public static function delete_event($event_id)
{
$event_id = (int) $event_id;
$db = cmsms()->GetDb();
$mod = cms_utils::get_module('CGCalendar');
$events_table_name = $mod->events_table_name;
$events_to_categories_table_name = $mod->events_to_categories_table_name;
$event_field_values_table_name = $mod->event_field_values_table_name;
if ($event_id < 1) {
return FALSE;
}
$query = 'SELECT * FROM ' . $events_table_name . ' WHERE event_id = ? OR event_parent_id = ? ORDER BY event_parent_id DESC';
$rows = $db->GetArray($query, array($event_id, $event_id));
if (cmsms()->is_frontend_request()) {
// userid has to match the owner
$feu = cms_utils::get_module('FrontEndUsers');
if (!$feu) {
return;
}
$userid = $feu->LoggedInId();
foreach ($rows as $row) {
if ($row['event_created_by'] != $userid) {
// oops, we can't delete anything
audit($event_id, $mod->GetName(), "FEU user {$userid} attempted to delete an event owned by somebody else");
return FALSE;
}
}
} else {
// admin request.
if (!$mod->CheckPermission('Modify Calendar')) {
// userid has to match the owner.. and we have to have permission to edit my events
if (!$mod->CheckPermission('Edit My Calendar Events')) {
$userid = get_userid(FALSE) * -1 - 100;
foreach ($rows as $row) {
if ($row['event_created_by'] != $userid) {
// oops. we can't delete this event.
audit($event_id, $mod->GetName(), "Admin user {$userid} attempted to delete an event owned by somebody else");
return FALSE;
}
}
}
}
}
$query1 = 'DELETE FROM ' . $event_field_values_table_name . ' WHERE event_id = ?';
$query2 = 'DELETE FROM ' . $events_to_categories_table_name . ' WHERE event_id = ?';
$query3 = 'DELETE FROM ' . $events_table_name . ' WHERE event_parent_id = ?';
$query4 = 'DELETE FROM ' . $events_table_name . ' WHERE event_id = ?';
foreach ($rows as $one) {
$db->Execute($query1, array($event_id));
$db->Execute($query2, array($event_id));
}
$db->Execute($query1, array($event_id));
$db->Execute($query2, array($event_id));
$db->Execute($query3, array($event_id));
$db->Execute($query4, array($event_id));
$mod->SendEvent('EventDeleted', array('event_id' => $event_id));
$cgcal = cms_utils::get_module('CGCalendar');
$search = cms_utils::get_search_module();
if ($search) {
$search->DeleteWords($cgcal->GetName(), $event_id);
}
return TRUE;
}
// handle the custom fields
$now = $db->DbTimeStamp(time());
$query = 'INSERT INTO ' . cms_db_prefix() . "module_news_fieldvals\n (news_id, fielddef_id, value, create_date, modified_date)\n VALUES (?,?,?,{$now},{$now})";
foreach ($params as $key => $value) {
$value = trim($value);
if (empty($value)) {
continue;
}
if (preg_match('/^news_customfield_/', $key)) {
$field_id = intval(substr($key, 17));
$db->Execute($query, array($articleid, $field_id, $value));
}
}
// should've checked those errors too, but eh, I'm up for the odds.
//Update search index
$module = cms_utils::get_search_module();
if (is_object($module)) {
$module->AddWords($this->GetName(), $articleid, 'article', $content . ' ' . $summary . ' ' . $title . ' ' . $title, $useexp == 1 ? $enddate : NULL);
}
// Send an email
$do_send_email = true;
$do_redirect = true;
// send an event
@$this->SendEvent('NewsArticleAdded', array('news_id' => $articleid, 'category_id' => $category_id, 'title' => $title, 'content' => $content, 'summary' => $summary, 'status' => $status, 'start_time' => $startdate, 'end_time' => $enddate, 'useexp' => $useexp));
// put mention into the admin log
audit('', 'News Frontend Submit', 'Article added');
// and we're done
$smarty->assign('message', $this->Lang('articleadded'));
}
}
}
