}
//end if is_array
} else {
if (isset($_POST["form_token"]) && !validateTokenField($_POST)) {
//if the security validation failed. display/store the error:
//'The request could not be completed: security check failed!'
} else {
//there was no POST DATA
}
}
if (isset($_GET['id'])) {
//gets the familyid passed down by the family profile search and when the profile is selected(clicked)
$familyID = sanitize($_GET['id']);
$familyProfile = retrieve_FamilyProfile($familyID);
if ($familyProfile) {
makeReservation($familyProfile);
} else {
$content = "not found";
}
}
function makeReservation($familyProfile)
{
error_log("in make reservation");
}
//end makeReservation
?>
<?php
include ROOT_DIR . '/footer.php';
?>
?>
$id = $_GET['id'];
$date = $_GET['date'];
$start_time = $_GET['start_time'];
$cat_to_show = $_GET['cat_to_show'];
$grade_to_show = $_GET['grade_to_show'];
$result = deleteReservation($id);
echo json_encode($result);
}
if (isset($_GET['make'])) {
$id = $_GET['id'];
$boat_id = $_GET['boat_id'];
$pname = $_GET['pname'];
$name = $_GET['name'];
$email = $_GET['email'];
$mpb = $_GET['mpb'];
$date = $_GET['date'];
$start_time_hrs = $_GET['start_time_hrs'];
$start_time_mins = $_GET['start_time_mins'];
$end_time_hrs = $_GET['end_time_hrs'];
$end_time_mins = $_GET['end_time_mins'];
$ergo_lo = $_GET['ergo_lo'];
if ($ergo_lo == "") {
$ergo_lo = 0;
}
$ergo_hi = $_GET['ergo_hi'];
if ($ergo_hi == "") {
$ergo_hi = 0;
}
$result = makeReservation($id, $boat_id, $pname, $name, $email, $mpb, $date, $start_time_hrs, $start_time_mins, $end_time_hrs, $end_time_mins, $ergo_lo, $ergo_hi);
echo json_encode($result);
}
$firstday = date('z', strtotime('01-06-' . $year));
$lastday = date('z', strtotime('1-10-' . $year));
}
$today = date('z') - $firstday;
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$username = "******";
$password = "******";
$hostname = "localhost";
$dbhandle = mysqli_connect($hostname, $username, $password) or die("Impossibile connettersi al server. Contatta il webmaster (Codice C1))");
$selected = mysqli_select_db($dbhandle, "6786_prenotazioni") or die("Errore di connessione al server. Contatta il webmaster (Codice D1)");
try {
if (isset($_POST['delbooking'])) {
deleteReservation($dbhandle, (int) $_POST['prenid']);
} else {
if (isset($_POST['newbooking'])) {
$last_prenid = makeReservation($dbhandle, $year);
$open = 1;
} else {
updateReservation($dbhandle, (int) $_POST['prenid'], $year);
$last_prenid = (int) $_POST['prenid'];
}
}
} catch (Exception $e) {
$error = true;
$error_message = $e->getMessage();
}
}
// *************** MAKE RESERVATION *******************************
function makeReservation($dbhandle, $year)
{
$validData = validate($dbhandle, $year);
$sql = "INSERT INTO customers (customerFullName,\r\n customerGender,\r\n customerAdress, \r\n customerCountry, \r\n customerCategory, \r\n customerEmail, \r\n customerDateFrom, \r\n customerDateTo) VALUES ('{$reservationInputFullNameS}',\r\n '{$reservationInputGenderS}',\r\n '{$reservationInputAdressS}', \r\n '{$reservationInputCountryS}', \r\n '{$reservationInputCategoryS}', \r\n '{$reservationInputEmailS}', \r\n '{$reservationInputDateFromS}', \r\n '{$reservationInputDateToS}');";
mysql_query($sql, $conn);
mysql_close($conn);
}
if (isset($_POST['$reservationInputSubmit'])) {
// Gegevens invoer formulier.
$reservationInputFullNameS = $_POST['reservationInputFullName'];
$reservationInputGenderS = $_POST['reservationInputGender'];
$reservationInputAdressS = $_POST['reservationInputAdress'];
$reservationInputCountryS = $_POST['reservationInputCountry'];
$reservationInputEmailS = $_POST['reservationInputEmail'];
$reservationInputCategoryS = $_POST['reservationInputCategory'];
$reservationInputDateFromS = $_POST['reservationInputDateFrom'];
$reservationInputDateToS = $_POST['reservationInputDateTo'];
$reservationInputSubmitS = $_POST['reservationInputSubmit'];
makeReservation();
} else {
null;
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">
<meta name="author" content="">
<link rel="icon" href="../../favicon.ico">
<title>Hotel California</title>
<link href="bootstrap.min.css" rel="stylesheet">
function handlePostRequest($data)
{
$fail_msg = "";
$res_id = $data['res_id'];
$boat_id = $data['boat_id'];
$name = $data['name'];
$team_name = $data['team_name'];
$email = $data['email'];
$mpb = $data['mpb'];
$date = $data['date'];
$start_time_hrs = $data['start_time_hrs'];
$start_time_mins = $data['start_time_mins'];
$end_time_hrs = $data['end_time_hrs'];
$end_time_mins = $data['end_time_mins'];
$ergo_lo = $data['ergo_lo'];
if ($ergo_lo == "") {
$ergo_lo = 0;
}
$ergo_hi = $data['ergo_hi'];
if ($ergo_hi == "") {
$ergo_hi = 0;
}
$response = makeReservation($res_id, $boat_id, $name, $team_name, $email, $mpb, $date, $start_time_hrs, $start_time_mins, $end_time_hrs, $end_time_mins, $ergo_lo, $ergo_hi);
sendResponse(200, json_encode($response), 'application/json');
}
$breadcrumbs->addElement($room['title'], makeURL($mod, array('roomid' => $roomid)));
$breadcrumbs->addElement($lang->get('room_remove'), makeURL($mod, array('roomid' => $roomid, 'mode' => 'remove')));
$smarty->assign('url_no', makeURL($mod, array('roomid' => $roomid, 'mode' => 'edit')));
}
break;
default:
$userid = $login->currentUserId();
$event = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'events', "*", "eventid=" . $room['eventid']);
$dummy = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'register', '*', "userid=" . $userid . " AND eventid=" . $room['eventid']);
$isallowedtoreserve = $event['free'] == 1 && $login->currentUser() !== false || $dummy['payed'] > 0;
$isallowedtositdown = $dummy['appeared'] != 0;
if (isset($_POST['reserve'])) {
if (isSittingAlready($room['eventid'], 13, $userid)) {
undoReservation($userid, $room['eventid']);
}
makeReservation($userid, $_GET['roomid'], $_POST['x'], $_POST['y']);
}
if (isset($_POST['unreserve'])) {
undoReservation($userid, $room['eventid']);
}
if (isset($_POST['sitdown'])) {
if (isSittingAlready($room['eventid'], 11, $userid)) {
standUp($userid, $room['eventid']);
}
if (isSittingAlready($room['eventid'], 13, $userid)) {
undoReservation($userid, $room['eventid']);
}
sitDown($userid, $_GET['roomid'], $_POST['x'], $_POST['y']);
}
if (isset($_POST['standup'])) {
standUp($userid, $room['eventid']);
function seatUser($roomid, $eventid, $x, $y, $userid)
{
global $db;
$userid = $userid <= 0 ? -1 : $userid;
$exists = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'users', "*", "userid=" . secureMySQL((int) $userid));
if (!$exists) {
return "seating_nosuchuser";
}
if (isSittingAlready($eventid, 11, $userid)) {
standUp($userid, $eventid);
}
if (isSittingAlready($eventid, 13, $userid)) {
undoReservation($userid, $eventid);
}
$event = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'events', "*", "eventid=" . (int) $eventid);
$dummy = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'register', '*', "userid=" . (int) $userid . " AND eventid=" . (int) $eventid);
$isallowedtoreserve = ($event['free'] == 1 or $dummy['payed'] > 0);
$isallowedtositdown = $dummy['appeared'] != 0;
if ($isallowedtositdown) {
sitDown($userid, $roomid, $x, $y);
return "seating_seated";
} elseif ($isallowedtoreserve) {
makeReservation($userid, $roomid, $x, $y);
return "seating_reserved";
}
return "seating_notpayed";
}
