function event_delete()
{
global $config;
if (!is_user() && $config['anon_permission'] < 2) {
soft_error(_('You do not have permission to delete events.'));
}
$del_array = explode('&', $_SERVER['QUERY_STRING']);
$html = tag('div', attributes('class="box"', 'style="width: 50%"'));
$ids = 0;
foreach ($del_array as $del_value) {
list($drop, $id) = explode("=", $del_value);
if (preg_match('/^id$/', $drop) == 0) {
continue;
}
$ids++;
$event = get_event_by_id($id);
if (!check_user($event['uid']) && $config['anon_permission'] < 2) {
$html->add(tag('p', _('You do not have permission to remove item') . ": {$id}"));
continue;
}
if (remove_event($id)) {
$html->add(tag('p', _('Removed item') . ": {$id}"));
} else {
$html->add(tag('p', _('Could not remove item') . ": {$id}"));
}
}
if ($ids == 0) {
$html->add(tag('p', _('No items selected.')));
}
return $html;
}
function get_selected_event()
{
global $sel_event;
if (isset($_GET['eve'])) {
$sel_event = get_event_by_id($_GET['eve']);
} else {
$sel_event = NULL;
}
}
function display_id($id)
{
global $db, $year, $month, $day, $config;
$row = get_event_by_id($id);
$year = $row['year'];
$month = $row['month'];
$day = $row['day'];
$time_str = formatted_time_string($row['starttime'], $row['eventtype']);
$date_str = formatted_date_string($row['year'], $row['month'], $row['day'], $row['end_year'], $row['end_month'], $row['end_day']);
$dur_str = get_duration($row['duration'], $row['eventtype']);
$subject = htmlspecialchars(strip_tags(stripslashes($row['subject'])));
if (empty($subject)) {
$subject = _('(No subject)');
}
$name = stripslashes($row['username']);
$desc = parse_desc($row['description']);
if (check_user($row['uid']) || $config['anon_permission'] >= 2) {
return tag('div', attributes('class="phpc-main"'), tag('h2', $subject), tag('div', 'by ', tag('cite', $name)), tag('div', create_id_link(_('Modify'), 'event_form', $id), "\n", create_id_link(_('Delete'), 'event_delete', $id)), tag('div', tag('div', _('Date') . ": {$date_str}"), tag('div', _('Time') . ": {$time_str}"), tag('div', _('Duration') . ": {$dur_str}")), tag('p', $desc));
} else {
return tag('div', attributes('class="phpc-main"'), tag('h2', $subject), tag('div', 'by ', tag('cite', $name)), tag('div', tag('div', _('Date') . ": {$date_str}"), tag('div', _('Time') . ": {$time_str}"), tag('div', _('Duration') . ": {$dur_str}")), tag('p', $desc));
}
}
function event_submit()
{
global $calendar_name, $day, $month, $year, $db, $vars, $config, $phpc_script;
/* Validate input */
if (isset($vars['id'])) {
$id = $vars['id'];
$modify = 1;
} else {
$modify = 0;
}
if (isset($vars['description'])) {
$description = $vars['description'];
} else {
$description = '';
}
if (isset($vars['subject'])) {
$subject = $vars['subject'];
} else {
$subject = '';
}
if (empty($vars['day'])) {
soft_error(_('No day was given.'));
}
if (empty($vars['month'])) {
soft_error(_('No month was given.'));
}
if (empty($vars['year'])) {
soft_error(_('No year was given'));
}
if (isset($vars['hour'])) {
$hour = $vars['hour'];
} else {
soft_error(_('No hour was given.'));
}
if (!$config['hours_24']) {
if (array_key_exists('pm', $vars) && $vars['pm']) {
if ($hour < 12) {
$hour += 12;
}
} elseif ($hour == 12) {
$hour = 0;
}
}
if (array_key_exists('minute', $vars)) {
$minute = $vars['minute'];
} else {
soft_error(_('No minute was given.'));
}
if (isset($vars['durationmin'])) {
$duration_min = $vars['durationmin'];
} else {
soft_error(_('No duration minute was given.'));
}
if (isset($vars['durationhour'])) {
$duration_hour = $vars['durationhour'];
} else {
soft_error(_('No duration hour was given.'));
}
if (isset($vars['typeofevent'])) {
$typeofevent = $vars['typeofevent'];
} else {
soft_error(_('No type of event was given.'));
}
if (isset($vars['multiday']) && $vars['multiday'] == '1') {
if (isset($vars['endday'])) {
$end_day = $vars['endday'];
} else {
soft_error(_('No end day was given'));
}
if (isset($vars['endmonth'])) {
$end_month = $vars['endmonth'];
} else {
soft_error(_('No end month was given'));
}
if (isset($vars['endyear'])) {
$end_year = $vars['endyear'];
} else {
soft_error(_('No end year was given'));
}
} else {
$end_day = $day;
$end_month = $month;
$end_year = $year;
}
if (strlen($subject) > $config['subject_max']) {
soft_error(_('Your subject was too long') . ". {$config['subject_max']} " . _('characters max') . ".");
}
$startstamp = mktime($hour, $minute, 0, $month, $day, $year);
$endstamp = mktime(0, 0, 0, $end_month, $end_day, $end_year);
if ($endstamp < mktime(0, 0, 0, $month, $day, $year)) {
soft_error(_('The start of the event cannot be after the end of the event.'));
}
$startdate = $db->DBDate($startstamp);
$starttime = $db->DBDate(date("Y-m-d H:i:s", $startstamp));
$enddate = $db->DBDate($endstamp);
$duration = $duration_hour * 60 + $duration_min;
$table = SQL_PREFIX . 'events';
if ($modify) {
$event = get_event_by_id($id);
if (!check_user($event['uid']) && $config['anon_permission'] < 2) {
soft_error(_('You do not have permission to modify this event.'));
}
$query = "UPDATE {$table}\n" . "SET startdate={$startdate},\n" . "enddate={$enddate},\n" . "starttime={$starttime},\n" . "duration='{$duration}',\n" . "subject='{$subject}',\n" . "description='{$description}',\n" . "eventtype='{$typeofevent}'\n" . "WHERE id='{$id}'";
} else {
if (!is_user() && $config['anon_permission'] < 1) {
soft_error(_('You do not have permission to post.'));
}
$id = $db->GenID(SQL_PREFIX . 'sequence');
$query = "INSERT INTO {$table}\n" . "(id, uid, startdate, enddate, starttime, duration," . " subject, description, eventtype, calendar)\n" . "VALUES ({$id}, '{$_SESSION["uid{$calendar_name}"]}', " . "{$startdate}, {$enddate}, {$starttime}, '{$duration}', " . "'{$subject}', '{$description}', '{$typeofevent}', " . "'{$calendar_name}')";
}
$result = $db->Execute($query);
if (!$result) {
db_error(_('Error processing event'), $query);
}
$affected = $db->Affected_Rows($result);
if ($affected < 1) {
return tag('div', _('No changes were made.'));
}
session_write_close();
redirect("{$phpc_script}?action=display&id={$id}");
return tag('div', attributes('class="box"'), _('Date updated') . ": {$affected}");
}
function event_form()
{
global $vars, $day, $month, $year, $db, $config, $phpc_script, $month_names, $event_types;
if (isset($vars['id'])) {
// modifying
$id = $vars['id'];
$title = sprintf(_('Editing Event #%d'), $id);
$row = get_event_by_id($id);
$subject = htmlspecialchars(stripslashes($row['subject']));
$desc = htmlspecialchars(stripslashes($row['description']));
$year = $row['year'];
$month = $row['month'];
$day = $row['day'];
$hour = date('H', strtotime($row['starttime']));
$minute = date('i', strtotime($row['starttime']));
$end_year = $row['end_year'];
$end_month = $row['end_month'];
$end_day = $row['end_day'];
$durmin = $row['duration'] % 60;
$durhr = floor($row['duration'] / 60);
if (!$config['hours_24']) {
if ($hour > 12) {
$pm = true;
$hour = $hour - 12;
} elseif ($hour == 12) {
$pm = true;
} else {
$pm = false;
}
}
$typeofevent = $row['eventtype'];
$multiday = $year != $end_year || $month != $end_month || $day != $end_day;
} else {
// case "add":
$title = _('Adding event to calendar');
$subject = '';
$desc = '';
if ($day == date('j') && $month == date('n') && $year == date('Y')) {
if ($config['hours_24']) {
$hour = date('G');
} else {
$hour = date('g');
if (date('a') == 'pm') {
$pm = true;
} else {
$pm = false;
}
}
} else {
$hour = 6;
$pm = true;
}
$minute = 0;
$end_day = $day;
$end_month = $month;
$end_year = $year;
$durhr = 1;
$durmin = 0;
$typeofevent = 1;
$multiday = false;
}
if ($config['hours_24']) {
$hour_sequence = create_sequence(0, 23);
} else {
$hour_sequence = create_sequence(1, 12);
}
$minute_sequence = create_sequence(0, 59, 5, 'minute_pad');
$year_sequence = create_sequence(1970, 2037);
$html_time = tag('td', create_select('hour', $hour_sequence, $hour), tag('b', ':'), create_select('minute', $minute_sequence, $minute));
if (!$config['hours_24']) {
if ($pm) {
$value = 1;
} else {
$value = 0;
}
$html_time->add(create_select('pm', array(_('AM'), _('PM')), $value));
}
if (isset($id)) {
$input = create_hidden('id', $id);
} else {
$input = '';
}
$attributes = attributes('class="phpc-main"');
$day_of_month_sequence = create_sequence(1, 31);
return tag('form', attributes("action=\"{$phpc_script}\""), tag('table', $attributes, tag('caption', $title), tag('tfoot', tag('tr', tag('td', attributes('colspan="2"'), $input, create_submit(_("Submit Event")), create_hidden('action', 'event_submit')))), tag('tbody', tag('tr', tag('th', _('Date of event')), tag('td', create_select('day', $day_of_month_sequence, $day), create_select('month', $month_names, $month), create_select('year', $year_sequence, $year))), tag('tr', tag('th', _('Multiple day event')), tag('td', create_checkbox('multiday', '1', $multiday))), tag('tr', tag('th', _('End date (Multiple day events only)')), tag('td', create_select('endday', $day_of_month_sequence, $end_day), create_select('endmonth', $month_names, $end_month), create_select('endyear', $year_sequence, $end_year))), tag('tr', tag('th', _('Event type')), tag('td', create_select('typeofevent', $event_types, $typeofevent))), tag('tr', tag('th', _('Time')), $html_time), tag('tr', tag('th', _('Duration')), tag('td', create_select('durationhour', create_sequence(0, 23), $durhr), _('hour(s)') . "\n", create_select('durationmin', $minute_sequence, $durmin), _('minutes') . "\n")), tag('tr', tag('th', _('Subject') . ' (' . $config['subject_max'] . ' ' . _('chars max') . ')'), tag('td', tag('input', attributes('type="text"', "size=\"{$config['subject_max']}\"", "maxlength=\"{$config['subject_max']}\"", 'name="subject"', "value=\"{$subject}\"")))), tag('tr', tag('th', _('Description')), tag('td', tag('textarea', attributes('rows="5"', 'cols="50"', 'name="description"'), $desc))))));
}
function modify_event_action($session_uid, $id)
{
// needed to set the tab active
$extras_active = true;
$events_active = true;
//check if the user is admin
if (user_is_admin($session_uid)) {
$event = get_event_by_id($id);
// get all users uids
$uids = get_all_uids();
require 'templates/event.php';
} else {
require 'templates/login.php';
}
}
<?php
require_once "includes/session.php";
require_once "includes/connection.php";
require_once "includes/functions.php";
require_once "includes/form_functions.php";
require_once "includes/header.php";
if (is_null(check_login())) {
redirect_to("index.php");
}
$sel_event = get_event_by_id($_SESSION['event']);
if (!isset($sel_event)) {
redirect_to("index.php");
}
if (isset($_POST['submit'])) {
if (isset($_POST['content']) && !empty($_POST['content'])) {
$content = mysql_comment_prep($_POST["content"]);
$query = "INSERT INTO comments (\r\n\t \t\t\t\tuser_id, question_id, content, date_id\r\n\t \t\t\t\t) values (\r\n\t \t\t\t\t{$_SESSION['user_id']}, {$_SESSION['question']}, '{$content}', now()\r\n\t \t\t\t\t)";
if (mysql_query($query, $connection)) {
redirect_to("question.php?qes={$_SESSION['question']}");
} else {
//echo mysql_error();
echo "<p>Could not post!!</p>";
}
}
}
?>
<div class="content clearfix">
<div class="chapter grid_8 alpha">
<?php
if (!intval($_GET['qes'])) {
header('Location: mahasiswa-client.php');
}
} else {
if (isset($_POST["submitKomunitas"])) {
if ($_POST['captcha_input'] == $_SESSION['captcha']['code']) {
$value = addDataKomunitas($_POST["namalembaga"], $_POST["deskripsikomunitas"], $_POST["kategori"], $_POST["alamatkomunitas"], $_POST["lat"], $_POST["lng"], $_POST["cp"], $_POST["posisi"], $_POST["nomortelepon"], $_POST["website"], $_POST["medsos"], $_POST["linkgambar"]);
} else {
// Captcha salah
header('Location: komunitas-client.php');
}
} else {
if (isset($_GET["action"])) {
switch ($_GET["action"]) {
case "get_event":
if (isset($_GET["id"])) {
$value = get_event_by_id($_GET["id"]);
} else {
$value = "ERROR";
}
break;
case "get_all":
$value = get_event_all();
break;
case "get_datakader":
if (isset($_GET["nimkader"])) {
$value = get_datakader_by_nim($_GET["nimkader"]);
} else {
$value = "ERROR";
}
break;
case "get_komunitas":
