/**
* Change the status of the booking group and sub-bookings.
* @param int $status
* @return boolean
*/
function set_status($status, $email = true, $ignore_spaces = false)
{
$result = parent::set_status($status, $email, true);
if ($result) {
//we're going to set all of the bookings to this status with one SQL statement, to prevent unecessary hooks from firing
$booking_ids = array();
foreach ($this->get_bookings() as $EM_Booking) {
$EM_Booking->previous_status = $this->booking_status;
$EM_Booking->booking_status = $status;
if (!empty($EM_Booking->booking_id)) {
$booking_ids[] = $EM_Booking->booking_id;
}
}
if (!empty($booking_ids) && is_numeric($status)) {
global $wpdb;
$result = $wpdb->query('UPDATE ' . EM_BOOKINGS_TABLE . ' SET booking_status=' . $status . ' WHERE booking_id IN (' . implode(',', $booking_ids) . ')');
}
}
return $result;
}
/**
* @param int $status
* @param array|int $booking_ids
* @return bool
*/
function set_status($status, $booking_ids)
{
//FIXME status should work with instantiated object
//FIXME there is a vulnerability where any user can approve/reject bookings if they know the ID
if ($this->array_is_numeric($booking_ids)) {
//Get all the bookings
$results = array();
$mails = array();
foreach ($booking_ids as $booking_id) {
$EM_Booking = new EM_Booking($booking_id);
if (!$EM_Booking->can_manage()) {
$this->feedback_message = __('Bookings %s. Mails Sent.', 'dbem');
return false;
}
$results[] = $EM_Booking->set_status($status);
}
if (!in_array('false', $results)) {
$this->feedback_message = __('Bookings %s. Mails Sent.', 'dbem');
return true;
} else {
//TODO Better error handling needed if some bookings fail approval/failure
$this->feedback_message = __('An error occurred.', 'dbem');
return false;
}
} elseif (is_numeric($booking_ids) || is_object($booking_ids)) {
$EM_Booking = is_object($booking_ids) && get_class($booking_ids) == 'EM_Booking' ? $booking_ids : new EM_Booking($booking_ids);
$result = $EM_Booking->set_status($status);
$this->feedback_message = $EM_Booking->feedback_message;
return $result;
}
return false;
}
/**
* Check if there's any admin-related actions to take for bookings. All actions are caught here.
* @return null
*/
function em_admin_actions_bookings()
{
global $dbem_form_add_message;
global $dbem_form_delete_message;
global $wpdb, $EM_Booking, $EM_Event;
if (current_user_can(EM_MIN_CAPABILITY) && is_object($EM_Booking) && !empty($_REQUEST['action'])) {
if ($_REQUEST['action'] == 'bookings_delete') {
//Delete
if (isset($_POST['booking_id'])) {
$EM_Booking = new EM_Booking($_POST['booking_id']);
$EM_Booking->delete();
}
} elseif ($_REQUEST['action'] == 'bookings_edit') {
//Edit Booking
$validation = $EM_Booking->get_post();
if ($validation) {
//EM_Event gets the event if submitted via POST and validates it (safer than to depend on JS)
//Save
if ($EM_Booking->save()) {
function em_booking_save_notification()
{
global $EM_Booking;
?>
<div class="updated"><p><strong><?php
echo $EM_Booking->feedback_message;
?>
</strong></p></div><?php
}
} else {
function em_booking_save_notification()
{
global $EM_Booking;
?>
<div class="error"><p><strong><?php
echo $EM_Booking->feedback_message;
?>
</strong></p></div><?php
}
}
} else {
//TODO make errors clearer when saving person
function em_booking_save_notification()
{
global $EM_Booking;
?>
<div class="error"><p><strong><?php
echo $EM_Booking->feedback_message;
?>
</strong></p></div><?php
}
}
add_action('admin_notices', 'em_booking_save_notification');
} elseif ($_REQUEST['action'] == 'bookings_approve' || $_REQUEST['action'] == 'bookings_reject' || $_REQUEST['action'] == 'bookings_unapprove') {
//Booking Approvals
$status_array = array('bookings_unapprove' => 0, 'bookings_approve' => 1, 'bookings_reject' => 2, 'bookings_cancel' => 3);
if ($EM_Booking->set_status($status_array[$_REQUEST['action']])) {
function em_booking_save_notification()
{
global $EM_Booking;
?>
<div class="updated"><p><strong><?php
echo $EM_Booking->feedback_message;
?>
</strong></p></div><?php
}
} else {
function em_booking_save_notification()
{
global $EM_Booking;
?>
<div class="error"><p><strong><?php
echo $EM_Booking->feedback_message;
?>
</strong></p></div><?php
}
}
add_action('admin_notices', 'em_booking_save_notification');
} elseif ($_REQUEST['action'] == 'bookings_add_note') {
$EM_Booking->add_note($_REQUEST['booking_note']);
function em_booking_save_notification()
{
global $EM_Booking;
?>
<div class="updated"><p><strong><?php
echo $EM_Booking->feedback_message;
?>
</strong></p></div><?php
}
add_action('admin_notices', 'em_booking_save_notification');
}
} elseif (current_user_can(EM_MIN_CAPABILITY) && is_object($EM_Event) && !empty($_REQUEST['action'])) {
if ($_REQUEST['action'] == 'export_csv') {
$EM_Event->get_bookings()->export_csv();
exit;
}
}
}
