function add($postArray)
 {
     if (User::isAdmin()) {
         $bm = BandMember::get($postArray['member_id']);
     } else {
         $uo = User::getCurrent();
         $bm = BandMember::getByUserID($uo->getID());
     }
     if (db::isError($bm)) {
         return $bm;
     }
     $db = new db();
     $member_id = $bm->getID();
     $title = $db->sanitize_to_db($postArray['title']);
     $_dt = strtotime($postArray['date']);
     $dt = date('Y-m-d', $_dt) . ' ' . $postArray['time'];
     $dateTime = date("Y-m-d H:i:s", strtotime($dt));
     $body = $db->sanitize_to_db($postArray['body']);
     if (!$title) {
         $title = '(untitled)';
     }
     $r = @mysql_query("insert into Band_Diaries (title, member_id, date_time, body, is_active) values ('{$title}','{$member_id}','{$dateTime}','{$body}'," . DEFAULT_ACTIVE . ")");
     if (!$r) {
         return Error::MySQL();
     } else {
         $bd = BandMemberDiary::get(mysql_insert_id());
         return $bd;
     }
 }
     $venueName = $venue->getName();
     $venueAddress1 = $venue->getAddress1();
     $venueAddress2 = $venue->getAddress2();
     $venueCity = $venue->getCity();
     $venueStateProvince = $venue->getStateProvince();
     $venuePostalCode = $venue->getPostalCode();
     $venueCountry = $venue->getCountry();
 }
 $name = USE_MOD_REWRITE ? '<a href="' . SITE_WEB_DIRECTORY . '/show/' . $ID . '">' . $so->getName() . '</a>' : '<a href="' . SITE_WEB_DIRECTORY . '/shows.php?id=' . $ID . '">' . $so->getName() . '</a>';
 $access = $so->isAllAges() ? "All Ages!" : "21 and Over";
 $uo = $so->getUserObject();
 $cost = $so->getCost();
 $date = $so->getDate("F d, Y");
 $time = $so->getTime("g:i A");
 if ($uo->isBandMember()) {
     $bm = BandMember::getByUserID($uo->getID());
     if ($bm->isActive()) {
         if (USE_MOD_REWRITE) {
             $poster = '<a href="' . SITE_WEB_DIRECTORY . '/member/' . $ID . '/">Read More</a>';
         } else {
             $poster = '<a href="' . SITE_WEB_DIRECTORY . '/member.php?id=' . $bm->getID() . '">Read More</a>';
         }
     } else {
         $poster = $firstname;
     }
 } else {
     $poster = $firstname;
 }
 $moreLink = '';
 if (!$args['suppressLink']) {
     if (USE_MOD_REWRITE) {
<?php

include 'base.php';
User::protect();
include_class('band_members');
include_class('m2');
// type is only used on initial entry, not on an actual submit
$bm = BandMember::get($_GET['id']);
if (!db::isError($bm)) {
    $doSubmit = false;
    if (!$_POST['area']) {
        $type = $_REQUEST['type'] == 'av' ? 'av' : 'photos';
        $ma = $type == 'av' ? $bm->getAVAreaObject() : $bm->getPhotoAreaObject();
    } else {
        if ($_POST['area'] == $bm->getAVAreaID() || $_POST['area'] == $bm->getPhotoAreaID()) {
            $doSubmit = true;
        }
    }
    if ($doSubmit) {
        $ma = MediaArea::get($_POST['area']);
        if (!db::isError($ma)) {
            if ($_POST['localfile']) {
                $res = $ma->addMediaUpload('mediafile', $bm);
            } else {
                if ($_POST['url']) {
                    $res = $ma->addMediaRemote($_POST['url'], $bm);
                } else {
                    if ($_POST['toAdd'] == 'all') {
                        $keepCopy = $_POST['copyFromIncoming'] ? 1 : 0;
                        $res = $ma->addAllMediaIncoming($keepCopy, $bm);
                    } else {
<?php

include 'base.php';
User::protect();
include_class('band_members');
if ($_POST['submit']) {
    // add news entry
    $bm = BandMember::add($_POST);
    if (!db::isError($bm)) {
        header('Location: band_member_edit.php?id=' . $bm->getID());
        exit;
    }
}
$calendar = true;
$section = 'band_members';
$editors = array('equipment', 'influences', 'bio');
$page_title = 'Add Band Member';
include 'layout/header.php';
?>

<div id="breadcrumb">
	<a href="index.php">Audition&nbsp;&#62;</a>&nbsp;<a href="band.php">Manage&nbsp;Band&nbsp;&#62;</a>&nbsp;<a href="band_members.php">Band Members&nbsp;&#62;</a>&nbsp;Add Band Member
</div>

<?php 
if (!User::isAdmin()) {
    $bm->outputDialog('Return to Band Members', 'band_members.php', 'You may not add a band member.');
} else {
    if (db::isError($bm)) {
        $bm->outputList();
    }
 public function extractBandMemberObject(&$result, $skeleton = false)
 {
     $member = null;
     try {
         if ($result[BandMemberDao::BAND_ID_FIELD] !== null) {
             $member = new BandMember();
             $member->setVariable(BandMember::MEMBER_ID, $result[BandMemberDao::MEMBER_ID_FIELD]);
             $member->setVariable(BandMember::FIRST_NAME, $result[BandMemberDao::FIRST_NAME_FIELD]);
             $member->setVariable(BandMember::LAST_NAME, $result[BandMemberDao::LAST_NAME_FIELD]);
             if (!$skeleton) {
                 //TODO
                 $member->setVariable(BandMember::BIO, $result[BandMemberDao::BIO_FIELD]);
                 $member->setVariable(BandMember::ADMIN, $result[BandMemberDao::ADMIN_FIELD]);
                 $member->setVariable(BandMember::CURRENT, $result[BandMemberDao::CURRENT_FIELD]);
                 $member->setVariable(BandMember::START_DATE, $result[BandMemberDao::START_DATE_FIELD]);
                 $member->setVariable(BandMember::END_DATE, $result[BandMemberDao::END_DATE_FIELD]);
             }
         }
     } catch (PDOException $ex) {
         echo "extractMemberObject error: " . $ex->getMessage();
     }
     return $member;
 }
 public function updateBandMemberAdmin($memberID, $targetMemberID, $bandID, $admin, $dbConnection = null)
 {
     $processed = false;
     try {
         $bandMember = new BandMember();
         $bandMember->setVariable(BandMember::BAND_ID, $bandID);
         $bandMember->setVariable(BandMember::MEMBER_ID, $targetMemberID);
         $bandMember->setVariable(BandMember::ADMIN, $admin);
         $processed = BandMemberDao::updateBandMember($memberID, $bandMember, $dbConnection);
     } catch (Exception $ex) {
         echo "activateBandMember error: " . $ex->getMessage();
         $processed = false;
     }
     return $processed;
 }
<?php

include 'base.php';
User::protect();
$page_title = 'Band Member Diaries';
include_class('band_diaries');
include_class('band_members');
if ($_GET['memberID']) {
    $bm = BandMember::get($_GET['memberID']);
    $bdlist = $bm->getDiaries($_GET['entries_per_page'], $_GET['start']);
    $news_total = $bm->getTotalDiaryEntries();
    if (!db::isError($bm)) {
        $uo = $bm->getUserObject();
        $uoc = User::getCurrent();
    }
}
$section = 'band_diaries';
include 'layout/header.php';
if (is_object($bm) && !db::isError($bm)) {
    ?>

<div id="breadcrumb">
	<a href="index.php">Audition&nbsp;&#62;</a>&nbsp;<a href="band.php">Manage&nbsp;Band&nbsp;&#62;</a>&nbsp;<a href="band_diaries.php">Diaries&nbsp;&#62;</a>&nbsp;<?php 
    echo $uo->getFirstName();
    ?>
's Diary
</div>

	<h1><?php 
    echo strtolower($uo->getFirstName());
    ?>
 function add($postArray)
 {
     $db = new db();
     $e = new Error();
     if (User::isAdmin()) {
         $password = $db->sanitize_to_db($postArray['password']);
         $confirmPassword = $db->sanitize_to_db($postArray['password_confirm']);
         $passwordHash = null;
         $username = $db->sanitize_to_db($postArray['username']);
         if ($username != null && $username != "") {
             if (User::exists($username)) {
                 $e->add("A user with the username '{$username}' already exists.");
             }
         } else {
             $e->add("A band member entry must contain a username.");
         }
         if ($password != null && $password != "") {
             // something has been entered for password
             if ($password == $confirmPassword) {
                 if (strlen($password) > 4) {
                     $passwordHash = md5($password);
                 } else {
                     $e->add("A user password must be at least 5 characters.");
                 }
             } else {
                 $e->add("The two passwords do not match.");
             }
         } else {
             $e->add("A band member entry must contain a password.");
         }
         $firstname = $db->sanitize_to_db($postArray['firstname']);
         if (!$firstname) {
             $e->add("A band member entry must contain a first name.");
         }
         $lastname = $db->sanitize_to_db($postArray['lastname']);
         $role = $db->sanitize_to_db($postArray['role']);
         if (!$role) {
             $e->add("A band member entry must contain a role.");
         }
         $_dt = strtotime($db->sanitize_to_db($postArray['birthdate']));
         $birthdate = date('Y-m-d', $_dt);
         $email = $db->sanitize_to_db($postArray['email']);
         $equipment = $db->sanitize_to_db($postArray['equipment']);
         $influences = $db->sanitize_to_db($postArray['influences']);
         $bio = $db->sanitize_to_db($postArray['bio']);
         if ($e->hasErrors()) {
             return $e;
         } else {
             $result = @mysql_query("insert into Users (username, password, lastname, firstname, email, birthdate) values ('{$username}', '{$passwordHash}', '{$lastname}', '{$firstname}', '{$email}', '{$birthdate}')");
             if (!$result) {
                 $e->add(mysql_error());
             } else {
                 $userID = mysql_insert_id();
                 $result2 = @mysql_query("insert into Band_Members (role, equipment, influences, bio, user_id) values ('{$role}', '{$equipment}', '{$influences}', '{$bio}', {$userID})");
                 if (!$result2) {
                     $e->add(mysql_error());
                 } else {
                     $bmID = mysql_insert_id();
                 }
             }
             if ($e->hasErrors()) {
                 return $e;
             } else {
                 $bm = BandMember::get($bmID);
                 return $bm;
             }
         }
     } else {
         $e->add('You may not add a band member entry. Only an admin user may do that.');
         return $e;
     }
 }
<?php

include 'base.php';
User::protect();
$section = 'band_diaries';
$db = new db();
include_class('band_diaries');
include_class('band_members');
$bm = BandMember::get($_REQUEST['memberID']);
if (!db::isError($bm)) {
    $uo = $bm->getUserObject();
    if ($_POST['submit']) {
        // add news entry
        $bd = BandMemberDiary::add($_POST);
        if (!db::isError($bd)) {
            header('Location: band_diary_edit.php?id=' . $bd->getID());
        }
    }
}
$calendar = true;
$editors = array('body');
$page_title = 'Add Band Diary';
include 'layout/header.php';
// This page requires a member_id get variable. If it's not present we forward to it if the user isn't admin
// and if the user admin, we go back to the band_diaries page
?>

<?php 
if (!db::isError($bm)) {
    if ($bm->canEdit()) {
        ?>
示例#10
0
 function selectBandMembers($memberIDArray)
 {
     if (User::isAdmin()) {
         $q = "delete from Releases_to_Band_Members where release_id = " . $this->ID;
         $r = mysql_query($q);
         if (is_array($memberIDArray)) {
             foreach ($memberIDArray as $mID) {
                 $bm = BandMember::get($mID);
                 if (!db::isError($bm)) {
                     $q = "insert into Releases_to_Band_Members (member_id, release_id) values (" . $bm->getID() . "," . $this->ID . ")";
                     $r = mysql_query($q);
                 }
             }
         }
     } else {
         return Error::create("You may not select the band members for a particular release.");
     }
 }