protected function processUpdate()
{
global $db;
if ($this->getElementValue('status') == "DELETE") {
$this->processDelete();
}
$sanitizer = Sanitizer::getInstance();
$sql = 'UPDATE signups SET status = :status, numberMachinesAllowed = :machinesAllowed, comments = concat(comments, "\\n", now(), " (", :staffUsername, ") - ", :comments, :changeMetadata), gigabit = :gigabit, ticketCost = :ticketCost WHERE id = :id';
$stmt = $db->prepare($sql);
$stmt->bindValue(':id', $this->getElementValue('id'));
$stmt->bindValue(':status', $this->getElementValue('status'));
$stmt->bindValue(':comments', $sanitizer->formatString($this->getElementValue('comments')));
$stmt->bindValue(':gigabit', $sanitizer->formatBool($this->getElementValue('gigabit')));
$stmt->bindValue(':ticketCost', $this->getElementValue('ticketCost'));
$stmt->bindValue(':staffUsername', Session::getUser()->getUsername());
$stmt->bindValue(':changeMetadata', $this->getChangeMetadata());
$stmt->bindValue(':machinesAllowed', $this->getElementValue('numberMachinesAllowed'));
$stmt->execute();
$this->signup = $this->getSignup();
if ($this->getElementValue('status') == 'CANCELLED') {
require_once 'includes/functions.seatingPlan.php';
removeSeat($this->signup['event'], $this->signup['userId']);
}
$sql = 'SELECT e.id FROM events e WHERE e.id = :eventId LIMIT 1';
$stmt = $db->prepare($sql);
$stmt->bindValue(':eventId', $this->signup['event']);
$stmt->execute();
logActivity('Signup updated for _u_ to event _e_ ' . $this->getElementValue('comments') . '. ' . $this->getChangeMetadata(), null, array('user' => $this->signup['user'], 'event' => $this->signup['event']));
redirect('viewEvent.php?id=' . $this->signup['event'], 'Signup edited.');
}
<?php
set_include_path(get_include_path() . PATH_SEPARATOR . '../../');
require_once 'includes/common.php';
require_once 'includes/functions.seatingPlan.php';
use libAllure\Sanitizer;
requirePrivOrRedirect('SUPERUSER');
$eventId = Sanitizer::getInstance()->filterUint('event');
$userId = Sanitizer::getInstance()->filterUint('user');
removeSeat($eventId, $userId);
echo 'OK';
function swapUsersSeats($eventId, $userId1, $userId2)
{
$seat1 = getSeatForUser($eventId, $userId1);
$seat2 = getSeatForUser($eventId, $userId2);
if (empty($seat1) || empty($seat2)) {
return;
}
// var_dump($seat1[0]['seat'], $seat2[0]['seat'], $userId1, $userId2); exit;
removeSeat($eventId, $userId1, false);
removeSeat($eventId, $userId2, false);
setUserInSeat($eventId, $seat2[0]['seat'], $userId1);
setUserInSeat($eventId, $seat1[0]['seat'], $userId2);
}
