$amountArr = json_decode($_POST['amounts']);
$descriptionArr = json_decode($_POST['descriptions']);
$sendArr = json_decode($_POST['sendEmails']);
$typeArr = json_decode($_POST['types']);
$semArr = json_decode($_POST['semesters']);
$count = 0;
foreach ($emailArr as $email) {
if ($email == '') {
continue;
}
// Ignore transactions with nobody
if (!mysql_query("insert into transaction (memberID, choir, amount, description, semester, type) values ('" . mysql_escape_string($email) . "', '{$CHOIR}', '" . mysql_escape_string($amountArr[$count]) . "','" . mysql_escape_string($descriptionArr[$count]) . "', '" . mysql_escape_string($semArr[$count]) . "', '" . mysql_escape_string($typeArr[$count]) . "')")) {
die(mysql_error());
}
if ($sendArr[$count]) {
$name = fullNameFromEmail(mysql_real_escape_string($email));
$msg = "Keep this receipt for your records.";
$msg .= "<br />Name: " . $name;
$msg .= "<br />Semester: " . $semArr[$count];
$result = mysql_fetch_array(mysql_query("select `name` from `transacType` where `id` = '" . $typeArr[$count] . "'"));
$msg .= "<br />Category: " . $result['name'];
$msg .= "<br />Amount: " . $amountArr[$count];
$msg .= "<br />Description: " . $descriptionArr[$count];
$msg .= "<br />Date: " . date('l jS \\of F Y');
//$msg .= "<br />Hash (for Treasurer's use): " . encrypt($d);
$title = choirname($CHOIR) . " Receipt";
$headers = 'MIME-Version: 1.0' . "\n";
$headers .= 'Content-type: text/html; charset=iso-8859-1' . "\n";
mail($treasurerEmail . ', ' . $email, $title, $msg, $headers);
}
$count++;
<?php
require_once './functions.php';
if (!isset($_POST['eventNo'])) {
die("No event number provided");
}
$eventNo = mysql_real_escape_string($_POST['eventNo']);
$replacement = mysql_real_escape_string($_POST['replacement']);
$reason = mysql_real_escape_string($_POST['reason']);
//if they didn't specify a reason, don't let them off the hook
if ($reason == "") {
die("You need a reason. Try again.<br><div class='btn' id='retryAbsenceButton' value='{$eventNo}'>try again</div>");
}
$attendanceOfficers = implode(", ", getPosition("Vice President")) . ", " . implode(", ", getPosition("President"));
# TODO Check for duplicate queries and display an error message if a request has already been submitted for this event
if (!mysql_query("insert into `absencerequest` (reason,memberID,eventNo) values ('{$reason}','{$USER}','{$eventNo}')")) {
die("Query failed: " . mysql_error());
}
$mail = sendMessageEmail($attendanceOfficers, $USER, 'Name: ' . fullNameFromEmail($USER) . '<br>Event: ' . getEventName($eventNo) . '<br>Reason: ' . $reason, 'Absence Request on Gree-C-Web');
echo "<p>Your request has been submitted. You lazy bum!</p>";
function tie_form($memberID)
{
global $SEMESTER;
$tie = 0;
$query = mysql_query("select `tie` from `tieBorrow` where `member` = '{$memberID}' and `dateIn` is null");
$result = mysql_fetch_array($query);
if (mysql_num_rows($query) != 0) {
$tie = $result['tie'];
}
$head = fullNameFromEmail($memberID) . ' ';
$form = '';
if ($tie == 0) {
$head .= "does not have a tie checked out.";
$form = "Check out tie number <input type='text' class='tienum' style='width: 40px; margin-bottom: 1px'><span class='spacer'></span><button type='button' class='btn tie_checkout' data-member='{$memberID}'>Submit</button>";
} elseif ($tie > 0) {
$head .= "has tie <span style='font-weight: bold'>{$tie}</span> checked out.";
$form = "<button type='button' class='btn tie_return' data-member='{$memberID}'>Return</button>";
} elseif ($tie < 0) {
$head .= "is a tie thief.";
$form = "<button type='button' class='btn tie_return' data-member='{$memberID}'>Resolve</button>";
}
$sql = "select sum(`amount`) as `balance` from `transaction` where `memberID` = '{$memberID}' and `type` = 'deposit'";
$result = mysql_fetch_array(mysql_query($sql));
$balance = $result['balance'];
if ($balance == '') {
$balance = 0;
}
$deposit = "<span style='color: red'>unpaid</span>";
if ($balance >= fee("tie")) {
$deposit = "<span style='color: green'>paid</span>";
}
return "{$head}<br>Tie deposit: {$deposit}<br><br>{$form}";
}
if (!mysql_query("delete from `tieBorrow` where `id` = '{$id}'")) {
die(mysql_error());
}
echo "OK";
} else {
if ($action == 'history') {
if (!isset($_POST['tie'])) {
die('MISSING_ARG');
}
$results = mysql_query("select `id`, `member`, `dateOut`, `dateIn` from `tieBorrow` where `tie` = '{$tie}' order by `dateOut` asc");
if (!$results) {
die(mysql_error());
}
echo "<table><tr><th></th><th>Member</th><th>Date Borrowed</th><th>Date Returned</th></tr>";
while ($row = mysql_fetch_array($results)) {
echo "<tr><td><button type='button' class='btn btn-link hist_del' data-id='{$row['id']}'><i class='icon-remove'></i></button></td><td>" . fullNameFromEmail($row['member']) . "</td><td>{$row['dateOut']}</td><td>" . ($row['dateIn'] == '' ? '--' : $row['dateIn']) . "</td></tr>";
}
echo "</table>";
} else {
if ($action == 'editform') {
if (!isset($_POST['tie'])) {
die('MISSING_ARG');
}
$tiearr = mysql_fetch_array(mysql_query("select * from `tie` where `id` = '{$tie}'"));
echo "<form class='form-horizontal' id='tie_form'>";
echo "<div class='control-group'><label class='control-label'>Number</label><div class='controls'><input type='number' id='tie_num' value='{$tiearr['id']}'></div></div>";
echo "<div class='control-group'><label class='control-label'>Status</label><div class='controls'>";
echo "<select id='tie_status'>";
$result = mysql_query("select `name` from `tieStatus`");
while ($row = mysql_fetch_array($result)) {
echo "<option value='{$row['name']}'" . ($tiearr['status'] == $row['name'] ? " selected" : "") . ">{$row['name']}</option>";
