header('Location: ' . href_link(FILENAME_LOGIN, 'origin=' . FILENAME_ADD_EVENT . '&' . make_hidden_fields_workstring(), 'NONSSL')); wrap_exit(); } } //set a shorter test for admin/regular user $is_admin = false; if (wrap_session_is_registered("admin_user")) { $is_admin = true; } //set a shorter test for the block booking test $can_block_book = false; if ($is_admin) { //all admins can block book - no exceptions $can_block_book = true; } else { if (wrap_session_is_registered("block_book")) { //this is a regular user who is allowed to block book $can_block_book = true; } } //set some shorter vars for bookings made by admins $ignoreRules = false; $deductCredits = true; $bookingByUserID = get_user_id($_SESSION['valid_user']); $bookingForUserID = $bookingByUserID; // a default that may get overwritten later on in the code $bookingForUsername = $_SESSION['valid_user']; $bookeeMinimumAdvanceBookingLimit = $_SESSION['MINIMUM_ADVANCE_BOOKING_LIMIT']; $bookeeAdvanceBookingLimit = $_SESSION['ADVANCE_BOOKING_LIMIT']; $bookeeUsesCredits = true; if ($_SESSION['booking_credits'] == 'Not used') {
$display_login_form = true; $page_error_message = "You could not be logged in. Please try again."; } } elseif (wrap_session_is_registered("valid_user")) { // logged in $display_login_form = false; } else { // they are not logged in, show login page output $display_login_form = true; if ($_REQUEST['orgin'] != FILENAME_LOGOUT && $_REQUEST['orgin'] != FILENAME_LOGIN && $_REQUEST['orgin'] != "") { $page_error_message = "You are not logged in. You must login to use this page."; } } // redirect back to "origin" page if (!$display_login_form && $_REQUEST['origin'] != '' && $_SESSION['valid_user'] != '') { if (@wrap_session_is_registered('valid_user')) { header('Location: ' . href_link($_REQUEST['origin'], make_hidden_fields_workstring(), 'NONSSL')); wrap_exit(); } } $page_title = "Booking Calendar - User Login"; $page_title_bar = "User Login:"******"header.php"; if ($display_login_form) { ?> <p align="center"> <form method="post" action="<?php echo FILENAME_LOGIN; ?> "> <table border="0" align="center" cellpadding="2" cellspacing="0">
echo "<p><strong>Booking credits remaining:</strong> " . $user_info['booking_credits'] . " credit"; if ($user_info['booking_credits'] != 1) { echo "s"; } echo "</p>"; ?> <table width="550" border="0" cellpadding="2" cellspacing="4"> <tr> <td width="530">NOTE: Once payment has been made via Paypal, your account will be updated automatically with the additional credits once you have received a confirmation email. <font color="red">Please note this can take up to 20 minutes.</font></td> </tr> </table> <?php //Load the user info $user_info = get_user(get_user_id($_SESSION['valid_user'])); // Check we have permissions to buy credits if (wrap_session_is_registered("admin_user") || $user_info['booking_credits'] == 'Not used' || $_SESSION['PAYMENT_GATEWAY'] != '1' || !is_numeric($user_info['user_id'])) { echo "<p>You do not have permission to purchase booking credits. Please contact an Administrator.</p>"; include_once "footer.php"; include_once "application_bottom.php"; die; } // Load the products based on the users group membership $result = wrap_db_query("SELECT DISTINCT bpi.id, bpi.product_name, bpi.quantity, bpi.mc_gross, bpi.mc_currency \n\t\t\t\t\t\t\tFROM (" . BOOKING_PRODUCT_ITEM . " bpi LEFT JOIN " . BOOKING_PRODUCT_GROUPS . " bpg ON bpg.product_id = bpi.id ) \n\t\t\t\t\t\t\tWHERE group_id IN (SELECT DISTINCT group_id FROM " . BOOKING_USER_GROUPS_TABLE . " WHERE user_id = " . $user_info['user_id'] . ") ORDER BY bpi.product_name, bpi.quantity"); // If there are no products assigned, load the default if (!(wrap_db_num_rows($result) >= 1) || !$result) { $result = wrap_db_query("SELECT DISTINCT id, product_name, quantity, mc_gross, mc_currency FROM " . BOOKING_PRODUCT_ITEM . " WHERE id = '1' LIMIT 1"); } if ($result) { while ($products = wrap_db_fetch_array($result)) { // LIVE // https://www.sandbox.paypal.com/cgi-bin/webscr
// Associative Display Array (key => display_text) $location_display = array('loc1' => 'Location 1', 'loc2' => 'Location 2'); // Default Location Name Index define('DEFAULT_LOCATION_NAME', 'loc1'); if (@$_REQUEST['loc'] == '') { $_REQUEST['loc'] = DEFAULT_LOCATION_NAME; } // Default View define('DEFAULT_VIEW', 'month'); if (@$_REQUEST['view'] == '') { $_REQUEST['view'] = DEFAULT_VIEW; } // Number of days of schedule data to keep from now define('PURGE_TABLE_SCHEDULE_DAYS', '365'); // Provide override to flags so that admin users can do things normal users can't. $flagDefault = true; if (wrap_session_is_registered("admin_user")) { $flagDefault = false; } // Require Username/Password Authentication Settings define('REQUIRE_AUTH_FOR_ADDING_FLAG', $flagDefault); define('REQUIRE_AUTH_FOR_MODIFYING_FLAG', $flagDefault); define('REQUIRE_AUTH_FOR_DELETING_FLAG', $flagDefault); define('REQUIRE_AUTH_FOR_VIEWING_DETAILS_FLAG', false); // Required User Settings define('REQUIRE_MATCHING_USERNAME_FOR_MODIFICATIONS_FLAG', $flagDefault); define('REQUIRE_MATCHING_USERNAME_FOR_DELETIONS_FLAG', $flagDefault); // Create the needed date constants for the current & selected dates. include_once 'define_time_constants.php'; // Load in the session variables include_once 'session_variables.php';
');" onmouseout="nd();"><?php echo $start_time; ?> -<?php echo $end_time; ?> </a> </span></td> <?php } elseif ($event_row_data[$display_time][$week_date] == '0') { // This is where the cell is already taken from the prev row. } else { //generate the link to be used for making/preventing bookings. Store for possible re-use later in this table row: $make_booking_link = ''; list($year, $month, $day) = explode("-", $week_date); if (wrap_session_is_registered("admin_user") || mktime($hour, $min, $sec, $month, $day, $year) < $booking_limited_time) { $make_booking_link = href_link(FILENAME_ADD_EVENT, 'date=' . $week_date . '&start_time=' . $std_time_str . '&' . make_hidden_fields_workstring(array('view', 'loc')), 'NONSSL'); } else { $make_booking_link = '#" onclick="return outsideBookingLimit();"'; } ?> <td align="right" rowspan="1" class="BgcolorNormal" width="14%"><span class="FontSoftSmall"><a href="<?php echo $make_booking_link; ?> ">(+)</a></span></td> <?php } // end of if/elseif/else } // end of foreach $week_date
$_SESSION['valid_user'] = $_POST['username']; wrap_session_register("valid_user"); $page_title = "Registration Successful!"; } else { // register problem: username taken, database error $page_title = "User Registration Problem"; $page_error_message = $reg_result; } } } // end of $_POST['register'] != "" $page_title = "Booking Calendar - User Registration"; $page_title_bar = "User Registration:"; include_once "header.php"; // Check we are logged in if (wrap_session_is_registered("admin_user") || wrap_session_is_registered("valid_user") && !$reg_result) { echo "<p>Logged in users cannot register.</p>"; include_once "footer.php"; include_once "application_bottom.php"; die; } if ($reg_result) { // Registration Successful! Provide link to display wants page. echo "Your registration was successful! You are now logged in.<br /><br />"; if ($_SESSION['PAYMENT_GATEWAY'] == '1') { echo "You can <a href=\"" . FILENAME_BUY_CREDITS . "\">buy credits</a> and then make a booking.<br /><br />"; } } else { //make sure new user registrations are allowed if ($_SESSION['PUBLIC_REGISTER_FLAG']) { // New Registration or Problem.
<br> <b>Booking Rules for user <?php echo $user_info['firstname']; ?> <?php echo $user_info['lastname']; ?> (<?php echo $user_info['username']; ?> ):</b><br> <br> <ul> <li>You can have <?php echo $user_info['max_bookings'] > 0 ? $user_info['max_bookings'] : 'an unlimited number of'; ?> concurrent bookings at any one time.</li> <li>You can make bookings <?php echo wrap_session_is_registered("admin_user") ? 'any number of' : $_SESSION['ADVANCE_BOOKING_LIMIT'] / 24; ?> days in advance.</li> <li>You can modify current bookings <?php echo wrap_session_is_registered("admin_user") ? 'at any time' : $_SESSION['ADVANCE_CANCEL_LIMIT'] . ' hours'; ?> prior to the booking date/time.</li> </ul> <?php include_once "footer.php"; include_once "application_bottom.php";
$page_error_message = "Your ending date does not exist. There are only " . number_of_days_in_month($_POST['end_year'], $_POST['end_mon']) . " days in " . month_name($_POST['end_mon']) . " " . $_POST['end_year'] . ". Please check the calendar and try again."; } elseif (!check_valid_date($recur_date) && $recur_interval != '') { $page_error_message = "Your recurring date does not exist. There are only " . number_of_days_in_month($_POST['recur_year'], $_POST['recur_mon']) . " days in " . month_name($_POST['recur_mon']) . " " . $_POST['recur_year'] . ". Please check the calendar and try again."; } elseif (implode("", explode("-", $ending_date)) . implode("", explode(":", $ending_time)) + 0 <= implode("", explode("-", $starting_date)) . implode("", explode(":", $starting_time)) + 0) { $page_error_message = "There is a problem with this event! The ending date and time must occur after the starting " . "date and time. Please notify the calendar adminstrator of this problem."; } elseif (implode("", explode("-", $recur_date)) + 0 <= implode("", explode("-", $ending_date)) + 0 && !($recur_interval == 'none' || $recur_interval == '')) { $page_error_message = "There is a problem with this event! The recurring until date must occur after your ending " . "date. Please notify the calendar adminstrator of this problem."; } // end of if/elseif // ACTION HANDLER // CHECK AUTHENTICATION/USERNAME/GROUP FOR MODIFY OR DELETE ACTIONS $user_id = get_user_id($_SESSION['valid_user']); // Current Session User ID $event_user = get_user($event['user_id']); // Define Event User Information $valid_session = wrap_session_is_registered('valid_user'); $display_modify_trigger = true; $display_delete_trigger = true; if (REQUIRE_AUTH_FOR_MODIFYING_FLAG && !$valid_session && ($_REQUEST['action'] == 'submit_modify' || $_REQUEST['action'] == 'modify')) { $_REQUEST['action'] = ""; $display_modify_trigger = false; } if (REQUIRE_AUTH_FOR_DELETING_FLAG && !$valid_session && ($_REQUEST['action'] == 'submit_delete' || $_REQUEST['action'] == 'delete' || $_REQUEST['action'] == 'delete_event')) { $_REQUEST['action'] = ""; $display_delete_trigger = false; } if (REQUIRE_MATCHING_USERNAME_FOR_MODIFICATIONS_FLAG && $event['user_id'] != $user_id) { if ($_REQUEST['action'] == 'submit_modify' || $_REQUEST['action'] == 'modify') { $_REQUEST['action'] = ""; } $display_modify_trigger = false;
">Update User Info</a><br /> --> <a href="<?php echo href_link(FILENAME_HELP, '', 'NONSSL'); ?> ">User Help</a> <br /> <?php if (wrap_session_is_registered("admin_user")) { ?> <a href="user_admin.php" class="FontSoftSmall">User Admin</a><br /> <a href="site_admin.php" class="FontSoftSmall">Site Admin</a> <br /> <?php } if (isset($_SESSION['valid_user']) && $_SESSION['valid_user'] != '') { echo '<a href="' . FILENAME_MY_BOOKWAKE_VIEW . '">My Bookings</a>'; if ($_SESSION['BUDDY_LIST_EMAILS_SEND'] && !wrap_session_is_registered("admin_user")) { echo '<br><a href="' . FILENAME_BUDDY_LIST . '">My Buddylist </a>'; if (isset($_SESSION['number_pending_buddies']) && $_SESSION['number_pending_buddies'] > 0) { echo "<img src=\"images/pending.gif\" width=\"13\" height=\"13\">"; } } // link to buy credits if the user has user credits enabled if ($_SESSION['booking_credits'] != 'Not used' && $_SESSION['PAYMENT_GATEWAY'] == '1') { echo '<br><a href="' . FILENAME_BUY_CREDITS . '">Buy Credits'; } } ?> </span></div></td> </tr> </table> </td>