function removeSeat($eventId, $userId, $checkCancelled = true)
{
if ($checkCancelled) {
$signupStatus = getSignupStatus($userId, $eventId);
if ($signupStatus != 'CANCELLED') {
throw new Exception('Cannot remove seat from a user, as they have not cancelled.');
}
}
$sql = 'DELETE FROM seatingplan_seat_selections WHERE event = :event AND user = :user';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':event', $eventId);
$stmt->bindValue(':user', $userId);
$stmt->execute();
logActivity('Removed seat for _u_ at _e_', null, array('user' => $userId, 'event' => $eventId));
}
function signupLinks($eventId, $eventSignupStatus, $signupId, $userSignupStatus = null, $userId = null)
{
if (!Session::isLoggedIn()) {
return 'You must be <a href = "login.php">logged in</a> to signup.';
}
if ($userId == null) {
$userId = Session::getUser()->getId();
$userSignupStatus = getSignupStatus($userId, $eventId);
}
if ($userId != Session::getUser()->getId() && !Session::hasPriv('EDIT_SIGNUPS')) {
return;
}
$signupLinks = array();
switch ($userSignupStatus) {
case '':
if (!isSignupPossibleFromSignupStatus($eventSignupStatus)) {
return 'Signups are off!';
}
$signupLinks[] = '<a href = "signup.php?event=' . $eventId . '">Signup!</a>';
break;
case 'SIGNEDUP':
if ($userId == Session::getUser()->getId()) {
$signupLinks[] = '<a href = "basket.php?&user='******'&event=' . $eventId . '&action=add">Go to basket</a>';
if (Session::getUser()->hasPriv('CANCEL_OTHERS_SIGNUP')) {
$signupLinks[] = '<a href = "signup.php?&user='******'&event=' . $eventId . '&status=cancelled">Cancel</a>';
}
}
break;
case 'PAYPAL_WAITING':
$signupLinks[] = 'Processing payment';
case 'CONFIRMED':
case 'PAID':
$signupLinks[] = '<a href = "signup.php?&user='******'&event=' . $eventId . '&status=cancelled">Cancel</a>';
$signupLinks[] = '<a href = "seatingplan.php?event=' . $eventId . '">Seating plan</a>';
break;
case 'CASH_IN_POST':
case 'CHEQUE_IN_POST':
case 'BACS_WAITING':
$signupLinks[] = 'Processing payment';
break;
case 'WAITINGLIST':
// old style
// old style
case 'WAITING_LIST':
case 'PAID_CANTATTEND':
case 'PAID_NOSHOW':
case 'CANCELLED':
case 'STAFF':
case 'ATTENDED':
case 'NOSHOW':
break;
default:
throw new Exception('Unhandled singup status while working out signup links: ' . $userSignupStatus);
}
if (Session::hasPriv('SIGNUPS_MODIFY') && !empty($signupId)) {
$signupLinks[] .= ' <a href = "updateSignup.php?id=' . $signupId . '">Update</a>';
}
return implode(', ', $signupLinks);
}
return $authenticatedMachines;
}
$sanitizer = Sanitizer::getInstance();
$username = $sanitizer->filterString('username');
$password = $sanitizer->filterString('password');
$isStaff = $sanitizer->filterString('fullrequest');
try {
Session::checkCredentials($username, $password);
$user = User::getUser($username);
} catch (\libAllure\UserNotFoundException $e) {
apiReturn('reject-authentication', 'User not found');
} catch (\libAllure\IncorrectPasswordException $e) {
apiReturn('reject-authentication', 'Password is incorrect');
}
$event = getEvent();
$signupStatus = getSignupStatus($user->getId(), $event['id']);
switch ($signupStatus) {
case 'PAID':
$authenticatedMachines = getAuthenticatedMachines($user->getId(), $event['id']);
$sql = 'SELECT s.numberMachinesAllowed FROM signups s WHERE s.user = :user AND s.event = :event';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':user', $user->getId());
$stmt->bindValue(':event', $event['id']);
$stmt->execute();
$signup = $stmt->fetchRowNotNull();
if (count($authenticatedMachines) >= $signup['numberMachinesAllowed']) {
apiReturn('reject-overuse');
} else {
$sql = 'INSERT INTO authenticated_machines (user, event, seat, ip, hostname, mac) VALUES (:user, :event, :seat, :ip, :hostname, :mac)';
$stmt = DatabaseFactory::getInstance()->prepare($sql);
$stmt->bindValue(':user', $user->getId());
$stmt->execute();
}
function jsonError($errorMessage)
{
echo json_encode(array('type' => 'error', 'message' => $errorMessage));
exit;
}
function jsonSuccess($message, array $seatChanges)
{
echo json_encode(array('type' => 'success', 'message' => $message, 'seatChanges' => $seatChanges));
exit;
}
if (!Session::isLoggedIn()) {
jsonError('You are not logged in!');
}
$status = getSignupStatus(Session::getUser()->getId(), $event['id']);
if ($status != 'PAID' && $status != 'CONFIRMED' && $status != 'PAYPAL_WAITING' && $status != 'STAFF') {
jsonError("You haven't paid for a ticket!");
}
if (getUserInSeat($event['id'], $seat)) {
jsonError("That seat is already occupied!");
}
$seatChanges = array();
$currentSeats = getSeatForUser($event['id']);
foreach ($currentSeats as $itemCurrentSeat) {
$seatChanges[] = getJsonSeatChange('delete', $itemCurrentSeat['seat'], Session::getUser()->getUsername());
}
deleteSeatsForUser($event['id']);
setUserInSeat($event['id'], $seat);
$seatChanges[] = getJsonSeatChange('set', $seat, Session::getUser()->getUsername());
jsonSuccess('Seat selected!', $seatChanges);
