}
$sql .= ")";
if ($sFirstName != '' || $sSurname != '') {
$result = ba_db_query($link, $sql);
}
echo "<h3>Search Results</h3>\n";
if ($sFirstName == '' && $sSurname == '') {
echo "<i>No search term entered</i>";
} elseif (ba_db_num_rows($result) == 0) {
echo "<i>No non-admin users found</i>";
} else {
echo "<table class = 'sortable'>\n";
echo "<tr><th>PlayerID</th><th>First Name</th><th>Surname</th><th colspan = '2'> </th></tr>\n";
while ($row = ba_db_fetch_assoc($result)) {
echo "<tr class = 'highlight'>\n";
if ($row['plPassword'] == 'ACCOUNT DISABLED') {
echo "<td>" . PID_PREFIX . sprintf('%03s', $row['plPlayerID']) . " (account disabled)</td>\n";
} else {
echo "<td>" . PID_PREFIX . sprintf('%03s', $row['plPlayerID']) . "</td>\n";
}
echo "<td>" . htmlentities(stripslashes($row['plFirstName'])) . "</td>\n";
echo "<td>" . htmlentities(stripslashes($row['plSurname'])) . "</td>\n";
$sEmail = htmlentities(stripslashes($row['plEmail']));
echo "<td><a href = 'mailto:" . Obfuscate($sEmail) . "'>E-mail</a></td>\n";
echo "<td><a href = 'root_admins.php?action=add&id={$row['plPlayerID']}'>Add</td>\n";
echo "</tr>\n";
}
echo "</table>\n";
}
}
include '../inc/inc_foot.php';
echo "<p class = 'warn'>" . htmlentities($_GET['warn']) . $sMessage . "</p>\n"; } ?> <form action = 'index.php' method = 'post'> <table class = 'blockmid'> <tr> <td>E-mail address:</td> <td><input name = 'txtEmail' class = 'text'></td> </tr><tr> <td>Password:</td> <td><input name = 'txtPassword' type = 'password' class = 'text'></td> </tr><tr> <td colspan = '2' class = 'mid'><input type = 'submit' name = 'btnSubmit' value = 'Login'> <input type = 'reset' value = "Reset form"></td> </tr> </table> </form> <ul> <li>Not registered? <a href = "register.php">Register</a></li> <li>Forgotten your password? <a href = "retrieve.php">Get a new password</a></li> <li>Please ensure that you have read and understood the <a href = "terms.php">terms & conditions</a></li> <?php echo "<li>Problem? See the <a href = 'faq.php'>FAQ</a> or <a href = 'mailto:" . Obfuscate(EVENT_CONTACT_MAIL) . "'>E-mail " . EVENT_CONTACT_NAME . "</a> with event queries, <a href = 'mailto:" . Obfuscate(TECH_CONTACT_MAIL) . "'>E-mail " . TECH_CONTACT_NAME . "</a> with web site problems.</li>\n"; ?> <li><a href='iCalendar.php'>iCalendar feed of events</a></li> </ul> <?php include 'inc/inc_foot.php';
//Do not need login check for this page
$bLoginCheck = False;
include 'inc/inc_head_db.php';
include 'inc/inc_head_html.php';
?>
<h1><?php
echo TITLE;
?>
- FAQ</h1>
<?php
$db_prefix = DB_PREFIX;
$sql = "SELECT faqOrder, faqQuestion, faqAnswer FROM {$db_prefix}faq ORDER BY faqOrder";
$result = ba_db_query($link, $sql);
while ($row = ba_db_fetch_assoc($result)) {
$faqQuestion = htmlentities($row['faqQuestion']);
$faqAnswer = htmlentities($row['faqAnswer']);
$faqQuestion = str_replace("EVENT_MAIL", "<a href = 'mailto:" . Obfuscate(EVENT_CONTACT_MAIL) . "'>" . EVENT_CONTACT_NAME . "</a>", $faqQuestion);
$faqQuestion = str_replace("TECH_MAIL", "<a href = 'mailto:" . Obfuscate(TECH_CONTACT_MAIL) . "'>" . TECH_CONTACT_NAME . "</a>", $faqQuestion);
$faqQuestion = str_replace("PLAYER_ID", player_ID(), $faqQuestion);
$faqAnswer = str_replace("EVENT_MAIL", "<a href = 'mailto:" . Obfuscate(EVENT_CONTACT_MAIL) . "'>" . EVENT_CONTACT_NAME . "</a>", $faqAnswer);
$faqAnswer = str_replace("TECH_MAIL", "<a href = 'mailto:" . Obfuscate(TECH_CONTACT_MAIL) . "'>" . TECH_CONTACT_NAME . "</a>", $faqAnswer);
$faqAnswer = str_replace("PLAYER_ID", player_ID(), $faqAnswer);
echo "<p class = 'question'>" . stripslashes($faqQuestion) . "</p>\n";
echo "<p>" . stripslashes($faqAnswer) . "</p>\n";
}
?>
<?php
include 'inc/inc_foot.php';
$osresult = ba_db_query($link, "SELECT ospName FROM {$db_prefix}ospstaken, {$db_prefix}osps WHERE otPlayerID = " . $record['plPlayerID'] . " AND ospID = otOspID ORDER BY ospName");
$oslist = "";
while ($osrow = ba_db_fetch_assoc($osresult)) {
$oslist .= htmlentities(stripslashes($osrow['ospName'])) . ", ";
}
if (strlen($oslist) > 0) {
$oslist = substr_replace($oslist, "", -2);
}
$output .= $indentItem . "Occupational Skills: " . $oslist;
$output .= $indentItem . "Notes: " . $record['chNotes'];
$output .= $endIndent . $endIndent . $endPara;
$output .= $endIndent . $endPara;
$output .= $startPara;
$output .= "If any of the above information is incorrect, please let ";
if ($buttonpressed == 1) {
$output .= EVENT_CONTACT_NAME . " (<a href = 'mailto:" . Obfuscate(EVENT_CONTACT_MAIL) . "'>" . EVENT_CONTACT_MAIL . "</a>) know as soon as possible.";
} else {
$output .= EVENT_CONTACT_NAME . " (" . EVENT_CONTACT_MAIL . ") know as soon as possible.";
}
$output .= $endPara;
$output .= $startPara;
$output .= "We look forward to seeing you at the event.";
$output .= $endPara;
if ($buttonpressed == 1) {
$output .= "<hr />";
echo $output;
} else {
if ($buttonpressed == 2) {
echo "Sending confirmation e-mail to " . $record['plFirstName'] . " " . $record['plSurname'] . " (" . PID_PREFIX . sprintf('%03s', $record['plPlayerID']) . ")<br />\n";
ini_set("sendmail_from", EVENT_CONTACT_MAIL);
$mail = mail($record['plEmail'], SYSTEM_NAME . ' - Final Confirmation for ' . $eventinfo['evEventName'], $output, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">", '-f' . EVENT_CONTACT_MAIL);
$sql = "UPDATE " . DB_PREFIX . "players SET plPassword = '******', plLoginCounter = 0 " . "WHERE plEmail LIKE '" . ba_db_real_escape_string($link, $sEmail) . "'";
$result = ba_db_query($link, $sql);
if (ba_db_affected_rows($link) == 0) {
//No changes made.
$sMsg = 'E-mail not found. Password not reset. Please check and try again';
} else {
//Send e-mail
$sTo = $sEmail;
$sSubject = SYSTEM_NAME . " - password reset";
$sBody = "Hi,\nYour password at " . SYSTEM_NAME . " has been reset. " . "Your new password is:\n{$sNewPass}\nYou can log in using this new password.\n\n" . fnSystemURL();
ini_set("sendmail_from", EVENT_CONTACT_MAIL);
$mail = mail($sTo, $sSubject, $sBody, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">", '-f' . EVENT_CONTACT_MAIL);
if ($mail) {
$sMsg = "A new password has been sent to {$sEmail}. Please check your e-mail for your new password.<br />\n" . "If you do not get the e-mail, check your Junk/Spam folder - it may have been marked as spam " . "(this appears to be particularly common with web-based e-mail services)";
} else {
$sMsg = "There was an error sending your reset email. Please contact <a href = 'mailto:" . Obfuscate(TECH_CONTACT_MAIL) . "'>" . TECH_CONTACT_NAME . "</a> to reset your password manually";
}
}
if (ba_db_affected_rows($link) > 1) {
//More than one record updated - log warning
LogWarning("retrieve.php - Multiple records updated from SQL query\n{$sql}");
}
}
?>
<h1><?php
echo TITLE;
?>
- Lost Password</h1>
$sURL = fnSystemURL() . 'eventbooking.php?EventID=' . $bookinginfo['evEventID'];
header("Location: {$sURL}");
}
}
}
echo "<h2>Delete booking for event - " . htmlentities(stripslashes($bookinginfo['evEventName'])) . "</h2>";
?>
<p>Please confirm that you wish to delete your current booking for this event.</p>
<?php
if ($bookinginfo['bkInQueue'] == 1) {
echo "<p>You will lose your place in the queue, and may miss out on a place at the event if you continue.</p>";
}
if ($bookinginfo['bkAmountPaid'] > 0) {
echo "<p>You will need to request a refund of any payment made, please contact <a href = 'mailto:" . Obfuscate(EVENT_CONTACT_MAIL) . "'>" . EVENT_CONTACT_NAME . "</a>.</p>";
}
?>
<form method='POST' action='bookingconfirmdelete.php'>
<table>
<input type="hidden" value="<?php
echo $bookingid;
?>
" name='BookingID'/>
<tr><td><input type="submit" name='rebook' value='Cancel this booking and rebook as a different type'/></td></tr>
<tr><td><input type="submit" name='delete' value='Cancel this booking without rebooking'/></td></tr>
<tr><td><input type="submit" name='cancel' value='Leave this booking'/></td></tr>
</table>
</form>
$result = ba_db_query($link, $sql);
$iIC = ba_db_num_rows($result);
//Check for OOC data needs to check for some actual data, as a record will always exist
$sql = "SELECT plFirstName FROM {$db_prefix}players WHERE plPlayerID = {$PLAYER_ID}";
$result = ba_db_query($link, $sql);
$row = ba_db_fetch_assoc($result);
if ($row['plFirstName'] != '') {
$bOOC = True;
} else {
$bOOC = False;
}
echo "<hr>\n<p>";
echo "Logged in with Player ID " . PID_PREFIX . sprintf('%03s', $PLAYER_ID) . "<br>\n";
echo "<ul>\n";
echo "<li><a href = '{$CSS_PREFIX}terms.php'>Terms & conditions</a></li>\n";
echo "<li>Problem? See the <a href = '{$CSS_PREFIX}faq.php'>FAQ</a>. Or e-mail <a href = 'mailto:" . Obfuscate(EVENT_CONTACT_MAIL) . "'>" . EVENT_CONTACT_NAME . "</a> with event queries, or <a href = 'mailto:" . Obfuscate(TECH_CONTACT_MAIL) . "'>" . TECH_CONTACT_NAME . "</a> with web site problems.</li>\n";
echo "</ul>\n";
}
/*
* Use include_once to include the version file so that we have access to the
* BitsandVersion object. This is until we implement v9 with an MVC framework
* with autoloader.
*/
if (file_exists(dirname(__FILE__) . DIRECTORY_SEPARATOR . 'version.php')) {
include_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'version.php';
$version = ' v' . BitsandVersion::get();
} else {
$version = '';
}
?>
