<?php
include 'base.php';
User::protect();
$section = 'venues';
include_class('venues');
include_class('band_members');
include_class('locations');
$ve = Venue::get($_GET['id']);
if (!db::isError($ve)) {
switch ($_GET['task']) {
case 'update':
$res = $ve->update($_POST);
if (!db::isError($res)) {
header('Location: venue_edit.php?id=' . $_GET['id']);
}
break;
case 'deactivate':
$res = $ve->deactivate();
if (!db::isError($res)) {
header('Location: venue_edit.php?id=' . $_GET['id']);
}
break;
case 'activate':
$res = $ve->activate();
if (!db::isError($res)) {
header('Location: venue_edit.php?id=' . $_GET['id']);
}
break;
case 'delete':
$res = $ve->remove();
function add($postArray)
{
$db = new db();
include_class('venues');
$e = new Error();
$name = $db->sanitize_to_db($postArray['name']);
$dt = $db->sanitize_to_db($postArray['date']);
$date = date("Y-m-d", strtotime($dt));
if ($postArray['time']) {
$time = $db->sanitize_to_db($postArray['time']);
$time = "'" . date("H:i:s", strtotime($time)) . "'";
} else {
$time = "null";
}
if ($postArray['cost'] != "") {
$cost = $db->sanitize_to_db($postArray['cost']);
$cost = "'{$cost}'";
} else {
$cost = "null";
}
$is_all_ages = $postArray['is_all_ages'] == '1' ? 1 : 0;
$other_bands = $db->sanitize_to_db($postArray['other_bands']);
$notes = $db->sanitize_to_db($postArray['notes']);
if (User::isAdmin()) {
$uo = User::get($postArray['user_id']);
if (db::isError($uo)) {
$e->add($uo);
} else {
if (!$uo->isAdmin() && $uo->isBandMember()) {
$e->add("Invalid user. User must be a band member or an administrator.");
}
}
} else {
$uo = User::getCurrent();
}
if ($postArray['venue_id'] != '0') {
$ve = Venue::get($postArray['venue_id']);
}
if (db::isError($ve)) {
$e->add($ve);
}
if ($e->hasErrors()) {
return $e;
}
$user_id = $uo->getID();
$venue_id = $db->sanitize_to_db($postArray['venue_id']);
if (!$name) {
$name = is_object($ve) && !db::isError($ve) ? $db->sanitize_to_db($ve->getName()) : "(untitled show)";
}
$r = mysql_query("insert into Shows (name, venue_id, date, time, user_id, cost, is_all_ages, other_bands, notes, is_active) values ('{$name}', '{$venue_id}', '{$date}', {$time}, {$user_id}, {$cost}, {$is_all_ages}, '{$other_bands}', '{$notes}'," . DEFAULT_ACTIVE . ")");
if ($r) {
return Show::get(mysql_insert_id());
} else {
return Error::MySQL();
}
}
function add($postArray)
{
$db = new db();
$uo = User::getCurrent();
if (User::isAdmin()) {
$uo = User::get($postArray['user_id']);
if (db::isError($uo)) {
$e->add($uo);
} else {
if (!$uo->isAdmin() && $uo->isBandMember()) {
$e->add("Invalid user. User must be a band member or an administrator.");
}
}
} else {
$uo = User::getCurrent();
}
$user_id = $uo->getID();
$name = $db->sanitize_to_db($postArray['name']);
$address1 = $db->sanitize_to_db($postArray['address1']);
$address2 = $db->sanitize_to_db($postArray['address2']);
$city = $db->sanitize_to_db($postArray['city']);
$stateProvince = $db->sanitize_to_db($postArray['stateProvince']);
if ($stateProvince == "??") {
$stateProvince = $db->sanitize_to_db($postArray['stateProvinceOther']);
}
$postalCode = $db->sanitize_to_db($postArray['postalCode']);
$directions = $db->sanitize_to_db($postArray['directions']);
$country = $db->sanitize_to_db($postArray['country']);
$country = $country == null ? VENUE_DEFAULT_COUNTRY : $country;
if (!$name) {
$name = '(untitled venue)';
}
$r = mysql_query("insert into Venues (user_id, country, name, address1, address2, city, stateProvince, postalCode, directions, is_active) values ('{$user_id}', '{$country}', '{$name}', '{$address1}', '{$address2}', '{$city}', '{$stateProvince}', '{$postalCode}', '{$directions}'," . DEFAULT_ACTIVE . ")");
if ($r) {
return Venue::get(mysql_insert_id());
} else {
return Error::MySQL();
}
}