// get & validate the values $object_name = strip_tags($_POST['object-edit-name']); $object_pos_x = intval($_POST['object-edit-x']); $object_pox_y = intval($_POST['object-edit-y']); $object_id = intval($_POST['object_id']); if ($timegrid->editObject($object_id, $object_name, $object_pos_x, $object_pos_y, $object_category)) { echo json_encode(true); exit; } } echo json_encode(false); exit; } // edit reservation if (isset($_POST['action']) && $_POST['action'] == 'reservation_edit') { if (isset($_POST['reservation-edit-from_date']) && !empty($_POST['reservation-edit-from_date']) && $timegrid->validateDate($_POST['reservation-edit-from_date']) == true && isset($_POST['reservation_id']) && !empty($_POST['reservation_id']) && is_numeric($_POST['reservation_id'])) { $from_date = strip_tags($_POST['reservation-edit-from_date']); $reservation_id = intval($_POST['reservation_id']); if (isset($_POST['reservation-edit-to_date']) && !empty($_POST['reservation-edit-to_date']) && $timegrid->validateDate($_POST['reservation-edit-to_date']) == true) { $to_date = strip_tags($_POST['reservation-edit-to_date']); } else { $to_date = $from_date; } $result = $timegrid->editReservation($reservation_id, $from_date, $to_date); if ($result == true) { echo json_encode(true); exit; } } echo json_encode(false); exit;