-
Notifications
You must be signed in to change notification settings - Fork 4
/
locations.php
119 lines (99 loc) · 3.67 KB
/
locations.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<?php
// Include files, including the database connection
include('includes/dbConfig.php');
include('includes/functions.php');
// Start the session. This checks whether someone is logged in and if not redirects them
session_start();
if (isset($_SESSION['is_logged_in']) || $_SESSION['db_is_logged_in'] == true) {
// Just continue the code
} else {
header('Location: login.php');
exit;
}
if (!isAdmin()) {
header('Location: error.php?no=100&page='.basename($_SERVER['SCRIPT_FILENAME']));
exit;
}
// Get the query string
$locationID = $_GET["locationID"];
$editableaction = $_POST['editableaction'];
$locationremove = $_GET['locationremove'];
$locationactivate = $_GET['locationactivate'];
if ($locationremove == "true") {
removelocation($locationID);
}
if ($locationactivate == "false") {
activateLocation($locationID,0);
}
if ($locationactivate == "true") {
activateLocation($locationID,1);
}
// If the form has been submitted, then we need to handle the data.
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if($editableaction == "edit") {
$editid = $_POST['id'];
$type = $_POST['type'];
$description = $_POST['value'];
$editid = str_replace("title", "", $editid);
if ($type == "title") {
$sql = "UPDATE cr_locations SET description = '$description' WHERE id = '$editid'";
}
if (!mysql_query($sql))
{
die('Error: ' . mysql_error());
}
} else {
$newlocation = $_POST['newlocation'];
$newlocation = strip_tags($newlocation);
$rehearsal = $_POST['rehearsal'];
$rehearsal = strip_tags($rehearsal);
$sql = ("INSERT INTO cr_locations (description) VALUES ('$newlocation')");
if (!mysql_query($sql))
{
die('Error: ' . mysql_error());
}
// After we have inserted the data, we want to head back to the main users page
header('Location: locations.php'); // Move to the home page of the admin section
exit;
}
}
$formatting = "true";
$sendurl = "locations.php";
include('includes/header.php');
?>
<div class="elementBackground">
<h2>Edit locations</h2>
<p>
<?php $sql = "SELECT * FROM cr_locations ORDER BY description";
$result = mysql_query($sql) or die(mysql_error());
while($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$locationID = $row['id'];
$locationActive = $row['active'];
if ($locationActive == 1) {
echo "<span id='" . $locationID . "' class='edit'>" . $row['description'] . "</span> ";
echo " <a href='locations.php?locationremove=true&locationID=" . $locationID . "'><img src='graphics/close.png' /></a>";
echo " <a href='locations.php?locationactivate=false&locationID=" . $locationID . "'><img src='graphics/deactive.png' /></a><br />";
}
else {
echo "<span id='" . $locationID . "' class='edit'><strike>" . $row['description'] . "</strike></span> ";
echo " <a href='locations.php?locationremove=true&locationID=" . $locationID . "'><img src='graphics/close.png' /></a>";
echo " <a href='locations.php?locationactivate=true&locationID=" . $locationID . "'><img src='graphics/active.png' /></a><br />";
}
} ?>
<h2>Add a new location:</h2>
<form action="#" method="post" id="addSkill">
<fieldset>
<label for="newlocation">New location type:</label>
<input id="newlocation" name="newlocation" type="text" placeholder="Enter event type" />
<input type="submit" value="Add new location" />
</fieldset>
</form>
</div>
<?php
if(isAdmin()) { ?>
<div id="right">
<div class="item"><a href="settings.php">Back to settings</a></div>
<div class="item"><a href="createEvent.php">Create a new event</a></div>
</div>
<?php } ?>
<?php include('includes/footer.php'); ?>