Example #1
0
<?php

include 'base.php';
User::protect();
$section = 'venues';
include_class('venues');
include_class('band_members');
include_class('locations');
$ve = Venue::get($_GET['id']);
if (!db::isError($ve)) {
    switch ($_GET['task']) {
        case 'update':
            $res = $ve->update($_POST);
            if (!db::isError($res)) {
                header('Location: venue_edit.php?id=' . $_GET['id']);
            }
            break;
        case 'deactivate':
            $res = $ve->deactivate();
            if (!db::isError($res)) {
                header('Location: venue_edit.php?id=' . $_GET['id']);
            }
            break;
        case 'activate':
            $res = $ve->activate();
            if (!db::isError($res)) {
                header('Location: venue_edit.php?id=' . $_GET['id']);
            }
            break;
        case 'delete':
            $res = $ve->remove();
Example #2
0
 function add($postArray)
 {
     $db = new db();
     include_class('venues');
     $e = new Error();
     $name = $db->sanitize_to_db($postArray['name']);
     $dt = $db->sanitize_to_db($postArray['date']);
     $date = date("Y-m-d", strtotime($dt));
     if ($postArray['time']) {
         $time = $db->sanitize_to_db($postArray['time']);
         $time = "'" . date("H:i:s", strtotime($time)) . "'";
     } else {
         $time = "null";
     }
     if ($postArray['cost'] != "") {
         $cost = $db->sanitize_to_db($postArray['cost']);
         $cost = "'{$cost}'";
     } else {
         $cost = "null";
     }
     $is_all_ages = $postArray['is_all_ages'] == '1' ? 1 : 0;
     $other_bands = $db->sanitize_to_db($postArray['other_bands']);
     $notes = $db->sanitize_to_db($postArray['notes']);
     if (User::isAdmin()) {
         $uo = User::get($postArray['user_id']);
         if (db::isError($uo)) {
             $e->add($uo);
         } else {
             if (!$uo->isAdmin() && $uo->isBandMember()) {
                 $e->add("Invalid user. User must be a band member or an administrator.");
             }
         }
     } else {
         $uo = User::getCurrent();
     }
     if ($postArray['venue_id'] != '0') {
         $ve = Venue::get($postArray['venue_id']);
     }
     if (db::isError($ve)) {
         $e->add($ve);
     }
     if ($e->hasErrors()) {
         return $e;
     }
     $user_id = $uo->getID();
     $venue_id = $db->sanitize_to_db($postArray['venue_id']);
     if (!$name) {
         $name = is_object($ve) && !db::isError($ve) ? $db->sanitize_to_db($ve->getName()) : "(untitled show)";
     }
     $r = mysql_query("insert into Shows (name, venue_id, date, time, user_id, cost, is_all_ages, other_bands, notes, is_active) values ('{$name}', '{$venue_id}', '{$date}', {$time}, {$user_id}, {$cost}, {$is_all_ages}, '{$other_bands}', '{$notes}'," . DEFAULT_ACTIVE . ")");
     if ($r) {
         return Show::get(mysql_insert_id());
     } else {
         return Error::MySQL();
     }
 }
Example #3
0
 function add($postArray)
 {
     $db = new db();
     $uo = User::getCurrent();
     if (User::isAdmin()) {
         $uo = User::get($postArray['user_id']);
         if (db::isError($uo)) {
             $e->add($uo);
         } else {
             if (!$uo->isAdmin() && $uo->isBandMember()) {
                 $e->add("Invalid user. User must be a band member or an administrator.");
             }
         }
     } else {
         $uo = User::getCurrent();
     }
     $user_id = $uo->getID();
     $name = $db->sanitize_to_db($postArray['name']);
     $address1 = $db->sanitize_to_db($postArray['address1']);
     $address2 = $db->sanitize_to_db($postArray['address2']);
     $city = $db->sanitize_to_db($postArray['city']);
     $stateProvince = $db->sanitize_to_db($postArray['stateProvince']);
     if ($stateProvince == "??") {
         $stateProvince = $db->sanitize_to_db($postArray['stateProvinceOther']);
     }
     $postalCode = $db->sanitize_to_db($postArray['postalCode']);
     $directions = $db->sanitize_to_db($postArray['directions']);
     $country = $db->sanitize_to_db($postArray['country']);
     $country = $country == null ? VENUE_DEFAULT_COUNTRY : $country;
     if (!$name) {
         $name = '(untitled venue)';
     }
     $r = mysql_query("insert into Venues (user_id, country, name, address1, address2, city, stateProvince, postalCode, directions, is_active) values ('{$user_id}', '{$country}', '{$name}', '{$address1}', '{$address2}', '{$city}', '{$stateProvince}', '{$postalCode}', '{$directions}'," . DEFAULT_ACTIVE . ")");
     if ($r) {
         return Venue::get(mysql_insert_id());
     } else {
         return Error::MySQL();
     }
 }