-
Notifications
You must be signed in to change notification settings - Fork 1
/
start.php
185 lines (152 loc) · 6.71 KB
/
start.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
<?php
/*-----------------------------------------------------------------------------
| Bitsand - an online booking system for Live Role Play events
|
| File start.php
| Author: Russell Phillips
| Copyright: (C) 2006 - 2015 The Bitsand Project
| (http://github.com/PeteAUK/bitsand)
|
| Bitsand is free software; you can redistribute it and/or modify it under the
| terms of the GNU General Public License as published by the Free Software
| Foundation, either version 3 of the License, or (at your option) any later
| version.
|
| Bitsand is distributed in the hope that it will be useful, but WITHOUT ANY
| WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
| FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
| details.
|
| You should have received a copy of the GNU General Public License along with
| Bitsand. If not, see <http://www.gnu.org/licenses/>.
+---------------------------------------------------------------------------*/
include ('inc/inc_head_db.php');
$db_prefix = DB_PREFIX;
if ($_POST ['btnSubmit'] != '' && (CheckReferrer ('booking.php') || CheckReferrer ('eventbookingconfirm.php'))) {
$bookingid = (int)$_POST['hBooking'];
$email = htmlentities(stripslashes($_POST['txtEmail']));
if ($bookingid > 0)
{
$sBody = "You have recieved a request to make a payment for an event at " . SYSTEM_NAME . ". " .
"\n\nIf you have an account then please login to make this payment.\n" .
"Otherwise you must create an account if you wish to make a payment, using this e-mail address.\n\n" .
"If you have recieved this request in error, then please ignore it, or contact ".EVENT_CONTACT_NAME." (".EVENT_CONTACT_MAIL.") if you have any questions.";
"\n\n" . fnSystemURL ();
mail ($email, SYSTEM_NAME . ' - Payment Request', $sBody, "From:" . SYSTEM_NAME . " <" . EVENT_CONTACT_MAIL . ">");
$sql = "INSERT INTO {$db_prefix}paymentrequests (prEmail, prBookingID) VALUES ('$email', $bookingid)";
ba_db_query($link, $sql);
}
}
if ($_GET ['green'] != '')
$sGreen .= htmlentities ($_GET ['green']);
if ($_GET ['warn'] != '')
$sWarn .= htmlentities ($_GET ['warn']);
include ('inc/inc_head_html.php');
?>
<h1><?php echo TITLE?></h1>
<?php
echo ANNOUNCEMENT_MESSAGE;
if ($sGreen != '')
echo "<p class = 'green'>$sGreen</p>\n";
if ($sWarn != '')
echo "<p class = 'warn'>$sWarn</p>\n";
//Check if player has entered IC & OOC data
$sql = "SELECT chName FROM {$db_prefix}characters WHERE chPlayerID = $PLAYER_ID";
$result = ba_db_query ($link, $sql);
$iIC = ba_db_num_rows ($result);
//Check for OOC data needs to check for some actual data, as a record will always exist
$sql = "SELECT plFirstName " .
"FROM {$db_prefix}players " .
"WHERE plPlayerID = $PLAYER_ID";
$result = ba_db_query ($link, $sql);
$row = ba_db_fetch_assoc ($result);
if ($row ['plFirstName'] != '')
$bOOC = True;
else
$bOOC = False;
echo "<p>\n";
echo "You can pay ";
if (USE_PAY_PAL)
echo "via PayPal or ";
echo "by cheque, cash or postal order. Once your payment has been confirmed (by an admin) you will be listed in the booking list for that event.\n";
echo "</p>\n<p>\n";
echo "<h2>Player Details</h2>";
echo "<p><a href = 'ooc_form.php'>";
if ($bOOC == true) { echo "Edit ";} else {echo "Enter ";}
echo "OOC information</a></p>\n";
?>
</p>
<?php
echo "<p><a href = 'ic_form.php'>";
if ($iIC == 1) { echo "Edit "; } else {echo "Enter ";}
echo "IC information</a><br>\n";
if ($bOOC)
{
echo "<h2>Events</h2>";
echo "<p><a href='iCalendar.php'>iCalendar feed of events</a></p>\n";
$sql = "select bkEventID from {$db_prefix}bookings where bkPlayerID = $PLAYER_ID";
$result = ba_db_query ($link, $sql);
$bookedeventids = "";
while ($row = ba_db_fetch_assoc ($result))
{
$bookedeventids .= $row['bkEventID'] . ",";
}
$bookedeventids .= "-1";
$eventlinks = "";
$sql = "Select * FROM {$db_prefix}events where evBookingsOpen <= '".$today."' and evEventDate >= '".$today."' and evEventID not in ($bookedeventids)";
$result = ba_db_query ($link, $sql);
$eventlinks.= "<table>";
$availableevents = 0;
while ($row = ba_db_fetch_assoc ($result))
{
$availableevents++;
$eventlinks.= "<tr><td><a href='eventdetails.php?EventID=".$row['evEventID']."'>". htmlentities (stripslashes ($row['evEventName']))."</a></td><td>".$row['evEventDate']."</td><td>";
if ($row['evBookingsClose'] >= $today) { $eventlinks .= "<a href='eventbooking.php?EventID=".$row['evEventID']."'>Book Now!</a>"; }
else { $eventlinks .= "Bookings closed"; }
$eventlinks.="</td></tr></td>";
}
$eventlinks.= "</table>";
if ($availableevents == 0) { $eventlinks = "<p>There are no upcoming events that you have not booked for.</p>"; }
echo $eventlinks;
echo "<h2>Your Bookings</h2>";
$sql = "Select * FROM {$db_prefix}bookings inner join {$db_prefix}events on bkEventID = evEventID where bkPlayerID = $PLAYER_ID and evEventDate >= '".$today."'";
$result = ba_db_query ($link, $sql);
if (ba_db_num_rows($result) == 0)
{
echo "<p>You have no recorded bookings for upcoming events.</p>";
}
else
{
echo "<table>";
while ($row = ba_db_fetch_assoc ($result))
{
echo "<tr><td><a href='eventdetails.php?EventID=".$row['evEventID']."'>". htmlentities (stripslashes ($row['evEventName']))."</a></td><td>".$row['evEventDate']."</td><td>".str_replace('Staff', $stafftext, $row['bkBookAs'])."</td><td><a href='booking.php?BookingID=".$row['bkID']."'>View Booking</a></td></tr></td>";
}
echo "</table>";
}
}
else
{
echo "<h2>Events</h2>";
echo "You must enter your IC and OOC details before booking any events";
}
$sql = "select bkID, bookingplayer.plFirstName, bookingplayer.plSurname, chPreferredName, evEventName, bkBookAs from {$db_prefix}paymentrequests inner join {$db_prefix}bookings on prBookingID = bkID inner join {$db_prefix}events on bkEventID = evEventID inner join {$db_prefix}players on prEmail = {$db_prefix}players.plEmail inner join {$db_prefix}players as bookingplayer on bkPlayerID = bookingplayer.plPlayerID inner join {$db_prefix}characters on chPlayerID = bookingplayer.plPlayerID where {$db_prefix}players.plPlayerID = $PLAYER_ID";
$result = ba_db_query ($link, $sql);
if (ba_db_num_rows($result) > 0)
{
echo "<h2>Payment Requests</h2>";
echo "<p>You have recieved requests from the following users to make payment for their event</p>";
echo "<table>";
while ($row = ba_db_fetch_assoc ($result))
{
echo "<tr>";
echo "<td>".$row['plFirstName']." ".$row['plSurname']."</td>";
echo "<td>".$row['chPreferredName']."</td>";
echo "<td>". htmlentities (stripslashes ($row['evEventName']))."</td>";
echo "<td>".str_replace('Staff', $stafftext, $row['bkBookAs'])."</td>";
echo "<td><a href='booking.php?BookingID=".$row['bkID']."'>Pay Now!</a></td>";
echo "</tr>";
}
echo "</table>";
}
include ('inc/inc_foot.php');