function param($name, $def = 0) { if (isset($_POST[$name])) { $val = $_POST[$name]; } elseif (isset($_GET[$name])) { $val = $_GET[$name]; } else { return $def; } return is_numeric($def) ? intval($val) : post_filter($val); }
$op = 'one'; } $result = $xoopsDB->query('SELECT r.*, optfield FROM ' . RVTBL . ' r, ' . OPTBL . " o WHERE rvid={$rvid} AND r.eid=o.eid"); if (!$result || $xoopsDB->getRowsNum($result) == 0) { redirect_header(EGUIDE_URL . '/', 2, _NOPERM); exit; } $data = $xoopsDB->fetchArray($result); $eid = $data['eid']; $exid = $data['exid']; $back = EGUIDE_URL . '/receipt.php?eid=' . $eid . ($exid ? '&sub=' . $exid : ''); $backanc = "<a href='{$back}'>" . _MD_RESERV_RETURN . "</a>"; if ($op == 'save') { $status = intval($_POST['status']); $email = $xoopsDB->quoteString(post_filter($_POST['email'])); $info = post_filter($_POST['info']); $vals = unserialize_text($data['info']); $num = $data['status'] != _RVSTAT_REFUSED ? isset($vals[$nlab]) ? $vals[$nlab] : 1 : 0; $xoopsDB->query("UPDATE " . RVTBL . " SET email={$email}, status={$status}," . 'info=' . $xoopsDB->quoteString($info) . " WHERE rvid={$rvid}"); $vals = unserialize_text($info); $nnum = $status != _RVSTAT_REFUSED ? isset($vals[$nlab]) ? $vals[$nlab] : 1 : 0; update_reserv($eid, $exid, $nnum - $num); redirect_header($back, 2, _MD_DBUPDATED); exit; } else { $result = $xoopsDB->query("SELECT * FROM " . RVTBL . " WHERE rvid={$rvid}"); $rvdata = $xoopsDB->fetchArray($result); } } $result = $xoopsDB->query("SELECT * FROM " . OPTBL . " WHERE eid={$eid}"); $opts = $xoopsDB->fetchArray($result);