function escape_any_xss($formdata)
{
$formdata_array = explode('~', $formdata);
$formdata_array_count = count($formdata_array);
$clean_formdata = '';
for ($i = 0; $i < $formdata_array_count; $i++) {
$elemnts = explode('^', $formdata_array[$i]);
$type = $elemnts[0];
$element_name = $elemnts[1];
$value = $elemnts[2];
$value = wpbc_clean_parameter($value);
// convert to new value
$clean_formdata .= $type . '^' . $element_name . '^' . $value . '~';
}
$clean_formdata = substr($clean_formdata, 0, -1);
$clean_formdata = str_replace('%', '%', $clean_formdata);
// clean any % from the form, because otherwise, there is problems with SQL prepare function
return $clean_formdata;
}
function wpdev_get_args_from_request_in_bk_listing()
{
//debuge($_REQUEST);
$num_per_page_check = get_bk_option('bookings_num_per_page');
if (empty($num_per_page_check)) {
$num_per_page_check = '10';
update_bk_option('bookings_num_per_page', $num_per_page_check);
}
$args = array('wh_booking_type' => isset($_REQUEST['wh_booking_type']) ? wpbc_clean_parameter($_REQUEST['wh_booking_type']) : '', 'wh_approved' => isset($_REQUEST['wh_approved']) ? wpbc_clean_parameter($_REQUEST['wh_approved']) : '', 'wh_booking_id' => isset($_REQUEST['wh_booking_id']) ? wpbc_clean_parameter($_REQUEST['wh_booking_id']) : '', 'wh_is_new' => isset($_REQUEST['wh_is_new']) ? wpbc_clean_parameter($_REQUEST['wh_is_new']) : '', 'wh_pay_status' => isset($_REQUEST['wh_pay_status']) ? wpbc_clean_parameter($_REQUEST['wh_pay_status']) : '', 'wh_keyword' => isset($_REQUEST['wh_keyword']) ? wpbc_clean_parameter($_REQUEST['wh_keyword']) : '', 'wh_booking_date' => isset($_REQUEST['wh_booking_date']) ? wpbc_clean_parameter($_REQUEST['wh_booking_date']) : '', 'wh_booking_date2' => isset($_REQUEST['wh_booking_date2']) ? wpbc_clean_parameter($_REQUEST['wh_booking_date2']) : '', 'wh_modification_date' => isset($_REQUEST['wh_modification_date']) ? wpbc_clean_parameter($_REQUEST['wh_modification_date']) : '', 'wh_modification_date2' => isset($_REQUEST['wh_modification_date2']) ? wpbc_clean_parameter($_REQUEST['wh_modification_date2']) : '', 'wh_cost' => isset($_REQUEST['wh_cost']) ? wpbc_clean_parameter($_REQUEST['wh_cost']) : '', 'wh_cost2' => isset($_REQUEST['wh_cost2']) ? wpbc_clean_parameter($_REQUEST['wh_cost2']) : '', 'or_sort' => isset($_REQUEST['or_sort']) ? wpbc_clean_parameter($_REQUEST['or_sort']) : get_bk_option('booking_sort_order'), 'page_num' => isset($_REQUEST['page_num']) ? wpbc_clean_parameter($_REQUEST['page_num']) : '1', 'page_items_count' => isset($_REQUEST['page_items_count']) ? wpbc_clean_parameter($_REQUEST['page_items_count']) : $num_per_page_check);
//debuge($args, $_REQUEST['wh_booking_type'] );
return $args;
}
function wpbc_add_new_booking($params, $is_edit_booking = false)
{
if ($is_edit_booking !== false) {
// Edit booking
$booking_id = $is_edit_booking['booking_id'];
$bktype = $is_edit_booking['booking_type'];
} else {
// New booking
if (!isset($params["bktype"])) {
return false;
} else {
$bktype = intval($params["bktype"]);
}
if ($bktype == 0) {
return false;
}
// Error: Unknown booking resources
}
make_bk_action('check_multiuser_params_for_client_side', $bktype);
// Activate working with specific user in WP MU
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Define init variables
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
global $wpdb;
$formdata = escape_any_xss($params["form"]);
$my_modification_date = "'" . date_i18n('Y-m-d H:i:s') . "'";
// Localize booking modification date
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Get Dates
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$dates_in_diff_formats = wpbc_get_dates_in_diff_formats($params["dates"], $bktype, $formdata);
//debuge($dates_in_diff_formats);
$str_dates__dd_mm_yyyy = $dates_in_diff_formats['string'];
// $my_dates = $dates_in_diff_formats['array'];
$start_time = $dates_in_diff_formats['start_time'];
$end_time = $dates_in_diff_formats['end_time'];
//Here we need to check for double booking for the same sessions
if (!$is_edit_booking && !wpbc_check_if_dates_free($bktype, $formdata, $dates_in_diff_formats, $start_time, $end_time)) {
die;
}
$my_check_in_date = explode('-', $dates_in_diff_formats['array'][0]);
$my_check_in_date_sql = sprintf("%04d-%02d-%02d %02d:%02d:%02d", $my_check_in_date[0], $my_check_in_date[1], $my_check_in_date[2], $start_time[0], $start_time[1], $start_time[2]);
if (empty($str_dates__dd_mm_yyyy)) {
?>
<script type="text/javascript"> if ( jQuery('#submiting<?php
echo $bktype;
?>
' ).length ) { document.getElementById('submiting<?php
echo $bktype;
?>
').innerHTML = '<div style="height:20px;width:100%;text-align:center;margin:15px auto;"><?php
bk_error('Error! No Dates', __FILE__, __LINE__);
?>
</div>'; } </script> <?php
die('Error! No Dates');
}
$auto_approve_new_bookings_is_active = trim(get_bk_option('booking_auto_approve_new_bookings_is_active'));
$is_approved_dates = $auto_approve_new_bookings_is_active == 'On' ? '1' : '0';
// // Auto Approve booking from Booking > Add booking page for single booking resources
// $admin_uri = ltrim( str_replace( get_site_url( null, '', 'admin' ), '', admin_url('admin.php?') ), '/' ) ;
// if ( strpos( $_SERVER['HTTP_REFERER'], $admin_uri ) !== false )
// $is_approved_dates = '1';
$additional_fields = $additional_fields_vlaues = '';
if (isset($params["sync_gid"])) {
$additional_fields = ", sync_gid";
$additional_fields_vlaues = ", '" . wpbc_clean_parameter($params["sync_gid"]) . "'";
}
if ($is_edit_booking === false) {
////////////////////////////////////////////////////////////////////////////
// Add new booking
////////////////////////////////////////////////////////////////////////////
$sql_insertion = "INSERT INTO {$wpdb->prefix}booking (form, booking_type, modification_date, sort_date{$additional_fields}) VALUES ('{$formdata}', {$bktype}, {$my_modification_date}, '{$my_check_in_date_sql}' {$additional_fields_vlaues})";
if (false === $wpdb->query($sql_insertion)) {
?>
<script type="text/javascript"> if ( jQuery('#submiting<?php
echo $bktype;
?>
' ).length ) { document.getElementById('submiting<?php
echo $bktype;
?>
').innerHTML = '<div style="height:20px;width:100%;text-align:center;margin:15px auto;"><?php
bk_error('Error during inserting into DB', __FILE__, __LINE__);
?>
</div>'; }</script> <?php
die('Error during inserting into DB');
}
$booking_id = (int) $wpdb->insert_id;
// Get ID of booking
} else {
////////////////////////////////////////////////////////////////////////////
// Edit booking
////////////////////////////////////////////////////////////////////////////
$update_sql = "UPDATE {$wpdb->prefix}booking AS bk SET bk.form='{$formdata}', bk.booking_type={$bktype}, bk.modification_date={$my_modification_date}, sort_date='{$my_check_in_date_sql}' WHERE bk.booking_id={$booking_id};";
if (false === $wpdb->query($update_sql)) {
?>
<script type="text/javascript"> if ( jQuery('#submiting<?php
echo $bktype;
?>
' ).length ) { document.getElementById('submiting<?php
echo $bktype;
?>
').innerHTML = '<div style="height:20px;width:100%;text-align:center;margin:15px auto;"><?php
bk_error('Error during updating exist booking in DB', __FILE__, __LINE__);
?>
</div>'; }</script> <?php
die('Error during updating exist booking in DB');
}
// Check if dates already aproved or no
$slct_sql = "SELECT approved FROM {$wpdb->prefix}bookingdates WHERE booking_id IN ({$booking_id}) LIMIT 0,1";
$slct_sql_results = $wpdb->get_results($slct_sql);
if (count($slct_sql_results) > 0) {
$is_approved_dates = $slct_sql_results[0]->approved;
}
$delete_sql = "DELETE FROM {$wpdb->prefix}bookingdates WHERE booking_id IN ({$booking_id})";
if (false === $wpdb->query($delete_sql)) {
?>
<script type="text/javascript"> if ( jQuery('#submiting<?php
echo $bktype;
?>
' ).length ) { document.getElementById('submiting<?php
echo $bktype;
?>
').innerHTML = '<div style="height:20px;width:100%;text-align:center;margin:15px auto;"><?php
bk_error('Error during updating exist booking for deleting dates in DB', __FILE__, __LINE__);
?>
</div>'; }</script> <?php
die('Error during updating exist booking for deleting dates in DB');
}
}
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
// Update the Hash and Cost of the booking
make_bk_action('wpbc_update_booking_hash', $booking_id, $bktype);
make_bk_action('wpdev_booking_post_inserted', $booking_id, $bktype, $str_dates__dd_mm_yyyy, array($start_time, $end_time), $formdata);
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
$insert = wpbc_get_SQL_to_insert_dates($dates_in_diff_formats, $is_approved_dates, $booking_id);
if (!empty($insert)) {
if (false === $wpdb->query("INSERT INTO {$wpdb->prefix}bookingdates (booking_id, booking_date, approved) VALUES " . $insert)) {
?>
<script type="text/javascript"> if ( jQuery('#submiting<?php
echo $bktype;
?>
' ).length ) { document.getElementById('submiting<?php
echo $bktype;
?>
').innerHTML = '<div style="height:20px;width:100%;text-align:center;margin:15px auto;"><?php
bk_error('Error during inserting into BD - Dates', __FILE__, __LINE__);
?>
</div>'; }</script> <?php
die('Error during inserting into BD - Dates');
}
}
////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////
if (isset($params["is_send_emeils"])) {
$is_send_emeils = $params["is_send_emeils"];
} else {
$is_send_emeils = 1;
}
if ($is_edit_booking === false) {
if ($is_send_emeils != 0) {
sendNewBookingEmails($booking_id, $bktype, $formdata);
}
if (isset($params["is_show_payment_form"]) && $params["is_show_payment_form"] == 1) {
do_action('wpdev_new_booking', $booking_id, $bktype, $str_dates__dd_mm_yyyy, array($start_time, $end_time), $formdata);
} else {
do_action('wpbc_update_cost_of_new_booking', $booking_id, $bktype, $str_dates__dd_mm_yyyy, array($start_time, $end_time), $formdata);
}
// wpbc_integrate_MailChimp($formdata, $bktype);
if ($auto_approve_new_bookings_is_active == 'On' && $is_send_emeils != 0) {
sendApproveEmails($booking_id, 1);
}
} else {
if ($is_send_emeils != 0) {
sendModificationEmails($booking_id, $bktype, $formdata);
}
$admin_uri = ltrim(str_replace(get_site_url(null, '', 'admin'), '', admin_url('admin.php?')), '/');
if (strpos($_SERVER['HTTP_REFERER'], $admin_uri) === false) {
if (isset($params["is_show_payment_form"]) && $params["is_show_payment_form"] == 1) {
do_action('wpdev_new_booking', $booking_id, $bktype, $str_dates__dd_mm_yyyy, array($start_time, $end_time), $formdata);
} else {
do_action('wpbc_update_cost_of_new_booking', $booking_id, $bktype, $str_dates__dd_mm_yyyy, array($start_time, $end_time), $formdata);
}
}
}
// Re-Update booking resource TYPE if its needed here
if (isset($params["skip_page_checking_for_updating"])) {
$skip_page_checking_for_updating = (bool) $params["skip_page_checking_for_updating"];
} else {
$skip_page_checking_for_updating = true;
}
make_bk_action('wpdev_booking_reupdate_bk_type_to_childs', $booking_id, $bktype, $str_dates__dd_mm_yyyy, array($start_time, $end_time), $formdata, $skip_page_checking_for_updating);
make_bk_action('finish_check_multiuser_params_for_client_side', $bktype);
// Deactivate working with specific user in WP MU
return $booking_id;
}
