$roomType = new RoomType($_GET['roomTypeID']); //if this is an update then update the room if (isset($_POST['updateRoomType'])) { updateRoomType($roomType); } else { displayRoomType($roomType); } } else { if ($_GET['action'] == editRooms && $_SESSION['access'] >= 50 || $_GET['action'] == showRooms) { //get the new location type corresponding to the ID $room = new Room($_GET['roomID']); //if this is an update then update the room if (isset($_POST['updateRoom'])) { updateRoom($room); } else { displayRooms($room); } } else { if ($_GET['action'] == addLocationType && $_SESSION['access'] >= 50) { $locationType = new LocationType(); //if the user is adding the room, then add it if (isset($_POST['addLocationType'])) { addLocationType($locationType); } else { addLocationTypeForm(); } } else { if ($_GET['action'] == addLocation && $_SESSION['access'] >= 50) { $location = new Location(); //if the user is adding the room, then add it if (isset($_POST['addLocation'])) {
function blockRoom($mcid) { global $sourceFolder, $moduleFolder; if (isset($_POST['roomId']) && isset($_POST['block'])) { if ($_POST['block'] == 'BLOCK') { blockRoomNo(substr($_POST['roomId'], 9), $mcid); } if ($_POST['block'] == 'UNBLOCK') { unBlockRoomNo(substr($_POST['roomId'], 9), $mcid); } } $getAvailableRoomQuery = "SELECT * FROM `prhospi_hostel` WHERE `hospi_blocked`=0 AND `page_modulecomponentid`={$mcid}"; $getAvailableRoomQueryRes = mysql_query($getAvailableRoomQuery) or displayerror(mysql_error()); require_once "{$sourceFolder}/{$moduleFolder}/prhospi/accommodation.php"; $roomDetails = displayRooms($mcid); $blockRoomForm = <<<FORM <h1>Available Room</h1> {$roomDetails} <hr/> <h1> Block Room</h1> <form action="./+hospihead&subaction=blockRooms" method="post"> <select id="blockRoomNo" name="roomAllotted"> <option class="blockRoom" id="">Select Room</option> FORM; while ($details = mysql_fetch_assoc($getAvailableRoomQueryRes)) { $blockRoomForm .= <<<FORM <option class="blockRoom" id="blockRoom{$details['hospi_room_id']}">{$details['hospi_hostel_name']} RoomNo:{$details['hospi_room_no']}</option> FORM; } $blockRoomForm .= <<<FORM </select> <input type="hidden" id="roomId" name="roomId" /> <input type="submit" name="block" value="BLOCK"/> </form> <script type="text/javascript"> \$('#blockRoomNo').change(function(){ \troomIdValue=\$('.blockRoom:selected').attr('id'); \t\$('#roomId').val(roomIdValue); }); </script> FORM; /////////////////////////////////////////////////////////////////////////////////////////////////////////////////// $getAvailableRoomQuery = "SELECT * FROM `prhospi_hostel` WHERE `hospi_blocked`=1 AND `page_modulecomponentid`={$mcid}"; $getAvailableRoomQueryRes = mysql_query($getAvailableRoomQuery) or displayerror(mysql_error()); $blockRoomForm .= <<<FORM <hr/> <h1> UnBlock Room</h1> <form action="./+hospihead&subaction=blockRooms" method="post"> <select id="unblockRoomNo" name="roomAllotted"> <option class="unblockRoom" id="">Select Room</option> FORM; while ($details = mysql_fetch_assoc($getAvailableRoomQueryRes)) { $blockRoomForm .= <<<FORM <option class="unblockRoom" id="blockRoom{$details['hospi_room_id']}">{$details['hospi_hostel_name']} RoomNo:{$details['hospi_room_no']}</option> FORM; } $blockRoomForm .= <<<FORM </select> <input type="hidden" id="unblockroomId" name="roomId" /> <input type="submit" name="block" value="UNBLOCK"/> </form> <script type="text/javascript"> \$('#unblockRoomNo').change(function(){ \troomIdValue=\$('.unblockRoom:selected').attr('id'); \t\$('#unblockroomId').val(roomIdValue); }); </script> FORM; return $blockRoomForm; }
<?php session_start(); if (!isset($_SESSION['SESS_EMAIL'])) { die("login first"); } include_once "../db_conx.php"; if ($_POST['toDo'] == "logOff") { session_destroy(); } else { if ($_POST['toDo'] == "displayRooms") { displayRooms(); } elseif ($_POST['toDo'] == "deleteRoom") { deleteRoom($_POST['roomId']); } elseif ($_POST['toDo'] == "updateRoom") { updateRoom(); } elseif ($_POST['toDo'] == "addRoom") { addRoom(); } elseif ($_POST['toDo'] == "displaySubjects") { displaySubjects(); } elseif ($_POST['toDo'] == "updateSubject") { updateSubject(); } elseif ($_POST['toDo'] == "deleteSubject") { deleteSubject($_POST['subId']); } elseif ($_POST['toDo'] == "addSubject") { addSubject(); } elseif ($_POST['toDo'] == "displayBatches") { displayBatches(); } elseif ($_POST['toDo'] == "addBatch") { addBatch(); } elseif ($_POST['toDo'] == "updateBatch") {
function render_body() { if ($_GET['action'] == 'start') { echo '<h1>Start nové rezervace</h1> <p>Vyberte si, prosím, datum rezervace</p> <form action="rezervace.php?action=step2" method="POST"> <input type="text" name="datum" class="datepicker" /> <select name="hodina">'; for ($i = 8; $i <= 23; $i++) { echo '<option value="' . $i . '">' . $i . ':00</option>'; } echo ' </select> <br /><br />Počet lidí na rezervaci: <select name="pocet_lidi">'; for ($i = 1; $i <= 5; $i++) { echo '<option value="' . $i . '">' . $i . '</option>'; } echo ' </select> <br /><br /> Na jméno: <input type="text" name="name"> <input type="submit" value="Pokračovat!"> </form>'; } elseif ($_GET['action'] == 'step2') { if ($_POST['hodina'] < 10) { $hodina = '0' . $_POST['hodina']; } else { $hodina = $_POST['hodina']; } $datum = MyDB::escape($_POST['datum'] . ' ' . $hodina . ':00:00'); $pocet_lidi = MyDB::escape($_POST['pocet_lidi']); $_SESSION['datum'] = $datum; $_SESSION['pocet_lidi'] = $pocet_lidi; $_SESSION['jmeno'] = MyDB::escape($_POST['name']); echo '<h1>Vyber stolu</h1> <p>Vybrané datum: <strong>' . $datum . '</strong> pro <strong>' . $pocet_lidi . ' lidi</strong> na jméno <strong>' . $_SESSION['jmeno'] . '</strong></p> <p>Pro vyběr stolu na něj stačí kliknout, uvnitř čtverečku je uveden počet volných míst pro zvolený čas.</p> <h3>Salónky</h3> ' . displayRooms($datum, $pocet_lidi) . ' '; } elseif ($_GET['action'] == 'step3') { MyDB::getInstance()->insertReservation(MyDB::escape($_GET['id_stolu']), $_SESSION['datum'], $_SESSION['pocet_lidi'], $_SESSION['jmeno']); echo '<p>Děkujeme, Vaše rezervace byla uspešně přidána!</p>'; } elseif ($_GET['action'] == 'potvrdit') { MyDB::getInstance()->exec('UPDATE rezervace SET stav = "potvrzeno" WHERE id = ' . MyDB::escape($_GET['id'])); echo '<meta http-equiv="refresh" content="0;URL=\'rezervace.php?action=vypis-rezervaci\'">'; } elseif ($_GET['action'] == 'zrusit') { MyDB::getInstance()->exec('DELETE FROM rezervace WHERE id = ' . MyDB::escape($_GET['id'])); echo '<meta http-equiv="refresh" content="0;URL=\'rezervace.php?action=vypis-rezervaci\'">'; } elseif ($_GET['action'] == 'vypis-rezervaci') { echo '<h1>Rezervace</h1> <table class="datatable"> <thead> <tr><th>Jméno</th><th>Číslo stolu</th><th>Počet lidí</th><th>Čas</th><th>Stav</th><th>Možnosti</th></tr> </thead> <tbody> ' . displayReservations() . ' </tbody> </table> <br /><br /> <p><a href="rezervace.php?action=start">Chci rezervaci!</a></p>'; } else { return ' <h1>Rozložení restaurace</h1> <div class="telo"> <p>Ve čtverečcích je uvedeno číslo stolu pro telefonickou rezervaci.</p> <h3>Salónky</h3> ' . displayRooms() . ' <h3>Legenda</h3> <div class="tabulka"> <table> ' . displayLegend() . ' </table> </div> <a href="rezervace.php?action=start">Chci rezervaci!</a> </div>'; } }
public function actionHospihead() { global $urlRequestRoot, $sourceFolder, $templateFolder, $cmsFolder, $moduleFolder; $moduleComponentId = $this->moduleComponentId; $scriptsFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/scripts"; $imagesFolder = "{$urlRequestRoot}/{$cmsFolder}/{$templateFolder}/common/images"; require_once "{$sourceFolder}/{$moduleFolder}/prhospi/prhospi_common.php"; require_once "{$sourceFolder}/{$moduleFolder}/prhospi/accommodation.php"; require_once $sourceFolder . "/" . $moduleFolder . "/qaos1/excel.php"; require_once $sourceFolder . "/upload.lib.php"; if (isset($_GET['subaction']) && $_GET['subaction'] == 'getsuggestions' && isset($_GET['forwhat'])) { echo getSuggestionsForIdOrEmail(escape($_GET['forwhat'])); exit; } if (isset($_POST['txtFormUserId']) && $_POST['txtFormUserId'] != '') { $detailsGiven = explode("- ", escape($_POST['txtFormUserId'])); deleteAccomodatedUser($detailsGiven[1], $moduleComponentId); } displayinfo(print_r(assignVars($this->userId, $moduleComponentId), true)); if (isset($_POST['amountDetail'])) { $amt = mysql_real_escape_string($_POST['amountDetail']); $insertQuery = "UPDATE `prhospi_disclaimer` SET `team_cost`={$amt} WHERE `page_modulecomponentid`={$this->moduleComponentId} AND "; $insertQuery .= "`disclaimer_team`='hospihead'"; $updateRes = mysql_query($insertQuery) or displayerror(mysql_error()); if ($updateRes != '') { displayinfo("Amount Updated to Rs. {$amt}"); } } if (isset($_POST['amountDetail1'])) { $amt = mysql_real_escape_string($_POST['amountDetail1']); $insertQuery = "UPDATE `prhospi_disclaimer` SET `team_cost`={$amt} WHERE `page_modulecomponentid`={$this->moduleComponentId} AND "; $insertQuery .= "`disclaimer_team`='hospihead1'"; $updateRes = mysql_query($insertQuery) or displayerror(mysql_error()); if ($updateRes != '') { displayinfo("Amount Updated to Rs. {$amt}"); } } if (isset($_POST['CKEditor1'])) { $editorData = escape($_POST['CKEditor1']); $insertQuery = "UPDATE `prhospi_disclaimer` SET `disclaimer_desc`='{$editorData}' WHERE `page_modulecomponentid`={$this->moduleComponentId} "; $insertQuery .= "AND `disclaimer_team`='hospihead'"; $updateRes = mysql_query($insertQuery) or displayerror(mysql_error()); if ($updateRes != '') { displayinfo("Details Successfully updated !!!"); } } if (isset($_POST['downloadSampleFormat'])) { downloadSampleFormatForRoomUpload(); } if (isset($_FILES['fileUploadField']['name'])) { $excelData = readExcelSheet($_FILES['fileUploadField']['tmp_name'][0]); $success = 1; for ($i = 2; $i <= count($excelData); $i++) { for ($j = $excelData[$i][2]; $j <= $excelData[$i][3]; $j++) { if ($excelData[$i][1] == NULL) { continue; } $checkIfExistQuery = "SELECT * FROM `prhospi_hostel` \n WHERE `hospi_hostel_name`='{$excelData[$i][1]}' AND \n `hospi_room_no`={$j} AND `page_modulecomponentid`={$moduleComponentId}"; $checkIfExistRes = mysql_query($checkIfExistQuery) or displayerror(mysql_error()); if (mysql_num_rows($checkIfExistRes)) { $updateFieldQuery = "UPDATE `prhospi_hostel` \n SET `hospi_room_capacity`={$excelData[$i][4]} , `hospi_floor` = {$excelData[$i][5]}\n WHERE `page_modulecomponentid`={$moduleComponentId} AND \n `hospi_hostel_name`='{$excelData[$i][1]}' AND `hospi_room_no`={$j}"; $updateResult = mysql_query($updateFieldQuery) or displayerror(mysql_error()); continue; } $insertIntoHospiQuery = "INSERT INTO `prhospi_hostel` (page_modulecomponentid,hospi_hostel_name,hospi_room_capacity,\n hospi_room_no,hospi_floor) VALUES ({$moduleComponentId},'{$excelData[$i][1]}',{$excelData[$i][4]},{$j},{$excelData[$i][5]})"; $res = mysql_query($insertIntoHospiQuery) or displayerror(mysql_error()); if ($res == "") { $success = 0; } } } if (!$success) { displayerror("Datas are not inserted"); } } $hospiview = ""; $hospiview .= <<<VIEW \t<table> <a onClick="history.go(-1)">BACK</a><br/> <tr> <td><a href="./+hospihead&subaction=addRoom"> <div>Add Rooms</div></a></td> <td><a href="./+hospihead&subaction=viewStatus"><div>View All Rooms</div></a></td> <td><a href="./+hospihead&subaction=ckEditor"><div>Update Disclaimer</div></a></td> <td><a href="./+hospihead&subaction=deleteUsers"><div>Delete User in Accomodation</div></a></td> <td><a href="./+hospihead&subaction=blockRooms"><div>Block Rooms</div></a></td> </tr> </table> VIEW; if (isset($_GET['subaction'])) { if ($_GET['subaction'] == 'blockRooms') { $hospiview .= blockRoom($this->moduleComponentId); } if ($_GET['subaction'] == 'ckEditor') { $hospiview .= $this->getCkBody("", "hospihead"); } else { if ($_GET['subaction'] == 'addRoom') { $fileUploadableForm = getFileUploadForm($this->moduleComponentId, "prhospi", './+hospihead', UPLOAD_SIZE_LIMIT, 1); $hospiview .= <<<ADDROOMFORM <br/><br/> <form action="./+hospihead" method="post"> <input type="submit" name="downloadSampleFormat" value="Download Sample Form"><br/> </form> {$fileUploadableForm} ADDROOMFORM; } else { if ($_GET['subaction'] == 'viewStatus') { $hospiview .= displayRooms($moduleComponentId); } else { if ($_GET['subaction'] == 'deleteUsers') { $deleteUserForm = displayUsersRegisteredToAccoWithDelete($moduleComponentId); $hospiview .= <<<HOSPI \t {$deleteUserForm} <form method="POST" action="./+hospihead"> \t Enter UserId or Email:<input type="text" name="txtFormUserId" id="txtFormUserId" autocomplete="off" style="width: 256px" /> \t <div id="suggestionsBox" style="background-color: white; width: 260px; border: 1px solid black; position: absolute; overflow-y: scroll; max-height: 180px; display: none"></div> \t <input type="submit" Value="Find User"/> \t <script type="text/javascript" language="javascript" src="{$scriptsFolder}/ajaxsuggestionbox.js"> \t </script> \t <script language="javascript"> \t var userBox = new SuggestionBox(document.getElementById('txtFormUserId'), document.getElementById('suggestionsBox'), "./+hospihead&subaction=getsuggestions&forwhat=%pattern%"); \tuserBox.loadingImageUrl = '{$imagesFolder}/ajaxloading.gif'; \t</script> \t</form> HOSPI; } } } } } return $hospiview; }