function add($postArray)
{
if (User::isAdmin()) {
$bm = BandMember::get($postArray['member_id']);
} else {
$uo = User::getCurrent();
$bm = BandMember::getByUserID($uo->getID());
}
if (db::isError($bm)) {
return $bm;
}
$db = new db();
$member_id = $bm->getID();
$title = $db->sanitize_to_db($postArray['title']);
$_dt = strtotime($postArray['date']);
$dt = date('Y-m-d', $_dt) . ' ' . $postArray['time'];
$dateTime = date("Y-m-d H:i:s", strtotime($dt));
$body = $db->sanitize_to_db($postArray['body']);
if (!$title) {
$title = '(untitled)';
}
$r = @mysql_query("insert into Band_Diaries (title, member_id, date_time, body, is_active) values ('{$title}','{$member_id}','{$dateTime}','{$body}'," . DEFAULT_ACTIVE . ")");
if (!$r) {
return Error::MySQL();
} else {
$bd = BandMemberDiary::get(mysql_insert_id());
return $bd;
}
}
function update($setting, $value)
{
if (!Config::isValidSetting($setting)) {
return Error::create("Unrecognized setting: {$setting}");
}
$q = "delete from Config where name = '{$setting}'";
$r = @mysql_query($q);
if (!$r) {
return Error::MySQL();
}
$q = "insert into Config (name, value) values ('{$setting}', '" . db::sanitize_to_db($value) . "')";
$r = @mysql_query($q);
if (!$r) {
return Error::MySQL();
}
return true;
}
function add($postArray)
{
$db = new db();
include_class('venues');
$e = new Error();
$name = $db->sanitize_to_db($postArray['name']);
$dt = $db->sanitize_to_db($postArray['date']);
$date = date("Y-m-d", strtotime($dt));
if ($postArray['time']) {
$time = $db->sanitize_to_db($postArray['time']);
$time = "'" . date("H:i:s", strtotime($time)) . "'";
} else {
$time = "null";
}
if ($postArray['cost'] != "") {
$cost = $db->sanitize_to_db($postArray['cost']);
$cost = "'{$cost}'";
} else {
$cost = "null";
}
$is_all_ages = $postArray['is_all_ages'] == '1' ? 1 : 0;
$other_bands = $db->sanitize_to_db($postArray['other_bands']);
$notes = $db->sanitize_to_db($postArray['notes']);
if (User::isAdmin()) {
$uo = User::get($postArray['user_id']);
if (db::isError($uo)) {
$e->add($uo);
} else {
if (!$uo->isAdmin() && $uo->isBandMember()) {
$e->add("Invalid user. User must be a band member or an administrator.");
}
}
} else {
$uo = User::getCurrent();
}
if ($postArray['venue_id'] != '0') {
$ve = Venue::get($postArray['venue_id']);
}
if (db::isError($ve)) {
$e->add($ve);
}
if ($e->hasErrors()) {
return $e;
}
$user_id = $uo->getID();
$venue_id = $db->sanitize_to_db($postArray['venue_id']);
if (!$name) {
$name = is_object($ve) && !db::isError($ve) ? $db->sanitize_to_db($ve->getName()) : "(untitled show)";
}
$r = mysql_query("insert into Shows (name, venue_id, date, time, user_id, cost, is_all_ages, other_bands, notes, is_active) values ('{$name}', '{$venue_id}', '{$date}', {$time}, {$user_id}, {$cost}, {$is_all_ages}, '{$other_bands}', '{$notes}'," . DEFAULT_ACTIVE . ")");
if ($r) {
return Show::get(mysql_insert_id());
} else {
return Error::MySQL();
}
}
function login($username, $password)
{
$db = new db();
$username = $db->sanitize_to_db($username);
$password = md5($db->sanitize_to_db($password));
$q = "select ID from Users where username = '******' and password = '******'";
$r = mysql_query($q);
$row = mysql_fetch_assoc($r);
if ($row['ID']) {
$uo = User::get($row['ID']);
$_SESSION['_uo'] = $uo;
return true;
} else {
return false;
}
}
function update($postArray)
{
$db = new db();
$e = new Error();
if (User::isAdmin()) {
$genreID = $db->sanitize_to_db($postArray['genreID']);
if (!$this->isValidGenreID($postArray['genreID'])) {
$e->add("Invalid genre specified");
}
$name = $db->sanitize_to_db($postArray['name']);
if ($name == '' || $name == null) {
$e->add("You must specify a name for your band.");
}
$managerName = $db->sanitize_to_db($postArray['managerName']);
$address1 = $db->sanitize_to_db($postArray['address1']);
$address2 = $db->sanitize_to_db($postArray['address2']);
$city = $db->sanitize_to_db($postArray['city']);
$stateProvince = $db->sanitize_to_db($postArray['stateProvince']);
if ($stateProvince == "??") {
$stateProvince = $db->sanitize_to_db($postArray['stateProvinceOther']);
}
$postalCode = $db->sanitize_to_db($postArray['postalCode']);
$bio = $db->sanitize_to_db($postArray['bio']);
$miscellaneous = $db->sanitize_to_db($postArray['miscellaneous']);
$country = $db->sanitize_to_db($postArray['country']);
$defaultStateProvince = $db->sanitize_to_db($postArray['defaultStateProvince']);
if ($defaultStateProvince == "??") {
$defaultStateProvince = $db->sanitize_to_db($postArray['defaultStateProvince']);
}
$defaultCountry = $db->sanitize_to_db($postArray['defaultCountry']);
$defaultCity = $db->sanitize_to_db($postArray['defaultCity']);
$description = $db->sanitize_to_db($postArray['description']);
if ($e->hasErrors()) {
return $e;
}
$q = "delete from Band_Information";
$r = mysql_query($q);
if (!$r) {
return Error::MySQL();
}
$q = "insert into Band_Information (name, managerName, address1, address2, city, stateProvince, postalCode, bio, miscellaneous, country, defaultStateProvince, defaultCountry, defaultCity, genreID, description) ";
$q .= "values ('{$name}', '{$managerName}', '{$address1}', '{$address2}', '{$city}', '{$stateProvince}', '{$postalCode}', '{$bio}', '{$miscellaneous}', '{$country}', '{$defaultStateProvince}', '{$defaultCountry}', '{$defaultCity}', '{$genreID}', '{$description}')";
$r = mysql_query($q);
// ping auditionrocks.com
// aborted attempt at creating an audition directory
/*
include_class('xmlrpc');
$xc = new xmlrpc_client("/ping/", "www.auditionrocks.com");
$message = new xmlrpcmsg("audition.pingBack", array(
new xmlrpcval($_SERVER["HTTP_HOST"] . SITE_WEB_DIRECTORY, "string"),
new xmlrpcval($name, "string"),
new xmlrpcval($bio, "string"),
new xmlrpcval($genreID, "int"),
new xmlrpcval($city, "string"),
new xmlrpcval($stateProvince, "string"),
new xmlrpcval($postalCode, "string"),
new xmlrpcval($country, "string"))
);
$response = $xc->send($message, 5, "POST");
*/
if ($r) {
return true;
} else {
return Error::create("An unexplained error occurred when trying to update your information.");
}
}
}
function update($postArray)
{
$db = new db();
$title = $db->sanitize_to_db($postArray['title']);
$uo = User::getCurrent();
include_class('band_members');
if (User::isAdmin()) {
$uo = User::get($postArray['user_id']);
if (db::isError($uo)) {
$e->add($uo);
} else {
if (!$uo->isAdmin() && $uo->isBandMember()) {
$e->add("Invalid user. User must be a band member or an administrator.");
}
}
} else {
$uo = User::getCurrent();
}
$user_id = $uo->getID();
$_dt = strtotime($postArray['date']);
$dt = date('Y-m-d', $_dt) . ' ' . $postArray['time'];
$dateTime = date("Y-m-d H:i:s", strtotime($dt));
$description = $db->sanitize_to_db($postArray['description']);
$body = $db->sanitize_to_db($postArray['body']);
if (!$title) {
$title = '(untitled)';
}
if (!$this->canEdit()) {
return Error::create("You may not edit this news posting.");
}
$r = @mysql_query("update Band_News set title='{$title}', user_id = {$user_id}, date_time='{$dateTime}', description='{$description}', body='{$body}' where ID = " . $this->ID);
if ($r) {
return BandNews::get($this->ID);
} else {
return Error::MySQL();
}
}
function add($postArray)
{
$db = new db();
if (!User::isAdmin()) {
return Error::create("Only an administrator may add tours.");
}
$title = $db->sanitize_to_db($postArray['title']);
$start_date = $db->sanitize_to_db($postArray['start_date']);
$end_date = $db->sanitize_to_db($postArray['end_date']);
$sd = strtotime($start_date);
$start_date = date('Y-m-d', $sd);
$ed = strtotime($end_date);
$end_date = date('Y-m-d', $ed);
$description = $db->sanitize_to_db($postArray['description']);
if (!$title) {
$title = '(untitled tour)';
}
$r = @mysql_query("insert into Tours (title, start_date, end_date, description, is_active) values ('{$title}', '{$start_date}', '{$end_date}', '{$description}','" . DEFAULT_ACTIVE . "')");
if ($r) {
return Tour::get(mysql_insert_id());
} else {
return Error::MySQL();
}
}
function update($postArray)
{
$db = new db();
$e = new Error();
$firstname = $db->sanitize_to_db($postArray['firstname']);
if (!$firstname) {
$e->add("A guest performer entry must contain a first name.");
}
$lastname = $db->sanitize_to_db($postArray['lastname']);
$function = $db->sanitize_to_db($postArray['function']);
if (!$function) {
$e->add("A guest performer must serve a function.");
}
$description = $db->sanitize_to_db($postArray['description']);
$website = $db->sanitize_to_db($postArray['website']);
if ($e->hasErrors()) {
return $e;
}
if (User::isAdmin()) {
$r = @mysql_query("update Band_Guest_Performers set firstname='{$firstname}', lastname='{$lastname}', function='{$function}', description='{$description}', website='{$website}' where ID = {$this->ID}");
if (!$r) {
return Error::MySQL();
} else {
return $this;
}
} else {
return Error::create("Only an administrator may update guest performers.");
}
}
function update($postArray, $filterObj = null)
{
if ($filterObj) {
$proceed = $filterObj->validateMediaOperation("UPDATE");
if (db::isError($proceed)) {
return $proceed;
}
}
$db = new db();
$title = $db->sanitize_to_db($postArray['title']);
$description = $db->sanitize_to_db($postArray['description']);
$u = User::getCurrent();
if ($u->isAdmin()) {
$access = $db->sanitize_to_db($postArray['access']);
if ($access == 'STREAMING') {
$result = $this->setupStreaming();
if ($db->isError($result)) {
return $result;
}
}
$q = "update DarkRoom_Media_to_Areas set title = '{$title}', description = '{$description}', access = '{$access}' where ID = " . $this->ID;
} else {
$q = "update DarkRoom_Media_to_Areas set title = '{$title}', description = '{$description}' where ID = " . $this->ID;
}
$r = mysql_query($q);
if ($r) {
return $r;
} else {
$e = new Error();
$e->add(mysql_error());
return $e;
}
}
function add($postArray)
{
if (User::isAdmin()) {
$db = new db();
$name = $db->sanitize_to_db($postArray['name']);
$description = $db->sanitize_to_db($postArray['description']);
$url = $db->sanitize_to_db($postArray['url']);
$category_id = $postArray['category_id'];
if (!$name) {
$name = '(untitled link)';
}
if (strlen($url) < 6) {
return Error::create("Please enter a valid URL. A URL typically begins with \"http://\"");
}
$r = mysql_query("INSERT INTO Links (name, description, url, category_id, is_active) VALUES ('{$name}', '{$description}', '{$url}', '{$category_id}', " . DEFAULT_ACTIVE . ")");
if ($r) {
$nl = Link::get(mysql_insert_id());
return $nl;
} else {
return Error::MySQL();
}
} else {
return Error::create("Only an administrator may add links.");
}
}
function add($postArray)
{
$db = new db();
$uo = User::getCurrent();
if (User::isAdmin()) {
$uo = User::get($postArray['user_id']);
if (db::isError($uo)) {
$e->add($uo);
} else {
if (!$uo->isAdmin() && $uo->isBandMember()) {
$e->add("Invalid user. User must be a band member or an administrator.");
}
}
} else {
$uo = User::getCurrent();
}
$user_id = $uo->getID();
$name = $db->sanitize_to_db($postArray['name']);
$address1 = $db->sanitize_to_db($postArray['address1']);
$address2 = $db->sanitize_to_db($postArray['address2']);
$city = $db->sanitize_to_db($postArray['city']);
$stateProvince = $db->sanitize_to_db($postArray['stateProvince']);
if ($stateProvince == "??") {
$stateProvince = $db->sanitize_to_db($postArray['stateProvinceOther']);
}
$postalCode = $db->sanitize_to_db($postArray['postalCode']);
$directions = $db->sanitize_to_db($postArray['directions']);
$country = $db->sanitize_to_db($postArray['country']);
$country = $country == null ? VENUE_DEFAULT_COUNTRY : $country;
if (!$name) {
$name = '(untitled venue)';
}
$r = mysql_query("insert into Venues (user_id, country, name, address1, address2, city, stateProvince, postalCode, directions, is_active) values ('{$user_id}', '{$country}', '{$name}', '{$address1}', '{$address2}', '{$city}', '{$stateProvince}', '{$postalCode}', '{$directions}'," . DEFAULT_ACTIVE . ")");
if ($r) {
return Venue::get(mysql_insert_id());
} else {
return Error::MySQL();
}
}
function update($postArray)
{
$db = new db();
$e = new Error();
if ($this->canEdit()) {
$password = $db->sanitize_to_db($postArray['password']);
$confirmPassword = $db->sanitize_to_db($postArray['password_confirm']);
$passwordHash = null;
if ($password != null && $password != "") {
// something has been entered for password
if ($password == $confirmPassword) {
if (strlen($password) > 4) {
$passwordHash = md5($password);
} else {
$e->add("A user password must be at least 5 characters.");
}
} else {
$e->add("The two passwords do not match.");
}
}
$firstname = $db->sanitize_to_db($postArray['firstname']);
if (!$firstname) {
$e->add("A band member entry must contain a first name.");
}
$lastname = $db->sanitize_to_db($postArray['lastname']);
$role = $db->sanitize_to_db($postArray['role']);
if (!$role) {
$e->add("A band member entry must contain a role.");
}
$email = $db->sanitize_to_db($postArray['email']);
$_dt = strtotime($db->sanitize_to_db($postArray['birthdate']));
$birthdate = date('Y-m-d', $_dt);
$equipment = $db->sanitize_to_db($postArray['equipment']);
$influences = $db->sanitize_to_db($postArray['influences']);
$bio = $db->sanitize_to_db($postArray['bio']);
if ($e->hasErrors()) {
return $e;
} else {
// first we update the users record
$passwordQuery = $passwordHash != null ? "password = '******'," : "";
$result = @mysql_query("update Users set {$passwordQuery} lastname='{$lastname}', firstname='{$firstname}', birthdate='{$birthdate}', email='{$email}' where ID = {$this->user_id}");
if (!$result) {
$e->add(mysql_error());
}
$result2 = mysql_query("update Band_Members set role='{$role}', equipment='{$equipment}', influences='{$influences}', bio='{$bio}' where ID = " . $this->ID);
if (!$result2) {
$e->add(mysql_error());
}
if ($e->hasErrors()) {
return $e;
} else {
return true;
}
}
} else {
$e->add("You may not edit this band member's information.");
return $e;
}
}
$r = @mysql_query($stmt);
if (!$r) {
break;
}
}
}
if (!$r) {
$e->add("Error installing Audition database: " . mysql_error());
} else {
// create admin user
$username = db::sanitize_to_db($_POST['username']);
$password = md5(trim($_POST['password']));
$email = db::sanitize_to_db($_POST['email']);
$birthdate = db::sanitize_to_db($_POST['birthdate']);
$firstname = db::sanitize_to_db($_POST['firstname']);
$lastname = db::sanitize_to_db($_POST['lastname']);
$q = "insert into Users (username, password, email, birthdate, firstname, lastname, level) values ('{$username}', '{$password}', '{$email}', '{$birthdate}', '{$firstname}', '{$lastname}', 'ADMIN')";
$r = @mysql_query($q);
if (!$r) {
$e->add("Error creating administrative user: "******"<?php\n";
$configuration .= "define('DB_SERVER', '{$_POST['dbServer']}');\n";
$configuration .= "define('DB_SERVER_USERNAME', '{$_POST['dbUser']}');\n";
function update($postArray)
{
$db = new db();
if (User::isAdmin()) {
$title = $db->sanitize_to_db($postArray['title']);
$number = $db->sanitize_to_db($postArray['number']);
$length = $db->sanitize_to_db($postArray['length']);
if ($postArray['length'] != "") {
$length = $db->sanitize_to_db($postArray['length']);
$length = "'00:{$length}'";
} else {
$length = "null";
}
$meta_information = $db->sanitize_to_db($postArray['meta_information']);
$lyrics = $db->sanitize_to_db($postArray['lyrics']);
if (!$title) {
$title = '(untitled track)';
}
$r = @mysql_query("update Release_Tracks set title='{$title}', number='{$number}', meta_information = '{$meta_information}', lyrics = '{$lyrics}', length = {$length} where ID = {$this->ID}");
if (!$r) {
return Error::MySQL();
} else {
return ReleaseTrack::get($this->ID);
}
} else {
return Error::create("You are not allowed to update tracks.");
}
}
function addTrack($postArray)
{
$db = new db();
include_class('text');
if (User::isAdmin()) {
$title = $db->sanitize_to_db($postArray['title']);
$number = $db->sanitize_to_db($postArray['number']);
if ($postArray['length'] != "") {
$length = $db->sanitize_to_db($postArray['length']);
$length = "'00:{$length}'";
} else {
$length = "null";
}
if (!Text::isRTELoaded('description')) {
$postArray['lyrics'] = nl2br($postArray['lyrics']);
}
if (!Text::isRTELoaded('description')) {
$postArray['meta_information'] = nl2br($postArray['meta_information']);
}
$meta_information = $db->sanitize_to_db($postArray['meta_information']);
$lyrics = $db->sanitize_to_db($postArray['lyrics']);
if (!$title) {
$title = '(untitled track)';
}
$r = @mysql_query("insert into Release_Tracks (title, number, meta_information, lyrics, length, release_id) values ('{$title}', '{$number}', '{$meta_information}', '{$lyrics}', {$length}, '{$this->ID}')");
if (!$r) {
return Error::MySQL();
} else {
$rt = ReleaseTrack::get(mysql_insert_id());
return $rt;
}
} else {
return Error::create("You are not allowed to add tracks to a release.");
}
}
