function activity_form($activity_id = 0)
{
global $mysqli;
global $backend;
if ($activity_id) {
$activity = new Activity($activity_id);
$form_type = 'update';
} else {
$activity = new Activity();
$form_type = 'insert';
}
$html = '';
$fields = array('title' => array('var' => 'title', 'label' => 'Activity Title', 'desc' => 'Required. This is the public title of the activity. You may change this later.', 'type' => 'text', 'std' => $activity->title, 'validate' => 'required', 'filter' => 'trim|sanitize_string', 'param' => 's'), 'folder' => array('var' => 'folder', 'label' => 'Activity folder', 'desc' => 'Required. Name of the folder to create on the ASHP server. Just enter the name of the folder <strong>without any slashes</strong>.', 'type' => 'text', 'std' => $activity->folder, 'validate' => 'required|alpha_dash', 'filter' => 'trim|sanitize_string', 'param' => 's'), 'url' => array('var' => 'url', 'label' => 'Live Activity URL', 'desc' => 'The full URL of the activity, including <strong>http://</strong><br />You can leave blank to default to http://ashpadvantagemedia.com/ActivityFolder.<br /><span class="text-danger">Remember to use <strong>http://www.ashpadvantagemedia.com</strong> instead of <strong>http://www.ashpadvantage.com</strong>.</span>', 'type' => 'text', 'std' => $activity->url, 'validate' => 'valid_url', 'filter' => 'trim|sanitize_string', 'param' => 's'), 'sponsor' => array('var' => 'sponsor', 'label' => 'Activity Sponsor', 'desc' => 'The sponsor of the activity.', 'type' => 'text', 'std' => $activity->sponsor, 'validate' => '', 'filter' => 'trim|sanitize_string', 'param' => 's'), 'type_id' => array('var' => 'type_id', 'label' => 'Activity Type', 'desc' => 'Select the type of activity.', 'type' => 'select', 'options' => $backend->activity_types, 'std' => $activity->type_id, 'validate' => 'required', 'filter' => 'trim|sanitize_string', 'param' => 'i'), 'live_website' => array('var' => 'live_website', 'label' => 'Live Website Template', 'desc' => 'Choose which template to display on the live site..', 'type' => 'select', 'options' => $backend->website_types, 'std' => $activity->live_website, 'validate' => 'required', 'filter' => 'trim|sanitize_string', 'param' => 's'), 'has_live' => array('var' => 'has_live', 'label' => 'Has Live Component', 'desc' => 'Select the live component this activity has.', 'type' => 'radio', 'options' => array('none', 'webcast', 'webinar'), 'std' => $activity->has_live, 'validate' => 'required', 'filter' => 'trim|sanitize_string', 'param' => 's'), 'director_id' => array('var' => 'director_id', 'label' => 'Scientific Project Director', 'desc' => '', 'type' => 'select', 'options' => $backend->directors, 'std' => $activity->director_id, 'validate' => 'required', 'filter' => 'trim|sanitize_string', 'param' => 'i'), 'manager_id' => array('var' => 'manager_id', 'label' => 'Project Manager', 'desc' => '', 'type' => 'select', 'options' => $backend->managers, 'std' => $activity->manager_id, 'validate' => 'required', 'filter' => 'trim|sanitize_string', 'param' => 'i'), 'vendor_id' => array('var' => 'vendor_id', 'label' => 'Web Vendor', 'desc' => '', 'type' => 'select', 'options' => $backend->vendors, 'std' => $activity->vendor_id, 'validate' => 'required', 'filter' => 'trim|sanitize_string', 'param' => 'i'));
if (isset($_POST['submit'])) {
$gump = new GUMP();
foreach ($_POST['form'] as $k => $v) {
//update the std value for form output below
$fields[$k]['std'] = $v;
if (!empty($fields[$k]['validate'])) {
$validate[$k] = $fields[$k]['validate'];
}
if (!empty($fields[$k]['filter'])) {
$filter[$k] = $fields[$k]['filter'];
}
}
$error_text = '';
$gump->validation_rules($validate);
$gump->filter_rules($filter);
$validated_data = $gump->run($_POST['form']);
if ($form_type == 'insert' && activity_folder_exists($validated_data['folder'])) {
$validated_data = false;
$error_text .= 'Folder already exists. Please choose another folder name.<br />';
}
if ($validated_data === false) {
$errors = $gump->get_readable_errors(false);
foreach ($errors as $error) {
$error_text .= $error . '<br />';
}
echo edgimo_error($error_text);
} else {
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit;
}
if ($validated_data['url'] == '') {
$validated_data['url'] = 'http://ashpadvantagemedia.com/' . $validated_data['folder'];
}
if ($form_type == 'update') {
$query = $mysqli->prepare("UPDATE ashp_activities SET title=?, url=?, folder=?, sponsor=?, type_id=?, director_id=?, manager_id=?, vendor_id=?, live_website=?, has_live=? WHERE activity_id=?");
$query->bind_param('ssssiiiiiss', $validated_data['title'], $validated_data['url'], $validated_data['folder'], $validated_data['sponsor'], $validated_data['type_id'], $validated_data['director_id'], $validated_data['manager_id'], $validated_data['vendor_id'], $validated_data['live_website'], $validated_data['has_live'], $activity_id);
echo edgimo_success('Activity details have been updated.');
$query->execute();
$query->close();
echo '<script>edgimo_redirect("edit.php?table=ashp_activities&id=' . $activity_id . '");</script>';
}
if ($form_type == 'insert') {
$query = $mysqli->prepare("INSERT INTO ashp_activities (title, url, folder, sponsor, type_id, director_id, manager_id, vendor_id, live_website, has_live) VALUES (?,?,?,?,?,?,?,?,?,?)");
$query->bind_param('ssssiiiiss', $validated_data['title'], $validated_data['url'], $validated_data['folder'], $validated_data['sponsor'], $validated_data['type_id'], $validated_data['director_id'], $validated_data['manager_id'], $validated_data['vendor_id'], $validated_data['live_website'], $validated_data['has_live']);
$query->execute();
$query->close();
$activity_id = $mysqli->query("SELECT activity_id FROM ashp_activities WHERE title = '{$validated_data['title']}'");
$vars = $activity_id->fetch_array(MYSQLI_ASSOC);
$activity_id = $vars['activity_id'];
$insert_fields = array_merge($backend->get_fields(0, $validated_data['has_live']), $backend->get_fields($validated_data['type_id'], $validated_data['has_live']));
foreach ($insert_fields as $field) {
if (strstr($field['copy'], '{{LIVE_OPTIONS}}')) {
$field['copy'] = live_options_replace($field['copy'], $validated_data['has_live']);
}
$query = $mysqli->prepare("INSERT INTO ashp_activity_content (activity_id, field_id, heading, copy, field_type, hook_name) VALUES (?,?,?,?,?,?)");
$query->bind_param('iissss', $activity_id, $field['field_id'], $field['heading'], $field['copy'], $field['field_type'], $field['hook_name']);
$query->execute();
$query->close();
}
create_site($validated_data['folder'], $activity_id);
echo edgimo_success('New activity created.');
echo '<script>edgimo_redirect("edit.php?table=ashp_activities&id=' . $activity_id . '");</script>';
}
}
}
$html .= '<form class="form-horizontal" role="form" method="post">';
foreach ($fields as $field) {
isset($errors) && array_key_exists($field['var'], $errors) ? $error = 'has-error' : ($error = '');
$html .= '<div class="form-group ' . $error . '">';
switch ($field['type']) {
case 'text':
if (!isset($type)) {
$type = 'text';
}
$html .= '
<label class="col-lg-2 control-label" for="form[' . $field['var'] . ']">' . $field['label'] . '</label>
<div class="col-lg-6">
<input class="form-control" type="' . $type . '" name="form[' . $field['var'] . ']" value="' . $field['std'] . '">
</div>';
break;
case 'select':
$html .= '
<label class="col-lg-2 control-label" for="form[' . $field['var'] . ']">' . $field['label'] . '</label>
<div class="col-lg-6">
<select class="form-control" name="form[' . $field['var'] . ']">';
foreach ($field['options'] as $option) {
$field['std'] == $option[0] ? $selected = 'selected' : ($selected = '');
$html .= '<option ' . $selected . ' value="' . $option[0] . '">' . $option[1] . '</option>';
}
$html .= '</select>
</div>';
break;
case 'radio':
$html .= '
<label class="col-lg-2 control-label" for="form[' . $field['var'] . ']">' . $field['label'] . '</label>
<div class="col-lg-6">
';
foreach ($field['options'] as $option) {
$field['std'] == $option ? $checked = 'checked' : ($checked = '');
$html .= '
<div class="radio-inline">
<label>
<input type="radio" name="form[' . $field['var'] . ']" value="' . $option . '" ' . $checked . '>
' . ucfirst($option) . '
</label>
</div>';
}
$html .= '
</div>';
break;
}
$html .= '
<div class="col-lg-4">
<p class="description">' . $field['desc'] . '</p>
</div>
</div>';
}
$html .= '
<hr>
<div class="form-group">
<div class="col-lg-6 col-lg-offset-2">
<button type="submit" class="btn btn-primary" name="submit">Submit</button>
</div>
</div>
</form>
';
return $html;
}
} else {
if ($_POST['btn'] === 'Passwort aendern') {
$tpl->assign('tpl_name', 'edit_pw.tpl');
} else {
if ($_POST['btn'] === 'Passwort speichern') {
$data = get_player_info($_SESSION['user']);
if (password_verify($_POST['old'], $data['password'])) {
update_player_info($_SESSION['user'], 'password="******"');
create_site($tpl);
} else {
if ($_POST['btn'] === 'change') {
$tpl->assign('tpl_name', 'edit_pw.tpl');
} else {
if ($_POST['btn'] === 'save_pw') {
$data = get_player_info($_SESSION['user']);
if (password_verify($_POST['old'], $data['password'])) {
update_player_info($_SESSION['user'], 'password="******"');
create_site($tpl);
} else {
$tpl->assign('tpl_name', 'edit_pw.tpl');
echo "Das alte Passwort war nicht korrekt";
}
}
}
}
}
}
}
} else {
create_site($tpl);
}
}
else
$msg = '';
// Lecture des paramètres passés à la page
$id_site = isset($_POST['id']) ? $_POST['id'] : (isset($_GET['id']) ? $_GET['id'] : NULL);
$action = isset($_POST['action']) ? $_POST['action'] : (isset($_GET['action']) ? $_GET['action'] : NULL);
if ($action == NULL)
$action='read';
// SWITCH sur l'action (CRUD)
switch($action)
{
case 'create':
create_site($id_site);
break;
case 'read':
read_sites();
break;
case 'update':
update_site($id_site);
break;
case 'delete':
delete_site($id_site);
break;
case 'right':
check_right($id_site);
break;
default:
read_sites();