function pf_smallgroups()
{
global $wpdb;
global $table_prefix;
if (!isset($wpdb->pf_students)) {
$wpdb->pf_students = $table_prefix . 'pf_students';
}
//gets current user info
global $current_user;
get_currentuserinfo();
//gets current group
$current_group = get_user_meta($current_user->ID, 'pf_currentgroup', true);
$message = "";
//edit small groups
if (isset($_POST['Submit']) && $_POST['WhichForm'] == 'editsmallgroups') {
$students = $wpdb->get_results($wpdb->prepare("SELECT ID FROM {$wpdb->pf_students} WHERE groupID={$current_group} AND student_status=0"));
$validator = new FormValidator();
foreach ($students as $student) {
$validator->addValidation("smallgroup_" . $student->ID, "req", "Error: Small group name required.");
$validator->addValidation("smallgroup_" . $student->ID, "maxlen=20", "Error: Name of small group too long (max 20).");
$validator->addValidation("smallgroup_" . $student->ID, "alnum", "Error: Name of small group can be letters and numbers only.");
}
if ($validator->ValidateForm()) {
//update db
foreach ($students as $student) {
$wpdb->query($wpdb->prepare("\n UPDATE {$wpdb->pf_students} \n SET \n smallgroup='" . $_POST['smallgroup_' . $student->ID] . "'\n WHERE ID=" . $student->ID));
}
$message .= "Changes Saved";
} else {
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$message .= "{$inp_err}<br>\n";
}
}
}
//gets student info
$students = $wpdb->get_results($wpdb->prepare("SELECT student_firstname, student_lastname, smallgroup, ID FROM {$wpdb->pf_students} WHERE groupID={$current_group} AND student_status=0"));
echo "<font color=red>" . $message . "</font>";
if ($students) {
echo "<table>";
//headings of table
echo "<tr>\n <th>Student Name</th>\n <th>Small Group</th>\n </tr>";
echo "<form name='editsmallgroups' method='POST' action='' accept-charset='UTF-8'>";
foreach ($students as $student) {
echo "<tr>";
echo "<td>" . $student->student_firstname . " " . $student->student_lastname . "</td>";
echo "<td><input type='text' name='smallgroup_" . $student->ID . "' size='12' maxlength='20' value='" . $student->smallgroup . "'></td>";
echo "</tr>";
}
echo "<tr><td colspan=2 align=center>\n <input type='hidden' name='WhichForm' value='editsmallgroups'>\n <input type='submit' name='Submit' value='Save Changes'> \n </td></tr>\n </form>\n </table>";
} else {
echo "There are no students in this group.<br>Click <a href='/?page_id=54'>here</a> to add students.";
}
}
function ValidateRegistrationSubmission()
{
//This is a hidden input field. Humans won't fill this field.
if (!empty($_POST[$this->GetSpamTrapInputName()])) {
//The proper error is not given intentionally
$this->HandleError("Automated submission prevention: case 2 failed");
return false;
}
$validator = new FormValidator();
$validator->addValidation("name", "req", "Please fill in Name");
$validator->addValidation("email", "email", "The input for Email should be a valid email value");
$validator->addValidation("email", "req", "Please fill in Email");
$validator->addValidation("username", "req", "Please fill in UserName");
$validator->addValidation("password", "req", "Please fill in Password");
if (!$validator->ValidateForm()) {
$error = '';
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$error .= $inpname . ':' . $inp_err . "\n";
}
$this->HandleError($error);
return false;
}
return true;
}
if (isset($_POST['Update'])) {
$validator = new FormValidator();
$validator->addValidation("loginName", "req", "Please fill in login name");
$validator->addValidation("loginName", "alnum", "Please fill only alphanumeric characters for login name.");
$validator->addValidation("firstName", "req", "Please fill in first name");
$validator->addValidation("firstName", "alpha", "Please fill only aplphabets for first name");
$validator->addValidation("lastName", "req", "Please fill in last name");
$validator->addValidation("lastName", "alpha", "Please fill only alphabets for last name");
$validator->addValidation("address", "req", "Please fill in address");
$validator->addValidation("phoneNo", "req", "Please fill in phone number");
$validator->addValidation("phoneNo", "numeric", "Please fill only numeric values for phone number");
$validator->addValidation("passwordRecoveryQues", "req", "Please fill in password recovery question");
$validator->addValidation("passwordRecoveryAns", "req", "Please fill in password recovery answer");
$validator->addValidation("email", "email", "The input for email should be a valid email value");
$validator->addValidation("email", "req", "Please fill in email");
if ($validator->ValidateForm()) {
$_SESSION['action'] = "updateUser";
$user = new User();
$user->setUserId($_SESSION['userId']);
$user->setLoginId($user1->getLoginId());
$user->setPassword($_REQUEST["password"]);
$user->setFirstName($_REQUEST["firstName"]);
$user->setLastName($_REQUEST["lastName"]);
$user->setEmailId($_REQUEST["email"]);
$user->setAddress($_REQUEST["address"]);
$user->setPhoneNumber($_REQUEST["phoneNo"]);
$user->setSecurityAnswer($_REQUEST["passwordRecoveryQues"]);
$user->setSecurityQuestion($_REQUEST["passwordRecoveryAns"]);
$_SESSION['userToBeUpdated'] = serialize($user);
header("Location: ../controller/Controller.php");
} else {
$validator->addValidation("service_code", "varname", cw_get_langvar_by_name('msg_ab_err_wrong_servicecode_format'));
if (!$validator->ValidateForm($content_section)) {
cw_add_top_message($validator->GetErrors(), 'E');
cw_header_location('index.php?target=cms&edit=Y&mode=' . ($action == 'add_new_content_section' ? 'add' : 'update&contentsection_id=' . $contentsection_id));
}
// Warnings
$validator = new FormValidator();
$validator->addValidation("name", "req", cw_get_langvar_by_name('msg_ab_warn_empty_contentsection_name'));
if ($content_section['type'] == 'html' || $content_section['type'] == 'image') {
$validator->addValidation("url", "req", cw_get_langvar_by_name('msg_ab_warn_empty_contentsection_url'));
}
// $validator->addValidation("url","url",'Invalid URL');
if ($content_section['type'] == 'image') {
$validator->addValidation("alt", "req", cw_get_langvar_by_name('msg_ab_warn_empty_contentsection_alt_text'));
}
if (!$validator->ValidateForm($content_section)) {
cw_add_top_message($validator->GetErrors(), 'W');
}
unset($validator);
/*
* Insert or Update
*/
if ($action == 'add_new_content_section') {
$contentsection_id = cw_array2insert('cms', $content_section);
} elseif ($action == 'update_content_section') {
cw_array2update('cms', $content_section, "contentsection_id = '" . $contentsection_id . "'");
db_query("DELETE FROM {$tables['cms_restrictions']} WHERE contentsection_id = '" . $contentsection_id . "'");
}
$data = array('skin' => $content_section['skin']);
cw_array2update('cms', $data, "service_code = '" . addslashes($content_section['service_code']) . "'");
$presaved_content_section['contentsection_id'] = $contentsection_id;
function pf_students()
{
global $wpdb;
global $table_prefix;
if (!isset($wpdb->pf_students)) {
$wpdb->pf_students = $table_prefix . 'pf_students';
}
//gets current user info
global $current_user;
get_currentuserinfo();
//gets current group
$current_group = get_user_meta($current_user->ID, 'pf_currentgroup', true);
//gets groups for current user
$groups = pf_getgroups();
$message = "";
//add students
if (isset($_POST['Submit']) && $_POST['WhichForm'] == 'addstudents') {
$validator = new FormValidator();
$student->ID = "new";
require "validation_studentdata.php";
if ($validator->ValidateForm()) {
// add the new student
$newstudent = array($_POST['firstname_new'], $_POST['lastname_new'], $_POST['pass_new'], $_POST['email_new'], $_POST['group_new']);
pf_addstudenttodb($newstudent);
$message = "New student added.";
} else {
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$message .= "{$inp_err}<br>\n";
}
}
}
//import students from csv file
if (isset($_POST['Submit']) && $_POST['WhichForm'] == 'csvimport') {
ini_set('auto_detect_line_endings', true);
//check the file is a .csv file
$file = $_FILES['csv_file'];
$allowedExtensions = array("csv");
if ($file['error'] == UPLOAD_ERR_OK) {
if (!in_array(end(explode(".", strtolower($file['name']))), $allowedExtensions)) {
$message = "Invalid file type! File must be a .csv file.";
} else {
$arr_rows = file($_FILES['csv_file']['tmp_name']);
if (is_array($arr_rows)) {
$validator = new FormValidator();
foreach ($arr_rows as $row) {
//this is messy but is to make the validation script work
// split into values: first, last, pass, email
$arr_values = split(",", $row);
$_POST['firstname_new'] = $arr_values[0];
$_POST['lastname_new'] = $arr_values[1];
$_POST['pass_new'] = trim($arr_values[2]);
$_POST['email_new'] = trim($arr_values[3]);
$_POST['group_new'] = $current_group;
$student->ID = "new";
require "validation_studentdata.php";
}
if ($validator->ValidateForm()) {
//update db
foreach ($arr_rows as $row) {
// split into values: first, last, pass, email
$arr_values = split(",", $row);
// add the new student
$newstudent = array($arr_values[0], $arr_values[1], trim($arr_values[2]), trim($arr_values[3]), $current_group);
pf_addstudenttodb($newstudent);
}
$message = "Import Success";
} else {
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$message .= "{$inp_err}<br>\n";
}
}
}
}
}
}
//edit students
if (isset($_POST['Submit']) && $_POST['WhichForm'] == 'editstudents') {
$students = $wpdb->get_results($wpdb->prepare("SELECT ID FROM {$wpdb->pf_students} WHERE groupID={$current_group} AND student_status=0"));
$validator = new FormValidator();
foreach ($students as $student) {
require "validation_studentdata.php";
}
if ($validator->ValidateForm()) {
//update db
foreach ($students as $student) {
// update student
$studentdata = array($_POST['firstname_' . $student->ID], $_POST['lastname_' . $student->ID], $_POST['pass_' . $student->ID], $_POST['email_' . $student->ID], $_POST['group_' . $student->ID], $student->ID);
pf_updatestudentindb($studentdata);
if ($_POST['delete_' . $student->ID]) {
//this doesn't delete student from db, just changes status to 1
$studentstatusdata = array(1, $student->ID);
pf_changestudentstatusindb($studentstatusdata);
}
}
$message .= "Changes Saved";
} else {
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$message .= "{$inp_err}<br>\n";
}
}
}
//gets student info
$students = $wpdb->get_results($wpdb->prepare("SELECT student_firstname, student_lastname, student_pass, student_email, ID FROM {$wpdb->pf_students} WHERE groupID={$current_group} AND student_status=0"));
echo "<font color=red>" . $message . "</font>";
echo "<table>";
//headings of table
echo "<tr>\n <th>First Name</th>\n <th>Last Name</th>\n <th>Password</th>\n <th>Email</th>\n <th>Group</th>\n <th>Delete Student</th>\n </tr>";
if ($students) {
echo "<form name='editstudents' method='POST' action='' accept-charset='UTF-8'>";
foreach ($students as $student) {
echo "<tr>";
echo "<td><input type='text' name='firstname_" . $student->ID . "' size='12' maxlength='60' value='" . $student->student_firstname . "'></td>";
echo "<td><input type='text' name='lastname_" . $student->ID . "' size='12' maxlength='60' value='" . $student->student_lastname . "'></td>";
echo "<td><input type='text' name='pass_" . $student->ID . "' size='12' maxlength='60' value='" . $student->student_pass . "'></td>";
echo "<td><input type='text' name='email_" . $student->ID . "' size='12' maxlength='60' value='" . $student->student_email . "'></td>";
echo "<td><select name='group_" . $student->ID . "'>";
foreach ($groups as $group) {
echo "<option value=" . $group->ID;
if ($group->ID == $current_group) {
echo " selected='selected'";
}
echo ">" . $group->group_name . "</option>";
}
echo "</select></td>";
echo "<td><input type='checkbox' name='delete_" . $student->ID . "' value=true></td>";
echo "</tr>";
}
echo "<tr><td colspan=6 align=center>\n <input type='hidden' name='WhichForm' value='editstudents'>\n <input type='submit' name='Submit' value='Save Changes'>\n <br><br> \n </td></tr>\n </form>";
}
echo "<form name='addstudents' method='POST' action='' accept-charset='UTF-8'>";
//blank row
echo "<tr>";
echo "<td><input type='text' name='firstname_new' size='12' maxlength='60' value=''></td>";
echo "<td><input type='text' name='lastname_new' size='12' maxlength='60' value=''></td>";
echo "<td><input type='text' name='pass_new' size='12' maxlength='60' value=''></td>";
echo "<td><input type='text' name='email_new' size='12' maxlength='60' value=''></td>";
echo "<td><select name='group_new'>";
foreach ($groups as $group) {
echo "<option value=" . $group->ID;
if ($group->ID == $current_group) {
echo " selected='selected'";
}
echo ">" . $group->group_name . "</option>";
}
echo "</select></td>";
echo "<td> ";
echo "<input type='hidden' name='WhichForm' value='addstudents'>";
echo "<input type='submit' name='Submit' value='Add Student'>";
echo "</td>";
echo "</tr>";
echo "</form>";
echo "<tr><td colspan=6 align=center>";
echo "<form name=csvimport' method='POST' action='' enctype='multipart/form-data'>";
echo "<b>Upload a class roster</b><br>\n <ol>\n <li>Export your class roster to a .csv (comma separated) file.</li>\n <li>Edit your class roster so that you just have 4 columns of data: First Name, Last Name, Password, Email.</li>\n <li>Check that your names are only letters, email addresses are valid etc...</li>\n <input type='hidden' name='WhichForm' value='csvimport'> \n <li><input type='file' name='csv_file' /> </li> \n <li><input type='submit' name='Submit' value='Upload' /></li>\n <ol>\n </form>\n </td>\n </tr>\n </table>";
}
function pf_datefilter()
{
//gets current user info
global $current_user;
get_currentuserinfo();
//form validation script
$message = "";
if (isset($_POST['Submit']) && $_POST['WhichForm'] == 'datefilter') {
//set new validator object for this form (see http://www.html-form-guide.com/php-form/php-form-validation.html for syntax)
$validator = new FormValidator();
//required
$validator->addValidation("BeginDate", "req", "Begin Date is missing");
$validator->addValidation("EndDate", "req", "End Date is missing");
//are they dates
$validator->addValidation("BeginDate", "regexp=/^((0?[1-9]|1[012])[-](0?[1-9]|[12][0-9]|3[01])[-][0-9]?[0-9]?[0-9]{2})*\$/", "Begin Date is not in the required MM-DD-YYYY format");
$validator->addValidation("EndDate", "regexp=/^((0?[1-9]|1[012])[-](0?[1-9]|[12][0-9]|3[01])[-][0-9]?[0-9]?[0-9]{2})*\$/", "End Date is not in the required MM-DD-YYYY format");
//make my own validation script? (use snippets link)
//add check that begin comes before end date
//tests what was sumbitted
if ($validator->ValidateForm()) {
//add POST to db
update_user_meta($current_user->ID, 'pf_begindate', $_POST['BeginDate']);
update_user_meta($current_user->ID, 'pf_enddate', $_POST['EndDate']);
} else {
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$message .= "{$inp_err}<br>\n";
}
}
}
//gets begin and end dates
$begindate = get_user_meta($current_user->ID, 'pf_begindate', true);
if (!$begindate) {
$begindate = "" . date("m-d-y");
add_user_meta($current_user->ID, 'pf_begindate', $begindate, true);
}
$enddate = get_user_meta($current_user->ID, 'pf_enddate', true);
if (!$enddate) {
$enddate = "" . date("m-d-y");
add_user_meta($current_user->ID, 'pf_enddate', $enddate, true);
}
//output
echo "<form name='datefilter' method='POST' action='' accept-charset='UTF-8'>";
echo "Begin Date: <input type='text' name='BeginDate' size='10' maxlength='10' value='{$begindate}'>";
echo " End Date: <input type='text' name='EndDate' size='10' maxlength='10' value='{$enddate}'>";
echo "<input type='hidden' name='WhichForm' value='datefilter'>";
echo "<input type='submit' name='Submit' value='Update'>";
echo "</form>";
echo $message;
}
The variable $_POST contains the form submission data.
*/
if (!isset($_POST['submit'])) {
// note that our submit button's name is 'submit'
// We are checking whether submit button is pressed
// This page should not be accessed directly. Need to submit the form.
echo "error; you need to submit the form!" . print_r($_POST, true);
exit;
}
require_once "includes/formvalidator.php";
//Setup Validations
$validator = new FormValidator();
$validator->addValidation("fullname", "req", "Please fill in Name");
$validator->addValidation("email", "req", "Please fill in Email");
//Now, validate the form
if (false == $validator->ValidateForm()) {
echo "<B>Validation Errors:</B>";
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
echo "<p>{$inpname} : {$inp_err}</p>\n";
}
exit;
}
$visitor_email = '';
if (!empty($visitors_email_field)) {
$visitor_email = $_POST[$visitors_email_field];
}
if (empty($email_from)) {
$host = $_SERVER['SERVER_NAME'];
$email_from = "forms@{$host}";
}
function pf_survey()
{
global $wpdb;
global $table_prefix;
if (!isset($wpdb->pf_groups)) {
$wpdb->pf_groups = $table_prefix . 'pf_groups';
}
//gets current user info
global $current_user;
get_currentuserinfo();
//gets current group
$current_group = get_user_meta($current_user->ID, 'pf_currentgroup', true);
$message = "";
//edit survey
if (isset($_POST['Submit']) && $_POST['WhichForm'] == 'editsurvey') {
if ($_POST['askscore'] != 'true') {
$_POST['askscore'] = 'false';
}
if ($_POST['askcomment'] != 'true') {
$_POST['askcomment'] = 'false';
}
if ($_POST['disable'] != 'true') {
$_POST['disable'] = 'false';
}
$validator = new FormValidator();
$validator->addValidation("prompt", "req", "Error: Survey prompt required.");
$validator->addValidation("scores", "req", "Error: Possible scores required.");
$validator->addValidation("scores", "maxlen=30", "Error: Possible scores required.");
$validator->addValidation("scores", "regexp=/^(([0-9a-zA-Z .]*)([,][0-9a-zA-Z .]*)*)\$/", "Error: Possible scores must be letters and numbers separated by commas.");
if ($validator->ValidateForm()) {
//update db
$wpdb->query($wpdb->prepare("\n UPDATE {$wpdb->pf_groups} \n SET \n survey_prompt='" . $_POST['prompt'] . "',\n survey_askscore='" . $_POST['askscore'] . "',\n survey_scores='" . $_POST['scores'] . "',\n survey_askcomment='" . $_POST['askcomment'] . "',\n survey_disable='" . $_POST['disable'] . "'\n WHERE ID=" . $current_group));
$message .= "Changes Saved";
} else {
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$message .= "{$inp_err}<br>\n";
}
}
}
//gets survey info for current group
$surveyinfo = pf_getsurveyinfo($current_group);
echo "<font color=red>" . $message . "</font>";
echo "<table>";
echo "<form name='editsurvey' method='POST' action='' accept-charset='UTF-8'>";
echo "<tr>";
echo " <td>Survey Prompt</td>";
echo " <td>";
$content = $surveyinfo->survey_prompt;
$id = 'prompt';
$settings = array('textarea_rows' => 8, 'tinymce' => true);
wp_editor($content, $id, $settings);
echo " </td>";
echo "</tr>\n \n <tr>\n <td>Ask for score</td>\n <td><input type='checkbox' name='askscore' value='true'";
if ($surveyinfo->survey_askscore == 'true') {
echo " checked";
}
echo "></td>\n </tr>\n \n <tr>\n <td>Possible scores<br><em>comma separated<br>(eg 4,3,2,1 or A,B,C,D,F)</em></td>\n <td><input type='textbox' size='30' maxlength='30' name='scores' value='" . $surveyinfo->survey_scores . "'></td>\n </tr>\n \n <tr>\n <td>Ask for comments</td>\n <td><input type='checkbox' name='askcomment' value='true'";
if ($surveyinfo->survey_askcomment == 'true') {
echo " checked";
}
echo "></td>\n </tr>\n \n <tr>\n <td>Disable survey</td>\n <td><input type='checkbox' name='disable' value='true'";
if ($surveyinfo->survey_disable == 'true') {
echo " checked";
}
echo "></td>\n </tr>\n \n <tr>\n <td><input type='hidden' name='WhichForm' value='editsurvey'>\n <input type='submit' name='Submit' value='Save Changes'> </td>\n <td><b><a href='http://www.peerfeedback.org/?page_id=188&groupID=" . $current_group . "' target='_blank'>Preview Survey</a></b>\n <br><br>\n </td>\n </tr>\n \n <tr>\n <td>Embed this survey in your site<br><em>copy and paste the text</em></td>\n <td><input type='text' size='100' value='<iframe src='http://www.peerfeedback.org/?page_id=188&groupID=" . $current_group . "' width=550 height=500 frameborder=0 marginheight=0 marginwidth=0>Loading...</iframe>'></td>\n </tr>\n \n <tr>\n <td>Link to this survey<br><em>copy and paste the text</em></td>\n <td><input type='text' size='100' value='http://www.peerfeedback.org/?page_id=188&groupID=" . $current_group . "'></td>\n </tr>\n \n </form>\n </table>";
}
if (array_key_exists('flagForReadReview', $_REQUEST) && $_REQUEST['flagForReadReview']) {
$_SESSION['action'] = "readReview";
header("Location: ../controller/Controller.php");
} else {
if (array_key_exists('flagForWriteReview', $_REQUEST) && $_REQUEST['flagForWriteReview']) {
$_SESSION['action'] = "writeReview";
header("Location: ../controller/Controller.php");
}
}
}
}
}
if (isset($_POST['Search'])) {
$validator = new FormValidator();
$validator->addValidation("journeyDate", "req", "Please select a journey date");
if ($validator->ValidateForm() && $_REQUEST['source'] != $_REQUEST['destination']) {
$_SESSION['action'] = "searchResults";
$flightSearchParameters = new FlightSearchParameters();
$flightSearchParameters->setBookingDate($_REQUEST['journeyDate']);
$flightSearchParameters->setDestination($_REQUEST['destination']);
//$flightSearchParameters->setNumberOfTickets($_REQUEST['numberOfTickets']);
$flightSearchParameters->setSource($_REQUEST['source']);
$_SESSION['flightSearchDetails'] = serialize($flightSearchParameters);
$flightSearchParameters1 = unserialize($_SESSION['flightSearchDetails']);
header("Location: ../controller/Controller.php");
} else {
echo "<B>Validation Errors:</B>";
if ($_REQUEST['source'] == $_REQUEST['destination']) {
echo "<p>Source and destination cannot be the same:</p>";
}
$error_hash = $validator->GetErrors();
function pf_editgroups()
{
global $wpdb;
global $table_prefix;
if (!isset($wpdb->pf_groups)) {
$wpdb->pf_groups = $table_prefix . 'pf_groups';
}
//gets current user info
global $current_user;
get_currentuserinfo();
//gets groups for current user
$groups = pf_getgroups();
$archived_groups = pf_getarchivedgroups();
//form validation script
$message = "";
if (isset($_POST['Submit']) && $_POST['WhichForm'] == 'archivegroups') {
//set new validator object for this form (see http://www.html-form-guide.com/php-form/php-form-validation.html for syntax)
$validator = new FormValidator();
foreach ($groups as $group) {
$validator->addValidation("status_" . $group->ID, "req", "Error: No status selected for group " . $group->group_name);
$validator->addValidation("status_" . $group->ID, "num", "Error: group_status invalid for group " . $group->group_name);
$validator->addValidation("group_" . $group->ID, "req", "Error: Name left blank (was " . $group->group_name . ")");
$validator->addValidation("group_" . $group->ID, "maxlen=60", "Error: Name too long - max 60 (was " . $group->group_name . ")");
$validator->addValidation("group_" . $group->ID, "alnum_s", "Error: Only letters, numbers and spaces allowed (was " . $group->group_name . ")");
}
foreach ($archived_groups as $group) {
$validator->addValidation("status_" . $group->ID, "req", "Error: No status selected for group " . $group->group_name);
$validator->addValidation("status_" . $group->ID, "num", "Error: group_status invalid for group " . $group->group_name);
$validator->addValidation("group_" . $group->ID, "req", "Error: Name left blank (was " . $group->group_name . ")");
$validator->addValidation("group_" . $group->ID, "maxlen=60", "Error: Name too long - max 60 (was " . $group->group_name . ")");
$validator->addValidation("group_" . $group->ID, "alnum_s", "Error: Only letters, numbers and spaces allowed (was " . $group->group_name . ")");
}
if ($validator->ValidateForm()) {
//update db
foreach ($groups as $group) {
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->pf_groups} SET group_status=" . $_POST['status_' . $group->ID] . " WHERE ID={$group->ID}"));
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->pf_groups} SET group_name='" . $_POST['group_' . $group->ID] . "' WHERE ID={$group->ID}"));
}
foreach ($archived_groups as $group) {
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->pf_groups} SET group_status=" . $_POST['status_' . $group->ID] . " WHERE ID={$group->ID}"));
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->pf_groups} SET group_name='" . $_POST['group_' . $group->ID] . "' WHERE ID={$group->ID}"));
if ($_POST['delete_' . $group->ID]) {
// don't delete group, just change status to 2
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->pf_groups} SET group_status=2 WHERE ID={$group->ID}"));
$message .= "You just deleted: " . $_POST['group_' . $group->ID] . "<br>";
}
}
$message .= "Saved";
} else {
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$message .= "{$inp_err}<br>\n";
}
}
}
//output
//gets groups for current user
$groups = pf_getgroups();
$archived_groups = pf_getarchivedgroups();
echo "<font color=red>" . $message . "</font>";
echo "<table>";
//headings of table
echo "<tr>\n <th>Group</th>\n <th>Status</th>\n <th>Delete Group</th>\n </tr>";
echo "<form name='archivegroups' method='POST' action='' accept-charset='UTF-8'>";
foreach ($groups as $group) {
echo "<tr>";
echo "<td><input type='text' name='group_" . $group->ID . "' size='12' maxlength='60' value='" . $group->group_name . "'></td>";
echo "<td><select name='status_" . $group->ID . "'>";
echo " <option value=0 selected='selected'>Active</option>";
echo " <option value=1>Archived</option>";
echo " </select></td>";
echo "<td>Must archive first</td>";
echo "</tr>";
}
foreach ($archived_groups as $group) {
echo "<tr>";
echo "<td><input type='text' name='group_" . $group->ID . "' size='12' maxlength='60' value='" . $group->group_name . "'></td>";
echo "<td><select name='status_" . $group->ID . "'>";
echo " <option value=0>Active</option>";
echo " <option value=1 selected='selected'>Archived</option>";
echo " </select></td>";
echo "<td><input type='checkbox' name='delete_" . $group->ID . "' value=true></td>";
echo "</tr>";
}
echo "<tr><td colspan=3>\n <input type='hidden' name='WhichForm' value='archivegroups'>\n <input type='submit' name='Submit' value='Save Changes'>\n </td></tr>";
echo "</form>\n </table>";
}
function ValidateSearchSubmission()
{
//This is a hidden input field. Humans won't fill this field.
if (!empty($_POST[$this->GetSpamTrapInputName()])) {
//The proper error is not given intentionally
$this->HandleError("Automated submission prevention: case 2 failed");
return false;
}
$validator = new FormValidator();
$validator->addValidation("eventSearch", "req", "Search Field is Empty!");
if (!$validator->ValidateForm()) {
$error = '';
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$error .= $inpname . ':' . $inp_err . "\n";
}
$this->HandleError($error);
return false;
}
return true;
}
function ValidateRegistrationSubmission()
{
$validator = new FormValidator();
$validator->addValidation("username", "req", "Please fill in Username");
$validator->addValidation("email", "email", "The input should be a valid Email value");
$validator->addValidation("email", "req", "Please fill in Email");
$validator->addValidation("password", "req", "Please fill in Password");
if (!$validator->ValidateForm()) {
$error = '';
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$error .= $inpname . ':' . $inp_err . "\n";
}
$error_message .= $error . "\r\n";
return false;
}
return true;
}
function ValidateRegistrationSubmission()
{
$validator = new FormValidator();
$validator->addValidation("firstName", "req", "Please fill in your first name");
$validator->addValidation("lastName", "req", "Please fill in your last name");
$validator->addValidation("email", "email", "The input for Email should be a valid email value");
$validator->addValidation("email", "req", "Please fill in Email");
$validator->addValidation("gender", "req", "Please fill in gender");
$validator->addValidation("birthYear", "req", "Please fill in birth year");
$validator->addValidation("password", "req", "Please fill in Password");
if (!$validator->ValidateForm()) {
$error = '';
$error_hash = $validator->GetErrors();
foreach ($error_hash as $inpname => $inp_err) {
$error .= $inpname . ':' . $inp_err . "\n";
}
$this->HandleError($error);
return false;
}
return true;
}
