} } // Attempt to Add the Event to the Database $add_event_id = add_event($bookingForUsername, $scheduled_date_time_data, $_REQUEST['subject'], $_REQUEST['location'], $starting_date . ' ' . $_REQUEST['start_time'], $ending_date . ' ' . $_REQUEST['end_time'], $_REQUEST['recur_interval'], $_REQUEST['recur_freq'], $recur_date, $_REQUEST['desc'], $_POST['bookingOptions']); if (!empty($add_event_id)) { $page_info_message = "Event added successfully!"; //if the user uses booking credits update their remaining credits if ($deductCredits && $bookeeUsesCredits) { update_booking_credits($bookingForUsername, $scheduled_slots, 'dec'); //Set the right message depending on if we are making the booking for ourselves or not if ($bookingForUsername == $_SESSION['valid_user']) { //booking for self $page_info_message .= '<br><br>' . $scheduled_slots . ' credits have been deducted for this booking. You have ' . remaining_booking_credits($bookingForUsername) . ' credits remaining.'; } else { //booking for someone else $page_info_message .= '<br><br>NOTE: User ' . $bookingForUsername . ' has had ' . $scheduled_slots . ' credits deducted. ' . remaining_booking_credits($bookingForUsername) . ' credits remaining.'; } } //see if booking cinfirmation e-mails are to get sent out if ($_SESSION['BOOKING_CONF_EMAILS_SEND']) { //create an array of the things we are looking to replace in the body and subject of the e-mail $mailTags = array('%firstname%', '%lastname%', '%sitename%', '%bookingtimes%', '%bookingtimesvertical%', '%period%', '%location%', '%slots%', '%briefdesc%', '%fulldesc%', '%options%'); //figure out the variables that might be reuired in the message $mailVars['firstname'] = $user_info['firstname']; $mailVars['lastname'] = $user_info['lastname']; $mailVars['sitename'] = SITE_NAME; $mailVars['bookingtimes'] = ''; $mailVars['bookingtimesvertical'] = ''; $horizSeparator = ''; $vertSeparator = ''; foreach ($scheduled_date_time_data as $display_date_and_time) {
$display_login_form = false; $page_info_message = "Login Successful!"; // we know we have a valid user, now check if they are entitled to admin privileges if (is_admin($_REQUEST['username'])) { wrap_session_register("admin_user"); } elseif ($_SESSION['BUDDY_LIST_EMAILS_SEND']) { // check if this user has any pending buddies - we only want to do this for non-admins and if buddy lists are switched on $_SESSION['number_pending_buddies'] = pending_buddies($_REQUEST['username']); } // set some session info about their privileges // can block book? if (can_block_book($_REQUEST['username'])) { wrap_session_register("block_book"); } //booking credits remaining $_SESSION['booking_credits'] = remaining_booking_credits($_REQUEST['username']); // Member check // check if the user is a member or not - but only if they are not an admin as this flag is not used for admins if (!wrap_session_is_registered("admin_user")) { $_SESSION['is_member'] = is_member($_REQUEST['username']); } //can they view other users bookings? if (is_admin($_REQUEST['username'])) { //admins can always see everyone elses bookings $_SESSION['SHOW_USER_DETAILS'] = true; } else { //how about regular users? This will depend on the site wide value set by an admin $result = wrap_db_query("SELECT function_value FROM " . SETTINGS_TABLE . " WHERE name = 'user_details_viewing' LIMIT 0,1 ;"); if ($result) { if ($fields = wrap_db_fetch_array($result)) { //change 1's and 0's to true and false
function update_booking_credits($username, $numCredits, $updateType = 'set') { //updateType can be 'set', 'inc' or 'dec' // // 'set' changes the users current number of credits to the $numCredits value // (can be any int or 'Not_used' to remove the use of booking credits) // 'inc' increments the number of credits the user has by $numCredits // 'dec' decreases the number of credits the user has by $numCredits. //make sure we have a user id to prevent deleting other peoples events! if ($username == '' || $username == '%') { return false; } //get the current number of credits for that user $creditsRemaining = remaining_booking_credits($username); if ($updateType == 'set') { $creditsRemaining = $numCredits; } else { if ($updateType == 'inc') { //make sure the current value is not 'Not used' if ($creditsRemaining == 'Not used') { //overwrite the not used value (treat it as a 0) $creditsRemaining = $numCredits; } else { $creditsRemaining += $numCredits; } } else { if ($updateType == 'dec') { //make sure the current value is not 'Not used' if ($creditsRemaining == 'Not used') { //overwrite the not used value (treat it as a 0) $creditsRemaining = 0; } else { $creditsRemaining -= $numCredits; //disallow negative credit if ($creditsRemaining < 0) { $creditsRemaining = 0; } } } } } //are we updating our own or someone elses credits? If our own, update the session value if ($username == $_SESSION['valid_user']) { //update the value stored in the session $_SESSION['booking_credits'] = "{$creditsRemaining}"; //use of quotes forces zero's to be set correctly rather than being auto-cast to a boolean false. We can't use (int) to cast as this value may be a string 'Not used'. } //write the update back to the database $result = wrap_db_query("UPDATE " . BOOKING_USER_TABLE . " SET booking_credits = '{$creditsRemaining}' WHERE username = '******' LIMIT 1"); if (!$result) { //notify the sites administrator that this value could not be updated $emailMsg = "The bookwake system was unable to {$updateType} the current sumber of booking credits for user {$username}.\n\nThis user should now have {$creditsRemaining} credits remaining, please update this value manually using your bookwake control panel.\n"; send_mail("", "", MAIL_MYNAME, MAIL_MYEMAIL, "Booking credit change failed for {$username}", $emailMsg); return false; } else { return true; } }