}
}
// Attempt to Add the Event to the Database
$add_event_id = add_event($bookingForUsername, $scheduled_date_time_data, $_REQUEST['subject'], $_REQUEST['location'], $starting_date . ' ' . $_REQUEST['start_time'], $ending_date . ' ' . $_REQUEST['end_time'], $_REQUEST['recur_interval'], $_REQUEST['recur_freq'], $recur_date, $_REQUEST['desc'], $_POST['bookingOptions']);
if (!empty($add_event_id)) {
$page_info_message = "Event added successfully!";
//if the user uses booking credits update their remaining credits
if ($deductCredits && $bookeeUsesCredits) {
update_booking_credits($bookingForUsername, $scheduled_slots, 'dec');
//Set the right message depending on if we are making the booking for ourselves or not
if ($bookingForUsername == $_SESSION['valid_user']) {
//booking for self
$page_info_message .= '<br><br>' . $scheduled_slots . ' credits have been deducted for this booking. You have ' . remaining_booking_credits($bookingForUsername) . ' credits remaining.';
} else {
//booking for someone else
$page_info_message .= '<br><br>NOTE: User ' . $bookingForUsername . ' has had ' . $scheduled_slots . ' credits deducted. ' . remaining_booking_credits($bookingForUsername) . ' credits remaining.';
}
}
//see if booking cinfirmation e-mails are to get sent out
if ($_SESSION['BOOKING_CONF_EMAILS_SEND']) {
//create an array of the things we are looking to replace in the body and subject of the e-mail
$mailTags = array('%firstname%', '%lastname%', '%sitename%', '%bookingtimes%', '%bookingtimesvertical%', '%period%', '%location%', '%slots%', '%briefdesc%', '%fulldesc%', '%options%');
//figure out the variables that might be reuired in the message
$mailVars['firstname'] = $user_info['firstname'];
$mailVars['lastname'] = $user_info['lastname'];
$mailVars['sitename'] = SITE_NAME;
$mailVars['bookingtimes'] = '';
$mailVars['bookingtimesvertical'] = '';
$horizSeparator = '';
$vertSeparator = '';
foreach ($scheduled_date_time_data as $display_date_and_time) {
$display_login_form = false;
$page_info_message = "Login Successful!";
// we know we have a valid user, now check if they are entitled to admin privileges
if (is_admin($_REQUEST['username'])) {
wrap_session_register("admin_user");
} elseif ($_SESSION['BUDDY_LIST_EMAILS_SEND']) {
// check if this user has any pending buddies - we only want to do this for non-admins and if buddy lists are switched on
$_SESSION['number_pending_buddies'] = pending_buddies($_REQUEST['username']);
}
// set some session info about their privileges
// can block book?
if (can_block_book($_REQUEST['username'])) {
wrap_session_register("block_book");
}
//booking credits remaining
$_SESSION['booking_credits'] = remaining_booking_credits($_REQUEST['username']);
// Member check
// check if the user is a member or not - but only if they are not an admin as this flag is not used for admins
if (!wrap_session_is_registered("admin_user")) {
$_SESSION['is_member'] = is_member($_REQUEST['username']);
}
//can they view other users bookings?
if (is_admin($_REQUEST['username'])) {
//admins can always see everyone elses bookings
$_SESSION['SHOW_USER_DETAILS'] = true;
} else {
//how about regular users? This will depend on the site wide value set by an admin
$result = wrap_db_query("SELECT function_value FROM " . SETTINGS_TABLE . " WHERE name = 'user_details_viewing' LIMIT 0,1 ;");
if ($result) {
if ($fields = wrap_db_fetch_array($result)) {
//change 1's and 0's to true and false
function update_booking_credits($username, $numCredits, $updateType = 'set')
{
//updateType can be 'set', 'inc' or 'dec'
//
// 'set' changes the users current number of credits to the $numCredits value
// (can be any int or 'Not_used' to remove the use of booking credits)
// 'inc' increments the number of credits the user has by $numCredits
// 'dec' decreases the number of credits the user has by $numCredits.
//make sure we have a user id to prevent deleting other peoples events!
if ($username == '' || $username == '%') {
return false;
}
//get the current number of credits for that user
$creditsRemaining = remaining_booking_credits($username);
if ($updateType == 'set') {
$creditsRemaining = $numCredits;
} else {
if ($updateType == 'inc') {
//make sure the current value is not 'Not used'
if ($creditsRemaining == 'Not used') {
//overwrite the not used value (treat it as a 0)
$creditsRemaining = $numCredits;
} else {
$creditsRemaining += $numCredits;
}
} else {
if ($updateType == 'dec') {
//make sure the current value is not 'Not used'
if ($creditsRemaining == 'Not used') {
//overwrite the not used value (treat it as a 0)
$creditsRemaining = 0;
} else {
$creditsRemaining -= $numCredits;
//disallow negative credit
if ($creditsRemaining < 0) {
$creditsRemaining = 0;
}
}
}
}
}
//are we updating our own or someone elses credits? If our own, update the session value
if ($username == $_SESSION['valid_user']) {
//update the value stored in the session
$_SESSION['booking_credits'] = "{$creditsRemaining}";
//use of quotes forces zero's to be set correctly rather than being auto-cast to a boolean false. We can't use (int) to cast as this value may be a string 'Not used'.
}
//write the update back to the database
$result = wrap_db_query("UPDATE " . BOOKING_USER_TABLE . " SET booking_credits = '{$creditsRemaining}' WHERE username = '******' LIMIT 1");
if (!$result) {
//notify the sites administrator that this value could not be updated
$emailMsg = "The bookwake system was unable to {$updateType} the current sumber of booking credits for user {$username}.\n\nThis user should now have {$creditsRemaining} credits remaining, please update this value manually using your bookwake control panel.\n";
send_mail("", "", MAIL_MYNAME, MAIL_MYEMAIL, "Booking credit change failed for {$username}", $emailMsg);
return false;
} else {
return true;
}
}
