function display_buttons($row, $is_series)
{
global $PHP_SELF;
global $user, $reminder_interval;
$last_reminded = empty($row['reminded']) ? $row['last_updated'] : $row['reminded'];
$returl = $PHP_SELF;
$target_id = $is_series ? $row['repeat_id'] : $row['id'];
// When we're going to view_entry.php we need to pass the id and series
// in a query string rather than as hidden inputs. That's because some
// pages called by view_entry use HTTP_REFERER to form a return URL, and
// view_entry needs to have a valid id.
$query_string = "id={$target_id}";
$query_string .= $is_series ? "&series=1" : "";
if (auth_book_admin($user, $row['room_id'])) {
// accept
echo "<form action=\"confirm_entry_handler.php\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"accept\">\n";
echo "<input type=\"hidden\" name=\"id\" value=\"{$target_id}\">\n";
echo "<input type=\"hidden\" name=\"series\" value=\"{$is_series}\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("accept") . "\">\n";
echo "</div>\n";
echo "</form>\n";
// reject
echo "<form action=\"view_entry.php?{$query_string}\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"reject\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("reject") . "\">\n";
echo "</div>\n";
echo "</form>\n";
// more info
echo "<form action=\"view_entry.php?{$query_string}\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"more_info\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("more_info") . "\">\n";
echo "</div>\n";
echo "</form>\n";
} else {
// Work out whether enough time has elapsed since the last reminder
$not_yet_time = working_time_diff(time(), $last_reminded) < $reminder_interval;
// if enough time has passed since the last reminder
// output a "Remind Admin" button, otherwise nothing
if ($not_yet_time) {
echo " ";
} else {
echo "<form action=\"confirm_entry_handler.php\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"remind_admin\">\n";
echo "<input type=\"hidden\" name=\"id\" value=\"" . $row['id'] . "\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("remind_admin") . "\">\n";
echo "</div>\n";
echo "</form>\n";
}
}
}
function display_buttons($row, $is_series)
{
global $PHP_SELF;
global $user, $reminders_enabled, $reminder_interval;
$last_reminded = empty($row['reminded']) ? $row['last_updated'] : $row['reminded'];
$returl = $PHP_SELF;
$target_id = $is_series ? $row['repeat_id'] : $row['id'];
// When we're going to view_entry.php we need to pass the id and series
// in a query string rather than as hidden inputs. That's because some
// pages called by view_entry use HTTP_REFERER to form a return URL, and
// view_entry needs to have a valid id.
$query_string = "id={$target_id}";
$query_string .= $is_series ? "&series=1" : "";
if (auth_book_admin($user, $row['room_id'])) {
// approve
echo "<form action=\"approve_entry_handler.php\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"approve\">\n";
echo "<input type=\"hidden\" name=\"id\" value=\"{$target_id}\">\n";
echo "<input type=\"hidden\" name=\"series\" value=\"{$is_series}\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("approve") . "\">\n";
echo "</div>\n";
echo "</form>\n";
// reject
echo "<form action=\"view_entry.php?{$query_string}\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"reject\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("reject") . "\">\n";
echo "</div>\n";
echo "</form>\n";
// more info
$info_time = $is_series ? $row['repeat_info_time'] : $row['entry_info_time'];
$info_user = $is_series ? $row['repeat_info_user'] : $row['entry_info_user'];
if (empty($info_time)) {
$info_title = get_vocab("no_request_yet");
} else {
$info_title = get_vocab("last_request") . ' ' . time_date_string($info_time);
if (!empty($info_user)) {
$info_title .= " " . get_vocab("by") . " {$info_user}";
}
}
echo "<form action=\"view_entry.php?{$query_string}\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"more_info\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" title=\"" . htmlspecialchars($info_title) . "\" value=\"" . get_vocab("more_info") . "\">\n";
echo "</div>\n";
echo "</form>\n";
} else {
// get the area settings for this room
get_area_settings(get_area($row['room_id']));
// if enough time has passed since the last reminder
// output a "Remind Admin" button, otherwise nothing
if ($reminders_enabled && working_time_diff(time(), $last_reminded) >= $reminder_interval) {
echo "<form action=\"approve_entry_handler.php\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"remind_admin\">\n";
echo "<input type=\"hidden\" name=\"id\" value=\"" . $row['id'] . "\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("remind_admin") . "\">\n";
echo "</div>\n";
echo "</form>\n";
} else {
echo " ";
}
}
}
$booking[$key] = $value;
}
// Set the various bits in the status field as appropriate
// (Note: the status field is the only one that can differ by room)
$status = 0;
// Privacy status
if ($isprivate) {
$status |= STATUS_PRIVATE;
// Set the private bit
}
// If we are using booking approvals then we need to work out whether the
// status of this booking is approved. If the user is allowed to approve
// bookings for this room, then the status will be approved, since they are
// in effect immediately approving their own booking. Otherwise the booking
// will need to approved.
if ($approval_enabled && !auth_book_admin($user, $room_id)) {
$status |= STATUS_AWAITING_APPROVAL;
}
// Confirmation status
if ($confirmation_enabled && !$confirmed) {
$status |= STATUS_TENTATIVE;
}
$booking['status'] = $status;
$bookings[] = $booking;
}
$just_check = $ajax && function_exists('json_encode') && !$commit;
$this_id = isset($id) ? $id : NULL;
$result = mrbsMakeBookings($bookings, $this_id, $just_check, $skip, $original_room_id, $need_to_send_mail, $edit_type);
// If we weren't just checking and this was a succesful booking and
// we were editing an existing booking, then delete the old booking
if (!$just_check && $result['valid_booking'] && isset($id)) {
$info_user = $series ? $repeat_info_user : $entry_info_user;
$info_text = $series ? $repeat_info_text : $entry_info_text;
if (empty($info_time)) {
$value = '';
} else {
$value = get_vocab("sent_at") . time_date_string($info_time);
if (!empty($info_user)) {
$value .= "\n" . get_vocab("by") . " {$info_user}";
}
$value .= "\n----\n";
$value .= $info_text;
}
generateTextArea("approve_entry_handler.php", $target_id, $series, "more_info", $returl, get_vocab("send"), get_vocab("request_more_info"), $value);
} else {
// Buttons for those who are allowed to approve this booking
if (auth_book_admin($user, $row['room_id'])) {
if (!$series) {
generateApproveButtons($id, FALSE);
}
if (!empty($repeat_id) || $series) {
generateApproveButtons($repeat_id, TRUE);
}
} elseif ($user == $create_by) {
generateOwnerButtons($id, $series);
} else {
// But valid HTML requires that there's something inside the <tfoot></tfoot>
echo "<tr><td></td><td></td></tr>\n";
}
}
echo "</tfoot>\n";
}
$room_id = $data['room_id'];
// Initialise $mail_previous so that we can use it as a parameter for notifyAdminOnBooking
$mail_previous = array();
$start_times = array();
// Give the return URL a query string if it doesn't already have one
if (strpos($returl, '?') === FALSE) {
$returl .= "?year={$year}&month={$month}&day={$day}&area={$area}&room={$room}";
}
if (isset($action)) {
if ($need_to_send_mail) {
$is_new_entry = TRUE;
// Treat it as a new entry unless told otherwise
}
// If we have to approve or reject a booking, check that we have rights to do so
// for this room
if (($action == "approve" || $action == "reject") && !auth_book_admin($user, $room_id)) {
showAccessDenied($day, $month, $year, $area, isset($room) ? $room : "");
exit;
}
switch ($action) {
// ACTION = "APPROVE"
case 'approve':
if ($need_to_send_mail) {
$is_new_entry = FALSE;
// Get the current booking data, before we change anything, for use in emails
$mail_previous = mrbsGetBookingInfo($id, $series);
}
$start_times = mrbsApproveEntry($id, $series);
$result = $start_times !== FALSE;
if ($result === FALSE) {
$returl .= "&error=approve_failed";
case "month":
$returl = "month.php";
break;
case "week":
$returl = "week.php";
break;
default:
$returl = "day.php";
}
$returl .= "?year={$year}&month={$month}&day={$day}&area={$area}";
}
if (getAuthorised(1) && ($info = mrbsGetBookingInfo($id, FALSE, TRUE))) {
$user = getUserName();
// check that the user is allowed to delete this entry
if (isset($action) && ($action = "reject")) {
$authorised = auth_book_admin($user, $info['room_id']);
} else {
$authorised = getWritable($info['create_by'], $user, $info['room_id']);
}
if ($authorised) {
$day = strftime("%d", $info["start_time"]);
$month = strftime("%m", $info["start_time"]);
$year = strftime("%Y", $info["start_time"]);
$area = mrbsGetRoomArea($info["room_id"]);
$notify_by_email = $mail_settings['admin_on_delete'] || $mail_settings['book_admin_on_provisional'];
if ($notify_by_email) {
require_once "functions_mail.inc";
// Gather all fields values for use in emails.
$mail_previous = getPreviousEntryData($id, $series);
}
sql_begin();
$info_user = $series ? $repeat_info_user : $entry_info_user;
$info_text = $series ? $repeat_info_text : $entry_info_text;
if (empty($info_time)) {
$value = '';
} else {
$value = get_vocab("sent_at") . time_date_string($info_time);
if (!empty($info_user)) {
$value .= "\n" . get_vocab("by") . " {$info_user}";
}
$value .= "\n----\n";
$value .= $info_text;
}
generateTextArea("approve_entry_handler.php", $target_id, $series, "more_info", $returl, get_vocab("send"), get_vocab("request_more_info"), $value);
} else {
// Buttons for those who are allowed to approve this booking
if (auth_book_admin($user, $room_id)) {
if (!$series) {
generateApproveButtons($id, FALSE);
}
if (!empty($repeat_id) || $series) {
generateApproveButtons($repeat_id, TRUE);
}
} elseif ($user == $create_by) {
generateOwnerButtons($id, $series);
} else {
// But valid HTML requires that there's something inside the <tfoot></tfoot>
echo "<tr><td></td><td></td></tr>\n";
}
}
echo "</tfoot>\n";
}
$valid_booking = FALSE;
$rules_broken[] = $tmp;
}
}
}
}
// end foreach rooms
// If the rooms were free, go ahead an process the bookings
if ($valid_booking) {
foreach ($rooms as $room_id) {
// If we're using provisional booking then we need to work out whether the
// status of this booking is confirmed. If the user is allowed to confirm
// bookings for this room, then the status will be confirmed , since they are
// in effect immediately confirming their own booking.
if ($provisional_enabled) {
$status = auth_book_admin($user, $room_id) ? STATUS_CONFIRMED : STATUS_PROVISIONAL;
} else {
$status = STATUS_CONFIRMED;
}
if ($edit_type == "series") {
$booking = mrbsCreateRepeatingEntrys($starttime, $endtime, $rep_type, $rep_enddate, $rep_opt, $room_id, $create_by, $name, $type, $description, isset($rep_num_weeks) ? $rep_num_weeks : 0, $isprivate, $status);
$new_id = $booking['id'];
// Send a mail to the Administrator
if ($mail_settings['admin_on_bookings'] or $mail_settings['area_admin_on_bookings'] or $mail_settings['room_admin_on_bookings'] or $mail_settings['booker'] or $mail_settings['book_admin_on_provisional']) {
require_once "functions_mail.inc";
// Send a mail only if this a new entry, or if this is an
// edited entry but we have to send mail on every change,
// and if mrbsCreateRepeatingEntrys is successful
if ((isset($id) && $mail_settings['admin_all'] or !isset($id)) && 0 != $new_id) {
// Get room name and area name. Would be better to avoid
// a database access just for that. Ran only if we need
