function rsvp_handlersvp(&$output, &$text) { global $wpdb; $thankYouPrimary = ""; $thankYouAssociated = array(); if (is_numeric($_POST['attendeeID']) && $_POST['attendeeID'] > 0) { // update their information and what not.... if (strToUpper($_POST['mainRsvp']) == "Y") { $rsvpStatus = "Yes"; } else { $rsvpStatus = "No"; } $attendeeID = $_POST['attendeeID']; // Get Attendee first name $thankYouPrimary = $wpdb->get_var($wpdb->prepare("SELECT firstName FROM " . ATTENDEES_TABLE . " WHERE id = %d", $attendeeID)); $wpdb->update(ATTENDEES_TABLE, array("rsvpDate" => date("Y-m-d"), "rsvpStatus" => $rsvpStatus, "note" => $_POST['rsvp_note'], "email" => $_POST['mainEmail'], "kidsMeal" => isset($_POST['mainKidsMeal']) && strToUpper($_POST['mainKidsMeal']) == "Y" ? "Y" : "N", "veggieMeal" => isset($_POST['mainVeggieMeal']) && strToUpper($_POST['mainVeggieMeal']) == "Y" ? "Y" : "N"), array("id" => $attendeeID), array("%s", "%s", "%s", "%s", "%s", "%s"), array("%d")); rsvp_printQueryDebugInfo(); rsvp_handleAdditionalQuestions($attendeeID, "mainquestion"); $sql = "SELECT id, firstName FROM " . ATTENDEES_TABLE . " \n\t\t \tWHERE (id IN (SELECT attendeeID FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE associatedAttendeeID = %d) \n\t\t\t\tOR id in (SELECT associatedAttendeeID FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE attendeeID = %d)) \n\t\t\t\t AND rsvpStatus = 'NoResponse'"; $associations = $wpdb->get_results($wpdb->prepare($sql, $attendeeID, $attendeeID)); foreach ($associations as $a) { if (isset($_POST['attending' . $a->id]) && ($_POST['attending' . $a->id] == "Y" || $_POST['attending' . $a->id] == "N")) { $thankYouAssociated[] = $a->firstName; if ($_POST['attending' . $a->id] == "Y") { $rsvpStatus = "Yes"; } else { $rsvpStatus = "No"; } $wpdb->update(ATTENDEES_TABLE, array("rsvpDate" => date("Y-m-d"), "rsvpStatus" => $rsvpStatus, "email" => $_POST['attending' . $a->id . "Email"], "kidsMeal" => strToUpper(isset($_POST['attending' . $a->id . 'KidsMeal']) ? $_POST['attending' . $a->id . 'KidsMeal'] : "N") == "Y" ? "Y" : "N", "veggieMeal" => strToUpper(isset($_POST['attending' . $a->id . 'VeggieMeal']) ? $_POST['attending' . $a->id . 'VeggieMeal'] : "N") == "Y" ? "Y" : "N"), array("id" => $a->id), array("%s", "%s", "%s", "%s", "%s"), array("%d")); rsvp_printQueryDebugInfo(); rsvp_handleAdditionalQuestions($a->id, $a->id . "question"); } } if (get_option(OPTION_HIDE_ADD_ADDITIONAL) != "Y") { if (is_numeric($_POST['additionalRsvp']) && $_POST['additionalRsvp'] > 0) { for ($i = 1; $i <= $_POST['additionalRsvp']; $i++) { $numGuests = 3; if (get_option(OPTION_RSVP_NUM_ADDITIONAL_GUESTS) != "") { $numGuests = get_optioN(OPTION_RSVP_NUM_ADDITIONAL_GUESTS); if (!is_numeric($numGuests) || $numGuests < 0) { $numGuests = 3; } } if ($i <= $numGuests && !empty($_POST['newAttending' . $i . 'FirstName']) && !empty($_POST['newAttending' . $i . 'LastName'])) { $thankYouAssociated[] = $_POST['newAttending' . $i . 'FirstName']; $wpdb->insert(ATTENDEES_TABLE, array("firstName" => trim($_POST['newAttending' . $i . 'FirstName']), "lastName" => trim($_POST['newAttending' . $i . 'LastName']), "email" => trim($_POST['newAttending' . $i . 'Email']), "rsvpDate" => date("Y-m-d"), "rsvpStatus" => $_POST['newAttending' . $i] == "Y" ? "Yes" : "No", "kidsMeal" => isset($_POST['newAttending' . $i . 'KidsMeal']) ? $_POST['newAttending' . $i . 'KidsMeal'] : "N", "veggieMeal" => isset($_POST['newAttending' . $i . 'VeggieMeal']) ? $_POST['newAttending' . $i . 'VeggieMeal'] : "N", "additionalAttendee" => "Y"), array('%s', '%s', '%s', '%s', '%s', '%s', '%s')); rsvp_printQueryDebugInfo(); $newAid = $wpdb->insert_id; rsvp_handleAdditionalQuestions($newAid, $i . 'question'); // Add associations for this new user $wpdb->insert(ASSOCIATED_ATTENDEES_TABLE, array("attendeeID" => $newAid, "associatedAttendeeID" => $attendeeID), array("%d", "%d")); rsvp_printQueryDebugInfo(); $wpdb->query($wpdb->prepare("INSERT INTO " . ASSOCIATED_ATTENDEES_TABLE . "(attendeeID, associatedAttendeeID)\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t SELECT " . $newAid . ", associatedAttendeeID \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t FROM " . ASSOCIATED_ATTENDEES_TABLE . " \n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t WHERE attendeeID = %d", $attendeeID)); rsvp_printQueryDebugInfo(); } } } } $email = get_option(OPTION_NOTIFY_EMAIL); if (get_option(OPTION_NOTIFY_ON_RSVP) == "Y" && $email != "") { $sql = "SELECT firstName, lastName, rsvpStatus FROM " . ATTENDEES_TABLE . " WHERE id= " . $attendeeID; $attendee = $wpdb->get_results($sql); if (count($attendee) > 0) { $body = "Hello, \r\n\r\n"; $body .= stripslashes($attendee[0]->firstName) . " " . stripslashes($attendee[0]->lastName) . " has submitted their RSVP and has RSVP'd with '" . $attendee[0]->rsvpStatus . "'."; if (get_option(OPTION_HIDE_KIDS_MEAL) != "Y") { $body .= "Kids Meal: " . $attendee[0]->kidsMeal . "\r\n"; } if (get_option(OPTION_HIDE_VEGGIE) != "Y") { $body .= "Vegetarian Meal: " . $attendee[0]->veggieMeal . "\r\n"; } if (get_option(RSVP_OPTION_HIDE_NOTE) != "Y") { $body .= "Note: " . stripslashes($attendee[0]->note) . "\r\n"; } $sql = "SELECT question, answer FROM " . QUESTIONS_TABLE . " q \n \t\t\t\tLEFT JOIN " . ATTENDEE_ANSWERS . " ans ON q.id = ans.questionID AND ans.attendeeID = %d \n \t\t\t\tORDER BY q.sortOrder, q.id"; $aRs = $wpdb->get_results($wpdb->prepare($sql, $attendeeID)); if (count($aRs) > 0) { $body .= "\r\n\r\n--== Custom Questions ==--\r\n"; foreach ($aRs as $a) { $body .= stripslashes($a->question) . ": " . stripslashes($a->answer) . "\r\n"; } } $sql = "SELECT firstName, lastName, rsvpStatus FROM " . ATTENDEES_TABLE . " \n \t\t\t \tWHERE id IN (SELECT attendeeID FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE associatedAttendeeID = %d) \n \t\t\t\t\tOR id in (SELECT associatedAttendeeID FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE attendeeID = %d)"; $associations = $wpdb->get_results($wpdb->prepare($sql, $attendeeID, $attendeeID)); if (count($associations) > 0) { $body .= "\r\n\r\n--== Associated Attendees ==--\r\n"; foreach ($associations as $a) { $body .= stripslashes($a->firstName . " " . $a->lastName) . " RSVP status: " . $a->rsvpStatus . "\r\n"; } } $headers = ""; if (get_option(OPTION_RSVP_DISABLE_CUSTOM_EMAIL_FROM) != "Y") { $headers = 'From: ' . $email . "\r\n"; } wp_mail($email, "New RSVP Submission", $body, $headers); } } if (get_option(OPTION_RSVP_GUEST_EMAIL_CONFIRMATION) == "Y" && !empty($_POST['mainEmail'])) { $sql = "SELECT firstName, lastName, email, rsvpStatus FROM " . ATTENDEES_TABLE . " WHERE id= " . $attendeeID; $attendee = $wpdb->get_results($sql); if (count($attendee) > 0) { $body = "Hello " . stripslashes($attendee[0]->firstName) . " " . stripslashes($attendee[0]->lastName) . ", \r\n\r\n"; $body .= "You have successfully RSVP'd with '" . $attendee[0]->rsvpStatus . "'."; $sql = "SELECT firstName, lastName, rsvpStatus FROM " . ATTENDEES_TABLE . " \n \t\t\t \tWHERE id IN (SELECT attendeeID FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE associatedAttendeeID = %d) \n \t\t\t\t\tOR id in (SELECT associatedAttendeeID FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE attendeeID = %d)"; $associations = $wpdb->get_results($wpdb->prepare($sql, $attendeeID, $attendeeID)); if (count($associations) > 0) { foreach ($associations as $a) { $body .= "\r\n\r\n--== Associated Attendees ==--\r\n"; $body .= stripslashes($a->firstName . " " . $a->lastName) . " rsvp status: " . $a->rsvpStatus . "\r\n"; } } $headers = ""; if (!empty($email) && get_option(OPTION_RSVP_DISABLE_CUSTOM_EMAIL_FROM) != "Y") { $headers = 'From: ' . $email . "\r\n"; } wp_mail($attendee[0]->email, "RSVP Confirmation", $body, $headers); } } return rsvp_handle_output($text, frontend_rsvp_thankyou($thankYouPrimary, $thankYouAssociated)); } else { return rsvp_handle_output($text, rsvp_frontend_greeting()); } }
function rsvp_admin_custom_question() { global $wpdb; $answerQuestionTypes = array(2, 4, 5); $radioQuestionType = $wpdb->get_results("SELECT id FROM " . QUESTION_TYPE_TABLE . " WHERE questionType = 'radio'"); if ($radioQuestionType == 0) { $wpdb->insert(QUESTION_TYPE_TABLE, array("questionType" => "radio", "friendlyName" => "Radio"), array('%s', '%s')); rsvp_printQueryDebugInfo(); } if (count($_POST) > 0 && !empty($_POST['question']) && is_numeric($_POST['questionTypeID'])) { check_admin_referer('rsvp_add_custom_question'); if (isset($_SESSION[EDIT_QUESTION_KEY]) && is_numeric($_SESSION[EDIT_QUESTION_KEY])) { $wpdb->update(QUESTIONS_TABLE, array("question" => trim($_POST['question']), "questionTypeID" => trim($_POST['questionTypeID']), "permissionLevel" => trim($_POST['permissionLevel']) == "private" ? "private" : "public"), array("id" => $_SESSION[EDIT_QUESTION_KEY]), array("%s", "%d", "%s"), array("%d")); rsvp_printQueryDebugInfo(); $questionId = $_SESSION[EDIT_QUESTION_KEY]; $answers = $wpdb->get_results($wpdb->prepare("SELECT id FROM " . QUESTION_ANSWERS_TABLE . " WHERE questionID = %d", $questionId)); if (count($answers) > 0) { foreach ($answers as $a) { if (isset($_POST['deleteAnswer' . $a->id]) && strToUpper($_POST['deleteAnswer' . $a->id]) == "Y") { $wpdb->query($wpdb->prepare("DELETE FROM " . QUESTION_ANSWERS_TABLE . " WHERE id = %d", $a->id)); } elseif (isset($_POST['answer' . $a->id]) && !empty($_POST['answer' . $a->id])) { $wpdb->update(QUESTION_ANSWERS_TABLE, array("answer" => trim($_POST['answer' . $a->id])), array("id" => $a->id), array("%s"), array("%d")); rsvp_printQueryDebugInfo(); } } } } else { $wpdb->insert(QUESTIONS_TABLE, array("question" => trim($_POST['question']), "questionTypeID" => trim($_POST['questionTypeID']), "permissionLevel" => trim($_POST['permissionLevel']) == "private" ? "private" : "public"), array('%s', '%d', '%s')); rsvp_printQueryDebugInfo(); $questionId = $wpdb->insert_id; } if (isset($_POST['numNewAnswers']) && is_numeric($_POST['numNewAnswers']) && in_array($_POST['questionTypeID'], $answerQuestionTypes)) { for ($i = 0; $i < $_POST['numNewAnswers']; $i++) { if (isset($_POST['newAnswer' . $i]) && !empty($_POST['newAnswer' . $i])) { $wpdb->insert(QUESTION_ANSWERS_TABLE, array("questionID" => $questionId, "answer" => $_POST['newAnswer' . $i])); rsvp_printQueryDebugInfo(); } } } if (strToLower(trim($_POST['permissionLevel'])) == "private") { $wpdb->query($wpdb->prepare("DELETE FROM " . QUESTION_ATTENDEES_TABLE . " WHERE questionID = %d", $questionId)); if (isset($_POST['attendees']) && is_array($_POST['attendees'])) { foreach ($_POST['attendees'] as $aid) { if (is_numeric($aid) && $aid > 0) { $wpdb->insert(QUESTION_ATTENDEES_TABLE, array("attendeeID" => $aid, "questionID" => $questionId), array("%d", "%d")); rsvp_printQueryDebugInfo(); } } } } ?> <p>Custom Question saved</p> <p> <a href="<?php echo get_option('siteurl'); ?> /wp-admin/admin.php?page=rsvp-admin-questions">Continue to Question List</a> | <a href="<?php echo get_option('siteurl'); ?> /wp-admin/admin.php?page=rsvp-admin-custom-question">Add another Question</a> </p> <?php } else { $questionTypeId = 0; $question = ""; $isNew = true; $questionId = 0; $permissionLevel = "public"; $savedAttendees = array(); unset($_SESSION[EDIT_QUESTION_KEY]); if (isset($_GET['id']) && is_numeric($_GET['id'])) { $qRs = $wpdb->get_results($wpdb->prepare("SELECT id, question, questionTypeID, permissionLevel FROM " . QUESTIONS_TABLE . " WHERE id = %d", $_GET['id'])); if (count($qRs) > 0) { $isNew = false; $_SESSION[EDIT_QUESTION_KEY] = $qRs[0]->id; $questionId = $qRs[0]->id; $question = stripslashes($qRs[0]->question); $permissionLevel = stripslashes($qRs[0]->permissionLevel); $questionTypeId = $qRs[0]->questionTypeID; if ($permissionLevel == "private") { $aRs = $wpdb->get_results($wpdb->prepare("SELECT attendeeID FROM " . QUESTION_ATTENDEES_TABLE . " WHERE questionID = %d", $questionId)); if (count($aRs) > 0) { foreach ($aRs as $a) { $savedAttendees[] = $a->attendeeID; } } } } } $sql = "SELECT id, questionType, friendlyName FROM " . QUESTION_TYPE_TABLE; $questionTypes = $wpdb->get_results($sql); ?> <script type="text/javascript"> function addAnswer(counterElement) { var currAnswer = jQuery("#numNewAnswers").val(); if(isNaN(currAnswer)) { currAnswer = 0; } var s = "<tr>\r\n"+ "<td align=\"right\" width=\"75\"><label for=\"newAnswer" + currAnswer + "\">Answer:</label></td>\r\n" + "<td><input type=\"text\" name=\"newAnswer" + currAnswer + "\" id=\"newAnswer" + currAnswer + "\" size=\"40\" /></td>\r\n" + "</tr>\r\n"; jQuery("#answerContainer").append(s); currAnswer++; jQuery("#numNewAnswers").val(currAnswer); return false; } jQuery(document).ready(function() { <?php if ($isNew || !in_array($questionTypeId, $answerQuestionTypes)) { echo 'jQuery("#answerContainer").hide();'; } if ($isNew || $permissionLevel == "public") { ?> jQuery("#attendeesArea").hide(); <?php } ?> jQuery("#questionType").change(function() { var selectedValue = jQuery("#questionType").val(); if((selectedValue == 2) || (selectedValue == 4) || (selectedValue == 5)) { jQuery("#answerContainer").show(); } else { jQuery("#answerContainer").hide(); } }) jQuery("#permissionLevel").change(function() { if(jQuery("#permissionLevel").val() != "public") { jQuery("#attendeesArea").show(); } else { jQuery("#attendeesArea").hide(); } }) }); </script> <form name="contact" action="admin.php?page=rsvp-admin-custom-question" method="post"> <input type="hidden" name="numNewAnswers" id="numNewAnswers" value="0" /> <?php wp_nonce_field('rsvp_add_custom_question'); ?> <p class="submit"> <input type="submit" class="button-primary" value="<?php _e('Save'); ?> " /> </p> <table id="customQuestions" class="form-table"> <tr valign="top"> <th scope="row"><label for="questionType">Question Type:</label></th> <td align="left"><select name="questionTypeID" id="questionType" size="1"> <?php foreach ($questionTypes as $qt) { echo "<option value=\"" . $qt->id . "\" " . ($questionTypeId == $qt->id ? " selected=\"selected\"" : "") . ">" . $qt->friendlyName . "</option>\r\n"; } ?> </select> </td> </tr> <tr valign="top"> <th scope="row"><label for="question">Question:</label></th> <td align="left"><input type="text" name="question" id="question" size="40" value="<?php echo htmlspecialchars($question); ?> " /></td> </tr> <tr> <th scope="row"><label for="permissionLevel">Question Permission Level:</label></th> <td align="left"><select name="permissionLevel" id="permissionLevel" size="1"> <option value="public" <?php echo $permissionLevel == "public" ? " selected=\"selected\"" : ""; ?> >Public</option> <option value="private" <?php echo $permissionLevel == "private" ? " selected=\"selected\"" : ""; ?> >Private</option> </select></td> </tr> <?php if (!$isNew && $permissionLevel == "private") { ?> <tr> <th scope="row">Private Import Key:</th> <td align="left">pq_<?php echo $questionId; ?> </td> </tr> <?php } ?> <tr> <td colspan="2"> <table cellpadding="0" cellspacing="0" border="0" id="answerContainer"> <tr> <th>Answers</th> <th align="right"><a href="#" onclick="return addAnswer();">Add new Answer</a></th> </tr> <?php if (!$isNew) { $aRs = $wpdb->get_results($wpdb->prepare("SELECT id, answer FROM " . QUESTION_ANSWERS_TABLE . " WHERE questionID = %d", $questionId)); if (count($aRs) > 0) { foreach ($aRs as $answer) { ?> <tr> <td width="75" align="right"><label for="answer<?php echo $answer->id; ?> ">Answer:</label></td> <td><input type="text" name="answer<?php echo $answer->id; ?> " id="answer<?php echo $answer->id; ?> " size="40" value="<?php echo htmlspecialchars(stripslashes($answer->answer)); ?> " /> <input type="checkbox" name="deleteAnswer<?php echo $answer->id; ?> " id="deleteAnswer<?php echo $answer->id; ?> " value="Y" /><label for="deleteAnswer<?php echo $answer->id; ?> ">Delete</label></td> </tr> <?php } } } ?> </table> </td> </tr> <tr id="attendeesArea"> <th scope="row"><label for="attendees">Attendees allowed to answer this question:</label></th> <td> <select name="attendees[]" id="attendees" style="height:75px;" multiple="multiple"> <?php $attendees = $wpdb->get_results("SELECT id, firstName, lastName FROM " . $wpdb->prefix . "attendees ORDER BY lastName, firstName"); foreach ($attendees as $a) { ?> <option value="<?php echo $a->id; ?> " <?php echo in_array($a->id, $savedAttendees) ? " selected=\"selected\"" : ""; ?> ><?php echo htmlspecialchars(stripslashes($a->firstName) . " " . stripslashes($a->lastName)); ?> </option> <?php } ?> </select> </td> </tr> </table> </form> <?php } }
function rsvp_handleAdditionalQuestions($attendeeID, $formName) { global $wpdb; $wpdb->query($wpdb->prepare("DELETE FROM " . ATTENDEE_ANSWERS . " WHERE attendeeID = %d ", $attendeeID)); $qRs = $wpdb->get_results("SELECT q.id, questionType FROM " . QUESTIONS_TABLE . " q \n\t\t\t\t\tINNER JOIN " . QUESTION_TYPE_TABLE . " qt ON qt.id = q.questionTypeID \n\t\t\t\t\tORDER BY q.sortOrder"); if (count($qRs) > 0) { foreach ($qRs as $q) { if (isset($_POST[$formName . $q->id]) && !empty($_POST[$formName . $q->id])) { if ($q->questionType == QT_MULTI) { $selectedAnswers = ""; $aRs = $wpdb->get_results($wpdb->prepare("SELECT id, answer FROM " . QUESTION_ANSWERS_TABLE . " WHERE questionID = %d", $q->id)); if (count($aRs) > 0) { foreach ($aRs as $a) { if (in_array($a->id, $_POST[$formName . $q->id])) { $selectedAnswers .= (strlen($selectedAnswers) == "0" ? "" : ",") . stripslashes($a->answer); } } } if (!empty($selectedAnswers)) { $wpdb->insert(ATTENDEE_ANSWERS, array("attendeeID" => $attendeeID, "answer" => stripslashes($selectedAnswers), "questionID" => $q->id), array('%d', '%s', '%d')); rsvp_printQueryDebugInfo(); } } else { if ($q->questionType == QT_DROP || $q->questionType == QT_RADIO) { $aRs = $wpdb->get_results($wpdb->prepare("SELECT id, answer FROM " . QUESTION_ANSWERS_TABLE . " WHERE questionID = %d", $q->id)); if (count($aRs) > 0) { foreach ($aRs as $a) { if ($a->id == $_POST[$formName . $q->id]) { $wpdb->insert(ATTENDEE_ANSWERS, array("attendeeID" => $attendeeID, "answer" => stripslashes($a->answer), "questionID" => $q->id), array('%d', '%s', '%d')); rsvp_printQueryDebugInfo(); break; } } } } else { $wpdb->insert(ATTENDEE_ANSWERS, array("attendeeID" => $attendeeID, "answer" => $_POST[$formName . $q->id], "questionID" => $q->id), array('%d', '%s', '%d')); rsvp_printQueryDebugInfo(); } } } } } }