<?php
include 'base.php';
User::protect();
$section = 'band_diaries';
include_class('band_diaries');
include_class('band_members');
$bd = BandMemberDiary::get($_GET['id']);
if (!db::isError($bd)) {
switch ($_GET['task']) {
case 'update':
$res = $bd->update($_POST);
if (!db::isError($res)) {
header('Location: band_diary_edit.php?id=' . $_GET['id']);
}
break;
case 'deactivate':
$res = $bd->deactivate();
if (!db::isError($res)) {
header('Location: band_diary_edit.php?id=' . $_GET['id']);
}
break;
case 'activate':
$res = $bd->activate();
if (!db::isError($res)) {
header('Location: band_diary_edit.php?id=' . $_GET['id']);
}
break;
case 'delete':
$res = $bd->remove();
if (!db::isError($res)) {
$st->file = "band_diary_summary.php";
$st->args['diary'] = $bnd;
$diaries[] = $st;
}
$uo = $bm->getUserObject();
$firstName = $uo->getFirstName();
if (USE_MOD_REWRITE) {
$bandDiaryLink = '<a href="' . SITE_WEB_DIRECTORY . '/members/' . $bm->getID() . '">' . $firstName . '</a>';
$bandMembersLink = '<a href="' . SITE_WEB_DIRECTORY . '/members/">Return to Band Members</a>';
} else {
$bandDiaryLink = '<a href="' . SITE_WEB_DIRECTORY . '/band.php?id=' . $bm->getID() . '">' . $firstName . '</a>';
$bandMembersLink = '<a href="' . SITE_WEB_DIRECTORY . '/band.php">Return to Band Members</a>';
}
} else {
if ($_GET['diaryID']) {
$di = BandMemberDiary::get($_GET['diaryID']);
if (!db::isError($di)) {
if ($di->getMemberID() == $bm->getID()) {
$uo = $bm->getUserObject();
$firstName = $uo->getFirstName();
if (USE_MOD_REWRITE) {
$bandDiaryLink = '<a href="' . SITE_WEB_DIRECTORY . '/members/' . $bm->getID() . '">' . $firstName . '</a>';
$bandMembersLink = '<a href="' . SITE_WEB_DIRECTORY . '/members/">Return to Band Members</a>';
} else {
$bandDiaryLink = '<a href="' . SITE_WEB_DIRECTORY . '/band.php?id=' . $bm->getID() . '">' . $firstName . '</a>';
$bandMembersLink = '<a href="' . SITE_WEB_DIRECTORY . '/band.php">Return to Band Members</a>';
}
$view = 'diary-detail';
$detail = new SectionTemplate();
$detail->file = "band_diary_detail.php";
$detail->args['diary'] = $di;
function getDiaries()
{
$args_list = func_get_args();
$number_to_get = (int) $args_list[0];
$start_number = (int) $args_list[1];
if ($number_to_get && $start_number) {
$query = "select ID from Band_Diaries where member_id = {$this->ID} order by date_time desc limit {$start_number}, {$number_to_get}";
} else {
if ($number_to_get) {
$query = "select ID from Band_Diaries where member_id = {$this->ID} order by date_time desc limit 0, {$number_to_get}";
} else {
if ($start_number) {
$query = "select ID from Band_Diaries where member_id = {$this->ID} order by date_time desc limit {$start_number}, 10";
} else {
$query = "select ID from Band_Diaries where member_id = {$this->ID} order by date_time desc limit 0, 10";
}
}
}
$r = mysql_query($query);
$diaries = array();
while ($row = mysql_fetch_assoc($r)) {
$diaries[] = BandMemberDiary::get($row['ID']);
}
return $diaries;
}
function add($postArray)
{
if (User::isAdmin()) {
$bm = BandMember::get($postArray['member_id']);
} else {
$uo = User::getCurrent();
$bm = BandMember::getByUserID($uo->getID());
}
if (db::isError($bm)) {
return $bm;
}
$db = new db();
$member_id = $bm->getID();
$title = $db->sanitize_to_db($postArray['title']);
$_dt = strtotime($postArray['date']);
$dt = date('Y-m-d', $_dt) . ' ' . $postArray['time'];
$dateTime = date("Y-m-d H:i:s", strtotime($dt));
$body = $db->sanitize_to_db($postArray['body']);
if (!$title) {
$title = '(untitled)';
}
$r = @mysql_query("insert into Band_Diaries (title, member_id, date_time, body, is_active) values ('{$title}','{$member_id}','{$dateTime}','{$body}'," . DEFAULT_ACTIVE . ")");
if (!$r) {
return Error::MySQL();
} else {
$bd = BandMemberDiary::get(mysql_insert_id());
return $bd;
}
}
<?php
include 'base.php';
User::protect();
$section = 'band_diaries';
$db = new db();
include_class('band_diaries');
include_class('band_members');
$bm = BandMember::get($_REQUEST['memberID']);
if (!db::isError($bm)) {
$uo = $bm->getUserObject();
if ($_POST['submit']) {
// add news entry
$bd = BandMemberDiary::add($_POST);
if (!db::isError($bd)) {
header('Location: band_diary_edit.php?id=' . $bd->getID());
}
}
}
$calendar = true;
$editors = array('body');
$page_title = 'Add Band Diary';
include 'layout/header.php';
// This page requires a member_id get variable. If it's not present we forward to it if the user isn't admin
// and if the user admin, we go back to the band_diaries page
?>
<?php
if (!db::isError($bm)) {
if ($bm->canEdit()) {
?>