/**
* Output list of upcoming events for the location.
* @since 2.0.0
* @version 2.0.0
* @param integer $limit [optional] Event List Size (Default:5)
* @return void
*/
function location_events($limit = 5)
{
global $lID, $hc_cfg, $hc_lang_core, $hc_lang_locations;
$result = doQuery("SELECT PkID, Title, StartDate, StartTime, EndTime, TBD\r\n\t\t\t\t\t\tFROM " . HC_TblPrefix . "events \r\n\t\t\t\t\t\t\tWHERE IsActive = 1 AND IsApproved = 1 AND LocID = '" . cIn($lID) . "' AND StartDate >= '" . cIn(SYSDATE) . "'\r\n\t\t\t\t\t\tORDER BY StartDate, TBD, StartTime, Title\r\n\t\t\t\t\t\tLIMIT " . cIn($limit));
if (!hasRows($result)) {
echo '<p>' . $hc_lang_locations['NoEvents'] . ' <a href="' . CalRoot . '/index.php?com=submit" rel="nofollow">' . $hc_lang_locations['NoEventsLink'] . '</a></p>';
return 0;
}
$cnt = $date = 0;
while ($row = mysql_fetch_row($result)) {
if ($date != $row[2]) {
$date = $row[2];
echo $cnt > 0 ? '
</ul>' : '';
echo '
<header>' . stampToDate($row[2], $hc_cfg[14]) . '</header>
<ul>';
$cnt = 1;
}
$hl = $cnt % 2 == 0 ? ' class="hl"' : '';
if ($row[5] == 0) {
$time = $row[3] != '' ? stampToDate($row[3], $hc_cfg[23]) : '';
$time .= $row[4] != '' ? ' - ' . stampToDate($row[4], $hc_cfg[23]) : '';
$stamp = date("Y-m-d\\Th:i:00", strtotime($row[2] . trim(' ' . $row[3]))) . HCTZ;
} else {
$time = $row[5] == 1 ? $hc_lang_locations['AllDay'] : $hc_lang_locations['TBA'];
$stamp = date("Y-m-d", strtotime($row[2]));
}
echo '
<li' . $hl . ' itemscope itemtype="http://schema.org/Event"><time itemprop="startDate" datetime="' . $stamp . '">' . $time . '</time><a itemprop="url" href="' . CalRoot . '/index.php?eID=' . $row[0] . '"><span itemprop="name">' . cOut($row[1]) . '</span></a></li>';
++$cnt;
}
echo '</ul>';
}
/**
* Output obfuscated mailto: link.
* @since 2.0.0
* @version 2.0.0
* @param string $email email address for link
* @param string $subject [optional] subject of email
* @param string $label [optional] text to precede link
* @return datatype description
*/
function cleanEmailLink($email, $subject = '', $label = '')
{
$var1 = preg_replace('/[0-9]*/', '', md5(rand(0, 10845)));
$var2 = preg_replace('/[0-9]*/', '', md5(rand(10846, 20795)));
$var3 = preg_replace('/[0-9]*/', '', md5(rand(20796, 31794)));
$var4 = preg_replace('/[0-9]*/', '', md5(rand(31794, 42847)));
$eParts = explode("@", $email);
if (!isset($eParts[1])) {
echo $label;
return;
}
$eEnds = explode(".", $eParts[1]);
$eEnds = implode('" + "." + "', $eEnds);
$subject = $subject != '' ? " + '?subject=" . cIn($subject) : " + '";
echo '
<script>
//<!--
var ' . $var2 . ' = "' . $eEnds . '";var ' . $var1 . ' = "' . $eParts[0] . '";var ' . $var3 . ' = ' . $var1 . ';var ' . $var4 . ' = ' . $var2 . ';
document.write(\'' . $label . '<a href="\' + \'ma\' + \'ilt\' + \'o:\' + ' . $var3 . ' + \'@\' + ' . $var4 . ' + \'">\' + ' . $var3 . ' + \'@\' + ' . $var4 . ' + \'</a>\');
//-->
</script>';
}
function startNewSession()
{
global $hc_cfg;
$aUser = isset($_SESSION['AdminPkID']) ? cIn($_SESSION['AdminPkID']) : 0;
$resultAS = doQuery("SELECT Access FROM " . HC_TblPrefix . "admin WHERE PkID = '" . $aUser . "'");
$knownSession = hasRows($resultAS) ? mysql_result($resultAS, 0, 0) : NULL;
if ($knownSession != md5(session_id())) {
killAdminSession();
} else {
$_SESSION['hc_SessionReset'] = date("U") + mt_rand(60, 900);
}
$old_session = session_id();
session_regenerate_id();
$new_session = session_id();
session_write_close();
session_id($new_session);
session_name($hc_cfg[200]);
session_start();
$_SESSION['hc_whoami'] = md5($_SERVER['REMOTE_ADDR'] . session_id());
if (isset($_COOKIE[$old_session])) {
setcookie($old_session, '', time() - 86400, '/');
}
doQuery("UPDATE " . HC_TblPrefix . "admin SET Access = '" . cIn(md5(session_id())) . "' WHERE PkID = '" . $aUser . "'");
}
<?php
/**
* @package Helios Calendar
* @license GNU General Public License version 2 or later; see LICENSE
*/
define('isHC', true);
define('isAction', true);
include dirname(__FILE__) . '/loader.php';
action_headers();
$new_lang = isset($_GET['l']) ? strtolower(cIn(strip_tags($_GET['l']))) : '';
$target = CalRoot . '/';
if ($new_lang != '') {
$dir = dir(realpath(HCPATH . HCINC . '/lang/'));
if (is_dir($dir->path . '/' . $new_lang)) {
$_SESSION['LangSet'] = $new_lang;
if (isset($_SERVER['HTTP_REFERER']) && preg_match('(^' . CalRoot . ')', $_SERVER['HTTP_REFERER'])) {
$target = cIn(strip_tags($_SERVER['HTTP_REFERER']));
}
}
}
header('Location: ' . $target);
*/
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
include HCLANG . '/admin/newsletter.php';
$eID = isset($_SESSION['ReportDownload']) ? implode(',', array_filter(explode(',', utf8_decode($_SESSION['ReportDownload'])), 'is_numeric')) : '0';
header('Content-type: application/csv');
header('Content-Disposition: inline; filename="' . CalName . ' Event Report ' . SYSDATE . '.csv"');
$resultX = doQuery("SELECT MAX(Views), MAX(Directions), MAX(Downloads), MAX(EmailToFriend), MAX(URLClicks),\r\n\t\t\t\t\t\tAVG(Views), AVG(Directions), AVG(Downloads), AVG(EmailToFriend), AVG(URLClicks)\r\n\t\t\t\t\tFROM " . HC_TblPrefix . "events\r\n\t\t\t\t\tWHERE IsActive = 1 AND IsApproved = 1");
if (hasRows($resultX)) {
$mViews = cOut(mysql_result($resultX, 0, 0));
$mDir = cOut(mysql_result($resultX, 0, 1));
$mDwnl = cOut(mysql_result($resultX, 0, 2));
$mEmail = cOut(mysql_result($resultX, 0, 3));
$mURL = cOut(mysql_result($resultX, 0, 4));
$aViews = cOut(round(mysql_result($resultX, 0, 5), 0));
$aDir = cOut(round(mysql_result($resultX, 0, 6), 0));
$aDwnl = cOut(round(mysql_result($resultX, 0, 7), 0));
$aEmail = cOut(round(mysql_result($resultX, 0, 8), 0));
$aURL = cOut(round(mysql_result($resultX, 0, 9), 0));
}
echo "Event,Views,Directions,Downloads,Email,URL\n";
echo "Average," . number_format($aViews, 0, '.', ',') . "," . number_format($aDir, 0, '.', ',') . "," . number_format($aDwnl, 0, '.', ',') . "," . number_format($aEmail, 0, '.', ',') . "," . number_format($aURL, 0, '.', ',') . "\n";
echo "Best," . number_format($mViews, 0, '.', ',') . "," . number_format($mDir, 0, '.', ',') . "," . number_format($mDwnl, 0, '.', ',') . "," . number_format($mEmail, 0, '.', ',') . "," . number_format($mURL, 0, '.', ',') . "\n";
$result = doQuery("SELECT e.PkID, e.Title, e.Views, e.Directions, e.Downloads, e.EmailToFriend, e.URLClicks\r\n\t\t\t\t\tFROM " . HC_TblPrefix . "events e\r\n\t\t\t\t\tWHERE e.PkID IN(" . cIn($eID) . ") ORDER BY e.PkID");
if (hasRows($result)) {
while ($row = mysql_fetch_row($result)) {
echo "(" . $row[0] . ") " . str_replace(',', '', $row[1]) . "," . $row[2] . "," . $row[3] . "," . $row[4] . "," . $row[5] . "," . $row[6] . "\n";
}
}
if (!$fp) {
$apiFail = true;
$errorMsg = 'Connection to bitly Failed.';
} else {
$data = '';
$request = "GET " . $bSend . " HTTP/1.1\r\nHost: " . $host . "\r\nConnection: Close\r\n\r\n";
fwrite($fp, $request);
while (!feof($fp)) {
$data .= fread($fp, 1024);
}
fclose($fp);
$status_code = xml_tag_value('status_code', $data);
if ($status_code != '200') {
$apiFail = true;
$errorMsg = 'Error Msg From bitly - <i>' . xml_tag_value('status_txt', $data) . '</i>';
} else {
$bitURL = xml_tag_value('url', $data);
}
if ($bitURL != '') {
if (isset($eID)) {
doQuery("UPDATE " . HC_TblPrefix . "events SET ShortURL = '" . cIn($bitURL) . "' WHERE PkID = '" . cIn($eID) . "'");
} elseif (isset($lID)) {
doQuery("UPDATE " . HC_TblPrefix . "locations SET ShortURL = '" . cIn($bitURL) . "' WHERE PkID = '" . cIn($lID) . "'");
}
$shortLink = $bitURL;
}
}
}
}
}
echo $errorMsg != '' ? $errorMsg : '';
* @license GNU General Public License version 2 or later; see LICENSE
*/
define('isHC', true);
define('isAction', true);
include_once '../loader.php';
header('Content-type: application/xml; charset="utf-8"');
// if(!file_exists(HCPATH.'/cache/sitemap_index')){
if (1 == 1) {
ob_start();
$fp = fopen(HCPATH . '/cache/sitemap_index', 'w');
echo '<?xml version="1.0" encoding="UTF-8"?>
<sitemapindex xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">
<sitemap>
<loc>' . CalRoot . '/sitemap/site.php</loc>
</sitemap>';
$result = doQuery("SELECT COUNT(PkID), MAX(PublishDate) FROM " . HC_TblPrefix . "events WHERE StartDate >= '" . cIn(SYSDATE) . "' AND IsActive = 1 AND IsApproved = 1");
if (hasRows($result)) {
$last = mysql_result($result, 0, 1) != '' ? '<lastmod>' . stampToDate(mysql_result($result, 0, 1), '%Y-%m-%d') . '</lastmod>' : '';
$x = 1;
$stop = mysql_result($result, 0, 0) > $hc_cfg[87] ? ceil(mysql_result($result, 0, 0) / $hc_cfg[87]) : 1;
while ($x <= $stop) {
echo '
<sitemap>
<loc>' . CalRoot . '/sitemap/events.php?map=' . $x . '</loc>
' . $last . '
</sitemap>';
++$x;
}
}
$result = doQuery("SELECT COUNT(l.PkID), MAX(l.LastMod) FROM " . HC_TblPrefix . "locations l WHERE l.IsActive = 1");
if (hasRows($result)) {
* @license GNU General Public License version 2 or later; see LICENSE
*/
if (!defined('hcAdmin')) {
header("HTTP/1.1 403 No Direct Access");
exit;
}
include HCLANG . '/admin/manage.php';
if (isset($_GET['msg'])) {
switch ($_GET['msg']) {
case "1":
feedback(1, $hc_lang_manage['Feed01']);
break;
}
}
appInstructions(0, "Billboard_Events", $hc_lang_manage['TitleBillboard'], $hc_lang_manage['InstructBillboard']);
$result = doQuery("SELECT PkID, Title, StartDate, Views FROM " . HC_TblPrefix . "events WHERE IsActive = 1 AND IsApproved = 1 AND IsBillboard = 1 AND StartDate >= '" . cIn(SYSDATE) . "' ORDER BY StartDate, Views DESC");
if (hasRows($result)) {
echo '
<ul class="data">
<li class="row header uline">
<div style="width:68%;">' . $hc_lang_manage['Title'] . '</div>
<div style="width:10%;">' . $hc_lang_manage['Date'] . '</div>
<div class="number" style="width:10%;">' . $hc_lang_manage['Views'] . '</div>
<div style="width:10%;"> </div>
</li>
</ul>
<ul class="data">
<div class="blbd">';
$cnt = 0;
while ($row = mysql_fetch_row($result)) {
$hl = $cnt % 2 == 1 ? ' hl' : '';
<?php
/**
* @package Helios Calendar
* @license GNU General Public License version 2 or later; see LICENSE
*/
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
$token = isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : '';
if (!check_form_token($token)) {
go_home();
}
include HCLANG . '/admin/settings.php';
$e = preg_match('/^([a-zA-Z0-9_\\.\\-])+\\@(([a-zA-Z0-9\\-])+\\.)+([a-zA-Z0-9]{2,4})+$/', $_GET['e']) == 1 ? cIn(strip_tags($_GET['e'])) : '';
echo '
<link rel="stylesheet" type="text/css" href="' . AdminRoot . '/css/admin.css">
<style>
html, body {background:#FFFFFF;padding:5px;}
</style>';
if ($e != '') {
if (!$hc_cfg[71] == 1) {
echo '
<p>' . $hc_lang_settings['EmailTestMail'] . '</p>';
}
reMail('', $e, CalName . ' ' . $hc_lang_settings['TestSubj'], $hc_lang_settings['TestMsg'], $hc_cfg[79], $hc_cfg[78], NULL, true);
} else {
echo '
' . $hc_lang_settings['EmailTestError'] . '
<script>
<?php
/**
* @package Helios Calendar
* @license GNU General Public License version 2 or later; see LICENSE
*/
if (!defined('hcAdmin')) {
header("HTTP/1.1 403 No Direct Access");
exit;
}
include HCLANG . '/admin/newsletter.php';
if (isset($_GET['gID']) && is_numeric($_GET['gID'])) {
$gID = isset($_GET['gID']) && is_numeric($_GET['gID']) ? cIn(strip_tags($_GET['gID'])) : 0;
$isPublic = 0;
$name = $descript = '';
$helpText = $hc_lang_news['InstructAddG'];
$result = doQuery("SELECT * FROM " . HC_TblPrefix . "mailgroups WHERE PkID = '" . $gID . "' AND IsActive = 1");
if (hasRows($result)) {
$name = cOut(mysql_result($result, 0, 1));
$descript = cOut(mysql_result($result, 0, 2));
$isPublic = cOut(mysql_result($result, 0, 3));
$helpText = $hc_lang_news['InstructEditG'];
}
appInstructions(0, 'Subscriber_Groups', $hc_lang_news['TitleGroup'], $helpText);
echo '
<form name="frm" id="frm" method="post" action="' . AdminRoot . '/components/MailGroupsAction.php" onsubmit="return validate();">';
set_form_token();
echo '
<input type="hidden" name="gID" id="nID" value="' . $gID . '" />
' . ($gID == 1 ? '
<input type="hidden" name="description" id="description" value="" />
$curSubmit = isset($_SESSION['hc_curSubmit']) ? $_SESSION['hc_curSubmit'] : 0;
if ($hc_cfg[40] > 0 && count($dates) + $curSubmit >= $hc_cfg[40]) {
exit($hc_lang_submit['NoSubmit']);
} else {
$_SESSION['hc_curSubmit'] = $curSubmit + count($dates);
}
foreach ($dates as $val) {
$eventDate = $val;
$query = "INSERT INTO " . HC_TblPrefix . "events(Title, LocationName, LocationAddress, LocationAddress2,\r\n\t\t\t\t\t\tLocationCity, LocationState, LocationZip, Description,\r\n\t\t\t\t\t\tStartDate, StartTime, TBD, EndTime, ContactName,\r\n\t\t\t\t\t\tContactEmail, ContactPhone, ContactURL, IsActive, IsApproved,\r\n\t\t\t\t\t\tIsBillboard, SubmittedByName, SubmittedByEmail, SubmittedAt, SeriesID,\r\n\t\t\t\t\t\tMessage, LocID, Cost, LocCountry, OwnerID, PublishDate, LastMod)\r\n\t\t\t\t\tVALUES(\t'" . cIn($eventTitle) . "', '" . cIn($locName) . "', '" . cIn($locAddress) . "', '" . cIn($locAddress2) . "',\r\n\t\t\t\t\t\t\t'" . cIn($locCity) . "', '" . cIn($locState) . "', '" . cIn($locZip) . "', '" . cIn($eventDesc, 0) . "',\r\n\t\t\t\t\t\t\t'" . cIn($eventDate) . "', " . $startTime . ", '" . cIn($tbd) . "', " . $endTime . ",\r\n\t\t\t\t\t\t\t'" . cIn($contactName) . "', '" . cIn($contactEmail) . "', '" . cIn($contactPhone) . "', '" . cIn($contactURL) . "',\r\n\t\t\t\t\t\t\t'1', '" . $appStatus . "', '0', '" . cIn($subName) . "', '" . cIn($subEmail) . "', '" . SYSDATE . " " . SYSTIME . "' , " . $seriesID . ",\r\n\t\t\t\t\t\t\t'" . $adminMessage . "','" . cIn($locID) . "', '" . cIn($cost) . "', '" . cIn($locCountry) . "', '" . cIn($subID) . "',\r\n\t\t\t\t\t\t\t" . $pubDate . ", " . $pubDate . ");";
doQuery($query);
$result = doQuery("SELECT LAST_INSERT_ID() FROM " . HC_TblPrefix . "events");
$newPkID = mysql_result($result, 0, 0);
if (isset($_POST['catID']) && is_array($_POST['catID'])) {
foreach ($_POST['catID'] as $val) {
if (is_numeric($val) && $val > 0) {
doQuery("INSERT INTO " . HC_TblPrefix . "eventcategories(EventID, CategoryID) VALUES('" . cIn($newPkID) . "', '" . cIn($val) . "')");
}
}
}
if ($rsvp_type == 1 && $newPkID > 0) {
doQuery("INSERT INTO " . HC_TblPrefix . "eventrsvps(Type,EventID,OpenDate,CloseDate,Space,RegOption,Notices)\r\n\t\t\t\t\t\tVALUES('" . $rsvp_type . "','" . $newPkID . "','" . $rsvp_open . "','" . $rsvp_close . "','" . $rsvp_space . "','" . $rsvp_disp . "','" . $rsvp_notice . "')");
}
}
if ($newPkID > 0 && $hc_cfg[78] != '' && $hc_cfg[79] != '') {
$eventDates = strftime($hc_cfg[24], strtotime($dates[0])) . ($dates[0] != end($dates) ? ' - ' . strftime($hc_cfg[24], strtotime(end($dates))) : '');
$occurs = count($dates);
notice_public_event($subName, $subEmail, $adminMessage, $locID, $locName, $locAddress, $locAddress2, $locCity, $locState, $locCountry, $locZip, $eventTitle, $eventDesc, $eventDates, $occurs);
}
header("Location: " . CalRoot . "/index.php?com=submit&msg=1");
} else {
exit($hc_lang_submit['ValidFail']);
}
}
//-->
</script>';
} else {
$token = '';
$token = $token == '' && isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : $token;
$token = $token == '' && isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : $token;
appInstructions(1, "Merging_Locations", $hc_lang_locations['TitleMerge'], $hc_lang_locations['InstructMerge2']);
$locName = '';
if (isset($_GET['l'])) {
$locName = isset($_GET['l']) ? strip_tags(str_replace("'", "\"", $_GET['l'])) : '';
} elseif (isset($_POST['locName'])) {
$locName = isset($_POST['locName']) ? strip_tags(str_replace("'", "\"", $_POST['locName'])) : '';
}
$result = doQuery("SELECT PkID, Name, IsPublic, \r\n\t\t\t\t\t\t\t(SELECT COUNT(PkID) FROM " . HC_TblPrefix . "events e WHERE e.StartDate >= '" . SYSDATE . "' AND e.LocID = l.PkID) AS EventCnt\r\n\t\t\t\t\t\tFROM " . HC_TblPrefix . "locations l\r\n\t\t\t\t\t\tWHERE IsActive = 1 AND\r\n\t\t\t\t\t\t\t(MATCH(Name,Address,Address2) AGAINST('" . cIn($locName, 0) . "' IN BOOLEAN MODE) OR NAME LIKE('%" . cIn($locName) . "%'))\r\n\t\t\t\t\t\tORDER BY IsPublic, Name");
if (!hasRows($result) || $locName == '' || !check_form_token($token)) {
echo '
<p>' . $hc_lang_locations['NoLoc'] . '</p>
<p><a href="' . AdminRoot . '/index.php?com=locsearch">' . $hc_lang_locations['NoLocLink'] . '</a></p>';
} else {
echo '
<form name="frmMergeLocation" id="frmMergeLocation" method="post" action="' . AdminRoot . '/index.php?com=location&m=1" onsubmit="return validate();">';
set_form_token();
echo '
<div class="catCtrl">
[ <a href="javascript:;" onclick="checkAllArray(\'frmMergeLocation\',\'locID[]\');">' . $hc_lang_core['SelectAll'] . '</a>
| <a href="javascript:;" onclick="uncheckAllArray(\'frmMergeLocation\',\'locID[]\');">' . $hc_lang_core['DeselectAll'] . '</a> ]
</div>
<ul class="data">
<li class="row header uline">
</select>
<label for="eventBillboard">' . $hc_lang_event['Billboard'] . '</label>
<select name="eventBillboard" id="eventBillboard">
<option' . ($eventBillboard == 0 ? ' selected="selected"' : '') . ' value="0">' . $hc_lang_event['Billboard0'] . '</option>
<option' . ($eventBillboard == 1 ? ' selected="selected"' : '') . ' value="1">' . $hc_lang_event['Billboard1'] . '</option>
</select>
<label for="eventFeatured">' . $hc_lang_event['Featured'] . '</label>
<select name="eventFeatured" id="eventFeatured">
<option' . ($featured == 0 ? ' selected="selected"' : '') . ' value="0">' . $hc_lang_event['Featured0'] . '</option>
<option' . ($featured == 1 ? ' selected="selected"' : '') . ' value="1">' . $hc_lang_event['Featured1'] . '</option>
</select>
<label for="eventHide">' . $hc_lang_event['Expire'] . '</label>
<input name="eventHide" id="eventHide" type="number" min="1" max="999" size="4" maxlength="3" value="' . $expire . '" required="required" />
<span class="output">' . $hc_lang_event['Days'] . '</span>
<label>' . $hc_lang_event['Categories'] . '</label>';
$query = $eID > 0 ? "SELECT c.PkID, c.CategoryName, c.ParentID, c.CategoryName as Sort, ec.EventID as Selected\r\n\t\t\tFROM " . HC_TblPrefix . "categories c\r\n\t\t\t\tLEFT JOIN " . HC_TblPrefix . "eventcategories ec ON (c.PkID = ec.CategoryID AND ec.EventID = " . cIn($eID) . ")\r\n\t\t\tWHERE c.ParentID = 0 AND c.IsActive = 1\r\n\t\t\tGROUP BY c.PkID, c.CategoryName, c.ParentID, ec.EventID\r\n\t\t\tUNION\r\n\t\t\tSELECT c.PkID, c.CategoryName, c.ParentID, c2.CategoryName as Sort, ec.EventID as Selected\r\n\t\t\tFROM " . HC_TblPrefix . "categories c\r\n\t\t\t\tLEFT JOIN " . HC_TblPrefix . "categories c2 ON (c.ParentID = c2.PkID)\r\n\t\t\t\tLEFT JOIN " . HC_TblPrefix . "eventcategories ec ON (c.PkID = ec.CategoryID AND ec.EventID = " . cIn($eID) . ")\r\n\t\t\tWHERE c.ParentID > 0 AND c.IsActive = 1\r\n\t\t\tGROUP BY c.PkID, c.CategoryName, c.ParentID, c2.CategoryName, ec.EventID\r\n\t\t\tORDER BY Sort, ParentID, CategoryName" : NULL;
getCategories('frmEventAdd', 3, $query, 1);
echo '
</fieldset>
<fieldset>
<legend>' . $hc_lang_event['Location'] . '</legend>';
echo $locID > 0 ? '
<div id="locSetting" class="frm_ctrl">
<label>' . $hc_lang_event['CurLocation'] . '</label>
<span class="output">
<b>' . $locName . '</b><br />
' . buildAddress($locAddress, $locAddress2, $locCity, $state, $locPostal, $locCountry, $hc_lang_config['AddressType']) . '
</span>
<label> </label>
<span class="output">
<a href="javascript:;" onclick="setLocation(0,\'\',1);" class="locChange">' . $hc_lang_event['ChngLocation'] . '</a>
* @license GNU General Public License version 2 or later; see LICENSE
*/
if (!defined('hcAdmin')) {
header("HTTP/1.1 403 No Direct Access");
exit;
}
include HCLANG . '/admin/pages.php';
if (isset($_GET['msg'])) {
switch ($_GET['msg']) {
case "1":
feedback(1, $hc_lang_pages['Feed01']);
break;
}
}
appInstructions(0, "Digest", $hc_lang_pages['TitleDigest'], $hc_lang_pages['InstructDigest']);
$aID = isset($_GET['aID']) && is_numeric($_GET['aID']) ? cIn($_GET['aID']) : 0;
$result = doQuery("SELECT * FROM " . HC_TblPrefix . "settings WHERE PkID IN (97,98,99)");
$status = 0;
$newFor = 1;
$welcomeMsg = '';
if (hasRows($result)) {
$status = cOut(mysql_result($result, 0, 1));
$welcomeMsg = cOut(mysql_result($result, 1, 1));
$newFor = cOut(mysql_result($result, 2, 1));
}
echo '
<form name="frmDigest" id="frmDigest" method="post" action="' . AdminRoot . '/components/DigestAction.php" onsubmit="return validate();">';
set_form_token();
echo '
<fieldset>
<legend>' . $hc_lang_pages['Settings'] . '</legend>
* @license GNU General Public License version 2 or later; see LICENSE
*/
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
$token = '';
$token = $token == '' && isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : $token;
$token = $token == '' && isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : $token;
if (!check_form_token($token)) {
go_home();
}
if (!isset($_GET['dID'])) {
$gID = isset($_POST['gID']) && is_numeric($_POST['gID']) ? cIn($_POST['gID']) : 0;
$name = isset($_POST['name']) ? cIn($_POST['name']) : '';
$description = isset($_POST['description']) ? cIn(cleanQuotes($_POST['description']), 1) : '';
$status = isset($_POST['status']) ? cIn($_POST['status']) : '';
$result = doQuery("SELECT * FROM " . HC_TblPrefix . "mailgroups WHERE PkID = '" . $gID . "'");
if (hasRows($result)) {
doQuery("UPDATE " . HC_TblPrefix . "mailgroups\r\n\t\t\t\t\tSET Name = '" . $name . "',\r\n\t\t\t\t\t\tDescription = '" . $description . "',\r\n\t\t\t\t\t\tIsPublic = '" . $status . "'\r\n\t\t\t\t\tWHERE PkID = '" . $gID . "'");
header("Location: " . AdminRoot . "/index.php?com=subgrps&msg=2");
} else {
doQuery("INSERT INTO " . HC_TblPrefix . "mailgroups(Name,Description,IsPublic,IsActive)\r\n\t\t\t\t\tValues(\t'" . $name . "',\r\n\t\t\t\t\t\t\t'" . $description . "',\r\n\t\t\t\t\t\t\t'" . $status . "',1)");
header("Location: " . AdminRoot . "/index.php?com=subgrps&msg=3");
}
} else {
if ($_GET['dID'] != 1) {
doQuery("UPDATE " . HC_TblPrefix . "mailgroups SET IsActive = 0 WHERE PkiD = '" . cIn(strip_tags($_GET['dID'])) . "'");
}
header("Location: " . AdminRoot . "/index.php?com=subgrps&msg=1");
}
include HCLANG . '/public/news.php';
$subject = $hc_lang_news['Subject'] . ' - ' . CalName;
$message = '<p>' . $hc_lang_news['RegEmailA'] . ' <a href="' . CalRoot . '/a.php?a=' . mysql_result($result, 0, 1) . '">' . CalRoot . '/a.php?a=' . mysql_result($result, 0, 1) . '</a></p>';
$message .= '<p>' . mysql_result($result, 0, 0) . $hc_lang_news['RegEmailB'] . '</p>';
$message .= '<p>' . $hc_lang_news['RegEmailC'] . ' ' . $hc_cfg[78] . '</p>';
reMail(trim($firstname . ' ' . $lastname), $email, $subject, $message, $hc_cfg[79], $hc_cfg[78]);
}
$target = $optin == 1 ? 'submngt&msg=2' : 'subedit&uID=' . $uID . '&msg=2';
header('Location: ' . AdminRoot . '/index.php?com=' . $target);
}
}
} else {
if (isset($_GET['a']) && ($_GET['a'] = 1)) {
doQuery("DELETE sg FROM " . HC_TblPrefix . "subscribersgroups sg LEFT JOIN " . HC_TblPrefix . "subscribers s ON (s.PkID = sg.UserID) WHERE s.IsConfirm = 0");
doQuery("DELETE sc FROM " . HC_TblPrefix . "subscriberscategories sc LEFT JOIN " . HC_TblPrefix . "subscribers s ON (s.PkID = sc.UserID) WHERE s.IsConfirm = 0");
doQuery("DELETE FROM " . HC_TblPrefix . "subscribers WHERE IsConfirm = 0");
} elseif (isset($_GET['dID'])) {
$dID = cIn(strip_tags($_GET['dID']));
$result = doQuery("SELECT NewsletterID FROM " . HC_TblPrefix . "newssubscribers WHERE SubscriberID = '" . $dID . "'");
if (hasRows($result)) {
while ($row = mysql_fetch_row($result)) {
doQuery("UPDATE " . HC_TblPrefix . "newsletters SET SendCount = (SendCount - 1) WHERE PkID = '" . $row[0] . "'");
}
}
doQuery("DELETE FROM " . HC_TblPrefix . "subscribersgroups WHERE UserID = '" . $dID . "'");
doQuery("DELETE FROM " . HC_TblPrefix . "subscriberscategories WHERE UserID = '" . $dID . "'");
doQuery("DELETE FROM " . HC_TblPrefix . "subscribers WHERE PkID = '" . $dID . "'");
doQuery("DELETE FROM " . HC_TblPrefix . "newssubscribers WHERE SubscriberID = '" . $dID . "'");
}
header('Location: ' . AdminRoot . '/index.php?com=submngt&msg=1');
}
<?php
/**
* @package Helios Calendar
* @license GNU General Public License version 2 or later; see LICENSE
*/
if (!defined('hcAdmin')) {
header("HTTP/1.1 403 No Direct Access");
exit;
}
$active = isset($_GET['com']) ? cIn(strip_tags($_GET['com'])) : '';
$com = HCADMIN . '/components/Home.php';
switch ($active) {
case 'eventadd':
$com = $adminEventEdit == 1 ? 'components/EventAdd.php' : $com;
break;
case 'eventsearch':
$com = $adminEventEdit == 1 || $adminReports == 1 ? 'components/EventSearch.php' : $com;
break;
case 'searchresults':
$com = $adminEventEdit == 1 || $adminReports == 1 ? 'components/EventSearchResults.php' : $com;
break;
case 'eventedit':
$com = $adminEventEdit == 1 ? 'components/EventEdit.php' : $com;
break;
case 'eventregister':
$com = $adminEventEdit == 1 ? 'components/RegisterAdd.php' : $com;
break;
case 'eventpending':
$com = $adminEventPending == 1 ? 'components/EventPending.php' : $com;
break;
<?php
/**
* @package Helios Calendar
* @license GNU General Public License version 2 or later; see LICENSE
*/
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
post_only();
$token = isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : '';
if (!check_form_token($token)) {
go_home();
}
$locIDs = array_filter(explode(',', $_POST['locIDs']), 'is_numeric');
$locIDs = cIn(implode(',', $locIDs));
$msgID = 4;
if (is_numeric($_POST['mergeID'][0])) {
$msgID = 5;
doQuery("UPDATE " . HC_TblPrefix . "events SET LocID = '" . cIn($_POST['mergeID'][0]) . "' WHERE LocID IN (" . $locIDs . ")");
doQuery("UPDATE " . HC_TblPrefix . "locations SET IsActive = 0 WHERE PkID IN (" . $locIDs . ") AND PkID != '" . cIn($_POST['mergeID'][0]) . "'");
}
clearCache();
header('Location: ' . AdminRoot . '/index.php?com=location&msg=' . $msgID);
action_headers();
$token = '';
$token = $token == '' && isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : $token;
$token = $token == '' && isset($_GET['tkn']) ? cIn(strip_tags($_GET['tkn'])) : $token;
if (!check_form_token($token)) {
go_home();
}
include HCLANG . '/admin/newsletter.php';
if (!isset($_GET['dID'])) {
$allSub = '';
$mID = isset($_POST['mID']) && is_numeric($_POST['mID']) ? cIn($_POST['mID']) : 0;
$next = isset($_POST['next']) && is_numeric($_POST['next']) ? cIn($_POST['next']) : 0;
$resultG = doQuery("SELECT mg.PkID, mg.Name, m.PkID as Selected\r\n\t\t\t\t\t\t FROM " . HC_TblPrefix . "mailgroups mg\r\n\t\t\t\t\t\t\t LEFT JOIN " . HC_TblPrefix . "mailersgroups mgs ON (mgs.GroupID = mg.PkID AND mgs.MailerID = '" . $mID . "')\r\n\t\t\t\t\t\t\t LEFT JOIN " . HC_TblPrefix . "mailers m ON (mgs.MailerID = m.PkID and m.IsActive = 1)\r\n\t\t\t\t\t\t WHERE mg.IsActive = 1\r\n\t\t\t\t\t\t Group By mg.PkID, mg.Name, m.PkID\r\n\t\t\t\t\t\t ORDER BY mg.Name");
while ($row = mysql_fetch_row($resultG)) {
$allSub += $row[2] != '' && $row[0] == 1 ? 1 : 0;
}
$queryCnt = $allSub > 0 ? "SELECT COUNT(PkID) FROM " . HC_TblPrefix . "subscribers WHERE IsConfirm = 1" : "SELECT COUNT(DISTINCT sgs.UserID)\r\n\t\t\t\t\t\t\tFROM " . HC_TblPrefix . "subscribersgroups sgs\r\n\t\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "mailgroups mg ON (sgs.GroupID = mg.PkID AND mg.IsActive = 1)\r\n\t\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "mailersgroups mgs ON (mgs.GroupID = sgs.GroupID)\r\n\t\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "mailers m ON (mgs.MailerID = m.PkID AND m.IsActive = 1)\r\n\t\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "subscribers s ON (s.PkID = sgs.UserID)\r\n\t\t\t\t\t\t\tWHERE m.PkID = '" . $mID . "' AND s.IsConfirm = 1";
$resultS = doQuery($queryCnt);
$subCnt = mysql_result($resultS, 0, 0);
doQuery("INSERT INTO " . HC_TblPrefix . "newsletters(Subject,StartDate,EndDate,TemplateID,Message,SentDate,SendCount,`Status`,SendingAdminID,MailerID,IsArchive,IsActive)\r\n\t\t\t\tSELECT Subject, StartDate, EndDate, TemplateID, Message, NOW(), " . $subCnt . " as SendCount,\r\n\t\t\t\t\t0, " . $_SESSION['AdminPkID'] . ", PkID, IsArchive, 1\r\n\t\t\t\tFROM " . HC_TblPrefix . "mailers m\r\n\t\t\t\tWHERE m.PkID = '" . $mID . "'");
$result = doQuery("SELECT LAST_INSERT_ID() FROM " . HC_TblPrefix . "newsletters");
$newPkID = mysql_result($result, 0, 0);
$queryList = $allSub > 0 ? "INSERT INTO " . HC_TblPrefix . "newssubscribers(NewsletterID,SubscriberID) SELECT '" . $newPkID . "', PkID FROM " . HC_TblPrefix . "subscribers WHERE IsConfirm = 1" : "INSERT INTO " . HC_TblPrefix . "newssubscribers(NewsletterID,SubscriberID)\r\n\t\t\t\t\t\t\tSELECT DISTINCT '" . $newPkID . "', sgs.UserID\r\n\t\t\t\t\t\t\tFROM " . HC_TblPrefix . "subscribersgroups sgs\r\n\t\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "mailgroups mg ON (sgs.GroupID = mg.PkID AND mg.IsActive = 1)\r\n\t\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "mailersgroups mgs ON (mgs.GroupID = sgs.GroupID)\r\n\t\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "mailers m ON (mgs.MailerID = m.PkID AND m.IsActive = 1)\r\n\t\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "subscribers s ON (s.PkID = sgs.UserID)\r\n\t\t\t\t\t\t\tWHERE m.PkID = '" . $mID . "' AND s.IsConfirm = 1";
doQuery($queryList);
$target = $next > 0 ? 'newssend&nID=' . $newPkID : 'newsqueue&msg=1';
} else {
$tID = isset($_GET['tID']) && is_numeric($_GET['tID']) ? cIn($_GET['tID']) : 0;
$target = 'newsqueue&t=' . $tID . '&msg=2';
doQuery("UPDATE " . HC_TblPrefix . "newsletters SET IsActive = 0 WHERE PkID = '" . cIn($_GET['dID']) . "'");
}
header("Location: " . AdminRoot . "/index.php?com={$target}");
<?php
/**
* @package Helios Calendar
* @license GNU General Public License version 2 or later; see LICENSE
*/
define('isHC', true);
define('isAction', true);
include '../loader.php';
action_headers();
header('content-type: text/html; charset=' . $hc_lang_config['CharSet']);
if (isset($_SESSION['hc_cap'])) {
$capEntered = isset($_GET['capEntered']) ? cIn($_GET['capEntered']) : '';
echo $_SESSION['hc_cap'] == md5($capEntered) ? '<span style="color:#008000;">' . $hc_lang_core['Correct'] . '</span>' : '<span style="color:#DC143C;">' . $hc_lang_core['Incorrect'] . ' <a href="javascript:;" onclick="testCAPTCHA();" tabindex="-1">' . $hc_lang_core['ConfirmAgain'] . '</a>';
} else {
echo $hc_lang_core['RefreshPage'];
}
$consumer_key = mysql_result($result, 2, 0);
$consumer_secret = mysql_result($result, 3, 0);
} else {
$apiFail = true;
echo $hc_lang_event['APITwitterSettings'];
}
if ($consumer_key != '' && $consumer_secret != '') {
$tweetID = '';
$twtrMsg = cleanQuotes($_POST['tweetThis']) . ' ' . $shortLink . ' ' . $hc_cfg[59];
require_once HCPATH . HCINC . '/api/twitter/PostTweet.php';
if ($tweetID != '') {
doQuery("INSERT INTO " . HC_TblPrefix . "eventnetwork(EventID,NetworkID,NetworkType,IsActive)\r\n\t\t\t\t\t\tVALUES('" . $newPkID . "','" . cIn($tweetID) . "',3,1);");
}
}
}
if (isset($_POST['doFacebook']) && isset($_POST['facebookStatus'])) {
$fbStatusID = '';
$fbStatus = cleanQuotes($_POST['fbThis']);
$fbLink = CalRoot . "/index.php?eID=" . $eID;
include HCPATH . HCINC . '/api/facebook/StatusPost.php';
if ($fbStatusID != '') {
doQuery("INSERT INTO " . HC_TblPrefix . "eventnetwork(EventID,NetworkID,NetworkType,IsActive)\r\n\t\t\t\t\tVALUES('" . $newPkID . "','" . cIn($fbStatusID) . "',4,1);");
}
}
clearCache();
if ($apiFail == false) {
header("Location: " . AdminRoot . "/index.php?com=eventedit&msg=" . $msgID . "&eID=" . $eID);
} else {
echo '<br /><br />' . $hc_lang_event['APIError'] . '<br /><br />';
echo '<a href="' . AdminRoot . '/index.php?com=eventedit&msg=' . $msgID . '&eID=' . $eID . '">' . $hc_lang_event['APIErrorLink'] . '</a>';
}
define('SAFE_REFER', true);
include '../loader.php';
admin_logged_in();
action_headers();
$target = AdminRoot . '/index.php';
$callback_url = AdminRoot . '/auth/twitter.php';
$consumer_key = $consumer_secret = '';
$result = doQuery("SELECT SettingValue FROM " . HC_TblPrefix . "settings WHERE PkID IN(111,112)");
if (hasRows($result)) {
$consumer_key = mysql_result($result, 0, 0);
$consumer_secret = mysql_result($result, 1, 0);
}
if ($consumer_key != '' && $consumer_secret != '' && !isset($_GET['denied']) && $_SESSION['APIAuth'] == 1) {
if (isset($_GET['oauth_token']) && isset($_GET['oauth_verifier'])) {
$oauth_token = cIn(strip_tags($_GET['oauth_token']));
$oauth_verifier = cIn(strip_tags($_GET['oauth_verifier']));
include HCPATH . HCINC . '/api/twitter/AccessToken.php';
if (!isset($authUser) || !isset($authUserID) || !isset($authToken) || !isset($authSecret) || $authUser . $authUserID . $authToken . $authSecret == '') {
$target = AdminRoot . '/index.php?com=apiset&msg=3';
} else {
doQuery("UPDATE " . HC_TblPrefix . "settings SET SettingValue = '" . $authUser . "' WHERE PkID = 63");
doQuery("UPDATE " . HC_TblPrefix . "settings SET SettingValue = '" . $authUserID . "' WHERE PkID = 64");
doQuery("UPDATE " . HC_TblPrefix . "settings SET SettingValue = '" . $authToken . "' WHERE PkID = 46");
doQuery("UPDATE " . HC_TblPrefix . "settings SET SettingValue = '" . $authSecret . "' WHERE PkID = 47");
$target = AdminRoot . '/index.php?com=apiset&msg=2';
}
} else {
$oauth_token = $oauth_verifier = '';
include HCPATH . HCINC . '/api/twitter/RequestToken.php';
$target = 'https://twitter.com/oauth/authorize?oauth_token=' . $_SESSION['RequestToken'];
}
include_once HCLANG . '/public/rss.php';
if ($hc_cfg[106] == 0) {
go_home();
}
$sID = isset($_GET['s']) && is_numeric($_GET['s']) ? cIn($_GET['s']) : 0;
$feedName = $hc_lang_rss['FeedLabel' . $sID];
$tzRSS = str_replace(':', '', HCTZ);
if (!file_exists(HCPATH . '/cache/rss' . SYSDATE . '_' . $sID)) {
$files = glob(HCPATH . '/cache/rss*_' . $sID);
if (COUNT($files) > 0 && $files[0] != '') {
foreach ($files as $filename) {
unlink($filename);
}
}
$bQuery = $sID == 3 ? " AND e.IsBillboard = 1 " : '';
$query = "\tSELECT DISTINCT e.PkID, e.Title, e.Description, e.StartDate, e.StartTime, e.SeriesID, e.PublishDate, (e.Views / (DATEDIFF('" . SYSDATE . "', e.PublishDate)+1)) as Ave\r\n\t\t\t\t\tFROM " . HC_TblPrefix . "events e\r\n\t\t\t\t\tWHERE IsActive = 1 AND IsApproved = 1 AND StartDate >= '" . cIn(SYSDATE) . "' " . $bQuery;
$query .= $hc_cfg[33] == 0 ? " AND e.SeriesID IS NULL \r\n\t\t\t\t\tUNION \r\n\t\t\t\t\tSELECT DISTINCT e.PkID, e.Title, e.Description, e.StartDate, e.StartTime, e.SeriesID, e.PublishDate, (e.Views / (DATEDIFF('" . SYSDATE . "', e.PublishDate)+1)) as Ave\r\n\t\t\t\t\tFROM " . HC_TblPrefix . "events e\r\n\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "events e2 ON (e.SeriesID = e2.SeriesID AND e2.StartDate > '" . SYSDATE . "' AND e.StartDate > e2.StartDate)\r\n\t\t\t\t\tWHERE\r\n\t\t\t\t\t\te2.StartDate IS NULL AND \r\n\t\t\t\t\t\te.IsActive = 1 AND e.IsApproved = 1 AND e.StartDate >= '" . SYSDATE . "' AND e.SeriesID IS NOT NULL " . $bQuery . "\r\n\t\t\t\t\tGROUP BY e.SeriesID, e.PkID, e.Title, e.Description, e.StartDate, e.StartTime, e.SeriesID, e.Views, e.PublishDate" : '';
switch ($sID) {
case 0:
$query .= " ORDER BY StartDate, StartTime LIMIT " . $hc_cfg[2];
break;
case 1:
$query .= " ORDER BY PublishDate DESC, StartDate, StartTime LIMIT " . $hc_cfg[2];
break;
case 2:
$query .= " ORDER BY Ave DESC, StartDate, StartTime LIMIT " . $hc_cfg[2];
break;
case 3:
$query .= " ORDER BY StartDate, StartTime LIMIT " . $hc_cfg[2];
break;
}
<?php
/**
* @package Helios Calendar
* @license GNU General Public License version 2 or later; see LICENSE
*/
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
post_only();
$token = isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : '';
if (!check_form_token($token)) {
go_home();
}
$result = doQuery("SELECT GROUP_CONCAT(PkID) FROM " . HC_TblPrefix . "events WHERE IsActive = 0 OR IsApproved = 0 OR StartDate = '0000-00-00'");
if (hasRows($result) & mysql_result($result, 0, 0) != '') {
doQuery("DELETE FROM " . HC_TblPrefix . "eventnetwork WHERE EventID IN (" . mysql_result($result, 0, 0) . ")");
}
doQuery("DELETE FROM " . HC_TblPrefix . "events WHERE IsActive = 0 OR IsApproved = 0 OR StartDate = '0000-00-00'");
doQuery("DELETE en FROM " . HC_TblPrefix . "eventnetwork en LEFT JOIN " . HC_TblPrefix . "events e ON (e.PkID = en.EventID) WHERE e.PkID IS NULL OR e.IsActive = 0 OR e.IsApproved = 0");
doQuery("DELETE FROM " . HC_TblPrefix . "locations WHERE IsActive = 0");
doQuery("DELETE ln FROM " . HC_TblPrefix . "locationnetwork ln LEFT JOIN " . HC_TblPrefix . "locations l ON (l.PkID = ln.LocationID) WHERE l.PkID IS NULL OR l.IsActive = 0");
doQuery("DELETE ec FROM " . HC_TblPrefix . "eventcategories ec LEFT JOIN " . HC_TblPrefix . "events e ON (ec.EventID = e.PkID) WHERE e.PkID is NULL OR e.IsActive = 0 OR e.IsApproved = 0");
doQuery("DELETE er FROM " . HC_TblPrefix . "eventrsvps er LEFT JOIN " . HC_TblPrefix . "events e ON (er.EventID = e.PkID) WHERE e.PkID is NULL OR e.IsActive = 0 OR e.IsApproved = 0");
doQuery("DELETE FROM " . HC_TblPrefix . "categories WHERE IsActive = 0");
doQuery("DELETE FROM " . HC_TblPrefix . "templates WHERE IsActive = 0");
doQuery("DELETE FROM " . HC_TblPrefix . "templatesnews WHERE IsActive = 0");
doQuery("DELETE FROM " . HC_TblPrefix . "mailers WHERE IsActive = 0");
doQuery("DELETE mg FROM " . HC_TblPrefix . "mailersgroups mg LEFT JOIN " . HC_TblPrefix . "mailers m ON (m.PkID = mg.MailerID) WHERE m.PkID IS NULL OR m.IsActive = 0");
doQuery("DELETE FROM " . HC_TblPrefix . "mailgroups WHERE IsActive = 0");
break;
case 'series':
$sID = isset($_GET['sID']) ? cIn(strip_tags($_GET['sID'])) : '';
$result = doQuery("SELECT DISTINCT Title FROM " . HC_TblPrefix . "events\r\n\t\t\t\t\t\tWHERE SeriesID = '" . $sID . "' AND IsActive = 1 AND IsApproved = 1 AND StartDate >= '" . SYSDATE . "'\r\n\t\t\t\t\t\tORDER BY StartDate");
if (hasRows($result)) {
define('HCCanURL', CalRoot . '/index.php?com=series&sID=' . $sID);
$crmbAdd[HCCanURL] = $hc_lang_core['Series'] . ' ' . mysql_result($result, 0, 0);
}
include_once HCLANG . '/public/event.php';
include_once HCPATH . HCINC . '/functions/events.php';
include_once HCPATH . HCINC . '/functions/maps.php';
load_theme_page('series.php');
break;
case 'tools':
$t = isset($_GET['t']) ? '&t=' . cIn(strip_tags($_GET['t'])) : '';
if (isset($_GET['t']) && cIn(strip_tags($_GET['t'])) == 1 && $hc_cfg[106] == 0) {
go_home();
}
define('HCCanURL', CalRoot . '/index.php?com=tools' . $t);
include_once HCLANG . '/public/tools.php';
include_once HCPATH . HCINC . '/functions/tools.php';
load_theme_page('tools.php');
break;
case 'send':
if ($lID > 0) {
$result = doQuery("SELECT Name, Address, Address2, City, State, Zip, Country FROM " . HC_TblPrefix . "locations WHERE PkID = '" . $lID . "'");
if (hasRows($result)) {
define('HCCanURL', CalRoot . '/index.php?com=' . HCCOM . '&lID=' . $lID);
$crmbAdd[CalRoot . '/index.php?com=location'] = $hc_lang_core['location'];
$crmbAdd[CalRoot . '/index.php?com=location&lID=' . $lID] = mysql_result($result, 0, 0);
$crmbAdd[HCCanURL] = $hc_lang_core[HCCOM];
define('isHC', true);
define('isAction', true);
include dirname(__FILE__) . '/loader.php';
include HCLANG . '/public/search.php';
action_headers();
header('content-type: text/html; charset=' . $hc_lang_config['CharSet']);
$resLimit = 10;
$locName = isset($_GET['q']) && $_GET['q'] != '' ? cIn(strip_tags($_GET['q'])) : '';
$resOffset = isset($_GET['o']) && is_numeric($_GET['o']) ? cIn(strip_tags($_GET['o'])) : 0;
$po = isset($_GET['po']) && is_numeric($_GET['po']) ? cIn(strip_tags($_GET['po'])) : 1;
$eo = isset($_GET['eo']) && is_numeric($_GET['eo']) ? cIn(strip_tags($_GET['eo'])) : 0;
if ($locName != '') {
if ($eo == 0) {
$pQuery = $po == 0 ? '' : ' AND IsPublic = 1';
$result = doQuery("SELECT PkID, Name, Address, Address2, City, State, Zip, Country, Lat, Lon\r\n\t\t\t\t\t\t\tFROM " . HC_TblPrefix . "locations\r\n\t\t\t\t\t\t\tWHERE NAME LIKE('%" . $locName . "%')" . $pQuery . " AND IsActive = 1\r\n\t\t\t\t\t\t\tORDER BY Name LIMIT " . $resLimit . " OFFSET " . $resOffset * $resLimit);
$resultP = doQuery("SELECT COUNT(PkID) FROM " . HC_TblPrefix . "locations WHERE NAME LIKE('%" . cIn($locName) . "%')" . $pQuery . " AND IsActive = 1");
} else {
$result = doQuery("SELECT DISTINCT(l.PkID), l.Name, l.Address, l.Address2, l.City, l.State, l.Zip, l.Country, l.Lat, l.Lon\r\n\t\t\t\t\t\t\tFROM " . HC_TblPrefix . "locations l\r\n\t\t\t\t\t\t\t\tLEFT JOIN " . HC_TblPrefix . "events e ON (e.LocID = l.PkID)\r\n\t\t\t\t\t\t\tWHERE l.NAME LIKE('%" . $locName . "%') AND l.IsActive = 1\r\n\t\t\t\t\t\t\t\tAND e.IsActive = 1 AND e.IsApproved = 1 AND e.StartDate >= '" . date("Y-m-d") . "'\r\n\t\t\t\t\t\t\tORDER BY Name LIMIT " . $resLimit . " OFFSET " . $resOffset * $resLimit);
$resultP = doQuery("SELECT COUNT(DISTINCT(l.PkID)) FROM " . HC_TblPrefix . "locations l LEFT JOIN " . HC_TblPrefix . "events e ON (e.LocID = l.PkID) WHERE NAME LIKE('%" . $locName . "%') AND l.IsPublic = 1 AND l.IsActive = 1 AND e.IsActive = 1 AND e.IsApproved = 1 AND e.StartDate >= '" . date("Y-m-d") . "'");
}
}
if (isset($result) && hasRows($result)) {
$x = 0;
while ($row = mysql_fetch_row($result)) {
$locAddress = buildAddress(htmlentities($row[3], ENT_QUOTES), htmlentities($row[2], ENT_QUOTES), htmlentities($row[4], ENT_QUOTES), htmlentities($row[5], ENT_QUOTES), htmlentities($row[6], ENT_QUOTES), htmlentities($row[7], ENT_QUOTES), $hc_lang_config['AddressType']);
$locAddress = str_replace('<br />', ', ', $locAddress);
$hl = $x % 2 == 0 ? ' class="hl_frm"' : '';
echo '
<label' . $hl . ' for="locValue_' . $row[0] . '"><input name="locValue" id="locValue_' . $row[0] . '" type="radio" onclick="setLocation(' . $row[0] . ',\'' . htmlentities(str_replace('\'', '\\\'', $row[1]), ENT_QUOTES) . '\', 1);" />';
echo $hc_cfg[52] != '' && ($row[8] != '' && $row[9] != '') ? '<a href="' . $hc_cfg[52] . 'maps?q=' . $row[8] . ',' . $row[9] . '" target="_blank"><img src="' . CalRoot . '/img/icons/map.png" width="16" height="16" class="pull-left" alt="' . $hc_lang_search['Map'] . '" /></a>' : '';
echo $po == 0 && isset($_SESSION['AdminLoggedIn']) ? '<a href="' . AdminRoot . '/index.php?com=addlocation&lID=' . $row[0] . '" target="_blank"><img src="' . AdminRoot . '/img/icons/edit.png" width="16" height="16" alt="" /></a>' : '';
<?php
/**
* @package Helios Calendar
* @subpackage Default Mobile Theme
*/
if (!defined('isHC')) {
exit(-1);
}
$active_tool = isset($_GET['t']) && is_numeric($_GET['t']) ? cIn(strip_tags($_GET['t'])) : 0;
/* Add Tool Options
$add_tools = array(10 => 'New Tool',11 => 'New Tool 2');*/
$add_tools = array();
$crmbAdd = tool_crumb($active_tool, $add_tools);
get_header();
get_tool_validation($active_tool);
// Set Category Output to 3 Columns
set_cat_cols(2);
?>
</head>
<body>
<?php
my_menu(3);
?>
<nav class="sub">
<ul>
<li> </li>
<li><a href="<?php
echo cal_url();
$result = doQuery("SELECT SettingValue FROM " . HC_TblPrefix . "settings WHERE PkID IN(111,112)");
if (hasRows($result)) {
$consumer_key = mysql_result($result, 0, 0);
$consumer_secret = mysql_result($result, 1, 0);
}
if ($consumer_key != '' && $consumer_secret != '') {
if (isset($_GET['oauth_token']) && isset($_GET['oauth_verifier'])) {
$oauth_token = cIn(strip_tags($_GET['oauth_token']));
$oauth_verifier = cIn(strip_tags($_GET['oauth_verifier']));
if (!isset($_SESSION['RequestToken']) || $_SESSION['RequestToken'] != $oauth_token) {
session_destroy();
go_home();
}
include HCPATH . HCINC . '/api/twitter/AccessToken.php';
if (isset($authUser) && isset($authUserID) && isset($authToken) && isset($authSecret) && $authUser . $authUserID . $authToken . $authSecret != '') {
$result = doQuery("SELECT PkID, Email, Birthdate FROM " . HC_TblPrefix . "users WHERE NetworkType = '1' AND NetworkID = '" . cIn($authUserID) . "'");
if (!hasRows($result)) {
$local_id = user_register_new(1, $authUser, $authUserID);
$_SESSION['new_user'] = true;
} else {
$local_id = mysql_result($result, 0, 0);
if (mysql_result($result, 0, 1) == '' || mysql_result($result, 0, 2) == '') {
$_SESSION['new_user'] = true;
}
}
$_SESSION['UserNetToken'] = $authToken;
$_SESSION['UserNetSecret'] = $authSecret;
user_update_status(1, $authUser, $authUserID, 1);
user_update_history($local_id);
$target = CalRoot . '/index.php?com=acc';
}
* @license GNU General Public License version 2 or later; see LICENSE
*/
set_time_limit(600);
define('hcAdmin', true);
include '../loader.php';
admin_logged_in();
action_headers();
$token = isset($_POST['token']) ? cIn(strip_tags($_POST['token'])) : '';
if (!check_form_token($token)) {
go_home();
}
include HCLANG . '/admin/tools.php';
$catID = $_POST['catID'];
$catIDWhere = '0,' . implode(',', $_POST['catID']);
$tID = isset($_POST['tID']) && is_numeric($_POST['tID']) ? cIn(strip_tags($_POST['tID'])) : 0;
$mID = isset($_POST['mID']) && is_numeric($_POST['mID']) ? cIn(strip_tags($_POST['mID'])) : 0;
$expVars = array(1 => array('tag' => '[event_id]', 'field' => '29'), 2 => array('tag' => '[event_title]', 'field' => '0'), 3 => array('tag' => '[event_desc]', 'field' => '1'), 4 => array('tag' => '[event_date]', 'field' => '30'), 5 => array('tag' => '[event_time_start]', 'field' => '2'), 6 => array('tag' => '[event_time_end]', 'field' => '3'), 7 => array('tag' => '[event_cost]', 'field' => '4'), 8 => array('tag' => '[event_billboard]', 'field' => '5'), 9 => array('tag' => '[contact_name]', 'field' => '6'), 10 => array('tag' => '[contact_email]', 'field' => '7'), 11 => array('tag' => '[contact_phone]', 'field' => '8'), 12 => array('tag' => '[contact_url]', 'field' => '9'), 13 => array('tag' => '[space]', 'field' => '10'), 14 => array('tag' => '[loc_name]', 'field' => 'X'), 15 => array('tag' => '[loc_address]', 'field' => 'X'), 16 => array('tag' => '[loc_address2]', 'field' => 'X'), 17 => array('tag' => '[loc_city]', 'field' => 'X'), 18 => array('tag' => '[loc_region]', 'field' => 'X'), 19 => array('tag' => '[loc_postal]', 'field' => 'X'), 20 => array('tag' => '[loc_country]', 'field' => 'X'), 21 => array('tag' => '[loc_url]', 'field' => '26'), 22 => array('tag' => '[cal_url]', 'field' => 'X'), 23 => array('tag' => '[date_series]', 'field' => 'X'), 24 => array('tag' => '[date_unique]', 'field' => '30'), 25 => array('tag' => '[category_unique]', 'field' => '31'), 26 => array('tag' => '[desc_notags]', 'field' => '1'));
$result = doQuery("SELECT * FROM " . HC_TblPrefix . "templates WHERE IsActive = 1 AND PkID = '" . $tID . "'");
if (hasRows($result)) {
$content = mysql_result($result, 0, 2);
$header = mysql_result($result, 0, 3);
$footer = mysql_result($result, 0, 4);
$ext = mysql_result($result, 0, 5);
$groupBy = mysql_result($result, 0, 7);
$sortBy = mysql_result($result, 0, 8);
$cleanUp = explode("\n", mysql_result($result, 0, 9));
$dateFormat = mysql_result($result, 0, 10);
$curDate = $curCategory = '';
header('Content-Type:text/plain; charset=' . $hc_lang_config['CharSet']);
if ($mID == 2) {
header('Content-Disposition:attachment; filename=' . date("YmdGis") . '_HeliosCalendarOutput' . $ext);
<div class="number" style="width:15%;">' . ($aCnt > 0 ? number_format(mysql_result($result, 0, 2) / $aCnt, 2, '.', ',') : '0') . '</div>
<div class="number" style="width:15%;">' . number_format(mysql_result($result, 0, 2), 0, '.', ',') . '</div>
</li>
<li class="row hl">
<div style="width:70%;">' . $hc_lang_reports['EmailTo'] . '</div>
<div class="number" style="width:15%;">' . ($aCnt > 0 ? number_format(mysql_result($result, 0, 3) / $aCnt, 2, '.', ',') : '0') . '</div>
<div class="number" style="width:15%;">' . number_format(mysql_result($result, 0, 3), 0, '.', ',') . '</div>
</li>
<li class="row">
<div style="width:70%;">' . $hc_lang_reports['URL'] . '</div>
<div class="number" style="width:15%;">' . ($aCnt > 0 ? number_format(mysql_result($result, 0, 4) / $aCnt, 2, '.', ',') : '0') . '</div>
<div class="number" style="width:15%;">' . number_format(mysql_result($result, 0, 4), 0, '.', ',') . '</div>
</li>
</ul>';
}
$result = doQuery("SELECT SUM(Views), SUM(Directions), SUM(Downloads), SUM(EmailToFriend), SUM(URLClicks)\r\n\t\t\t\t\tFROM " . HC_TblPrefix . "events\r\n\t\t\t\t\tWHERE IsActive = 1 AND IsApproved = 1 AND StartDate < '" . cIn(SYSDATE) . "'");
if (hasRows($result)) {
echo '
<ul class="data">
<li class="row header uline">
<div style="width:70%;">' . $hc_lang_reports['Passed'] . '</div>
<div class="number" style="width:15%;">' . $hc_lang_reports['Average'] . '</div>
<div class="number" style="width:15%;">' . $hc_lang_reports['Total'] . '</div>
</li>
<li class="row">
<div style="width:70%;">' . $hc_lang_reports['Views'] . '</div>
<div class="number" style="width:15%;">' . ($pCnt > 0 ? number_format(mysql_result($result, 0, 0) / $pCnt, 2, '.', ',') : '0') . '</div>
<div class="number" style="width:15%;">' . number_format(mysql_result($result, 0, 0), 0, '.', ',') . '</div>
</li>
<li class="row hl">
<div style="width:70%;">' . $hc_lang_reports['DriveDir'] . '</div>
