} //end if is_array } else { if (isset($_POST["form_token"]) && !validateTokenField($_POST)) { //if the security validation failed. display/store the error: //'The request could not be completed: security check failed!' } else { //there was no POST DATA } } if (isset($_GET['id'])) { //gets the familyid passed down by the family profile search and when the profile is selected(clicked) $familyID = sanitize($_GET['id']); $familyProfile = retrieve_FamilyProfile($familyID); if ($familyProfile) { makeReservation($familyProfile); } else { $content = "not found"; } } function makeReservation($familyProfile) { error_log("in make reservation"); } //end makeReservation ?> <?php include ROOT_DIR . '/footer.php'; ?> ?>
$id = $_GET['id']; $date = $_GET['date']; $start_time = $_GET['start_time']; $cat_to_show = $_GET['cat_to_show']; $grade_to_show = $_GET['grade_to_show']; $result = deleteReservation($id); echo json_encode($result); } if (isset($_GET['make'])) { $id = $_GET['id']; $boat_id = $_GET['boat_id']; $pname = $_GET['pname']; $name = $_GET['name']; $email = $_GET['email']; $mpb = $_GET['mpb']; $date = $_GET['date']; $start_time_hrs = $_GET['start_time_hrs']; $start_time_mins = $_GET['start_time_mins']; $end_time_hrs = $_GET['end_time_hrs']; $end_time_mins = $_GET['end_time_mins']; $ergo_lo = $_GET['ergo_lo']; if ($ergo_lo == "") { $ergo_lo = 0; } $ergo_hi = $_GET['ergo_hi']; if ($ergo_hi == "") { $ergo_hi = 0; } $result = makeReservation($id, $boat_id, $pname, $name, $email, $mpb, $date, $start_time_hrs, $start_time_mins, $end_time_hrs, $end_time_mins, $ergo_lo, $ergo_hi); echo json_encode($result); }
$firstday = date('z', strtotime('01-06-' . $year)); $lastday = date('z', strtotime('1-10-' . $year)); } $today = date('z') - $firstday; if ($_SERVER['REQUEST_METHOD'] == 'POST') { $username = "******"; $password = "******"; $hostname = "localhost"; $dbhandle = mysqli_connect($hostname, $username, $password) or die("Impossibile connettersi al server. Contatta il webmaster (Codice C1))"); $selected = mysqli_select_db($dbhandle, "6786_prenotazioni") or die("Errore di connessione al server. Contatta il webmaster (Codice D1)"); try { if (isset($_POST['delbooking'])) { deleteReservation($dbhandle, (int) $_POST['prenid']); } else { if (isset($_POST['newbooking'])) { $last_prenid = makeReservation($dbhandle, $year); $open = 1; } else { updateReservation($dbhandle, (int) $_POST['prenid'], $year); $last_prenid = (int) $_POST['prenid']; } } } catch (Exception $e) { $error = true; $error_message = $e->getMessage(); } } // *************** MAKE RESERVATION ******************************* function makeReservation($dbhandle, $year) { $validData = validate($dbhandle, $year);
$sql = "INSERT INTO customers (customerFullName,\r\n customerGender,\r\n customerAdress, \r\n customerCountry, \r\n customerCategory, \r\n customerEmail, \r\n customerDateFrom, \r\n customerDateTo) VALUES ('{$reservationInputFullNameS}',\r\n '{$reservationInputGenderS}',\r\n '{$reservationInputAdressS}', \r\n '{$reservationInputCountryS}', \r\n '{$reservationInputCategoryS}', \r\n '{$reservationInputEmailS}', \r\n '{$reservationInputDateFromS}', \r\n '{$reservationInputDateToS}');"; mysql_query($sql, $conn); mysql_close($conn); } if (isset($_POST['$reservationInputSubmit'])) { // Gegevens invoer formulier. $reservationInputFullNameS = $_POST['reservationInputFullName']; $reservationInputGenderS = $_POST['reservationInputGender']; $reservationInputAdressS = $_POST['reservationInputAdress']; $reservationInputCountryS = $_POST['reservationInputCountry']; $reservationInputEmailS = $_POST['reservationInputEmail']; $reservationInputCategoryS = $_POST['reservationInputCategory']; $reservationInputDateFromS = $_POST['reservationInputDateFrom']; $reservationInputDateToS = $_POST['reservationInputDateTo']; $reservationInputSubmitS = $_POST['reservationInputSubmit']; makeReservation(); } else { null; } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <link rel="icon" href="../../favicon.ico"> <title>Hotel California</title> <link href="bootstrap.min.css" rel="stylesheet">
function handlePostRequest($data) { $fail_msg = ""; $res_id = $data['res_id']; $boat_id = $data['boat_id']; $name = $data['name']; $team_name = $data['team_name']; $email = $data['email']; $mpb = $data['mpb']; $date = $data['date']; $start_time_hrs = $data['start_time_hrs']; $start_time_mins = $data['start_time_mins']; $end_time_hrs = $data['end_time_hrs']; $end_time_mins = $data['end_time_mins']; $ergo_lo = $data['ergo_lo']; if ($ergo_lo == "") { $ergo_lo = 0; } $ergo_hi = $data['ergo_hi']; if ($ergo_hi == "") { $ergo_hi = 0; } $response = makeReservation($res_id, $boat_id, $name, $team_name, $email, $mpb, $date, $start_time_hrs, $start_time_mins, $end_time_hrs, $end_time_mins, $ergo_lo, $ergo_hi); sendResponse(200, json_encode($response), 'application/json'); }
$breadcrumbs->addElement($room['title'], makeURL($mod, array('roomid' => $roomid))); $breadcrumbs->addElement($lang->get('room_remove'), makeURL($mod, array('roomid' => $roomid, 'mode' => 'remove'))); $smarty->assign('url_no', makeURL($mod, array('roomid' => $roomid, 'mode' => 'edit'))); } break; default: $userid = $login->currentUserId(); $event = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'events', "*", "eventid=" . $room['eventid']); $dummy = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'register', '*', "userid=" . $userid . " AND eventid=" . $room['eventid']); $isallowedtoreserve = $event['free'] == 1 && $login->currentUser() !== false || $dummy['payed'] > 0; $isallowedtositdown = $dummy['appeared'] != 0; if (isset($_POST['reserve'])) { if (isSittingAlready($room['eventid'], 13, $userid)) { undoReservation($userid, $room['eventid']); } makeReservation($userid, $_GET['roomid'], $_POST['x'], $_POST['y']); } if (isset($_POST['unreserve'])) { undoReservation($userid, $room['eventid']); } if (isset($_POST['sitdown'])) { if (isSittingAlready($room['eventid'], 11, $userid)) { standUp($userid, $room['eventid']); } if (isSittingAlready($room['eventid'], 13, $userid)) { undoReservation($userid, $room['eventid']); } sitDown($userid, $_GET['roomid'], $_POST['x'], $_POST['y']); } if (isset($_POST['standup'])) { standUp($userid, $room['eventid']);
function seatUser($roomid, $eventid, $x, $y, $userid) { global $db; $userid = $userid <= 0 ? -1 : $userid; $exists = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'users', "*", "userid=" . secureMySQL((int) $userid)); if (!$exists) { return "seating_nosuchuser"; } if (isSittingAlready($eventid, 11, $userid)) { standUp($userid, $eventid); } if (isSittingAlready($eventid, 13, $userid)) { undoReservation($userid, $eventid); } $event = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'events', "*", "eventid=" . (int) $eventid); $dummy = $db->selectOneRow(MYSQL_TABLE_PREFIX . 'register', '*', "userid=" . (int) $userid . " AND eventid=" . (int) $eventid); $isallowedtoreserve = ($event['free'] == 1 or $dummy['payed'] > 0); $isallowedtositdown = $dummy['appeared'] != 0; if ($isallowedtositdown) { sitDown($userid, $roomid, $x, $y); return "seating_seated"; } elseif ($isallowedtoreserve) { makeReservation($userid, $roomid, $x, $y); return "seating_reserved"; } return "seating_notpayed"; }