function rsvp_admin_guest() { global $wpdb; if (count($_POST) > 0 && !empty($_POST['firstName']) && !empty($_POST['lastName'])) { check_admin_referer('rsvp_add_guest'); $passcode = isset($_POST['passcode']) ? $_POST['passcode'] : ""; if (isset($_SESSION[EDIT_SESSION_KEY]) && is_numeric($_SESSION[EDIT_SESSION_KEY])) { $wpdb->update(ATTENDEES_TABLE, array("firstName" => trim($_POST['firstName']), "lastName" => trim($_POST['lastName']), "email" => trim($_POST['email']), "personalGreeting" => trim($_POST['personalGreeting']), "rsvpStatus" => trim($_POST['rsvpStatus'])), array("id" => $_SESSION[EDIT_SESSION_KEY]), array("%s", "%s", "%s", "%s", "%s"), array("%d")); rsvp_printQueryDebugInfo(); $attendeeId = $_SESSION[EDIT_SESSION_KEY]; $wpdb->query($wpdb->prepare("DELETE FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE attendeeId = %d", $attendeeId)); $wpdb->query($wpdb->prepare("DELETE FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE associatedAttendeeID = %d", $attendeeId)); } else { $wpdb->insert(ATTENDEES_TABLE, array("firstName" => trim($_POST['firstName']), "lastName" => trim($_POST['lastName']), "email" => trim($_POST['email']), "personalGreeting" => trim($_POST['personalGreeting']), "rsvpStatus" => trim($_POST['rsvpStatus'])), array('%s', '%s', '%s', '%s', '%s')); $attendeeId = $wpdb->insert_id; } if (isset($_POST['associatedAttendees']) && is_array($_POST['associatedAttendees'])) { foreach ($_POST['associatedAttendees'] as $aid) { if (is_numeric($aid) && $aid > 0) { $wpdb->insert(ASSOCIATED_ATTENDEES_TABLE, array("attendeeID" => $attendeeId, "associatedAttendeeID" => $aid), array("%d", "%d")); $wpdb->insert(ASSOCIATED_ATTENDEES_TABLE, array("attendeeID" => $aid, "associatedAttendeeID" => $attendeeId), array("%d", "%d")); } } } if (rsvp_require_passcode()) { if (empty($passcode)) { $passcode = rsvp_generate_passcode(); } if (rsvp_require_unique_passcode() && !rsvp_is_passcode_unique($passcode, $attendeeId)) { $passcode = rsvp_generate_passcode(); } $wpdb->update(ATTENDEES_TABLE, array("passcode" => trim($passcode)), array("id" => $attendeeId), array("%s"), array("%d")); } ?> <p>Attendee <?php echo htmlspecialchars(stripslashes($_POST['firstName'] . " " . $_POST['lastName'])); ?> has been successfully saved</p> <p> <a href="<?php echo get_option('siteurl'); ?> /wp-admin/admin.php?page=rsvp-top-level">Continue to Attendee List</a> | <a href="<?php echo get_option('siteurl'); ?> /wp-admin/admin.php?page=rsvp-admin-guest">Add a Guest</a> </p> <?php } else { $attendee = null; unset($_SESSION[EDIT_SESSION_KEY]); $associatedAttendees = array(); $firstName = ""; $lastName = ""; $email = ""; $personalGreeting = ""; $rsvpStatus = "NoResponse"; $passcode = ""; if (isset($_GET['id']) && is_numeric($_GET['id'])) { $attendee = $wpdb->get_row("SELECT id, firstName, lastName, email, personalGreeting, rsvpStatus, passcode FROM " . ATTENDEES_TABLE . " WHERE id = " . $_GET['id']); if ($attendee != null) { $_SESSION[EDIT_SESSION_KEY] = $attendee->id; $firstName = stripslashes($attendee->firstName); $lastName = stripslashes($attendee->lastName); $email = stripslashes($attendee->email); $personalGreeting = stripslashes($attendee->personalGreeting); $rsvpStatus = $attendee->rsvpStatus; $passcode = stripslashes($attendee->passcode); // Get the associated attendees and add them to an array $associations = $wpdb->get_results("SELECT associatedAttendeeID FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE attendeeId = " . $attendee->id . " UNION " . "SELECT attendeeID FROM " . ASSOCIATED_ATTENDEES_TABLE . " WHERE associatedAttendeeID = " . $attendee->id); foreach ($associations as $aId) { $associatedAttendees[] = $aId->associatedAttendeeID; } } } ?> <form name="contact" action="admin.php?page=rsvp-admin-guest" method="post"> <?php wp_nonce_field('rsvp_add_guest'); ?> <p class="submit"> <input type="submit" class="button-primary" value="<?php _e('Save'); ?> " /> </p> <table class="form-table"> <tr valign="top"> <th scope="row"><label for="firstName"><?php echo __("First Name", 'rsvp-plugin'); ?> :</label></th> <td align="left"><input type="text" name="firstName" id="firstName" size="30" value="<?php echo htmlspecialchars($firstName); ?> " /></td> </tr> <tr valign="top"> <th scope="row"><label for="lastName"><?php echo __("Last Name", 'rsvp-plugin'); ?> :</label></th> <td align="left"><input type="text" name="lastName" id="lastName" size="30" value="<?php echo htmlspecialchars($lastName); ?> " /></td> </tr> <tr valign="top"> <th scope="row"><label for="email"><?php echo __("Email", 'rsvp-plugin'); ?> :</label></th> <td align="left"><input type="text" name="email" id="email" size="30" value="<?php echo htmlspecialchars($email); ?> " /></td> </tr> <?php if (rsvp_require_passcode()) { ?> <tr valign="top"> <th scope="row"><label for="passcode">Passcode:</label></th> <td align="left"><input type="text" name="passcode" id="passcode" size="30" value="<?php echo htmlspecialchars($passcode); ?> " maxlength="6" /></td> </tr> <?php } ?> <tr> <th scope="row"><label for="rsvpStatus">RSVP Status</label></th> <td align="left"> <select name="rsvpStatus" id="rsvpStatus" size="1"> <option value="NoResponse" <?php echo $rsvpStatus == "NoResponse" ? " selected=\"selected\"" : ""; ?> >No Response</option> <option value="Yes" <?php echo $rsvpStatus == "Yes" ? " selected=\"selected\"" : ""; ?> >Yes</option> <option value="No" <?php echo $rsvpStatus == "No" ? " selected=\"selected\"" : ""; ?> >No</option> </select> </td> </tr> <tr valign="top"> <th scope="row" valign="top"><label for="personalGreeting">Custom Message:</label></th> <td align="left"><textarea name="personalGreeting" id="personalGreeting" rows="5" cols="40"><?php echo htmlspecialchars($personalGreeting); ?> </textarea></td> </tr> <tr valign="top"> <th scope="row">Associated Attendees:</th> <td align="left"> <select name="associatedAttendees[]" multiple="multiple" size="5" style="height: 200px;"> <?php $attendees = $wpdb->get_results("SELECT id, firstName, lastName FROM " . $wpdb->prefix . "attendees ORDER BY lastName, firstName"); foreach ($attendees as $a) { if ($a->id != $_SESSION[EDIT_SESSION_KEY]) { ?> <option value="<?php echo $a->id; ?> " <?php echo in_array($a->id, $associatedAttendees) ? "selected=\"selected\"" : ""; ?> ><?php echo htmlspecialchars(stripslashes($a->firstName) . " " . stripslashes($a->lastName)); ?> </option> <?php } } ?> </select> </td> </tr> <?php if ($attendee != null && $attendee->id > 0) { $sql = "SELECT question, answer FROM " . ATTENDEE_ANSWERS . " ans \n\t\t\t\t\t\tINNER JOIN " . QUESTIONS_TABLE . " q ON q.id = ans.questionID \n\t\t\t\t\t\tWHERE attendeeID = %d \n\t\t\t\t\t\tORDER BY q.sortOrder"; $aRs = $wpdb->get_results($wpdb->prepare($sql, $attendee->id)); if (count($aRs) > 0) { ?> <tr> <td colspan="2"> <h4>Custom Questions Answered</h4> <table cellpadding="2" cellspacing="0" border="0"> <tr> <th>Question</th> <th>Answer</th> </tr> <?php foreach ($aRs as $a) { ?> <tr> <td><?php echo stripslashes($a->question); ?> </td> <td><?php echo str_replace("||", ", ", stripslashes($a->answer)); ?> </td> </tr> <?php } ?> </table> </td> </tr> <?php } } ?> </table> <p class="submit"> <input type="submit" class="button-primary" value="<?php _e('Save'); ?> " /> </p> </form> <?php } }
function rsvp_frontend_greeting() { global $rsvp_form_action; $customGreeting = get_option(OPTION_GREETING); if (rsvp_require_only_passcode_to_register()) { $output = RSVP_START_PARA . __("Please enter your passcode to RSVP.", 'rsvp-plugin') . RSVP_END_PARA; } else { if (rsvp_require_passcode()) { $output = RSVP_START_PARA . __("Please enter your first name, last name and passcode to RSVP.", 'rsvp-plugin') . RSVP_END_PARA; } else { $output = RSVP_START_PARA . __("Please enter your first and last name to RSVP.", 'rsvp-plugin') . RSVP_END_PARA; } } $firstName = ""; $lastName = ""; $passcode = ""; if (isset($_SESSION['rsvpFirstName'])) { $firstName = $_SESSION['rsvpFirstName']; } if (isset($_SESSION['rsvpLastName'])) { $lastName = $_SESSION['rsvpLastName']; } if (isset($_SESSION['rsvpPasscode'])) { $passcode = $_SESSION['rsvpPasscode']; } if (!empty($customGreeting)) { $output = RSVP_START_PARA . nl2br($customGreeting) . RSVP_END_PARA; } $output .= RSVP_START_CONTAINER; if (get_option(OPTION_RSVP_OPEN_REGISTRATION) == "Y") { $output .= "<form name=\"rsvpNew\" method=\"post\" id=\"rsvpNew\" action=\"{$rsvp_form_action}\">\r\n"; $output .= "\t<input type=\"hidden\" name=\"rsvpStep\" value=\"newattendee\" />"; $output .= "<input type=\"submit\" value=\"" . __("New Attendee Registration", "rsvp-plugin") . "\" />\r\n"; $output .= "</form>\r\n"; $output .= "<hr />"; $output .= RSVP_START_PARA . __("Need to modify your registration? Start with the below form.", "rsvp-plugin") . RSVP_END_PARA; } $output .= "<form name=\"rsvp\" method=\"post\" id=\"rsvp\" action=\"{$rsvp_form_action}\" autocomplete=\"off\">\r\n"; $output .= "\t<input type=\"hidden\" name=\"rsvpStep\" value=\"find\" />"; if (!rsvp_require_only_passcode_to_register()) { $output .= RSVP_START_PARA . "<label for=\"firstName\">" . __("First Name", 'rsvp-plugin') . ":</label> \n\t\t\t\t\t\t\t\t <input type=\"text\" name=\"firstName\" id=\"firstName\" size=\"30\" value=\"" . htmlspecialchars($firstName) . "\" class=\"required\" />" . RSVP_END_PARA; $output .= RSVP_START_PARA . "<label for=\"lastName\">" . __("Last Name", 'rsvp-plugin') . ":</label> \n\t\t\t\t\t\t\t\t <input type=\"text\" name=\"lastName\" id=\"lastName\" size=\"30\" value=\"" . htmlspecialchars($lastName) . "\" class=\"required\" />" . RSVP_END_PARA; } if (rsvp_require_passcode()) { $output .= RSVP_START_PARA . "<label for=\"passcode\">" . __("Passcode", 'rsvp-plugin') . ":</label> \n\t\t\t\t\t\t\t\t\t <input type=\"password\" name=\"passcode\" id=\"passcode\" size=\"30\" value=\"" . htmlspecialchars($passcode) . "\" class=\"required\" autocomplete=\"off\" />" . RSVP_END_PARA; } $output .= RSVP_START_PARA . "<input type=\"submit\" value=\"" . __("Complete your RSVP!", 'rsvp-plugin') . "\" />" . RSVP_END_PARA; $output .= "</form>\r\n"; $output .= RSVP_END_CONTAINER; return $output; }