function eme_add_multibooking_form($event_ids, $template_id_header = 0, $template_id_entry, $template_id_footer = 0, $eme_register_empty_seats = 0, $show_message = 1)
{
// we need template ids
$format_header = eme_get_template_format($template_id_header);
$format_entry = eme_get_template_format($template_id_entry);
$format_footer = eme_get_template_format($template_id_footer);
$events = eme_get_event($event_ids);
// rsvp not active or no rsvp for this event, then return
foreach ($events as $event) {
if (!eme_is_event_rsvp($event)) {
return;
}
$registration_wp_users_only = $event['registration_wp_users_only'];
if ($registration_wp_users_only) {
// we require a user to be WP registered to be able to book
if (!is_user_logged_in()) {
return;
}
}
}
#$destination = eme_event_url($event)."#eme-rsvp-message";
if (isset($_GET['lang'])) {
$language = eme_strip_tags($_GET['lang']);
$destination = "?lang=" . $language . "#eme-rsvp-message";
} else {
$destination = "#eme-rsvp-message";
}
// after the add or delete booking, we do a POST to the same page using javascript to show just the result
// this has 2 advantages: you can give arguments in the post, and refreshing the page won't repeat the booking action, just the post showing the result
// a javascript redir using window.replace + GET would work too, but that leaves an ugly GET url
if (isset($_POST['eme_eventAction']) && $_POST['eme_eventAction'] == 'add_bookings' && isset($_POST['eme_event_ids'])) {
$event_ids = $_POST['eme_event_ids'];
$events = eme_get_event($event_ids);
if (has_filter('eme_eval_multibooking_form_post_filter')) {
$eval_filter_return = apply_filters('eme_eval_multibooking_form_post_filter', $events);
} else {
$eval_filter_return = array(0 => 1, 1 => '');
}
if (is_array($eval_filter_return) && !$eval_filter_return[0]) {
// the result of own eval rules failed, so let's use that as a result
$booking_ids_done = 0;
$form_result_message = $eval_filter_return[1];
} else {
$send_mail = 1;
$booking_res = eme_multibook_seats($events, $send_mail, $format_entry);
$form_result_message = $booking_res[0];
$booking_ids_done = $booking_res[1];
}
$post_string = "{";
// let's decide for the first event wether or not payment is needed
if ($booking_ids_done && eme_event_can_pay_online($events[0])) {
$payment_id = eme_get_bookings_payment_id($booking_ids_done);
if (!empty($payment_id)) {
// you did a successfull registration, so now we decide wether to show the form again, or the payment form
// but to make sure people don't mess with the booking id in the url, we use wp_nonce
// by default the nonce is valid for 24 hours
$eme_payment_nonce = wp_create_nonce('eme_payment_id' . $payment_id);
// create the JS array that will be used to post
$post_arr = array("eme_eventAction" => 'pay_bookings', "eme_message" => $form_result_message, "eme_payment_id" => $payment_id, "eme_payment_nonce" => $eme_payment_nonce);
} else {
// no payment registered (price=0)
$post_arr = array("eme_eventAction" => 'message', "eme_message" => $form_result_message, "booking_done" => 1);
}
} elseif ($booking_ids_done) {
$post_arr = array("eme_eventAction" => 'message', "eme_message" => $form_result_message, "booking_done" => 1);
} else {
// booking failed: we add $_POST to the json, so we can pre-fill the form so the user can just correct the mistake
$post_arr = stripslashes_deep($_POST);
$post_arr['eme_eventAction'] = 'message';
$post_arr['eme_message'] = $form_result_message;
}
// this should not be reposted (useless list of event ids now)
unset($post_arr['eme_event_ids']);
// and some parts should be formatted differently in the name (php makes arrays, but we need it as names for javascript)
if (isset($post_arr['bookings'])) {
foreach ($post_arr['bookings'] as $key => $val) {
$post_arr['bookings[' . $key . '][bookedSeats]'] = $val['bookedSeats'];
}
unset($post_arr['bookings']);
}
$post_string = json_encode($post_arr);
?>
<script type="text/javascript">
function postwith (to,p) {
var myForm = document.createElement("form");
myForm.method="post" ;
myForm.action = to ;
for (var k in p) {
var myInput = document.createElement("input") ;
myInput.setAttribute("name", k) ;
myInput.setAttribute("value", p[k]);
myForm.appendChild(myInput) ;
}
document.body.appendChild(myForm) ;
myForm.submit() ;
document.body.removeChild(myForm) ;
}
<?php
echo "postwith('{$destination}',{$post_string});";
?>
</script>
<?php
return;
}
if (isset($_POST['eme_eventAction']) && $_POST['eme_eventAction'] == 'pay_bookings' && isset($_POST['eme_message']) && isset($_POST['eme_payment_id'])) {
$payment_id = $_POST['eme_payment_id'];
// due to the double POST javascript, the eme_message is escaped again, so we need stripslashes
// but the message may contain html, so no html sanitize
$form_result_message = eme_translate(stripslashes_deep($_POST['eme_message']));
// verify the nonce, to make sure people didn't mess with the booking id
if (!isset($_POST['eme_payment_nonce']) || !wp_verify_nonce($_POST['eme_payment_nonce'], 'eme_payment_id' . $payment_id)) {
return;
} else {
return eme_multipayment_form($payment_id, $form_result_message);
}
}
$message_is_result_of_booking = 0;
if (isset($_POST['eme_eventAction']) && $_POST['eme_eventAction'] == 'message' && isset($_POST['eme_message'])) {
// due to the double POST javascript, the eme_message is escaped again, so we need stripslashes
// but the message may contain html, so no html sanitize
$form_result_message = eme_translate(stripslashes_deep($_POST['eme_message']));
if (isset($_POST['booking_done'])) {
$message_is_result_of_booking = 1;
}
}
$ret_string = "<div id='eme-rsvp-message'>";
if ($show_message && !empty($form_result_message)) {
$ret_string .= "<div class='eme-rsvp-message'>{$form_result_message}</div>";
}
$form_html = "";
if (!$message_is_result_of_booking || $message_is_result_of_booking && get_option('eme_rsvp_show_form_after_booking')) {
$form_html = "<form id='eme-rsvp-form' name='booking-form' method='post' action='{$destination}'>";
// add a nonce for extra security
$form_html .= wp_nonce_field('add_booking', 'eme_rsvp_nonce', false, false);
// also add a honeypot field: if it gets completed with data,
// it's a bot, since a humand can't see this (using CSS to render it invisible)
$form_html .= "<span id='honeypot_check'>Keep this field blank: <input type='text' name='honeypot_check' value='' /></span>\n\t\t <input type='hidden' name='eme_eventAction' value='add_bookings' />\n\t\t <input type='hidden' name='eme_register_empty_seats' value='{$eme_register_empty_seats}' />\n\t\t ";
$form_html .= eme_replace_extra_multibooking_formfields_placeholders($format_header);
$cur_time = time();
foreach ($events as $event) {
$event_id = $event['event_id'];
$event_rsvp_startdatetime = strtotime($event['event_start_date'] . " " . $event['event_start_time']);
$event_rsvp_enddatetime = strtotime($event['event_end_date'] . " " . $event['event_end_time']);
if ($event['event_properties']['rsvp_end_target'] == 'start') {
$event_rsvp_datetime = $event_rsvp_startdatetime;
} else {
$event_rsvp_datetime = $event_rsvp_enddatetime;
}
if ($cur_time + $event['rsvp_number_days'] * 60 * 60 * 24 + $event['rsvp_number_hours'] * 60 * 60 > $event_rsvp_datetime || $cur_time >= $event_rsvp_enddatetime) {
//$form_html.="<div class='eme-rsvp-message'>".__('Bookings no longer allowed on this date.', 'eme')."</div></div>";
continue;
}
// you can book the available number of seats, with a max of x per time
$min_allowed = $event['event_properties']['min_allowed'];
// the next gives the number of available seats, even for multiprice
$avail_seats = eme_get_available_seats($event_id);
// no seats anymore? No booking form then ... but only if it is required that the min number of
// bookings should be >0 (it can be=0 for attendance bookings)
if (eme_is_multi($min_allowed)) {
$min = eme_get_multitotal($min_allowed);
} else {
$min = $min_allowed;
}
if ($avail_seats == 0 && $min > 0) {
// we show the message concerning 'no more seats' only if it is not after a successful booking
//if (!$message_is_result_of_booking)
// $form_html.="<div class='eme-rsvp-message'>".__('Bookings no longer possible: no seats available anymore', 'eme')."</div>";
} else {
$form_html .= "<input type='hidden' name='eme_event_ids[]' value='{$event_id}' />";
// regular formfield replacement here, but indicate that it is for multibooking
$form_html .= eme_replace_formfields_placeholders($event, "", $format_entry, 1);
}
}
$form_html .= eme_replace_extra_multibooking_formfields_placeholders($format_footer);
$form_html .= "</form>";
if (has_filter('eme_add_booking_form_filter')) {
$form_html = apply_filters('eme_add_booking_form_filter', $form_html);
}
}
return $ret_string . $form_html . "</div>";
}
function eme_events_page_content()
{
global $wpdb;
$format_header = get_option('eme_event_list_item_format_header');
if (empty($format_header)) {
$format_header = DEFAULT_EVENT_LIST_HEADER_FORMAT;
}
$format_footer = get_option('eme_event_list_item_format_footer');
if (empty($format_footer)) {
$format_footer = DEFAULT_EVENT_LIST_FOOTER_FORMAT;
}
if (isset($_REQUEST['eme_cancel_booking'])) {
// GET for cancel links, POST for the cancel form
$payment_randomid = eme_strip_tags($_REQUEST['eme_cancel_booking']);
return eme_cancel_confirm_form($payment_randomid);
} elseif (isset($_POST['eme_confirm_cancel_booking']) && isset($_POST['eme_pmt_rndid'])) {
$payment_randomid = eme_strip_tags($_POST['eme_pmt_rndid']);
$payment = eme_get_payment(0, $payment_randomid);
$booking_ids = eme_get_payment_booking_ids($payment['id']);
if (isset($_POST['eme_rsvp_nonce']) && wp_verify_nonce($_POST['eme_rsvp_nonce'], "cancel booking {$payment_randomid}")) {
foreach ($booking_ids as $booking_id) {
$booking = eme_get_booking($booking_id);
// delete the booking before the mail is sent, so free spaces are correct
eme_delete_booking($booking_id);
eme_email_rsvp_booking($booking, "cancelRegistration");
// delete the booking answers after the mail is sent, so the answers can still be used in the mail
eme_delete_answers($booking_id);
}
eme_delete_payment($payment['id']);
}
return "<div class='eme-rsvp-message'>" . __("The bookings have been cancelled", 'eme') . "</div>";
} elseif (get_query_var('eme_pmt_result') && get_option('eme_payment_show_custom_return_page')) {
// show the result of a payment, but not for a multi-booking payment result
$result = get_query_var('eme_pmt_result');
if ($result == 'succes') {
$format = get_option('eme_payment_succes_format');
} else {
$format = get_option('eme_payment_fail_format');
}
if (get_option('eme_payment_add_bookingid_to_return') && get_query_var('eme_pmt_id') && get_query_var('event_id')) {
$event = eme_get_event(intval(get_query_var('event_id')));
$payment_id = intval(get_query_var('eme_pmt_id'));
$booking_ids = eme_get_payment_booking_ids($payment_id);
if ($booking_ids) {
// since each booking is for a different event, we can't know which one to show
// so we show only the first one
$booking = eme_get_booking($booking_ids[0]);
return eme_replace_booking_placeholders($format, $event, $booking);
} else {
return;
}
} elseif (get_query_var('event_id')) {
$event = eme_get_event(intval(get_query_var('event_id')));
return eme_replace_placeholders($format, $event);
} else {
return $format;
}
} elseif (get_query_var('eme_pmt_id')) {
$payment_id = intval(get_query_var('eme_pmt_id'));
$booking_ids = eme_get_payment_booking_ids($payment_id);
if (count($booking_ids) == 1) {
$page_body = eme_payment_form("", $payment_id);
} else {
$page_body = eme_multipayment_form($payment_id);
}
return $page_body;
}
if (get_query_var('eme_town')) {
$eme_town = eme_sanitize_request(get_query_var('eme_town'));
$location_ids = join(',', eme_get_town_location_ids($eme_town));
$stored_format = get_option('eme_event_list_item_format');
if (count($location_ids) > 0) {
$format_header = get_option('eme_location_list_item_format_header');
if (empty($format_header)) {
$format_header = DEFAULT_EVENT_LIST_HEADER_FORMAT;
}
$format_footer = get_option('eme_location_list_item_format_footer');
if (empty($format_footer)) {
$format_footer = DEFAULT_EVENT_LIST_FOOTER_FORMAT;
}
$page_body = eme_get_events_list(get_option('eme_event_list_number_items'), "future", "ASC", $stored_format, $format_header, $format_footer, 0, '', '', 0, '', '', 0, $location_ids);
} else {
$page_body = "<div id='events-no-events'>" . get_option('eme_no_events_message') . "</div>";
}
return $page_body;
}
if (get_query_var('location_id')) {
$location = eme_get_location(intval(get_query_var('location_id')));
$single_location_format = get_option('eme_single_location_format');
$page_body = eme_replace_locations_placeholders($single_location_format, $location);
return $page_body;
}
if (!get_query_var('calendar_day') && get_query_var('eme_event_cat')) {
$format_header = get_option('eme_cat_event_list_item_format_header');
if (empty($format_header)) {
$format_header = DEFAULT_CAT_EVENT_LIST_HEADER_FORMAT;
}
$format_footer = get_option('eme_cat_event_list_item_format_footer');
if (empty($format_footer)) {
$format_footer = DEFAULT_CAT_EVENT_LIST_FOOTER_FORMAT;
}
$eme_event_cat = eme_sanitize_request(get_query_var('eme_event_cat'));
$cat_ids = join(',', eme_get_category_ids($eme_event_cat));
$stored_format = get_option('eme_event_list_item_format');
if (!empty($cat_ids)) {
$page_body = eme_get_events_list(get_option('eme_event_list_number_items'), "future", "ASC", $stored_format, $format_header, $format_footer, 0, $cat_ids);
} else {
$page_body = "<div id='events-no-events'>" . get_option('eme_no_events_message') . "</div>";
}
return $page_body;
}
//if (isset ( $_REQUEST['event_id'] ) && $_REQUEST['event_id'] != '') {
if (eme_is_single_event_page()) {
// single event page
$event_id = intval(get_query_var('event_id'));
return eme_display_single_event($event_id);
} elseif (get_query_var('calendar_day')) {
$scope = eme_sanitize_request(get_query_var('calendar_day'));
$location_id = isset($_GET['location_id']) ? urldecode($_GET['location_id']) : '';
$category = isset($_GET['category']) ? urldecode($_GET['category']) : '';
$notcategory = isset($_GET['notcategory']) ? urldecode($_GET['notcategory']) : '';
$author = isset($_GET['author']) ? urldecode($_GET['author']) : '';
$contact_person = isset($_GET['contact_person']) ? urldecode($_GET['contact_person']) : '';
$event_list_item_format = get_option('eme_event_list_item_format');
$show_single_event = 1;
$page_body = eme_get_events_list(0, $scope, "ASC", $event_list_item_format, $format_header, $format_footer, $location_id, $category, '', 0, $author, $contact_person, 0, '', 0, 1, 0, $notcategory, 0, 0, 0, 0, "", $show_single_event);
return $page_body;
} else {
// Multiple events page
isset($_GET['scope']) ? $scope = eme_sanitize_request($_GET['scope']) : ($scope = "future");
$stored_format = get_option('eme_event_list_item_format');
if (get_option('eme_display_calendar_in_events_page')) {
$page_body = eme_get_calendar('full=1');
} else {
$page_body = eme_get_events_list(get_option('eme_event_list_number_items'), $scope, "ASC", $stored_format, $format_header, $format_footer, 0);
}
return $page_body;
}
}
