goto noEdit; } //last minute rights check //add/update event if ($mode == "add_exe" or $mode == "upd_exe") { $from = array('&', "'", '"'); $to = array('&', "'", '"'); $tit = str_replace($from, $to, $tit); $ven = str_replace($from, $to, $ven); $des = str_replace($from, $to, $des); $xf1 = str_replace($from, $to, $xf1); $xf2 = str_replace($from, $to, $xf2); //add URL and IMG tags $desHtml = addUrlImgTags($des); $xf1Html = addUrlImgTags($xf1); $xf2Html = addUrlImgTags($xf2); $desHtml = str_replace(array("\r\n", "\n", "\r"), "<br>", $desHtml); //replace newline by <br> //validate input fields do { if (!$tit) { $eMsg .= $xx['evt_no_title'] . "<br>"; break; } if ($sda) { $sDate = DDtoID($sda); if (!$sDate) { $eMsg .= $xx['evt_bad_date'] . ": " . $sda . "<br>"; break; } } else {
function addEvents() { global $ax, $birthdayID, $dFormat, $tFormat; $msg = ''; $nofEvents = count($_POST['title']); $added = $dropped = 0; for ($i = 0; $i < $nofEvents; $i++) { if (empty($_POST['ignore'][$i])) { $title = strip_tags($_POST['title'][$i]); $venue = strip_tags($_POST['venue'][$i]); $descr = strip_tags($_POST['descr'][$i], '<a>'); //allow URLs $descr = addUrlImgTags($descr, 'x-'); //add URL link tags $sDate = DDtoID($_POST['sDate'][$i], $dFormat); $eDate = $_POST['eDate'][$i] ? DDtoID($_POST['eDate'][$i], $dFormat) : "9999-00-00"; $sTime = DTtoIT($_POST['sTime'][$i], $tFormat); $eTime = $_POST['eTime'][$i] ? DTtoIT($_POST['eTime'][$i], $tFormat) : "99:00:00"; if (empty($sTime)) { //all day $sTime = '00:00'; $eTime = '23:59'; } $catID = $_POST['catID'][$i] ? $_POST['catID'][$i] : 1; //no cat $rType = $rInterval = $rPeriod = $rMonth = 0; if (!empty($_POST['birthday'][$i]) or $catID == $birthdayID) { //birthday $catID = $birthdayID; $rType = 1; $rInterval = 1; $rPeriod = 4; $eDate = "9999-00-00"; } if (!eventInDb($title, $sDate, $eDate, $sTime, $eTime)) { //add event to db $q = "INSERT INTO `events` (`title`,`venue`,`text1`,`catID`,`userID`,`sDate`,`eDate`,`sTime`,`eTime`,`rType`,`rInterval`,`rPeriod`,`rMonth`,`aDateTime`,`mDateTime`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; $stH = stPrep($q); $result = stExec($stH, array($title, $venue, $descr, $catID, $_SESSION['uid'], $sDate, $eDate, $sTime, $eTime, $rType, $rInterval, $rPeriod, $rMonth, date("Y-m-d H:i"), date("Y-m-d H:i"))); if ($result) { $added++; } else { $msg = $ax['iex_db_error']; } } else { $dropped++; } } } if (!$msg) { $msg = "{$added} {$ax['iex_events_added']}" . ($dropped > 0 ? " / {$dropped} {$ax['iex_events_dropped']}" : ''); } return $msg; }
function addEvents() { global $ax, $defcatID; $msg = ""; $nofEvents = count($_POST['title']); $added = $dropped = 0; for ($i = 0; $i < $nofEvents; $i++) { if (empty($_POST['delete'][$i]) and $_POST['r_t'][$i] >= 0) { //if delete not ticked and repeat-type is valid $title = htmlspecialchars_decode(trim($_POST['title'][$i])); $venue = htmlspecialchars_decode(trim($_POST['venue'][$i])); $descr = strip_tags(trim($_POST['descr'][$i]), '<a>'); $descr = addUrlImgTags($descr, 'x-'); //add URL link tags $descr = str_ireplace(array("\r\n", "\n", "\r"), "<br>", $descr); //allow URLs and replace newline by <br> $sDate = DDtoID($_POST['sDate'][$i]); $eDate = $_POST['eDate'][$i] ? DDtoID($_POST['eDate'][$i]) : "9999-00-00"; $sTime = DTtoIT($_POST['sTime'][$i]); $eTime = $_POST['eTime'][$i] ? DTtoIT($_POST['eTime'][$i]) : "99:00:00"; if (empty($sTime)) { //all day $sTime = '00:00'; $eTime = '23:59'; } $r_t = $_POST['r_t'][$i]; $r_i = $_POST['r_i'][$i]; $r_p = $_POST['r_p'][$i]; $r_m = $_POST['r_m'][$i]; $r_u = $_POST['r_u'][$i] ? DDtoID($_POST['r_u'][$i]) : "9999-00-00"; $catID = $_POST['catID'][$i] ? $_POST['catID'][$i] : 1; //no cat if (!eventInDb($title, $sDate, $eDate, $sTime, $eTime)) { //add event to db $q = "INSERT INTO `events` (`title`,`venue`,`text1`,`catID`,`userID`,`sDate`,`eDate`,`sTime`,`eTime`,`rType`,`rInterval`,`rPeriod`,`rMonth`,`rUntil`,`aDateTime`,`mDateTime`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)"; $stH = stPrep($q); $result = stExec($stH, array($title, $venue, $descr, $catID, $_SESSION['uid'], $sDate, $eDate, $sTime, $eTime, $r_t, $r_i, $r_p, $r_m, $r_u, date("Y-m-d H:i"), date("Y-m-d H:i"))); if ($result) { $added++; } else { $msg = $ax['iex_db_error']; } } else { $dropped++; } } } if (!$msg) { $msg = $added . " " . $ax['iex_events_added'] . ($dropped > 0 ? " / {$dropped} {$ax['iex_events_dropped']}" : ""); } return $msg; }