// validate user inputs if (isset($_POST['object-edit-name']) && !empty($_POST['object-edit-name']) && isset($_POST['object-edit-x']) && !empty($_POST['object-edit-x']) && is_numeric($_POST['object-edit-x']) && isset($_POST['object-edit-y']) && !empty($_POST['object-edit-y']) && is_numeric($_POST['object-edit-y']) && isset($_POST['object_id']) && !empty($_POST['object_id']) && is_numeric($_POST['object_id'])) { // new category or a existing category if (isset($_POST['object-edit-category-new']) && !empty($_POST['object-edit-category-new']) && is_string($_POST['object-edit-category-new'])) { // new category $object_category = strip_tags($_POST['object-edit-category-new']); } else { // existing category $object_category = strip_tags($_POST['object-edit-category']); } // get & validate the values $object_name = strip_tags($_POST['object-edit-name']); $object_pos_x = intval($_POST['object-edit-x']); $object_pox_y = intval($_POST['object-edit-y']); $object_id = intval($_POST['object_id']); if ($timegrid->editObject($object_id, $object_name, $object_pos_x, $object_pos_y, $object_category)) { echo json_encode(true); exit; } } echo json_encode(false); exit; } // edit reservation if (isset($_POST['action']) && $_POST['action'] == 'reservation_edit') { if (isset($_POST['reservation-edit-from_date']) && !empty($_POST['reservation-edit-from_date']) && $timegrid->validateDate($_POST['reservation-edit-from_date']) == true && isset($_POST['reservation_id']) && !empty($_POST['reservation_id']) && is_numeric($_POST['reservation_id'])) { $from_date = strip_tags($_POST['reservation-edit-from_date']); $reservation_id = intval($_POST['reservation_id']); if (isset($_POST['reservation-edit-to_date']) && !empty($_POST['reservation-edit-to_date']) && $timegrid->validateDate($_POST['reservation-edit-to_date']) == true) { $to_date = strip_tags($_POST['reservation-edit-to_date']); } else {