Blame | Last modification | View Log | RSS feed
<?php
/*
Copyright (C) 2003-2004 MJG/04-Inconceivable.org
See file LICENSE for licensing details.
See file VERSION for versioning/author/source details
See file CHANGELOG for changes from version to version
*/
// Include configuration data
include("../dbaccess.inc");
include("../global_config.inc.php");
// connect to the database
$CONF['dbConn']= OpenDB();
// Authenticate via the set cookie from index.php
if ( md5($CONF['adm_user'] . $CONF['adm_pass']) != $_COOKIE['mcal_adm_auth'] )
{
header("Location: index.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today'] . "\n\n");
exit(1);
}
// Clean up event input
if ( isset($FORM['day_title']))
$day_title = $FORM['day_title'];
else
$day_title = "";
if ( isset($FORM['day_event']))
$day_event = $FORM['day_event'];
else
$day_event = "";
if (isset($FORM['html']) )
$show_html = intval($FORM['html']);
// Setup an sql-style date
$sql_date = mktime(0, 0, 0, $month, $today, $year);
if ( (isset($_GET['del'])) && ($_GET['del'] == 1) )
{
$eventQuery = "DELETE FROM calendar WHERE ca_date = '$sql_date';";
$eventExec = TQueryDB($CONF['dbConn'], $eventQuery);
header("Location: admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today']);
exit();
}
//no title, no comply
if ( strlen($day_title) < 1 )
{
header("Location: admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today']);
exit();
}
// Check to see if we're inserting new or updating entry
$Q = "SELECT ca_num FROM calendar WHERE ca_date = $sql_date";
$STH = QueryDB($CONF['dbConn'], $Q);
if ( $STH )
{
$update=0;
if ( pg_num_rows($STH) > 0 )
{
$update = 1;
}
}
else { }
$day_title_safe = addslashes($day_title);
$day_event_safe = addslashes($day_event);
if ( $show_html ) { $show_html = 1; } else { $show_html = 0; }
if ( $update == 1 )
{
// UPDATE
// $postQuery = "UPDATE " . $CONF['tbl_cal'] . " SET title = '$day_title_safe', event = '$day_event_safe', html = '$show_html' WHERE date = '$sql_date';";
$postQuery = "UPDATE calendar SET ca_title = '$day_title_safe', ca_text = '$day_event_safe' WHERE ca_date = $sql_date";
// $postExec = mysql_query($postQuery) or die("Could not Post UPDATE Cal Event to database!");
TQueryDB($CONF['dbConn'], $postQuery);
header("Location: admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today']);
}
else
{
// INSERT
// $postQuery = "INSERT INTO " . $CONF['tbl_cal'] . " (date,title,event,html) VALUES ('$sql_date','$day_title_safe','$day_event_safe','$show_html');";
$postQuery = "SELECT co_calendar FROM COUNTER";
$result = QueryDB($CONF['dbConn'], $postQuery);
if ( $result) {
$data = pg_fetch_row($result, 0);
$co_calendar = $data[0] + 1;
} else {
$co_calendar = 0;
}
if ($co_calendar > 0) {
$postQuery = "INSERT INTO calendar (ca_num, ca_date, ";
$postQuery .= "ca_title, ca_text, ca_status) VALUES ";
$postQuery .= "($co_calendar, $sql_date, ";
$postQuery .= "'$day_title_safe', '$day_event_safe', 1)";
QueryDB($CONF['dbConn'], "begin");
if (!QueryDB($CONF['dbConn'], $postQuery)) {
QueryDB($CONF['dbConn'], "rollback");
pg_close($CONF['dbConn']);
return;
}
$postQuery = "UPDATE counter SET co_calendar = $co_calendar";
if (!QueryDB($CONF['dbConn'], $postQuery)) {
QueryDB($CONF['dbConn'], "rollback");
pg_close($CONF['dbConn']);
return;
}
QueryDB($CONF['dbConn'], "commit");
}
header("Location: admin.php?year=" . $FORM['year'] . "&month=" . $FORM['month'] . "&today=" . $FORM['today']);
}
?>