Ejemplo n.º 1
0
<?php

// $Id$
require "defaultincludes.inc";
require_once "mrbs_sql.inc";
// Get non-standard form variables
$name = get_form_var('name', 'string');
$description = get_form_var('description', 'string');
$capacity = get_form_var('capacity', 'int');
$type = get_form_var('type', 'string');
// Check the user is authorised for this page
checkAuthorised();
// This file is for adding new areas/rooms
$error = '';
// First of all check that we've got an area or room name
if (!isset($name) || $name === '') {
    $error = "empty_name";
} elseif ($type == "area") {
    $area = mrbsAddArea($name, $error);
} elseif ($type == "room") {
    $room = mrbsAddRoom($name, $area, $error, $description, $capacity);
}
$returl = "admin.php?area={$area}" . (!empty($error) ? "&error={$error}" : "");
header("Location: {$returl}");
Ejemplo n.º 2
0
function get_room_id($location, &$error)
{
    global $area_room_order, $area_room_delimiter, $area_room_create;
    global $tbl_room, $tbl_area;
    // If there's no delimiter we assume we've just been given a room name (that will
    // have to be unique).   Otherwise we split the location into its area and room parts
    if (strpos($location, $area_room_delimiter) === FALSE) {
        $location_area = '';
        $location_room = $location;
    } elseif ($area_room_order == 'area_room') {
        list($location_area, $location_room) = explode($area_room_delimiter, $location);
    } else {
        list($location_room, $location_area) = explode($area_room_delimiter, $location);
    }
    $location_area = trim($location_area);
    $location_room = trim($location_room);
    // Now search the database for the room
    // Case 1:  we've just been given a room name, in which case we hope it happens
    // to be unique, because if we find more than one we won't know which one is intended
    // and if we don't find one at all we won't be able to create it because we won't
    // know which area to put it in.
    if ($location_area == '') {
        $sql = "SELECT COUNT(*) FROM {$tbl_room} WHERE room_name='" . sql_escape($location_room) . "'";
        $count = sql_query1($sql);
        if ($count < 0) {
            trigger_error(sql_error(), E_USER_WARNING);
            fatal_error(FALSE, get_vocab("fatal_db_error"));
        } elseif ($count == 0) {
            $error = "'{$location_room}': " . get_vocab("room_does_not_exist_no_area");
            return FALSE;
        } elseif ($count > 1) {
            $error = "'{$location_room}': " . get_vocab("room_not_unique_no_area");
            return FALSE;
        } else {
            $sql = "SELECT id FROM {$tbl_room} WHERE room_name='" . sql_escape($location_room) . "' LIMIT 1";
            $id = sql_query1($sql);
            if ($id < 0) {
                trigger_error(sql_error(), E_USER_WARNING);
                fatal_error(FALSE, get_vocab("fatal_db_error"));
            }
            return $id;
        }
    } else {
        // First of all get the area id
        $sql = "SELECT id\n              FROM {$tbl_area}\n             WHERE area_name='" . sql_escape($location_area) . "'\n             LIMIT 1";
        $area_id = sql_query1($sql);
        if ($area_id < 0) {
            $sql_error = sql_error();
            if (!empty($sql_error)) {
                trigger_error(sql_error(), E_USER_WARNING);
                fatal_error(FALSE, get_vocab("fatal_db_error"));
            } else {
                // The area does not exist - create it if we are allowed to
                if (!$area_room_create) {
                    $error = get_vocab("area_does_not_exist") . " '{$location_area}'";
                    return FALSE;
                } else {
                    echo get_vocab("creating_new_area") . " '{$location_area}'<br>\n";
                    $error_add_area = '';
                    $area_id = mrbsAddArea($location_area, $error_add_area);
                    if ($area_id === FALSE) {
                        $error = get_vocab("could_not_create_area") . " '{$location_area}'";
                        return FALSE;
                    }
                }
            }
        }
    }
    // Now we've got the area_id get the room_id
    $sql = "SELECT id\n            FROM {$tbl_room}\n           WHERE room_name='" . sql_escape($location_room) . "'\n             AND area_id={$area_id}\n           LIMIT 1";
    $room_id = sql_query1($sql);
    if ($room_id < 0) {
        $sql_error = sql_error();
        if (!empty($sql_error)) {
            trigger_error(sql_error(), E_USER_WARNING);
            fatal_error(FALSE, get_vocab("fatal_db_error"));
        } else {
            // The room does not exist - create it if we are allowed to
            if (!$area_room_create) {
                $error = get_vocab("room_does_not_exist") . " '{$location_room}'";
                return FALSE;
            } else {
                echo get_vocab("creating_new_room") . " '{$location_room}'<br>\n";
                $error_add_room = '';
                $room_id = mrbsAddRoom($location_room, $area_id, $error_add_room);
                if ($room_id === FALSE) {
                    $error = get_vocab("could_not_create_room") . " '{$location_room}'";
                    return FALSE;
                }
            }
        }
    }
    return $room_id;
}