function get_booking_options($event_id) { //get the id's and descriptions for options chosen by the user $savedUserBookingOptions = null; $userBookingResult = wrap_db_query("SELECT e.option_id, o.description FROM " . BOOKING_EVENT_OPTIONS_TABLE . " AS e, " . BOOKING_OPTIONS_TABLE . " AS o WHERE e.event_id='" . $event_id . "' AND e.option_id=o.option_id"); if ($userBookingResult && wrap_db_num_rows($userBookingResult) > 0) { while ($userBookingFields = wrap_db_fetch_array($userBookingResult)) { $savedUserBookingOptions[] = array('id' => $userBookingFields['option_id'], 'desc' => $userBookingFields['description']); } } return $savedUserBookingOptions; }
//booking credits remaining $_SESSION['booking_credits'] = remaining_booking_credits($_REQUEST['username']); // Member check // check if the user is a member or not - but only if they are not an admin as this flag is not used for admins if (!wrap_session_is_registered("admin_user")) { $_SESSION['is_member'] = is_member($_REQUEST['username']); } //can they view other users bookings? if (is_admin($_REQUEST['username'])) { //admins can always see everyone elses bookings $_SESSION['SHOW_USER_DETAILS'] = true; } else { //how about regular users? This will depend on the site wide value set by an admin $result = wrap_db_query("SELECT function_value FROM " . SETTINGS_TABLE . " WHERE name = 'user_details_viewing' LIMIT 0,1 ;"); if ($result) { if ($fields = wrap_db_fetch_array($result)) { //change 1's and 0's to true and false if ($fields['function_value'] == "1") { $_SESSION['SHOW_USER_DETAILS'] = true; } else { $_SESSION['SHOW_USER_DETAILS'] = false; } } } } } else { // login failed, show error page $display_login_form = true; $page_error_message = "You could not be logged in. Please try again."; } } elseif (wrap_session_is_registered("valid_user")) {
?> " nowrap="nowrap"> <?php $event_count = 0; while (list($event_row_key, $event_row_value) = each($event_row_data[$count_date])) { if (strlen($event_row_value) > 1) { $event_count++; @(list($db_row_id, $row_span, $start_time, $end_time) = explode("|", $event_row_value)); // To Cater for the AM PM Hour display if (DEFINE_AM_PM) { $start_time = format_time_to_ampm($start_time); $end_time = format_time_to_ampm($end_time); } // Use the $db_row_id to data seek to the data for this event. $rv = wrap_db_data_seek($event_data, $db_row_id); $this_event = wrap_db_fetch_array($event_data); //is this user allowed to see the booking details? if (!$_SESSION['SHOW_USER_DETAILS'] && $this_event['user_id'] != $currentUsersID) { //user not allowed to see these details, overwrite the subject string $this_event['subject'] = 'Booking Confirmed'; } else { //add the booking option data into the event array $this_event['booking_options'] = get_booking_options($this_event['event_id']); } $event_url = href_link(FILENAME_DETAILS_VIEW, 'event_id=' . $this_event['event_id'] . '&' . make_hidden_fields_workstring(array('date', 'view', 'loc')), 'NONSSL'); $over_text = 'Event ID#: ' . $this_event['event_id'] . '<br />Subject: ' . $this_event['subject']; $numBookingOptions = count($this_event['booking_options']); if ($numBookingOptions > 0) { $over_text .= '<br />Options: '; for ($o = 0; $o < $numBookingOptions; $o++) { //handle commas to separate the list
$res = wrap_db_query($sql); $numMails = wrap_db_num_rows($res); if ($numMails > 0) { ?> - Edit or delete a previous e-mail mailshot:<br> <br> <table border="0" cellpadding="4" cellspacing="2" style="margin-left: 10px;"> <tr> <th class="BgcolorDull2" width="150">Subject</th> <th class="BgcolorDull2">Sent</th> <th class="BgcolorDull2">Control</th> </tr> <?php $i = 0; while ($row = wrap_db_fetch_array($res)) { $class = 'BgcolorNormal'; if ($i % 2 == 1) { $class = 'BgcolorBody'; } ?> <tr> <td align="left" class="<?php echo $class; ?> "><?php echo $row['subject']; ?> </td> <td align="left" class="<?php echo $class;
$user_info = get_user(get_user_id($_SESSION['valid_user'])); // Check we have permissions to buy credits if (wrap_session_is_registered("admin_user") || $user_info['booking_credits'] == 'Not used' || $_SESSION['PAYMENT_GATEWAY'] != '1' || !is_numeric($user_info['user_id'])) { echo "<p>You do not have permission to purchase booking credits. Please contact an Administrator.</p>"; include_once "footer.php"; include_once "application_bottom.php"; die; } // Load the products based on the users group membership $result = wrap_db_query("SELECT DISTINCT bpi.id, bpi.product_name, bpi.quantity, bpi.mc_gross, bpi.mc_currency \n\t\t\t\t\t\t\tFROM (" . BOOKING_PRODUCT_ITEM . " bpi LEFT JOIN " . BOOKING_PRODUCT_GROUPS . " bpg ON bpg.product_id = bpi.id ) \n\t\t\t\t\t\t\tWHERE group_id IN (SELECT DISTINCT group_id FROM " . BOOKING_USER_GROUPS_TABLE . " WHERE user_id = " . $user_info['user_id'] . ") ORDER BY bpi.product_name, bpi.quantity"); // If there are no products assigned, load the default if (!(wrap_db_num_rows($result) >= 1) || !$result) { $result = wrap_db_query("SELECT DISTINCT id, product_name, quantity, mc_gross, mc_currency FROM " . BOOKING_PRODUCT_ITEM . " WHERE id = '1' LIMIT 1"); } if ($result) { while ($products = wrap_db_fetch_array($result)) { // LIVE // https://www.sandbox.paypal.com/cgi-bin/webscr ?> <p> <form action="https://www.paypal.com/cgi-bin/webscr" method="post"> <input type="hidden" name="notify_url" value="<?php echo DOMAIN_NAME . substr(DIR_WS_SCRIPTS, 1) . "paypal_ipn_res.php"; ?> "> <input type="hidden" name="cmd" value="_xclick"> <input type="hidden" name="business" value="<?php echo $_SESSION['PAYPAL_BUSINESS_EMAIL']; ?> "> <input type="hidden" name="item_name" value="<?php
<table border="0" cellpadding="0" cellspacing="2"> <?php //load any saved booking option preferences this user may have $savedUserPrefOptions = null; //only non-admins can save their preferences, admins should have to tick them each time if (!$is_admin) { $userPrefResult = wrap_db_query("SELECT option_id FROM " . BOOKING_USER_OPTIONS_TABLE . " WHERE user_id='" . $bookingByUserID . "'"); if ($userPrefResult && wrap_db_num_rows($userPrefResult) > 0) { while ($userPrefFields = wrap_db_fetch_array($userPrefResult)) { $savedUserPrefOptions[] = $userPrefFields['option_id']; } } } $rightCol = false; for ($r = 0; $fields = wrap_db_fetch_array($result); $r++) { //is this a left or right column? if ($r % 2 == 0) { //left column echo '<tr align="left"><td>'; $rightCol = false; } else { //right column echo '<td width="20"> </td><td>'; $rightCol = true; } echo '<input type="checkbox" name="bookingOptions[]" id="bocb-' . str_replace('"', "'", $fields['description']) . '" value="' . $fields['option_id'] . '" onclick="updateBookingOptions();"'; //check if returning from a post (eg, after error from missing a field) if (isset($_POST['bookingOptions']) && count($_POST['bookingOptions']) > 0) { if (in_array($fields['option_id'], $_POST['bookingOptions'])) { echo ' checked="checked"';
$page_info_message = 'Group deleted successfully.'; break; default: break; } } //get all our current groups $sql = 'SELECT group_id, group_name FROM ' . BOOKING_GROUPS_TABLE . ' ORDER BY group_name ASC'; //it would be neater to include a count of the number of members at the same time but it is impossible to get groups with 0 members to be returned this way, hence the extra query for each group done later in the loop. //$sql = 'SELECT g.group_id, g.group_name, COUNT(m.user_group_id) AS num_members FROM ' . BOOKING_GROUPS_TABLE . ' AS g, ' . BOOKING_USER_GROUPS_TABLE . ' AS m WHERE m.group_id=g.group_id GROUP BY g.group_id ORDER BY g.group_name ASC' ; $res = wrap_db_query($sql); if ($res) { while ($row = wrap_db_fetch_array($res)) { $membershipSql = 'SELECT COUNT(user_group_id) AS numMembers FROM ' . BOOKING_USER_GROUPS_TABLE . ' WHERE group_id=' . $row['group_id']; if ($membershipRes = wrap_db_query($membershipSql)) { if ($membershipRow = wrap_db_fetch_array($membershipRes)) { $row['num_members'] = $membershipRow['numMembers']; } } $groups[] = $row; } } include_once "header.php"; ?> <br /> Use the controls below to add/edit or delete user groups (as used when sending mailshots).<br /> <br /> <form name="form1" method="post" action="<?php echo FILENAME_ADMIN_MODIFY_GROUPS; ?> ">
function update_user_information($username, $firstname, $lastname, $email) { // check if username is unique $result = wrap_db_query("SELECT user_id FROM " . BOOKING_USER_TABLE . " WHERE username='******'"); if (!$result) { return false; // no result } else { if (wrap_db_num_rows($result) == 1) { // one result row $fields = wrap_db_fetch_array($result); $user_id = $fields['user_id']; } else { return false; } } if (empty($user_id)) { return false; } // if ok, put in db and return result $result = wrap_db_query("UPDATE " . BOOKING_USER_TABLE . " SET \r\n\t\t\t\t\t\tfirstname = '" . wrap_db_escape_string($firstname) . "',\r\n\t\t\t\t\t\tlastname = '" . wrap_db_escape_string($lastname) . "',\r\n\t\t\t\t\t\temail = '" . wrap_db_escape_string($email) . "' \r\n\t\t\t\t\t\tWHERE username = '******' " . " AND user_id = '" . wrap_db_escape_string($user_id) . "'"); if (!$result) { return false; } else { return true; } }
function get_credit_types() { $result = wrap_db_query("SELECT * FROM " . BOOKING_CREDIT_TYPES); $returnArray = null; if (!$result) { return false; // general connection or query error } else { if (wrap_db_num_rows($result) == 0) { return false; // no results - odd! } else { while ($fields = wrap_db_fetch_array($result)) { $returnArray[] = array('credit_type_id' => $fields['credit_type_id'], 'credit_type_name' => $fields['credit_type_name'], 'credit_type_booking_days' => $fields['credit_type_booking_days']); } } } return $returnArray; }
<b>Current Bookings:</b><br> <br> <?php // Check how many upcoming bookings the user already has reserved in the system $showedABooking = false; $user_events_result = get_user_events($user_info['username'], true, 50); //get a max of 50 results $num_events_results = wrap_db_num_rows($user_events_result); if ($num_events_results >= 50) { echo "NOTE: You currently have more than 50 advance bookings. Only the next 50 are shown below.<br><br>"; } ?> <table cellpadding="2" cellspacing="0" border="0" style="margin-left: 20px;"> <?php while ($user_events_row = wrap_db_fetch_array($user_events_result)) { // echo '<pre>' ; // print_r( $user_events_row ) ; // echo '</pre>' ; $display_dates_and_time_ranges = get_event_dates_and_time_ranges($user_events_row['event_id'], $user_events_row['location']); if (count($display_dates_and_time_ranges) > 0) { reset($display_dates_and_time_ranges); foreach ($display_dates_and_time_ranges as $display_date_and_time) { list($date, $time_range) = explode(" ", $display_date_and_time); list($from_time, $to_time) = explode("-", $time_range); ?> <tr> <td align="left" valign="top" nowrap="nowrap"><?php echo short_date_format_with_day_of_week($date); ?> </td>
if ($BuddyRes) { while ($row = wrap_db_fetch_array($BuddyRes)) { $buddyCount = $row[0]; } } $pendingBuddyCountSql = "SELECT COUNT(user_id) FROM " . BOOKING_BUDDIES_PENDING . " "; $pendingBuddyRes = wrap_db_query($pendingBuddyCountSql); if ($pendingBuddyRes) { while ($row1 = wrap_db_fetch_array($pendingBuddyRes)) { $pendingBuddyCount = $row1[0]; } } $userCountSql = "SELECT COUNT(user_id) FROM " . BOOKING_USER_TABLE . " WHERE is_admin = '0'"; $UserRes = wrap_db_query($userCountSql); if ($UserRes) { while ($row2 = wrap_db_fetch_array($UserRes)) { $userCount = $row2[0]; } } // calculate percentage of users using BLN $decimal = $buddyCount / $userCount; $percentage = $decimal * 100; ?> <br> Usage Statistics: </p> <table border="0" cellpadding="4" cellspacing="2" id="booking_email_table" style="filter: progid:DXImageTransform.Microsoft.Alpha(opacity=<?php echo $_SESSION['BUDDY_LIST_EMAILS_SEND'] ? '100' : '50'; ?> );"> <tr>
function get_user($user_id) { // get user_id based on $id $result = wrap_db_query("SELECT * FROM " . BOOKING_USER_TABLE . " \r\n\t\t\t\t\t\tWHERE user_id = '" . wrap_db_escape_string($user_id) . "' LIMIT 1"); return wrap_db_fetch_array($result); }
$myBuddyBuddyIDs[] = $myBuddies['buddy_id']; } // get pending buddies for our user $pendingBuddies = wrap_db_query("SELECT user_id, buddy_id FROM " . BOOKING_BUDDIES_PENDING . " where buddy_id = '" . $user_info['user_id'] . "' OR user_id='" . $user_info['user_id'] . "'"); while ($myPendingBuddies = wrap_db_fetch_array($pendingBuddies)) { $myPendingUserBuddyIDs[] = $myPendingBuddies['user_id']; $myPendingBuddyBuddyIDs[] = $myPendingBuddies['buddy_id']; } // if the user does not have any pending buddies, set the pending session variable to false // so that the indicator flag in the control panel does not show if (!is_array($myPendingBuddyBuddyIDs)) { $_SESSION['number_pending_buddies'] = false; } // get our current buddies $allUsers = wrap_db_query("SELECT user_id, username, firstname, lastname, email FROM " . BOOKING_USER_TABLE . " where user_id <> '" . $user_info['user_id'] . "' AND is_admin = '0' ORDER BY lastname, firstname, username"); while ($myUsers = wrap_db_fetch_array($allUsers)) { foreach ($myUsers as $item) { $my_users[$myUsers['user_id']]['user_id'] = $myUsers['user_id']; $my_users[$myUsers['user_id']]['username'] = $myUsers['username']; $my_users[$myUsers['user_id']]['firstname'] = $myUsers['firstname']; $my_users[$myUsers['user_id']]['lastname'] = $myUsers['lastname']; $my_users[$myUsers['user_id']]['email'] = $myUsers['email']; } } // java script for allow or deny links ?> <script language="JavaScript" type="text/javascript"> <!-- function allow ( selectedtype ) { document.submit_pending.allow_selected.value = selectedtype ;