header('Location: ' . href_link(FILENAME_LOGIN, 'origin=' . FILENAME_ADD_EVENT . '&' . make_hidden_fields_workstring(), 'NONSSL'));
wrap_exit();
}
}
//set a shorter test for admin/regular user
$is_admin = false;
if (wrap_session_is_registered("admin_user")) {
$is_admin = true;
}
//set a shorter test for the block booking test
$can_block_book = false;
if ($is_admin) {
//all admins can block book - no exceptions
$can_block_book = true;
} else {
if (wrap_session_is_registered("block_book")) {
//this is a regular user who is allowed to block book
$can_block_book = true;
}
}
//set some shorter vars for bookings made by admins
$ignoreRules = false;
$deductCredits = true;
$bookingByUserID = get_user_id($_SESSION['valid_user']);
$bookingForUserID = $bookingByUserID;
// a default that may get overwritten later on in the code
$bookingForUsername = $_SESSION['valid_user'];
$bookeeMinimumAdvanceBookingLimit = $_SESSION['MINIMUM_ADVANCE_BOOKING_LIMIT'];
$bookeeAdvanceBookingLimit = $_SESSION['ADVANCE_BOOKING_LIMIT'];
$bookeeUsesCredits = true;
if ($_SESSION['booking_credits'] == 'Not used') {
$display_login_form = true;
$page_error_message = "You could not be logged in. Please try again.";
}
} elseif (wrap_session_is_registered("valid_user")) {
// logged in
$display_login_form = false;
} else {
// they are not logged in, show login page output
$display_login_form = true;
if ($_REQUEST['orgin'] != FILENAME_LOGOUT && $_REQUEST['orgin'] != FILENAME_LOGIN && $_REQUEST['orgin'] != "") {
$page_error_message = "You are not logged in. You must login to use this page.";
}
}
// redirect back to "origin" page
if (!$display_login_form && $_REQUEST['origin'] != '' && $_SESSION['valid_user'] != '') {
if (@wrap_session_is_registered('valid_user')) {
header('Location: ' . href_link($_REQUEST['origin'], make_hidden_fields_workstring(), 'NONSSL'));
wrap_exit();
}
}
$page_title = "Booking Calendar - User Login";
$page_title_bar = "User Login:"******"header.php";
if ($display_login_form) {
?>
<p align="center">
<form method="post" action="<?php
echo FILENAME_LOGIN;
?>
">
<table border="0" align="center" cellpadding="2" cellspacing="0">
echo "<p><strong>Booking credits remaining:</strong> " . $user_info['booking_credits'] . " credit";
if ($user_info['booking_credits'] != 1) {
echo "s";
}
echo "</p>";
?>
<table width="550" border="0" cellpadding="2" cellspacing="4">
<tr>
<td width="530">NOTE: Once payment has been made via Paypal, your account will be updated automatically with the additional credits once you have received a confirmation email. <font color="red">Please note this can take up to 20 minutes.</font></td>
</tr>
</table>
<?php
//Load the user info
$user_info = get_user(get_user_id($_SESSION['valid_user']));
// Check we have permissions to buy credits
if (wrap_session_is_registered("admin_user") || $user_info['booking_credits'] == 'Not used' || $_SESSION['PAYMENT_GATEWAY'] != '1' || !is_numeric($user_info['user_id'])) {
echo "<p>You do not have permission to purchase booking credits. Please contact an Administrator.</p>";
include_once "footer.php";
include_once "application_bottom.php";
die;
}
// Load the products based on the users group membership
$result = wrap_db_query("SELECT DISTINCT bpi.id, bpi.product_name, bpi.quantity, bpi.mc_gross, bpi.mc_currency \n\t\t\t\t\t\t\tFROM (" . BOOKING_PRODUCT_ITEM . " bpi LEFT JOIN " . BOOKING_PRODUCT_GROUPS . " bpg ON bpg.product_id = bpi.id ) \n\t\t\t\t\t\t\tWHERE group_id IN (SELECT DISTINCT group_id FROM " . BOOKING_USER_GROUPS_TABLE . " WHERE user_id = " . $user_info['user_id'] . ") ORDER BY bpi.product_name, bpi.quantity");
// If there are no products assigned, load the default
if (!(wrap_db_num_rows($result) >= 1) || !$result) {
$result = wrap_db_query("SELECT DISTINCT id, product_name, quantity, mc_gross, mc_currency FROM " . BOOKING_PRODUCT_ITEM . " WHERE id = '1' LIMIT 1");
}
if ($result) {
while ($products = wrap_db_fetch_array($result)) {
// LIVE
// https://www.sandbox.paypal.com/cgi-bin/webscr
// Associative Display Array (key => display_text)
$location_display = array('loc1' => 'Location 1', 'loc2' => 'Location 2');
// Default Location Name Index
define('DEFAULT_LOCATION_NAME', 'loc1');
if (@$_REQUEST['loc'] == '') {
$_REQUEST['loc'] = DEFAULT_LOCATION_NAME;
}
// Default View
define('DEFAULT_VIEW', 'month');
if (@$_REQUEST['view'] == '') {
$_REQUEST['view'] = DEFAULT_VIEW;
}
// Number of days of schedule data to keep from now
define('PURGE_TABLE_SCHEDULE_DAYS', '365');
// Provide override to flags so that admin users can do things normal users can't.
$flagDefault = true;
if (wrap_session_is_registered("admin_user")) {
$flagDefault = false;
}
// Require Username/Password Authentication Settings
define('REQUIRE_AUTH_FOR_ADDING_FLAG', $flagDefault);
define('REQUIRE_AUTH_FOR_MODIFYING_FLAG', $flagDefault);
define('REQUIRE_AUTH_FOR_DELETING_FLAG', $flagDefault);
define('REQUIRE_AUTH_FOR_VIEWING_DETAILS_FLAG', false);
// Required User Settings
define('REQUIRE_MATCHING_USERNAME_FOR_MODIFICATIONS_FLAG', $flagDefault);
define('REQUIRE_MATCHING_USERNAME_FOR_DELETIONS_FLAG', $flagDefault);
// Create the needed date constants for the current & selected dates.
include_once 'define_time_constants.php';
// Load in the session variables
include_once 'session_variables.php';
');"
onmouseout="nd();"><?php
echo $start_time;
?>
-<?php
echo $end_time;
?>
</a> </span></td>
<?php
} elseif ($event_row_data[$display_time][$week_date] == '0') {
// This is where the cell is already taken from the prev row.
} else {
//generate the link to be used for making/preventing bookings. Store for possible re-use later in this table row:
$make_booking_link = '';
list($year, $month, $day) = explode("-", $week_date);
if (wrap_session_is_registered("admin_user") || mktime($hour, $min, $sec, $month, $day, $year) < $booking_limited_time) {
$make_booking_link = href_link(FILENAME_ADD_EVENT, 'date=' . $week_date . '&start_time=' . $std_time_str . '&' . make_hidden_fields_workstring(array('view', 'loc')), 'NONSSL');
} else {
$make_booking_link = '#" onclick="return outsideBookingLimit();"';
}
?>
<td align="right" rowspan="1" class="BgcolorNormal" width="14%"><span
class="FontSoftSmall"><a href="<?php
echo $make_booking_link;
?>
">(+)</a></span></td>
<?php
}
// end of if/elseif/else
}
// end of foreach $week_date
$_SESSION['valid_user'] = $_POST['username'];
wrap_session_register("valid_user");
$page_title = "Registration Successful!";
} else {
// register problem: username taken, database error
$page_title = "User Registration Problem";
$page_error_message = $reg_result;
}
}
}
// end of $_POST['register'] != ""
$page_title = "Booking Calendar - User Registration";
$page_title_bar = "User Registration:";
include_once "header.php";
// Check we are logged in
if (wrap_session_is_registered("admin_user") || wrap_session_is_registered("valid_user") && !$reg_result) {
echo "<p>Logged in users cannot register.</p>";
include_once "footer.php";
include_once "application_bottom.php";
die;
}
if ($reg_result) {
// Registration Successful! Provide link to display wants page.
echo "Your registration was successful! You are now logged in.<br /><br />";
if ($_SESSION['PAYMENT_GATEWAY'] == '1') {
echo "You can <a href=\"" . FILENAME_BUY_CREDITS . "\">buy credits</a> and then make a booking.<br /><br />";
}
} else {
//make sure new user registrations are allowed
if ($_SESSION['PUBLIC_REGISTER_FLAG']) {
// New Registration or Problem.
<br>
<b>Booking Rules for user <?php
echo $user_info['firstname'];
?>
<?php
echo $user_info['lastname'];
?>
(<?php
echo $user_info['username'];
?>
):</b><br>
<br>
<ul>
<li>You can have <?php
echo $user_info['max_bookings'] > 0 ? $user_info['max_bookings'] : 'an unlimited number of';
?>
concurrent bookings at any one time.</li>
<li>You can make bookings <?php
echo wrap_session_is_registered("admin_user") ? 'any number of' : $_SESSION['ADVANCE_BOOKING_LIMIT'] / 24;
?>
days in advance.</li>
<li>You can modify current bookings <?php
echo wrap_session_is_registered("admin_user") ? 'at any time' : $_SESSION['ADVANCE_CANCEL_LIMIT'] . ' hours';
?>
prior to the booking date/time.</li>
</ul>
<?php
include_once "footer.php";
include_once "application_bottom.php";
$page_error_message = "Your ending date does not exist. There are only " . number_of_days_in_month($_POST['end_year'], $_POST['end_mon']) . " days in " . month_name($_POST['end_mon']) . " " . $_POST['end_year'] . ". Please check the calendar and try again.";
} elseif (!check_valid_date($recur_date) && $recur_interval != '') {
$page_error_message = "Your recurring date does not exist. There are only " . number_of_days_in_month($_POST['recur_year'], $_POST['recur_mon']) . " days in " . month_name($_POST['recur_mon']) . " " . $_POST['recur_year'] . ". Please check the calendar and try again.";
} elseif (implode("", explode("-", $ending_date)) . implode("", explode(":", $ending_time)) + 0 <= implode("", explode("-", $starting_date)) . implode("", explode(":", $starting_time)) + 0) {
$page_error_message = "There is a problem with this event! The ending date and time must occur after the starting " . "date and time. Please notify the calendar adminstrator of this problem.";
} elseif (implode("", explode("-", $recur_date)) + 0 <= implode("", explode("-", $ending_date)) + 0 && !($recur_interval == 'none' || $recur_interval == '')) {
$page_error_message = "There is a problem with this event! The recurring until date must occur after your ending " . "date. Please notify the calendar adminstrator of this problem.";
}
// end of if/elseif
// ACTION HANDLER
// CHECK AUTHENTICATION/USERNAME/GROUP FOR MODIFY OR DELETE ACTIONS
$user_id = get_user_id($_SESSION['valid_user']);
// Current Session User ID
$event_user = get_user($event['user_id']);
// Define Event User Information
$valid_session = wrap_session_is_registered('valid_user');
$display_modify_trigger = true;
$display_delete_trigger = true;
if (REQUIRE_AUTH_FOR_MODIFYING_FLAG && !$valid_session && ($_REQUEST['action'] == 'submit_modify' || $_REQUEST['action'] == 'modify')) {
$_REQUEST['action'] = "";
$display_modify_trigger = false;
}
if (REQUIRE_AUTH_FOR_DELETING_FLAG && !$valid_session && ($_REQUEST['action'] == 'submit_delete' || $_REQUEST['action'] == 'delete' || $_REQUEST['action'] == 'delete_event')) {
$_REQUEST['action'] = "";
$display_delete_trigger = false;
}
if (REQUIRE_MATCHING_USERNAME_FOR_MODIFICATIONS_FLAG && $event['user_id'] != $user_id) {
if ($_REQUEST['action'] == 'submit_modify' || $_REQUEST['action'] == 'modify') {
$_REQUEST['action'] = "";
}
$display_modify_trigger = false;
">Update User Info</a><br />
-->
<a href="<?php
echo href_link(FILENAME_HELP, '', 'NONSSL');
?>
">User Help</a> <br />
<?php
if (wrap_session_is_registered("admin_user")) {
?>
<a href="user_admin.php" class="FontSoftSmall">User Admin</a><br />
<a href="site_admin.php" class="FontSoftSmall">Site Admin</a> <br />
<?php
}
if (isset($_SESSION['valid_user']) && $_SESSION['valid_user'] != '') {
echo '<a href="' . FILENAME_MY_BOOKWAKE_VIEW . '">My Bookings</a>';
if ($_SESSION['BUDDY_LIST_EMAILS_SEND'] && !wrap_session_is_registered("admin_user")) {
echo '<br><a href="' . FILENAME_BUDDY_LIST . '">My Buddylist </a>';
if (isset($_SESSION['number_pending_buddies']) && $_SESSION['number_pending_buddies'] > 0) {
echo "<img src=\"images/pending.gif\" width=\"13\" height=\"13\">";
}
}
// link to buy credits if the user has user credits enabled
if ($_SESSION['booking_credits'] != 'Not used' && $_SESSION['PAYMENT_GATEWAY'] == '1') {
echo '<br><a href="' . FILENAME_BUY_CREDITS . '">Buy Credits';
}
}
?>
</span></div></td>
</tr>
</table>
</td>
