function eme_update_person_with_postinfo($person_id,$basic_info_too=0) { global $wpdb; $people_table = $wpdb->prefix.PEOPLE_TBNAME; $where = array(); $where['person_id'] = intval($person_id); $fields = array(); if (isset($_POST['address1'])) $fields['address1'] = eme_strip_tags($_POST['address1']); if (isset($_POST['address2'])) $fields['address2'] = eme_strip_tags($_POST['address2']); if (isset($_POST['city'])) $fields['city'] = eme_strip_tags($_POST['city']); if (isset($_POST['state'])) $fields['state'] = eme_strip_tags($_POST['state']); if (isset($_POST['zip'])) $fields['zip'] = eme_strip_tags($_POST['zip']); if (isset($_POST['country'])) $fields['country'] = eme_strip_tags($_POST['country']); if (isset($_POST['phone'])) $fields['phone'] = eme_strip_tags($_POST['phone']); if ($basic_info_too) { $fields['lastname'] = eme_strip_tags($_POST['lastname']); $fields['email'] = eme_strip_tags($_POST['email']); if (isset($_POST['firstname'])) $fields['firstname'] = eme_strip_tags($_POST['firstname']); } // take into account that $fields can be empty too (if $basic_info_too=0 and the other fields are not set) if (!empty($fields) && $wpdb->update($people_table, $fields, $where) === false) return false; else return eme_get_person($person_id); }
function eme_get_query_arg($arg) { if (isset($_GET[$arg])) return eme_strip_tags($_GET[$arg]); else return false; }
function eme_locations_page() { $current_userid = get_current_user_id(); if (isset($_GET['eme_admin_action']) && $_GET['eme_admin_action'] == "edit_location") { $location_id = intval($_GET['location_id']); $location = eme_get_location($location_id); if (current_user_can(get_option('eme_cap_edit_locations')) || current_user_can(get_option('eme_cap_author_locations')) && $location['location_author'] == $current_userid) { // edit location eme_locations_edit_layout($location); } else { $message = __('You have no right to edit this location!', 'eme'); eme_locations_table_layout($message); } } elseif (isset($_GET['eme_admin_action']) && $_GET['eme_admin_action'] == "copy_location") { $location_id = intval($_GET['location_id']); $location = eme_get_location($location_id); // make it look like a new location unset($location['location_id']); $location['location_name'] .= __(" (Copy)", "eme"); if (current_user_can(get_option('eme_cap_add_locations'))) { eme_locations_edit_layout($location); } else { $message = __('You have no right to copy this location!', 'eme'); eme_locations_table_layout($message); } } elseif (isset($_POST['eme_admin_action']) && $_POST['eme_admin_action'] == "add_location") { if (current_user_can(get_option('eme_cap_add_locations'))) { $location = eme_new_location(); eme_locations_edit_layout($location); } else { $message = __('You have no right to add a location!', 'eme'); eme_locations_table_layout($message); } } elseif (isset($_POST['eme_admin_action']) && $_POST['eme_admin_action'] == "delete_location" && isset($_POST['locations'])) { $locations = $_POST['locations']; foreach ($locations as $location_id) { $location = eme_get_location(intval($location_id)); if (current_user_can(get_option('eme_cap_edit_locations')) || current_user_can(get_option('eme_cap_author_locations')) && $location['location_author'] == $current_userid) { eme_delete_location(intval($location_id)); } } $message = __('Successfully deleted the selected locations.', 'eme'); eme_locations_table_layout($message); } elseif (isset($_POST['eme_admin_action']) && ($_POST['eme_admin_action'] == "do_editlocation" || $_POST['eme_admin_action'] == "do_addlocation")) { $action = $_POST['eme_admin_action']; if ($action == "do_editlocation") { $orig_location = eme_get_location(intval($_POST['location_id'])); } if ($action == "do_addlocation" && !current_user_can(get_option('eme_cap_add_locations'))) { $message = __('You have no right to add a location!', 'eme'); eme_locations_table_layout($message); } elseif ($action == "do_editlocation" && !(current_user_can(get_option('eme_cap_edit_locations')) || current_user_can(get_option('eme_cap_author_locations')) && $orig_location['location_author'] == $current_userid)) { $message = __('You have no right to edit this location!', 'eme'); eme_locations_table_layout($message); } else { $location = eme_new_location(); $location['location_name'] = trim(stripslashes($_POST['location_name'])); $location['location_address'] = stripslashes($_POST['location_address']); $location['location_town'] = stripslashes($_POST['location_town']); $location['location_description'] = stripslashes($_POST['content']); $location['location_url'] = isset($_POST['location_url']) ? eme_strip_tags($_POST['location_url']) : ''; $location['location_image_url'] = isset($_POST['location_image_url']) ? eme_strip_tags($_POST['location_image_url']) : ''; $location['location_image_id'] = isset($_POST['location_image_id']) ? intval($_POST['location_image_id']) : 0; $location['location_slug'] = isset($_POST['location_slug']) ? eme_permalink_convert(eme_strip_tags($_POST['location_slug'])) : eme_permalink_convert($location['location_name']); // we don't change the author //$location['location_author'] = $current_userid; if (isset($_POST['location_category_ids'])) { // the category id's need to begin and end with a comma // this is needed so we can later search for a specific // cat using LIKE '%,$cat,%' $location['location_category_ids'] = ""; foreach ($_POST['location_category_ids'] as $cat) { if (is_numeric($cat)) { if (empty($location['location_category_ids'])) { $location['location_category_ids'] = "{$cat}"; } else { $location['location_category_ids'] .= ",{$cat}"; } } } } else { $location['location_category_ids'] = ""; } $location['location_latitude'] = $_POST['location_latitude']; $location['location_longitude'] = $_POST['location_longitude']; if (empty($location['location_latitude'])) { $location['location_latitude'] = 0; $location['location_longitude'] = 0; } $location_attributes = array(); for ($i = 1; isset($_POST["mtm_{$i}_ref"]) && trim($_POST["mtm_{$i}_ref"]) != ''; $i++) { if (trim($_POST["mtm_{$i}_name"]) != '') { $location_attributes[$_POST["mtm_{$i}_ref"]] = stripslashes($_POST["mtm_{$i}_name"]); } } $location['location_attributes'] = serialize($location_attributes); $location_properties = array(); $location_properties = eme_init_location_props($location_properties); foreach ($_POST as $key => $value) { if (preg_match('/eme_loc_prop_(.+)/', $key, $matches)) { $location_properties[$matches[1]] = stripslashes($value); } } $location['location_properties'] = serialize($location_properties); $validation_result = eme_validate_location($location); if ($validation_result == "OK") { if ($action == "do_addlocation") { $new_location = eme_insert_location($location); if ($new_location) { $message = __('The location has been added.', 'eme'); } else { $message = __('There has been a problem adding the location.', 'eme'); } } elseif ($action == "do_editlocation") { $location['location_id'] = intval($_POST['location_id']); if (eme_update_location($location)) { $message = __('The location has been updated.', 'eme'); } else { $message = __('The location update failed.', 'eme'); } } eme_locations_table_layout($message); } else { $message = $validation_result; eme_locations_edit_layout($location, $message); } } } else { // no action, just a locations list eme_locations_table_layout(); } }
function eme_registration_seats_page($pending = 0) { global $wpdb, $plugin_page; // do the actions if required if (isset($_GET['eme_admin_action']) && $_GET['eme_admin_action'] == "editRegistration" && isset($_GET['booking_id'])) { $booking_id = intval($_GET['booking_id']); $booking = eme_get_booking($booking_id); $event_id = $booking['event_id']; $event = eme_get_event($event_id); // we need to set the action url, otherwise the GET parameters stay and we will fall in this if-statement all over again $action_url = admin_url("admin.php?page={$plugin_page}"); $ret_string = "<form id='eme-rsvp-form' name='booking-form' method='post' action='{$action_url}'>"; $ret_string .= __('Send mails for changed registration?', 'eme') . eme_ui_select_binary(1, "send_mail"); $ret_string .= eme_replace_formfields_placeholders($event, $booking); $ret_string .= "\n <input type='hidden' name='eme_admin_action' value='updateRegistration' />\n <input type='hidden' name='booking_id' value='{$booking_id}' />\n </form>"; print $ret_string; return; } else { $action = isset($_POST['eme_admin_action']) ? $_POST['eme_admin_action'] : ''; $send_mail = isset($_POST['send_mail']) ? intval($_POST['send_mail']) : 1; if ($action == 'newRegistration') { $event_id = intval($_POST['event_id']); $event = eme_get_event($event_id); $ret_string = "<form id='eme-rsvp-form' name='booking-form' method='post' action=''>"; $ret_string .= __('Send mails for new registration?', 'eme') . eme_ui_select_binary(1, "send_mail"); $ret_string .= eme_replace_formfields_placeholders($event); $ret_string .= "\n <input type='hidden' name='eme_admin_action' value='addRegistration' />\n <input type='hidden' name='event_id' value='{$event_id}' />\n </form>"; print $ret_string; return; } elseif ($action == 'addRegistration') { $event_id = intval($_POST['event_id']); $booking_payed = isset($_POST['booking_payed']) ? intval($_POST['booking_payed']) : 0; $event = eme_get_event($event_id); $booking_res = eme_book_seats($event, $send_mail); $result = $booking_res[0]; $booking_id_done = $booking_res[1]; if (!$booking_id_done) { print "<div id='message' class='error'><p>{$result}</p></div>"; } else { print "<div id='message' class='updated'><p>{$result}</p></div>"; eme_update_booking_payed($booking_id_done, $booking_payed); } } elseif ($action == 'updateRegistration') { $booking_id = intval($_POST['booking_id']); $booking = eme_get_booking($booking_id); $deprecated = get_option('eme_deprecated'); //$event_id = $booking['event_id']; //$event = eme_get_event($event_id); if (isset($_POST['comment'])) { $bookerComment = eme_strip_tags($_POST['comment']); } else { $bookerComment = ""; } if (isset($_POST['bookedSeats'])) { $bookedSeats = intval($_POST['bookedSeats']); } else { $bookedSeats = 0; } // for multiple prices, we have multiple booked Seats as well // the next foreach is only valid when called from the frontend $bookedSeats_mp = array(); //if (eme_is_multi($event['price'])) { if (eme_is_multi($booking['booking_price'])) { // make sure the array contains the correct keys already, since // later on in the function eme_record_booking we do a join //$booking_prices_mp=eme_convert_multi2array($event['price']); $booking_prices_mp = eme_convert_multi2array($booking['booking_price']); foreach ($booking_prices_mp as $key => $value) { $bookedSeats_mp[$key] = 0; } foreach ($_POST as $key => $value) { if (preg_match('/bookedSeats(\\d+)/', $key, $matches)) { $field_id = intval($matches[1]) - 1; $bookedSeats += $value; $bookedSeats_mp[$field_id] = $value; } } eme_update_booking($booking_id, $booking['event_id'], eme_convert_array2multi($bookedSeats_mp), $booking['booking_price'], $bookerComment); } else { eme_update_booking($booking_id, $booking['event_id'], $bookedSeats, $booking['booking_price'], $bookerComment); } eme_update_person_with_postinfo($booking['person_id']); if ($send_mail) { eme_email_rsvp_booking($booking, $action); } print "<div id='message' class='updated'><p>" . __("Booking updated", "eme") . "</p></div>"; } elseif ($action == 'approveRegistration' || $action == 'denyRegistration' || $action == 'updatePayedStatus') { $bookings = isset($_POST['bookings']) ? $_POST['bookings'] : array(); $selected_bookings = isset($_POST['selected_bookings']) ? $_POST['selected_bookings'] : array(); $bookings_seats = isset($_POST['bookings_seats']) ? $_POST['bookings_seats'] : array(); $bookings_payed = isset($_POST['bookings_payed']) ? $_POST['bookings_payed'] : array(); foreach ($bookings as $key => $booking_id) { if (!in_array($booking_id, $selected_bookings)) { continue; } // make sure the seats are integers $booking = eme_get_booking($booking_id); if ($action == 'updatePayedStatus') { if ($booking['booking_payed'] != intval($bookings_payed[$key])) { eme_update_booking_payed($booking_id, intval($bookings_payed[$key])); } } elseif ($action == 'approveRegistration') { eme_approve_booking($booking_id); if ($booking['booking_payed'] != intval($bookings_payed[$key])) { eme_update_booking_payed($booking_id, intval($bookings_payed[$key])); } if ($send_mail) { eme_email_rsvp_booking($booking, $action); } } elseif ($action == 'denyRegistration') { eme_delete_booking($booking_id); if ($send_mail) { eme_email_rsvp_booking($booking, $action); } } } } } // now show the menu eme_registration_seats_form_table($pending); }
function eme_html_title($data) { //$events_page_id = get_option('eme_events_page' ); if (eme_is_events_page()) { if (get_query_var('calendar_day')) { $date = eme_sanitize_request(get_query_var('calendar_day')); $events_N = eme_events_count_for($date); if ($events_N == 1) { $events = eme_get_events(0, eme_sanitize_request(get_query_var('calendar_day'))); $event = $events[0]; $stored_html_title_format = get_option('eme_event_html_title_format'); $html_title = eme_strip_tags(eme_replace_placeholders($stored_html_title_format, $event)); return $html_title; } } if (eme_is_single_event_page()) { // single event page $event_ID = intval(get_query_var('event_id')); $event = eme_get_event($event_ID); $stored_html_title_format = get_option('eme_event_html_title_format'); $html_title = eme_strip_tags(eme_replace_placeholders($stored_html_title_format, $event)); return $html_title; } elseif (eme_is_single_location_page()) { $location = eme_get_location(intval(get_query_var('location_id'))); $stored_html_title_format = get_option('eme_location_html_title_format'); $html_title = eme_strip_tags(eme_replace_locations_placeholders($stored_html_title_format, $location)); return $html_title; } else { // Multiple events page $html_title = get_option('eme_events_page_title'); return $html_title; } } else { return $data; } }
function eme_registration_seats_page($pending=0) { global $wpdb,$plugin_page,$eme_timezone; // do the actions if required if (isset($_GET['eme_admin_action']) && $_GET['eme_admin_action'] == "editRegistration" && isset($_GET['booking_id'])) { $booking_id = intval($_GET['booking_id']); $booking = eme_get_booking($booking_id); $event_id = $booking['event_id']; $event = eme_get_event($event_id); // we need to set the action url, otherwise the GET parameters stay and we will fall in this if-statement all over again $action_url = admin_url("admin.php?page=$plugin_page"); $ret_string = "<form id='eme-rsvp-form' name='booking-form' method='post' action='$action_url'>"; $ret_string.= __('Send mails for changed registration?','eme') . eme_ui_select_binary(1,"send_mail"); $all_events = eme_get_events("extra_conditions=".urlencode("event_rsvp=1 AND event_id!=$event_id")); if (count($all_events)>0) { $ret_string.= "<br />".__('Move booking to event','eme'); $ret_string.= " <select name='event_id'>"; $ret_string.= "<option value='0' ></option>"; foreach ( $all_events as $this_event ) { if ($this_event ['event_rsvp']) { $option_text=$this_event['event_name']." (".eme_localised_date($this_event['event_start_date']." ".$this_event['event_start_time']." ".$eme_timezone).")"; $ret_string.= "<option value='".$this_event['event_id']."' >".$option_text."</option>"; } } $ret_string .= "</select>"; } $ret_string.= eme_replace_formfields_placeholders ($event,$booking); $ret_string .= " <input type='hidden' name='eme_admin_action' value='updateRegistration' /> <input type='hidden' name='booking_id' value='$booking_id' /> </form>"; print $ret_string; return; } else { $action = isset($_POST ['eme_admin_action']) ? $_POST ['eme_admin_action'] : ''; $send_mail = isset($_POST ['send_mail']) ? intval($_POST ['send_mail']) : 1; if ($action == 'newRegistration') { $event_id = intval($_POST['event_id']); $event = eme_get_event($event_id); $ret_string = "<form id='eme-rsvp-form' name='booking-form' method='post' action=''>"; $ret_string.= __('Send mails for new registration?','eme') . eme_ui_select_binary(1,"send_mail"); $ret_string.= eme_replace_formfields_placeholders ($event); $ret_string .= " <input type='hidden' name='eme_admin_action' value='addRegistration' /> <input type='hidden' name='event_id' value='$event_id' /> </form>"; print $ret_string; return; } elseif ($action == 'addRegistration') { $event_id = intval($_POST['event_id']); $booking_payed = isset($_POST ['booking_payed']) ? intval($_POST ['booking_payed']) : 0; $event = eme_get_event($event_id); $booking_res = eme_book_seats($event, $send_mail); $result=$booking_res[0]; $booking_id_done=$booking_res[1]; if (!$booking_id_done) { print "<div id='message' class='error'><p>$result</p></div>"; } else { print "<div id='message' class='updated'><p>$result</p></div>"; eme_update_booking_payed($booking_id_done,$booking_payed); } } elseif ($action == 'updateRegistration') { $booking_id = intval($_POST['booking_id']); $event_id = isset($_POST ['event_id']) ? intval($_POST ['event_id']) : 0; if ($event_id) eme_move_booking_event($booking_id,$event_id); $booking = eme_get_booking ($booking_id); if (isset($_POST['comment'])) $bookerComment = eme_strip_tags($_POST['comment']); else $bookerComment = ""; if (isset($_POST['bookedSeats'])) $bookedSeats = intval($_POST['bookedSeats']); else $bookedSeats = 0; // for multiple prices, we have multiple booked Seats as well // the next foreach is only valid when called from the frontend $bookedSeats_mp = array(); //if (eme_is_multi($event['price'])) { if (eme_is_multi($booking['booking_price'])) { // make sure the array contains the correct keys already, since // later on in the function eme_record_booking we do a join //$booking_prices_mp=eme_convert_multi2array($event['price']); $booking_prices_mp=eme_convert_multi2array($booking['booking_price']); foreach ($booking_prices_mp as $key=>$value) { $bookedSeats_mp[$key] = 0; } foreach($_POST as $key=>$value) { if (preg_match('/bookedSeats(\d+)/', $key, $matches)) { $field_id = intval($matches[1])-1; $bookedSeats += $value; $bookedSeats_mp[$field_id]=$value; } } eme_update_booking($booking_id,$booking['event_id'],eme_convert_array2multi($bookedSeats_mp),$booking['booking_price'],$bookerComment); } else { eme_update_booking($booking_id,$booking['event_id'],$bookedSeats,$booking['booking_price'],$bookerComment); } eme_update_person_with_postinfo($booking['person_id']); // now get the changed booking and send mail if wanted $booking = eme_get_booking ($booking_id); if ($send_mail) eme_email_rsvp_booking($booking,$action); print "<div id='message' class='updated'><p>".__("Booking updated","eme")."</p></div>"; } elseif ($action == 'approveRegistration' || $action == 'denyRegistration' || $action == 'updatePayedStatus') { $bookings = isset($_POST ['bookings']) ? $_POST ['bookings'] : array(); $selected_bookings = isset($_POST ['selected_bookings']) ? $_POST ['selected_bookings'] : array(); $bookings_seats = isset($_POST ['bookings_seats']) ? $_POST ['bookings_seats'] : array(); $bookings_payed = isset($_POST ['bookings_payed']) ? $_POST ['bookings_payed'] : array(); foreach ( $bookings as $key=>$booking_id ) { if (!in_array($booking_id,$selected_bookings)) { continue; } // make sure the seats are integers $booking = eme_get_booking ($booking_id); if ($action == 'updatePayedStatus') { if ($booking['booking_payed']!= intval($bookings_payed[$key])) eme_update_booking_payed($booking_id,intval($bookings_payed[$key])); } elseif ($action == 'approveRegistration') { eme_approve_booking($booking_id); if ($booking['booking_payed']!= intval($bookings_payed[$key])) { eme_update_booking_payed($booking_id,intval($bookings_payed[$key])); // we changed something in the booking, so get the updated booking // before sending out the mail $booking = eme_get_booking ($booking_id); } if ($send_mail) eme_email_rsvp_booking($booking,$action); } elseif ($action == 'denyRegistration') { // the mail needs to be sent after the deletion, otherwise the count of free spaces is wrong eme_delete_booking($booking_id); if ($send_mail) eme_email_rsvp_booking($booking,$action); // delete the booking answers after the mail is sent, so the answers can still be used in the mail eme_delete_answers($booking_id); } } } } // now show the menu eme_registration_seats_form_table($pending); }