-
Notifications
You must be signed in to change notification settings - Fork 0
/
submit.php
98 lines (94 loc) · 3.53 KB
/
submit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
/* -------------------------------------------------------------------------- *\
|* -[ Module-Training - Submit ]--------------------------------------------- *|
\* -------------------------------------------------------------------------- */
// include core api functions
include("../core/api.inc.php");
// load module api and language
api_loadModule();
// get action
$act=$_GET['act'];
// switch actions
switch($act){
// training
case "training_save":training_save();break;
case "training_delete":training_delete();break;
// default
default:
$alert="?alert=submitFunctionNotFound&alert_class=alert-warning&act=".$act;
header("location: index.php".$alert);
}
/**
* Training Save
*/
function training_save(){
// check training edit permission
if(!api_checkPermission("module-diary","training_edit")){api_die("trainingDenied");}
// get objects
$training=api_moduleDiary_training($_GET['idTraining']);
// acquire variables
$p_sport=$_POST['sport'];
$p_sort=$_POST['sort'];
$p_time=$_POST['time'];
$p_distance=$_POST['distance'];
$p_description=addslashes($_POST['description']);
$p_datetraining=$_POST['datetraining'];
// build request query
if($training->id){
$query="UPDATE `module-diary_trainings` SET
`sport`='".$p_sport."',
`sort`='".$p_sort."',
`time`='".$p_time."',
`distance`='".$p_distance."',
`description`='".$p_description."',
`datetraining`='".$p_datetraining."',
`updDate`='".api_now()."',
`updIdAccount`='".api_account()->id."'
WHERE `id`='".$training->id."'";
// execute query
$GLOBALS['db']->execute($query);
// log event
$log=api_log(API_LOG_NOTICE,"module-diary","trainingUpdated",
"{logs_module-diary_trainingUpdated|".$p_sport."|".$p_sort."}",
$training->id,"module-diary/module-diary_view.php?idTraining=".$training->id);
// alert
$alert="&alert=trainingUpdated&alert_class=alert-success&idLog=".$log->id;
}else{
$query="INSERT INTO `module-diary_trainings`
(`sport`,`sort`,`time`,`distance`,`description`,`datetraining`,`addDate`,`addIdAccount`) VALUES
('".$p_sport."','".$p_sort."','".$p_time."','".$p_distance."','".$p_description."','".$p_datetraining."',
'".api_now()."','".api_account()->id."')";
// execute query
$GLOBALS['db']->execute($query);
// build from last inserted id
$training=api_moduleDiary_training($GLOBALS['db']->lastInsertedId());
// log event
$log=api_log(API_LOG_NOTICE,"module-diary","trainingCreated",
"{logs_module-diary_trainingCreated|".$p_sport."|".$p_sort."}",
$training->id,"casting-reassignments/requests_view.php?idRequest=".$training->id);
// alert
$alert="&alert=trainingCreated&alert_class=alert-success&idLog=".$log->id;
}
// redirect
exit(header("location: module-diary_view.php?idTraining=".$training->id.$alert));
}
/**
* Training Delete
*/
function training_delete(){
// check training edit permission
if(!api_checkPermission("module-diary","training_del")){api_die("trainingDenied");}
// get objects
$training=api_moduleDiary_training($_GET['idTraining']);
if(!$training->id){exit(header("location: module-diary_list.php?alert=trainingNotFound&alert_class=alert-error"));}
// execute queries
$GLOBALS['db']->execute("DELETE FROM `module-diary_trainings` WHERE `id`='".$training->id."'");
// log event
$log=api_log(API_LOG_WARNING,"module-diary","trainingDeleted",
"{logs_module-diary_trainingDeleted|".$training->sport."|".$training->sort."}",
$training->id);
// redirect
$alert="?alert=trainingDeleted&alert_class=alert-warning&idLog=".$log->id;
exit(header("location: module-diary_list.php".$alert));
}
?>