$xml = '';
if (empty($_REQUEST['d_FSScheduledDateAll'])) {
$Phase = intval($_REQUEST['d_Phase']);
$Phase2 = max(2, $Phase * 2);
$SQL = "select" . " FSScheduledDate," . " date_format(FSScheduledDate, '" . get_text('DateFmtDB') . "') DateFormatted," . " UNIX_TIMESTAMP(concat(FSScheduledDate, ' ', FSScheduledTime)) UnixTime " . "FROM FinSchedule " . " INNER JOIN Grids on FsMatchNo=GrMatchNo " . "WHERE" . " FSEvent=" . StrSafe_DB($_REQUEST['d_Event']) . " " . " AND FSTeamEvent = 0" . " AND FSTournament = " . StrSafe_DB($_SESSION['TourId']) . " " . " AND GrPhase = {$Phase2} " . "ORDER BY" . " FSScheduledDate desc," . " FSScheduledTime desc " . "LIMIT 1";
$q = safe_r_sql($SQL);
if ($r = safe_fetch($q)) {
$date = $r->FSScheduledDate;
$_REQUEST['d_FSScheduledDateAll'] = $r->DateFormatted;
}
if (substr($_REQUEST['d_FSScheduledTimeAll'], 0, 1) == '+') {
$time = date('H:i:s', strtotime($_REQUEST['d_FSScheduledTimeAll'] . ' minutes', $r->UnixTime));
$_REQUEST['d_FSScheduledTimeAll'] = substr($time, 0, 5);
}
}
$time = empty($time) ? Convert24Time($_REQUEST['d_FSScheduledTimeAll']) : $time;
$date = empty($date) ? ConvertDate($_REQUEST['d_FSScheduledDateAll']) : $date;
$matchLen = isset($_REQUEST['d_FSScheduledLenAll']) && strlen(trim($_REQUEST['d_FSScheduledLenAll'])) > 0 && intval($_REQUEST['d_FSScheduledLenAll']) >= 0 ? $_REQUEST['d_FSScheduledLenAll'] : 0;
if (!(($time || strlen(trim($_REQUEST['d_FSScheduledTimeAll'])) == 0) && ($date || strlen(trim($_REQUEST['d_FSScheduledDateAll'])) == 0) && $date >= $_SESSION['TourRealWhenFrom'] && $date <= $_SESSION['TourRealWhenTo'])) {
$Errore = 1;
}
if (IsBlocked(BIT_BLOCK_TOURDATA)) {
$Errore == 1;
}
if ($Errore == 0) {
$PhaseFilter = '';
if ($_REQUEST['d_Phase'] != 1) {
$PhaseFilter = "GrPhase=" . StrSafe_DB($_REQUEST['d_Phase']) . " ";
} else {
$PhaseFilter = "(GrPhase='0' OR GrPhase='1') ";
}
if ($cc == 'FSScheduledLen' && (strlen(trim($vv)) == 0 || !$vv)) {
$SearchifMatch = "SELECT * from FinSchedule " . "where " . " FSEvent=" . StrSafe_DB($ee) . " AND FSTeamEvent='1'" . " AND FSMatchNo in ({$mm}, {$mm2}) " . " AND FSTournament=" . StrSafe_DB($_SESSION['TourId']);
$Rs = safe_R_sql($SearchifMatch);
if (safe_num_rows($Rs) && strlen(trim($vv)) == 0) {
$vv = 0;
} elseif (!safe_num_rows($Rs) && !$vv) {
$vv = '';
}
}
if (strlen(trim($vv)) > 0) {
$badDate = false;
if ($cc == 'FSScheduledDate') {
$vv = ConvertDate($Value);
$badDate = !($vv >= date('Y-m-d', $_SESSION['ToWhenFromUTS']) && $vv <= date('Y-m-d', $_SESSION['ToWhenToUTS']));
} elseif ($cc == 'FSScheduledTime') {
$vv = Convert24Time($vv);
}
if ($vv > 0 && !$badDate || $vv == 0 && $cc == 'FSScheduledLen') {
// Scrivo per $mm
$Insert = "INSERT INTO FinSchedule (FSEvent,FSTeamEvent,FSMatchNo,FSTournament," . $cc . ") " . "VALUES(" . StrSafe_DB($ee) . "," . StrSafe_DB('1') . "," . StrSafe_DB($mm) . "," . StrSafe_DB($_SESSION['TourId']) . "," . StrSafe_DB($vv) . "" . ") " . "ON DUPLICATE KEY UPDATE " . "FSTarget=FSTarget," . "FSGroup=FSGroup," . $cc . "=" . StrSafe_DB($vv) . " ";
$Rs = safe_w_sql($Insert);
if (!$Rs) {
$Errore = 1;
} else {
// Scrivo per $mm2
$Insert = "INSERT INTO FinSchedule (FSEvent,FSTeamEvent,FSMatchNo,FSTournament," . $cc . ") " . "VALUES(" . StrSafe_DB($ee) . "," . StrSafe_DB('1') . "," . StrSafe_DB($mm2) . "," . StrSafe_DB($_SESSION['TourId']) . "," . StrSafe_DB($vv) . "" . ") " . "ON DUPLICATE KEY UPDATE " . "FSTarget=FSTarget," . "FSGroup=FSGroup," . $cc . "=" . StrSafe_DB($vv) . " ";
$Rs = safe_w_sql($Insert);
}
} else {
$Errore = 1;
}
<?php
require_once dirname(dirname(__FILE__)) . '/config.php';
require_once 'Common/Lib/Fun_DateTime.inc.php';
if (!CheckTourSession() || !isset($_REQUEST['rowid']) || !isset($_REQUEST['date']) || !isset($_REQUEST['time']) || !isset($_REQUEST['len']) || !isset($_REQUEST['from']) || !isset($_REQUEST['to'])) {
print get_text('CrackError');
exit;
}
$Errore = 0;
$date = ConvertDate($_REQUEST['date']);
$time = Convert24Time($_REQUEST['time']);
$badDate = (false and !($date >= date('Y-m-d', $_SESSION['ToWhenFromUTS']) && $date <= date('Y-m-d', $_SESSION['ToWhenToUTS'])));
$len = intval($_REQUEST['len']);
$from = intval($_REQUEST['from']);
$to = intval($_REQUEST['to']);
$tmpEvent = '';
$tmpDbEvent = '';
if ($date && $time && !$badDate && $from && $to && $to >= $from) {
if ($_REQUEST['rowid'] == -1) {
$query = "INSERT INTO FinTraining (FtTournament, FtScheduledDate, FtScheduledTime, FtScheduledLen, FtTargetFrom, FtTargetTo) " . "VALUES (" . StrSafe_DB($_SESSION['TourId']) . "," . StrSafe_DB($date) . "," . StrSafe_DB($time) . "," . StrSafe_DB($len) . "," . StrSafe_DB($from) . "," . StrSafe_DB($to) . ")";
} else {
$query = "UPDATE FinTraining SET " . "FtScheduledDate = " . StrSafe_DB($date) . "," . "FtScheduledTime = " . StrSafe_DB($time) . "," . "FtScheduledLen = " . StrSafe_DB($len) . "," . "FtTargetFrom = " . StrSafe_DB($from) . "," . "FtTargetTo = " . StrSafe_DB($to) . "WHERE FtTournament=" . StrSafe_DB($_SESSION['TourId']) . " AND FtScheduledDate=" . StrSafe_DB($_REQUEST['olddate']) . " AND FtScheduledTime= " . StrSafe_DB($_REQUEST['oldtime']) . " AND FtTargetFrom = " . StrSafe_DB($_REQUEST['oldfrom']) . " ";
}
$rs = safe_w_sql($query);
if (!$rs) {
$Errore = 1;
}
//salvo gli eventi se presenti
if (isset($_REQUEST["event"]) && is_array($_REQUEST["event"])) {
$query = "DELETE FROM FinTrainingEvent " . "WHERE FteTournament=" . StrSafe_DB($_SESSION['TourId']) . " AND FteScheduledDate=" . StrSafe_DB($_REQUEST['olddate']) . " AND FteScheduledTime= " . StrSafe_DB($_REQUEST['oldtime']) . " AND FteTargetFrom = " . StrSafe_DB($_REQUEST['oldfrom']) . " ";
$rs = safe_w_sql($query);