t\t\t\t\tLevel = '" . $level . "',\r\n\t\t\t\t\tIsBanned = '" . $banned . "',\r\n\t\t\t\t\tLocation = '" . $location . "',\r\n\t\t\t\t\tBirthdate = " . ($birthdate != '' ? "'" . $birthdate . "'" : "NULL") . ",\r\n\t\t\t\t\tCategories = '" . $cats . "',\r\n\t\t\t\t\tAPIAccess = '" . $api . "'\r\n\t\t\t\tWHERE PkID = '" . $uID . "'");
$target = AdminRoot . '/index.php?com=useredit&uID=' . $uID . '&msg=1';
} else {
if (isset($_GET['dID'])) {
$dID = isset($_GET['dID']) && is_numeric($_GET['dID']) ? cIn(strip_tags($_GET['dID'])) : 0;
$b = isset($_GET['b']) && is_numeric($_GET['b']) && $_GET['b'] <= 1 ? cIn(strip_tags($_GET['b'])) : 0;
doQuery("DELETE FROM " . HC_TblPrefix . "users WHERE PkID = '" . $dID . "'");
doQuery("UPDATE " . HC_TblPrefix . "events SET OwnerID = 0 WHERE OwnerID = '" . $dID . "'");
$target = AdminRoot . '/index.php?com=user&msg=1' . ($b == 1 ? '&b=1' : '');
$apiFail = true;
$errorMsg = 'Eventbrite API Settings Unavailable.';
} else {
$ebAPI = cOut(mysql_result($result, 0, 1));
$ebUser = cOut(mysql_result($result, 1, 1));
if ($ebAPI == '' || $ebUser == '') {
$apiFail = true;
$errorMsg = 'Eventbrite API Settings Missing.';
} else {
for ($x = 1; $x <= 5; ++$x) {
$ticketID = isset($_POST['ticketid' . $x]) ? cIn($_POST['ticketid' . $x]) : '';
$ticket = isset($_POST['ticket' . $x]) ? cIn($_POST['ticket' . $x]) : '';
$priceType = isset($_POST['priceType' . $x]) ? cIn($_POST['priceType' . $x]) : '';
$qty = isset($_POST['qty' . $x]) ? cIn($_POST['qty' . $x]) : '';
$fee = isset($_POST['fee' . $x]) ? '0' : '1';
$end = isset($_POST['end' . $x]) && $_POST['end' . $x] != '' ? dateToMySQL(cIn($_POST['end' . $x]), $hc_cfg[24]) : $eventDate;
$end = $end > $eventDate ? $eventDate . " " . str_replace("'", "", $startTime) : $end . " 00:00:00";
if ($ticket == '') {
break;
}
switch ($priceType) {
case 0:
// fixed
$donation = '0';
$price = isset($_POST['price' . $x]) ? cIn($_POST['price' . $x]) : '';
break;
case 1:
// free
$donation = '0';
$price = '0.00';
break;
<?php
/**
* @package Helios Calendar
* @license GNU General Public License version 2 or later; see LICENSE
*/
if (!defined('hcAdmin')) {
header("HTTP/1.1 403 No Direct Access");
exit;
}
include HCLANG . '/admin/search.php';
$sID = isset($_POST['sID']) && is_numeric($_POST['sID']) ? cIn($_POST['sID']) : 0;
$startDate = isset($_POST['startDate']) ? strtotime(dateToMySQL(cIn(strip_tags($_POST['startDate'])), $hc_cfg[24])) : strtotime('1970-01-01');
$endDate = isset($_POST['endDate']) ? strtotime(dateToMySQL(cIn(strip_tags($_POST['endDate'])), $hc_cfg[24])) : strtotime('1970-01-01');
$keyword = isset($_POST['keyword']) ? strip_tags(str_replace("'", "\"", $_POST['keyword'])) : '';
$location = isset($_POST['locPreset']) ? cIn(strip_tags($_POST['locPreset'])) : '';
$city = isset($_POST['city']) ? cIn(strip_tags($_POST['city'])) : '';
$state = isset($_POST['locState']) ? cIn(strip_tags($_POST['locState'])) : '';
$postal = isset($_POST['postal']) ? cIn(strip_tags($_POST['postal'])) : '';
$catIDs = isset($_POST['catID']) ? implode(',', array_filter($_POST['catID'], 'is_numeric')) : '';
$seriesOnly = isset($_POST['seriesonly']) ? 1 : 0;
$series = isset($_GET['srsID']) ? cIn(strip_tags($_GET['srsID'])) : '';
$usrID = isset($_POST['usrID']) && is_numeric($_POST['usrID']) ? cIn($_POST['usrID']) : 0;
if (isset($_GET['msg']) && is_numeric($_GET['msg'])) {
switch ($_GET['msg']) {
case "1":
feedback(1, $hc_lang_search['Feed03']);
break;
}
}
if ($sID == 1 || $series != '') {
/**
* Output Event Search Results
* @since 2.0.0
* @version 2.0.0
* @return void
*/
function search_result()
{
global $hc_cfg, $hc_lang_search;
$sQuery = $rQuery = $link = $date = '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$startDate = isset($_POST['startDate']) ? strtotime(dateToMySQL(cIn(strip_tags($_POST['startDate'])), $hc_cfg[24])) : strtotime(SYSDATE);
$endDate = isset($_POST['endDate']) ? strtotime(dateToMySQL(cIn(strip_tags($_POST['endDate'])), $hc_cfg[24])) : strtotime(SYSDATE) + 86400 * $hc_cfg[53];
$keyword = isset($_POST['keyword']) ? strip_tags(str_replace("'", "\"", $_POST['keyword'])) : '';
$keyword .= isset($_POST['hc_search_keyword']) ? strip_tags(str_replace("'", "\"", urldecode($_POST['hc_search_keyword']))) : '';
$location = isset($_POST['locPreset']) ? cIn(strip_tags($_POST['locPreset'])) : '';
$city = isset($_POST['city']) ? cIn(strip_tags($_POST['city'])) : '';
$state = isset($_POST['locState']) ? cIn(strip_tags($_POST['locState'])) : '';
$postal = isset($_POST['postal']) ? cIn(strip_tags($_POST['postal'])) : '';
$catIDs = isset($_POST['catID']) ? implode(',', array_filter($_POST['catID'], 'is_numeric')) : '';
$doRecur = isset($_POST['recurSet']) && $_POST['recurSet'] == 1 ? 1 : 0;
} else {
$startDate = isset($_GET['s']) ? cIn(strip_tags(urldecode($_GET['s']))) : strtotime(SYSDATE);
$endDate = isset($_GET['e']) ? cIn(strip_tags(urldecode($_GET['e']))) : strtotime(SYSDATE) + 86400 * $hc_cfg[53];
$keyword = isset($_GET['k']) ? strip_tags(str_replace("\"", "'", html_entity_decode(urldecode($_GET['k'])))) : '';
$location = isset($_GET['l']) ? cIn(strip_tags(urldecode(cIn($_GET['l'])))) : '';
$city = isset($_GET['c']) ? cIn(strip_tags(urldecode($_GET['c']))) : '';
$state = isset($_GET['st']) ? cIn(strip_tags(urldecode($_GET['st']))) : '';
$postal = isset($_GET['p']) ? cIn(strip_tags(urldecode($_GET['p']))) : '';
$catIDs = isset($_GET['t']) ? implode(',', array_filter(explode(',', urldecode($_GET['t'])), 'is_numeric')) : '';
$doRecur = isset($_GET['r']) && $_GET['r'] == 1 ? 1 : 0;
}
if ($keyword != '') {
$sQuery .= " AND MATCH(e.Title,e.LocationName,e.Description) AGAINST('" . cIn($keyword, 0) . "' IN BOOLEAN MODE) ";
$link .= "&k=" . urlencode(cleanXMLChars(cOut($keyword), 1));
}
if (is_numeric($location) && $location > 0) {
$sQuery .= " AND l.PkID = '" . $location . "'";
$link .= "&l=" . urlencode($location);
}
if ($city != '') {
$sQuery .= " AND (l.IsActive = 1 OR l.IsActive is NULL) AND (e.LocationCity = '" . cIn($city) . "' OR l.City = '" . cIn($city) . "')";
$link .= "&c=" . urlencode($city);
}
if ($state != '') {
$sQuery .= " AND (e.LocationState = '" . cIn($state) . "' or l.State = '" . cIn($state) . "')";
$link .= "&st=" . urlencode($state);
}
if ($postal != '') {
$sQuery .= " AND (e.LocationZip = '" . cIn($postal) . "' or l.Zip = '" . cIn($postal) . "')";
$link .= "&p=" . urlencode(cIn($postal));
}
if ($catIDs != '') {
$sQuery .= " AND (ec.CategoryID In(" . cIn($catIDs) . "))";
$link .= "&t=" . urlencode($catIDs);
}
if ($doRecur == 1) {
$rQuery = " AND SeriesID IS NULL \r\n\t\t\t\t\t\tUNION\r\n\t\t\t\t\t\tSELECT DISTINCT e.PkID, e.Title, e.StartDate, e.StartTime, e.EndTime, e.TBD\r\n\t\t\t\t\t\tFROM " . HC_TblPrefix . "events e\r\n\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "eventcategories ec ON (ec.EventID = e.PkID)\r\n\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "events e2 ON (e.SeriesID = e2.SeriesID AND e2.StartDate BETWEEN '" . date("Y-m-d", $startDate) . "' AND '" . date("Y-m-d", $endDate) . "' AND e.StartDate > e2.StartDate)\r\n\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "locations l ON (e.LocID = l.PkID)\r\n\t\t\t\t\t\tWHERE\r\n\t\t\t\t\t\t\te2.StartDate IS NULL AND e.StartDate BETWEEN '" . date("Y-m-d", $startDate) . "' AND '" . date("Y-m-d", $endDate) . "'" . $sQuery . " AND e.IsActive = 1 AND e.IsApproved = 1 AND e.SeriesID IS NOT NULL \r\n\t\t\t\t\t\tGROUP BY e.SeriesID, e.PkID, e.Title, e.StartDate, e.StartTime, e.EndTime, e.TBD";
}
$startDate = $startDate == '' || !is_numeric($startDate) ? strtotime(SYSDATE) : $startDate;
$endDate = $endDate == '' || !is_numeric($endDate) ? strtotime(SYSDATE) + $hc_cfg[53] * 86400 : $endDate;
$result = doQuery("SELECT DISTINCT e.PkID, e.Title, e.StartDate, e.StartTime, e.EndTime, e.TBD\r\n\t\t\t\t\t\tFROM " . HC_TblPrefix . "events e\r\n\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "eventcategories ec ON (ec.EventID = e.PkID)\r\n\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "locations l ON (e.LocID = l.PkID)\r\n\t\t\t\t\t\tWHERE e.StartDate BETWEEN '" . date("Y-m-d", $startDate) . "' AND '" . date("Y-m-d", $endDate) . "'" . $sQuery . " AND e.IsActive = 1 AND e.IsApproved = 1" . $rQuery . " ORDER BY StartDate, TBD, StartTime, Title");
if (!hasRows($result)) {
echo '
<p>' . $hc_lang_search['NoResults'] . '</p>
<p><a href="' . CalRoot . '/index.php?com=search">' . $hc_lang_search['SearchAgain'] . '</a></p>';
return 0;
}
echo '<p>' . $hc_lang_search['ResultLabel'] . ' [<a href="' . CalRoot . '/index.php?com=searchresult&r=' . $doRecur . "&s=" . urlencode($startDate) . "&e=" . urlencode($endDate) . $link . '">' . $hc_lang_search['ResultLink'] . '</a>]';
$cnt = 0;
while ($row = mysql_fetch_row($result)) {
if ($date != $row[2]) {
$date = $row[2];
echo $cnt > 0 ? '
</ul>' : '';
echo '
<header>' . stampToDate($row[2], $hc_cfg[14]) . '</header>
<ul>';
$cnt = 1;
}
$hl = $cnt % 2 == 0 ? ' class="hl"' : '';
if ($row[5] == 0) {
$time = $row[3] != '' ? stampToDate($row[3], $hc_cfg[23]) : '';
$time .= $row[4] != '' ? ' - ' . stampToDate($row[4], $hc_cfg[23]) : '';
$stamp = date("Y-m-d\\Th:i:00.0", strtotime($row[2] . trim(' ' . $row[3]))) . HCTZ;
} else {
$time = $row[5] == 1 ? $hc_lang_search['AllDay'] : $hc_lang_search['TBA'];
$stamp = date("Y-m-d", strtotime($row[2]));
}
echo '
<li' . $hl . '><time datetime="' . $stamp . '">' . $time . '</time><a href="' . CalRoot . '/index.php?eID=' . $row[0] . '">' . cOut($row[1]) . '</a></li>';
++$cnt;
}
echo '</ul>';
}