3 This program is free software; you can redistribute it and/or modify
4 it under the terms of the Revised BSD License.
6 This program is distributed in the hope that it will be useful,
7 but WITHOUT ANY WARRANTY; without even the implied warranty of
8 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9 Revised BSD License for more details.
11 Copyright 2004-2011 iDB Support - http://idb.berlios.de/
12 Copyright 2004-2011 Game Maker 2k - http://gamemaker2k.org/
14 $FileInfo: events.php - Last Update: 02/17/2011 SVN 619 - Author: cooldude2k $
16 $File3Name = basename($_SERVER['SCRIPT_NAME']);
17 if ($File3Name=="events.php"||
$File3Name=="/events.php") {
20 if(!is_numeric($_GET['id'])) { $_GET['id'] = null; }
21 if($_GET['act']=="view"||
$_GET['act']==null) {
22 $query = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."events\" WHERE \"id\"=%i LIMIT 1", array($_GET['id']));
23 $result=sql_query($query,$SQLStat);
24 $num=sql_num_rows($result);
26 if($num==0) { redirect("location",$rbasedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false)); sql_free_result($result);
27 ob_clean(); header("Content-Type: text/plain; charset=".$Settings['charset']);
28 gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); }
30 <div
class="NavLinks"><?php
echo $ThemeSet['NavLinkIcon']; ?
><a href
="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act
=view
",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">Board index
</a
><?php
echo $ThemeSet['NavLinkDivider']; ?
><a href
="<?php echo url_maker($exfile['event'],$Settings['file_ext'],"act
=view
&id
=".$_GET['id'],$Settings['qstr'],$Settings['qsep'],$prexqstr['event'],$exqstr['event']); ?>">Viewing Event
</a
></div
>
31 <div
class="DivNavLinks"> 
;</div
>
34 $EventID=sql_result($result,$is,"id");
35 $EventIP=sql_result($result,$is,"IP");
36 $EventUser=sql_result($result,$is,"UserID");
37 $EventGuest=sql_result($result,$is,"GuestName");
38 $EventName=sql_result($result,$is,"EventName");
39 $EventText=sql_result($result,$is,"EventText");
40 $EventText = preg_replace("/\<br\>/", "<br />", nl2br($EventText));
41 $EventStart=sql_result($result,$is,"TimeStamp");
42 $EventEnd=sql_result($result,$is,"TimeStampEnd");
43 $EventStart = GMTimeChange("M. j Y",$EventStart,null);
44 $EventEnd = GMTimeChange("M. j Y",$EventEnd,null);
46 $_SESSION['ViewingPage'] = url_maker(null,"no+ext","act=view&id=".$_GET['id'],"&","=",$prexqstr['event'],$exqstr['event']);
47 if($Settings['file_ext']!="no+ext"&&$Settings['file_ext']!="no ext") {
48 $_SESSION['ViewingFile'] = $exfile['event'].$Settings['file_ext']; }
49 if($Settings['file_ext']=="no+ext"||
$Settings['file_ext']=="no ext") {
50 $_SESSION['ViewingFile'] = $exfile['event']; }
51 $_SESSION['PreViewingTitle'] = "Viewing Event:";
52 $_SESSION['ViewingTitle'] = $EventName;
53 $requery = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."members\" WHERE \"id\"=%i LIMIT 1", array($EventUser));
54 $reresult=sql_query($requery,$SQLStat);
55 $renum=sql_num_rows($reresult);
56 if($renum<1) { $EventUser = -1;
57 $requery = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."members\" WHERE \"id\"=%i LIMIT 1", array($EventUser));
58 $reresult=sql_query($requery,$SQLStat);
59 $renum=sql_num_rows($reresult); }
62 $User1Name=sql_result($reresult,$rei,"Name");
63 $User1IP=sql_result($reresult,$rei,"IP");
64 if($User1IP==$EventIP) { $ipshow = "one"; }
65 $User1Email=sql_result($reresult,$rei,"Email");
66 $User1Title=sql_result($reresult,$rei,"Title");
67 $User1Joined=sql_result($reresult,$rei,"Joined");
68 $User1Joined=GMTimeChange("M j Y",$User1Joined,$_SESSION['UserTimeZone'],0,$_SESSION['UserDST']);
69 $User1GroupID=sql_result($reresult,$rei,"GroupID");
70 $gquery = sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."groups\" WHERE \"id\"=%i LIMIT 1", array($User1GroupID));
71 $gresult=sql_query($gquery,$SQLStat);
72 $User1Hidden=sql_result($reresult,$rei,"HiddenMember");
73 $User1Group=sql_result($gresult,0,"Name");
74 $User1CanDoHTML=sql_result($gresult,0,"CanDoHTML");
75 if($User1CanDoHTML!="yes"&&$User1CanDoHTML!="no") {
76 $User1CanDoHTML = "no"; }
77 $User1CanUseBBags=sql_result($gresult,0,"CanUseBBags");
78 if($User1CanUseBBags!="yes"&&$User1CanUseBBags!="no") {
79 $User1CanUseBBags = "no"; }
80 $GroupNamePrefix=sql_result($gresult,0,"NamePrefix");
81 $GroupNameSuffix=sql_result($gresult,0,"NameSuffix");
82 sql_free_result($gresult);
83 if($User1Title=="") { $User1Title = $User1Group; }
84 $User1Signature=sql_result($reresult,$rei,"Signature");
85 $User1Signature = preg_replace("/\<br\>/", "<br />", nl2br($User1Signature));
86 $User1Avatar=sql_result($reresult,$rei,"Avatar");
87 $User1AvatarSize=sql_result($reresult,$rei,"AvatarSize");
88 if ($User1Avatar=="http://"||
$User1Avatar==null||
89 strtolower($User1Avatar)=="noavatar") {
90 $User1Avatar=$ThemeSet['NoAvatar'];
91 $User1AvatarSize=$ThemeSet['NoAvatarSize']; }
92 $AvatarSize1=explode("x", $User1AvatarSize);
93 $AvatarSize1W=$AvatarSize1[0]; $AvatarSize1H=$AvatarSize1[1];
94 $User1Website=sql_result($reresult,$rei,"Website");
95 $User1Website = urlcheck($User1Website);
96 $BoardWWWChCk = parse_url($Settings['idburl']);
97 $User1WWWChCk = parse_url($User1Website);
98 $opennew = " onclick=\"window.open(this.href);return false;\"";
99 if($BoardWWWChCk['host']==$User1WWWChCk['host']) {
101 $User1PostCount=sql_result($reresult,$rei,"PostCount");
102 $User1IP=sql_result($reresult,$rei,"IP");
103 sql_free_result($reresult);
104 ++
$is; } sql_free_result($result);
105 if($User1Name=="Guest") { $User1Name=$EventGuest;
106 if($User1Name==null) { $User1Name="Guest"; } }
107 if(isset($GroupNamePrefix)&&$GroupNamePrefix!=null) {
108 $User1Name = $GroupNamePrefix.$User1Name; }
109 if(isset($GroupNameSuffix)&&$GroupNameSuffix!=null) {
110 $User1Name = $User1Name.$GroupNameSuffix; }
111 $EventText = url2link($EventText);
112 $EventText = text2icons($EventText,$Settings['sqltable'],$SQLStat);
113 if($User1CanUseBBags=="yes") { $EventText = bbcode_parser($EventText); }
114 if($User1CanDoHTML=="yes") { $EventText = do_html_bbcode($EventText); }
115 $User1Signature = preg_replace("/\<br\>/", "<br />", nl2br($User1Signature));
116 $User1Signature = url2link($User1Signature);
117 $User1Signature = text2icons($User1Signature,$Settings['sqltable'],$SQLStat);
118 if($User1CanUseBBags=="yes") { $User1Signature = bbcode_parser($User1Signature); }
119 if($User1CanDoHTML=="yes") { $User1Signature = do_html_bbcode($User1Signature); }
121 <div
class="TableInfo1Border">
122 <?php
if($ThemeSet['TableStyle']=="div") { ?
>
123 <div
class="TableInfoRow1">
124 <span style
="font-weight: bold; text-align: left;"><?php
echo $ThemeSet['TitleIcon']; ?
><a href
="<?php echo url_maker($exfile['event'],$Settings['file_ext'],"act
=view
&id
=".$_GET['id'],$Settings['qstr'],$Settings['qsep'],$prexqstr['event'],$exqstr['event']); ?>"><?php
echo $EventName; ?
></a
></span
></div
>
126 <table
class="TableInfo1">
127 <?php
if($ThemeSet['TableStyle']=="table") { ?
>
128 <tr
class="TableInfoRow1">
129 <td
class="TableInfoColumn1" colspan
="2"><span style
="font-weight: bold; text-align: left;"><?php
echo $ThemeSet['TitleIcon']; ?
><a href
="<?php echo url_maker($exfile['event'],$Settings['file_ext'],"act
=view
&id
=".$_GET['id'],$Settings['qstr'],$Settings['qsep'],$prexqstr['event'],$exqstr['event']); ?>"><?php
echo $EventName; ?
></a
></span
>
132 <tr
class="TableInfoRow2">
133 <td
class="TableInfoColumn2" style
="vertical-align: middle; width: 160px;">
135 if($User1ID>0&&$User1Hidden=="no") {
137 echo url_maker($exfile['member'],$Settings['file_ext'],"act=view&id=".$User1ID,$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']);
138 echo "\">".$User1Name."</a>"; }
139 if($User1ID<=0||
$User1Hidden=="yes") {
140 echo "<span>".$User1Name."</span>"; }
142 <td
class="TableInfoColumn2" style
="vertical-align: middle;">
143 <div style
="float: left; text-align: left;">
144 <span style
="font-weight: bold;">Event Start
: </span
><?php
echo $EventStart; ?
><?php
echo $ThemeSet['LineDividerTopic']; ?
><span style
="font-weight: bold;">Event End
: </span
><?php
echo $EventEnd; ?
>
146 <div style
="text-align: right;"> 
;</div
>
149 <tr
class="TableInfoRow3">
150 <td
class="TableInfoColumn3" style
="vertical-align: top; width: 180px;">
151 <?php
// Avatar Table Thanks For SeanJ's Help at http://seanj.jcink.com/
153 <table
class="AvatarTable" style
="width: 100px; height: 100px; text-align: center;">
154 <tr
class="AvatarRow" style
="width: 100%; height: 100%;">
155 <td
class="AvatarRow" style
="width: 100%; height: 100%; text-align: center; vertical-align: middle;">
156 <img src
="<?php echo $User1Avatar; ?>" alt
="<?php echo $User1Name; ?>'s Avatar" title
="<?php echo $User1Name; ?>'s Avatar" style
="border: 0px; width: <?php echo $AvatarSize1W; ?>px; height: <?php echo $AvatarSize1H; ?>px;" />
160 <?php
echo $User1Title; ?
><br
/>
161 Group
: <?php
echo $User1Group; ?
><br
/>
163 if($User1ID>0&&$User1Hidden=="no") { echo $User1ID; }
164 if($User1ID<=0||
$User1Hidden=="yes") { echo 0; }
166 Posts
: <?php
echo $User1PostCount; ?
><br
/>
167 Joined
: <?php
echo $User1Joined; ?
><br
/>
168 <?php
if($GroupInfo['HasAdminCP']=="yes") { ?
>
169 User IP
: <a onclick
="window.open(this.href);return false;" href
="<?php echo sprintf($IPCheckURL,$User1IP); ?>">
170 <?php
echo $User1IP; ?
></a
><br
/>
171 <?php
if($ipshow=="two") { ?
>
172 Event IP
: <a onclick
="window.open(this.href);return false;" href
="<?php echo sprintf($IPCheckURL,$EventIP); ?>">
173 <?php
echo $EventIP; ?
></a
><br
/>
176 <td
class="TableInfoColumn3" style
="vertical-align: middle;">
177 <div
class="eventpost"><?php
echo $EventText; ?
></div
>
178 <?php
if(isset($User1Signature)&&$User1Signature!="") { ?
> <br
/>--------------------
179 <div
class="signature"><?php
echo $User1Signature; ?
></div
><?php
} ?
>
182 <tr
class="TableInfoRow4">
183 <td
class="TableInfoColumn4" colspan
="2">
184 <span style
="text-align: left;"> 
;<a href
="<?php
185 if($User1ID>0&&$User1Hidden=="no
"&&isset($ThemeSet['Profile'])&&$ThemeSet['Profile']!=null) {
186 echo url_maker($exfile['member'],$Settings['file_ext'],"act
=view
&id
=".$User1ID,$Settings['qstr'],$Settings['qsep'],$prexqstr['member'],$exqstr['member']); }
187 if(($User1ID<=0||$User1Hidden=="yes
")&&isset($ThemeSet['Profile'])&&$ThemeSet['Profile']!=null) {
188 echo url_maker($exfile['index'],$Settings['file_ext'],"act
=view
",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); }
189 ?>"><?php
echo $ThemeSet['Profile']; ?
></a
>
190 <?php
if(isset($ThemeSet['WWW'])&&$ThemeSet['WWW']!=null) {
191 echo $ThemeSet['LineDividerTopic']; ?
><a href
="<?php echo $User1Website; ?>"<?php
echo $opennew; ?
>><?php
echo $ThemeSet['WWW']; ?
></a
><?php
} echo $ThemeSet['LineDividerTopic']; ?
><a href
="<?php
192 if($User1ID>0&&$User1Hidden=="no
"&&isset($ThemeSet['PM'])&&$ThemeSet['PM']!=null) {
193 echo url_maker($exfile['messenger'],$Settings['file_ext'],"act
=create
&id
=".$User1ID,$Settings['qstr'],$Settings['qsep'],$prexqstr['messenger'],$exqstr['messenger']); }
194 if(($User1ID<=0||$User1Hidden=="yes
")&&isset($ThemeSet['PM'])&&$ThemeSet['PM']!=null) {
195 echo url_maker($exfile['index'],$Settings['file_ext'],"act
=view
",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); }
196 ?>"><?php
echo $ThemeSet['PM']; ?
></a
></span
>
200 <?php
} if($_GET['act']=="create") {
201 if($GroupInfo['CanAddEvents']=="no") { redirect("location",$rbasedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false));
202 ob_clean(); header("Content-Type: text/plain; charset=".$Settings['charset']);
203 gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); }
204 $UFID = rand_uuid("rand");
205 $_SESSION['UserFormID'] = $UFID;
207 <div
class="NavLinks"><?php
echo $ThemeSet['NavLinkIcon']; ?
><a href
="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act
=view
",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">Board index
</a
><?php
echo $ThemeSet['NavLinkDivider']; ?
><a href
="<?php echo url_maker($exfile['event'],$Settings['file_ext'],"act
=create
",$Settings['qstr'],$Settings['qsep'],$prexqstr['event'],$exqstr['event']); ?>">Making a Event
</a
></div
>
208 <div
class="DivNavLinks"> 
;</div
>
209 <div
class="Table1Border">
210 <?php
if($ThemeSet['TableStyle']=="div") { ?
>
211 <div
class="TableRow1">
212 <span style
="text-align: left;">
213 <?php
echo $ThemeSet['TitleIcon']; ?
><a href
="<?php echo url_maker($exfile['calendar'],$Settings['file_ext'],"act
=view
",$Settings['qstr'],$Settings['qsep'],$prexqstr['calendar'],$exqstr['calendar']); ?>">Making a Event
</a
></span
></div
>
215 <table
class="Table1" id
="MakeEvent">
216 <?php
if($ThemeSet['TableStyle']=="table") { ?
>
217 <tr
class="TableRow1" id
="EventStart">
218 <td
class="TableColumn1" colspan
="2"><span style
="text-align: left;">
219 <?php
echo $ThemeSet['TitleIcon']; ?
><a href
="<?php echo url_maker($exfile['calendar'],$Settings['file_ext'],"act
=view
",$Settings['qstr'],$Settings['qsep'],$prexqstr['calendar'],$exqstr['calendar']); ?>">Making a Event
</a
></span
>
222 <tr id
="MakeEventRow" class="TableRow2">
223 <td
class="TableColumn2" colspan
="2" style
="width: 100%;">Making a Event
</td
>
225 <tr
class="TableRow3" id
="MkEvent">
226 <td
class="TableColumn3" style
="width: 15%; vertical-align: middle; text-align: center;">
227 <div style
="width: 100%; height: 160px; overflow: auto;">
228 <table style
="width: 100%; text-align: center;"><?php
229 $renee_query=sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."smileys\" WHERE \"Display\"='yes'", array(null));
230 $renee_result=sql_query($renee_query,$SQLStat);
231 $renee_num=sql_num_rows($renee_result);
232 $renee_s=0; $SmileRow=0; $SmileCRow=0;
233 while ($renee_s < $renee_num) { ++
$SmileRow;
234 $FileName=sql_result($renee_result,$renee_s,"FileName");
235 $SmileName=sql_result($renee_result,$renee_s,"SmileName");
236 $SmileText=sql_result($renee_result,$renee_s,"SmileText");
237 $SmileDirectory=sql_result($renee_result,$renee_s,"Directory");
238 $ShowSmile=sql_result($renee_result,$renee_s,"Display");
239 $ReplaceType=sql_result($renee_result,$renee_s,"ReplaceCI");
240 if($SmileRow==1) { ?
><tr
>
241 <?php
} if($SmileRow<5) { ++
$SmileCRow; ?
>
242 <td
><img src
="<?php echo $SmileDirectory."".$FileName; ?>" style
="vertical-align: middle; border: 0px; cursor: pointer;" title
="<?php echo $SmileName; ?>" alt
="<?php echo $SmileName; ?>" onclick
="addsmiley('EventText',' <?php echo htmlspecialchars($SmileText, ENT_QUOTES, $Settings['charset']); ?> ')" /></td
>
243 <?php
} if($SmileRow==5) { ++
$SmileCRow; ?
>
244 <td
><img src
="<?php echo $SmileDirectory."".$FileName; ?>" style
="vertical-align: middle; border: 0px; cursor: pointer;" title
="<?php echo $SmileName; ?>" alt
="<?php echo $SmileName; ?>" onclick
="addsmiley('EventText',' <?php echo htmlspecialchars($SmileText, ENT_QUOTES, $Settings['charset']); ?> ')" /></td
></tr
>
245 <?php
$SmileCRow=0; $SmileRow=0; }
247 if($SmileCRow<5&&$SmileCRow!=0) {
248 $SmileCRowL = 5 - $SmileCRow;
249 echo "<td colspan=\"".$SmileCRowL."\"> </td></tr>"; }
251 sql_free_result($renee_result);
253 <td
class="TableColumn3" style
="width: 85%;">
254 <form style
="display: inline;" method
="post" id
="MkEventForm" action
="<?php echo url_maker($exfile['event'],$Settings['file_ext'],"act
=makeevent
",$Settings['qstr'],$Settings['qsep'],$prexqstr['event'],$exqstr['event']); ?>">
255 <table style
="text-align: left;">
256 <tr style
="text-align: left;">
257 <td style
="width: 50%;"><label
class="TextBoxLabel" for="EventName">Insert Event Name
:</label
></td
>
258 <td style
="width: 50%;"><input maxlength
="30" type
="text" name
="EventName" class="TextBox" id
="EventName" size
="20" /></td
>
259 </tr
><?php
if($_SESSION['UserGroup']==$Settings['GuestGroup']) { ?
><tr style
="text-align: left;">
260 <td style
="width: 50%;"><label
class="TextBoxLabel" for="GuestName">Insert Guest Name
:</label
></td
>
261 <?php
if(!isset($_SESSION['GuestName'])) { ?
>
262 <td style
="width: 50%;"><input maxlength
="25" type
="text" name
="GuestName" class="TextBox" id
="GuestName" size
="20" /></td
>
263 <?php
} if(isset($_SESSION['GuestName'])) { ?
>
264 <td style
="width: 50%;"><input maxlength
="25" type
="text" name
="GuestName" class="TextBox" id
="GuestName" size
="20" value
="<?php echo $_SESSION['GuestName']; ?>" /></td
>
265 <?php
} ?
></tr
><?php
} ?
><tr style
="text-align: left;">
266 <td style
="width: 50%;"><label
class="TextBoxLabel" for="EventStart">Insert Event Start
:</label
></td
>
267 <td style
="width: 50%;"><input maxlength
="10" type
="text" name
="EventStart" class="TextBox" id
="EventStart" size
="20" value
="MM/DD/YYYY" /></td
>
268 </tr
><tr style
="text-align: left;">
269 <td style
="width: 50%;"><label
class="TextBoxLabel" for="EventEnd">Insert Event End
:</label
></td
>
270 <td style
="width: 50%;"><input maxlength
="10" type
="text" name
="EventEnd" class="TextBox" id
="EventEnd" size
="20" value
="MM/DD/YYYY" /></td
>
273 <table style
="text-align: left;">
274 <tr style
="text-align: left;">
275 <td style
="width: 100%;">
276 <label
class="TextBoxLabel" for="EventText">Insert Event Text
:</label
><br
/>
277 <textarea rows
="10" name
="EventText" id
="EventText" cols
="40" class="TextBox"></textarea
><br
/>
278 <?php
if($_SESSION['UserGroup']==$Settings['GuestGroup']&&$Settings['captcha_guest']=="on") { ?
>
279 <label
class="TextBoxLabel" for="signcode"><img src
="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act
=MkCaptcha
",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>" alt
="CAPTCHA Code" title
="CAPTCHA Code" /></label
><br
/>
280 <input maxlength
="25" type
="text" class="TextBox" name
="signcode" size
="20" id
="signcode" value
="Enter SignCode" /><br
/>
282 <input type
="hidden" name
="act" value
="makeevents" style
="display: none;" />
283 <input type
="hidden" style
="display: none;" name
="fid" value
="<?php echo $UFID; ?>" />
284 <?php
if($_SESSION['UserGroup']!=$Settings['GuestGroup']) { ?
>
285 <input type
="hidden" name
="GuestName" value
="null" style
="display: none;" />
287 <input type
="submit" class="Button" value
="Make Event" name
="make_event" />
288 <input type
="reset" value
="Reset Form" class="Button" name
="Reset_Form" />
291 <tr id
="MkEventEnd" class="TableRow4">
292 <td
class="TableColumn4" colspan
="2"> 
;</td
>
295 <?php
} if($_GET['act']=="makeevent"&&$_POST['act']=="makeevents") {
296 if($GroupInfo['CanAddEvents']=="no") { redirect("location",$rbasedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false));
297 ob_clean(); header("Content-Type: text/plain; charset=".$Settings['charset']);
298 gzip_page($Settings['use_gzip'],$GZipEncode['Type']); session_write_close(); die(); }
299 $MyUserID = $_SESSION['UserID']; if($MyUserID=="0"||
$MyUserID==null) { $MyUserID = -1; }
300 $_SESSION['ViewingPage'] = url_maker(null,"no+ext","act=view","&","=",$prexqstr['index'],$exqstr['index']);
301 if($Settings['file_ext']!="no+ext"&&$Settings['file_ext']!="no ext") {
302 $_SESSION['ViewingFile'] = $exfile['index'].$Settings['file_ext']; }
303 if($Settings['file_ext']=="no+ext"||
$Settings['file_ext']=="no ext") {
304 $_SESSION['ViewingFile'] = $exfile['index']; }
305 $_SESSION['PreViewingTitle'] = "Making";
306 $_SESSION['ViewingTitle'] = "Event";
307 $REFERERurl = parse_url($_SERVER['HTTP_REFERER']);
308 $URL['REFERER'] = $REFERERurl['host'];
309 $URL['HOST'] = $_SERVER["SERVER_NAME"];
311 if(!isset($_POST['EventName'])) { $_POST['EventName'] = null; }
312 if(!isset($_POST['EventStart'])) { $_POST['EventStart'] = null; }
313 if(!isset($_POST['EventEnd'])) { $_POST['EventEnd'] = null; }
314 if(!isset($_POST['EventText'])) { $_POST['EventText'] = null; }
315 if(!isset($_POST['GuestName'])) { $_POST['GuestName'] = null; }
316 $TimeIn = explode("/",$_POST['EventStart']);
317 $TimeOut = explode("/",$_POST['EventEnd']);
318 if($_SESSION['UserGroup']==$Settings['GuestGroup']&&
319 $Settings['captcha_guest']=="on") {
320 require($SettDir['inc']."captcha.php"); }
322 <div
class="Table1Border">
323 <?php
if($ThemeSet['TableStyle']=="div") { ?
>
324 <div
class="TableRow1">
325 <span style
="text-align: left;">
326 <?php
echo $ThemeSet['TitleIcon']; ?
><a href
="<?php echo url_maker($exfile['calendar'],$Settings['file_ext'],"act
=view
",$Settings['qstr'],$Settings['qsep'],$prexqstr['calendar'],$exqstr['calendar']); ?>">Making a Event
</a
></span
></div
>
328 <table
class="Table1">
329 <?php
if($ThemeSet['TableStyle']=="table") { ?
>
330 <tr
class="TableRow1">
331 <td
class="TableColumn1"><span style
="text-align: left;">
332 <?php
echo $ThemeSet['TitleIcon']; ?
><a href
="<?php echo url_maker($exfile['calendar'],$Settings['file_ext'],"act
=view
",$Settings['qstr'],$Settings['qsep'],$prexqstr['calendar'],$exqstr['calendar']); ?>">Making a Event
</a
></span
>
335 <tr
class="TableRow2">
336 <th
class="TableColumn2" style
="width: 100%; text-align: left;"> 
;Make Event Message
: </th
>
338 <tr
class="TableRow3">
339 <td
class="TableColumn3">
340 <table style
="width: 100%; height: 25%; text-align: center;">
341 <?php
if (pre_strlen($_POST['EventName'])>="30") { $Error="Yes"; ?
>
343 <td
><span
class="TableMessage">
344 <br
/>Your Event Name is too big
.<br
/>
347 <?php
} if($_POST['fid']!=$_SESSION['UserFormID']) { $Error="Yes"; ?
>
349 <td
><span
class="TableMessage">
350 <br
/>Sorry the referering url dose not match our host name
.<br
/>
353 <?php
} if($_SESSION['UserGroup']==$Settings['GuestGroup']&&
354 $Settings['captcha_guest']=="on") {
355 if (PhpCaptcha
::Validate($_POST['signcode'])) {
356 //echo 'Valid code entered';
357 } else { $Error="Yes"; ?
>
359 <td
><span
class="TableMessage">
360 <br
/>Invalid code entered
<br
/>
363 <?php
} } if (pre_strlen($TimeIn[0])<"2") { $Error="Yes"; ?
>
365 <td
><span
class="TableMessage">
366 <br
/>Event Start Month is too small
.<br
/>
369 <?php
} if (pre_strlen($TimeIn[0])>"2") { $Error="Yes"; ?
>
371 <td
><span
class="TableMessage">
372 <br
/>Event Start Month is too big
.<br
/>
375 <?php
} if (pre_strlen($TimeIn[1])<"2") { $Error="Yes"; ?
>
377 <td
><span
class="TableMessage">
378 <br
/>Event Start Day is too small
.<br
/>
381 <?php
} if (pre_strlen($TimeIn[1])>"2") { $Error="Yes"; ?
>
383 <td
><span
class="TableMessage">
384 <br
/>Event Start Day is too big
.<br
/>
387 <?php
} if (pre_strlen($TimeIn[2])<"4") { $Error="Yes"; ?
>
389 <td
><span
class="TableMessage">
390 <br
/>Event Start Year is too small
.<br
/>
393 <?php
} if (pre_strlen($TimeIn[2])>"4") { $Error="Yes"; ?
>
395 <td
><span
class="TableMessage">
396 <br
/>Event Start Year is too big
.<br
/>
399 <?php
} if (pre_strlen($TimeOut[0])<"2") { $Error="Yes"; ?
>
401 <td
><span
class="TableMessage">
402 <br
/>Event End Month is too small
.<br
/>
405 <?php
} if (pre_strlen($TimeOut[0])>"2") { $Error="Yes"; ?
>
407 <td
><span
class="TableMessage">
408 <br
/>Event End Month is too big
.<br
/>
411 <?php
} if (pre_strlen($TimeOut[1])<"2") { $Error="Yes"; ?
>
413 <td
><span
class="TableMessage">
414 <br
/>Event End Day is too small
.<br
/>
417 <?php
} if (pre_strlen($TimeOut[1])>"2") { $Error="Yes"; ?
>
419 <td
><span
class="TableMessage">
420 <br
/>Event End Day is too big
.<br
/>
423 <?php
} if (pre_strlen($TimeOut[2])<"4") { $Error="Yes"; ?
>
425 <td
><span
class="TableMessage">
426 <br
/>Event End Year is too small
.<br
/>
429 <?php
} if (pre_strlen($TimeOut[2])>"4") { $Error="Yes"; ?
>
431 <td
><span
class="TableMessage">
432 <br
/>Event End Year is too big
.<br
/>
435 <?php
} if (checkdate($TimeIn[0],$TimeIn[1],$TimeIn[2])===false) { $Error="Yes"; ?
>
437 <td
><span
class="TableMessage">
438 <br
/>Sorry the event start date is not valid
.<br
/>
441 <?php
} if (checkdate($TimeOut[0],$TimeOut[1],$TimeOut[2])===false) { $Error="Yes"; ?
>
443 <td
><span
class="TableMessage">
444 <br
/>Sorry the event end date is not valid
.<br
/>
447 <?php
} if($_SESSION['UserGroup']==$Settings['GuestGroup']&&
448 pre_strlen($_POST['GuestName'])>="25") { $Error="Yes"; ?
>
450 <td
><span
class="TableMessage">
451 <br
/>You Guest Name is too big
.<br
/>
454 <?php
} if ($Settings['TestReferer']===true) {
455 if ($URL['HOST']!=$URL['REFERER']) { $Error="Yes"; ?
>
457 <td
><span
class="TableMessage">
458 <br
/>Sorry the referering url dose not match our host name
.<br
/>
462 $_POST['EventName'] = stripcslashes(htmlspecialchars($_POST['EventName'], ENT_QUOTES
, $Settings['charset']));
463 //$_POST['EventName'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['EventName']);
464 $_POST['EventName'] = remove_spaces($_POST['EventName']);
465 $_POST['GuestName'] = stripcslashes(htmlspecialchars($_POST['GuestName'], ENT_QUOTES
, $Settings['charset']));
466 //$_POST['GuestName'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['GuestName']);
467 $_POST['GuestName'] = remove_spaces($_POST['GuestName']);
468 $_POST['EventText'] = stripcslashes(htmlspecialchars($_POST['EventText'], ENT_QUOTES
, $Settings['charset']));
469 //$_POST['EventText'] = preg_replace("/&#(x[a-f0-9]+|[0-9]+);/i", "&#$1;", $_POST['EventText']);
470 $_POST['EventText'] = remove_bad_entities($_POST['EventText']);
471 //$_POST['EventText'] = remove_spaces($_POST['EventText']);
472 if($_SESSION['UserGroup']==$Settings['GuestGroup']) {
473 if(isset($_POST['GuestName'])&&$_POST['GuestName']!=null) {
474 if($cookieDomain==null) {
475 setcookie("GuestName", $_POST['GuestName'], time() +
(7 * 86400), $cbasedir); }
476 if($cookieDomain!=null) {
477 if($cookieSecure===true) {
478 setcookie("GuestName", $_POST['GuestName'], time() +
(7 * 86400), $cbasedir, $cookieDomain, 1); }
479 if($cookieSecure===false) {
480 setcookie("GuestName", $_POST['GuestName'], time() +
(7 * 86400), $cbasedir, $cookieDomain); } }
481 $_SESSION['GuestName']=$_POST['GuestName']; } }
482 /* <_< iWordFilter >_>
483 by Kazuki Przyborowski - Cool Dude 2k */
484 $katarzynaqy=sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."wordfilter\"", array(null));
485 $katarzynart=sql_query($katarzynaqy,$SQLStat);
486 $katarzynanm=sql_num_rows($katarzynart);
488 while ($katarzynas < $katarzynanm) {
489 $Filter=sql_result($katarzynart,$katarzynas,"FilterWord");
490 $Replace=sql_result($katarzynart,$katarzynas,"Replacement");
491 $CaseInsensitive=sql_result($katarzynart,$katarzynas,"CaseInsensitive");
492 if($CaseInsensitive=="on") { $CaseInsensitive = "yes"; }
493 if($CaseInsensitive=="off") { $CaseInsensitive = "no"; }
494 if($CaseInsensitive!="yes"||
$CaseInsensitive!="no") { $CaseInsensitive = "no"; }
495 $WholeWord=sql_result($katarzynart,$katarzynas,"WholeWord");
496 if($WholeWord=="on") { $WholeWord = "yes"; }
497 if($WholeWord=="off") { $WholeWord = "no"; }
498 if($WholeWord!="yes"&&$WholeWord!="no") { $WholeWord = "no"; }
499 $Filter = preg_quote($Filter, "/");
500 if($CaseInsensitive!="yes"&&$WholeWord=="yes") {
501 $_POST['EventText'] = preg_replace("/\b(".$Filter.")\b/", $Replace, $_POST['EventText']); }
502 if($CaseInsensitive=="yes"&&$WholeWord=="yes") {
503 $_POST['EventText'] = preg_replace("/\b(".$Filter.")\b/i", $Replace, $_POST['EventText']); }
504 if($CaseInsensitive!="yes"&&$WholeWord!="yes") {
505 $_POST['EventText'] = preg_replace("/".$Filter."/", $Replace, $_POST['EventText']); }
506 if($CaseInsensitive=="yes"&&$WholeWord!="yes") {
507 $_POST['EventText'] = preg_replace("/".$Filter."/i", $Replace, $_POST['EventText']); }
508 ++
$katarzynas; } sql_free_result($katarzynart);
509 $lonewolfqy=sql_pre_query("SELECT * FROM \"".$Settings['sqltable']."restrictedwords\" WHERE \"RestrictedEventName\"='yes' or \"RestrictedUserName\"='yes'", array(null));
510 $lonewolfrt=sql_query($lonewolfqy,$SQLStat);
511 $lonewolfnm=sql_num_rows($lonewolfrt);
512 $lonewolfs=0; $RMatches = null; $RGMatches = null;
513 while ($lonewolfs < $lonewolfnm) {
514 $RWord=sql_result($lonewolfrt,$lonewolfs,"Word");
515 $RCaseInsensitive=sql_result($lonewolfrt,$lonewolfs,"CaseInsensitive");
516 if($RCaseInsensitive=="on") { $RCaseInsensitive = "yes"; }
517 if($RCaseInsensitive=="off") { $RCaseInsensitive = "no"; }
518 if($RCaseInsensitive!="yes"||
$RCaseInsensitive!="no") { $RCaseInsensitive = "no"; }
519 $RWholeWord=sql_result($lonewolfrt,$lonewolfs,"WholeWord");
520 if($RWholeWord=="on") { $RWholeWord = "yes"; }
521 if($RWholeWord=="off") { $RWholeWord = "no"; }
522 if($RWholeWord!="yes"||
$RWholeWord!="no") { $RWholeWord = "no"; }
523 $RestrictedEventName=sql_result($lonewolfrt,$lonewolfs,"RestrictedEventName");
524 if($RestrictedEventName=="on") { $RestrictedEventName = "yes"; }
525 if($RestrictedEventName=="off") { $RestrictedEventName = "no"; }
526 if($RestrictedEventName!="yes"||
$RestrictedEventName!="no") { $RestrictedEventName = "no"; }
527 $RestrictedUserName=sql_result($lonewolfrt,$lonewolfs,"RestrictedUserName");
528 if($RestrictedUserName=="on") { $RestrictedUserName = "yes"; }
529 if($RestrictedUserName=="off") { $RestrictedUserName = "no"; }
530 if($RestrictedUserName!="yes"||
$RestrictedUserName!="no") { $RestrictedUserName = "no"; }
531 $RWord = preg_quote($RWord, "/");
532 if($RCaseInsensitive!="yes"&&$RWholeWord=="yes") {
533 if($RestrictedEventName=="yes") {
534 $RMatches = preg_match("/\b(".$RWord.")\b/", $_POST['EventName']);
535 if($RMatches==true) { break 1; } }
536 if($RestrictedUserName=="yes") {
537 $RGMatches = preg_match("/\b(".$RWord.")\b/", $_POST['GuestName']);
538 if($RGMatches==true) { break 1; } } }
539 if($RCaseInsensitive=="yes"&&$RWholeWord=="yes") {
540 if($RestrictedEventName=="yes") {
541 $RMatches = preg_match("/\b(".$RWord.")\b/i", $_POST['EventName']);
542 if($RMatches==true) { break 1; } }
543 if($RestrictedUserName=="yes") {
544 $RGMatches = preg_match("/\b(".$RWord.")\b/i", $_POST['GuestName']);
545 if($RGMatches==true) { break 1; } } }
546 if($RCaseInsensitive!="yes"&&$RWholeWord!="yes") {
547 if($RestrictedEventName=="yes") {
548 $RMatches = preg_match("/".$RWord."/", $_POST['EventName']);
549 if($RMatches==true) { break 1; } }
550 if($RestrictedUserName=="yes") {
551 $RGMatches = preg_match("/".$RWord."/", $_POST['GuestName']);
552 if($RGMatches==true) { break 1; } } }
553 if($RCaseInsensitive=="yes"&&$RWholeWord!="yes") {
554 if($RestrictedEventName=="yes") {
555 $RMatches = preg_match("/".$RWord."/i", $_POST['EventName']);
556 if($RMatches==true) { break 1; } }
557 if($RestrictedUserName=="yes") {
558 $RGMatches = preg_match("/".$RWord."/i", $_POST['GuestName']);
559 if($RGMatches==true) { break 1; } } }
560 ++
$lonewolfs; } sql_free_result($lonewolfrt);
561 if ($_POST['EventName']==null) { $Error="Yes"; ?
>
563 <td
><span
class="TableMessage">
564 <br
/>You need to enter a Event Name
.<br
/>
567 <?php
} if ($_POST['EventText']==null) { $Error="Yes"; ?
>
569 <td
><span
class="TableMessage">
570 <br
/>You need to enter a Event Text
.<br
/>
573 <?php
} if ($_POST['EventStart']==null) { $Error="Yes"; ?
>
575 <td
><span
class="TableMessage">
576 <br
/>You need to enter date
for event to start in MM
/DD
/YYYY format
.<br
/>
579 <?php
} if ($_POST['EventEnd']==null) { $Error="Yes"; ?
>
581 <td
><span
class="TableMessage">
582 <br
/>You need to enter date
for event to end in MM
/DD
/YYYY format
.<br
/>
585 <?php
} if (count($TimeIn)!="3") { $Error="Yes"; ?
>
587 <td
><span
class="TableMessage">
588 <br
/>You need to enter valid date
for event to start in MM
/DD
/YYYY format
.<br
/>
591 <?php
} if (count($TimeOut)!="3") { $Error="Yes"; ?
>
593 <td
><span
class="TableMessage">
594 <br
/>You need to enter valid date
for event to end in MM
/DD
/YYYY format
.<br
/>
597 <?php
} if (!is_numeric($TimeIn[0])||
!is_numeric($TimeIn[1])||
!is_numeric($TimeIn[2])) { $Error="Yes"; ?
>
599 <td
><span
class="TableMessage">
600 <br
/>You need to enter valid date
for event to start in MM
/DD
/YYYY format
.<br
/>
603 <?php
} if (!is_numeric($TimeOut[0])||
!is_numeric($TimeOut[1])||
!is_numeric($TimeOut[2])) { $Error="Yes"; ?
>
605 <td
><span
class="TableMessage">
606 <br
/>You need to enter valid date
for event to end in MM
/DD
/YYYY format
.<br
/>
609 <?php
} if (!isset($TimeIn[0])||
!isset($TimeIn[1])||
!isset($TimeIn[2])) { $Error="Yes"; ?
>
611 <td
><span
class="TableMessage">
612 <br
/>You need to enter valid date
for event to start in MM
/DD
/YYYY format
.<br
/>
615 <?php
} if (!isset($TimeOut[0])||
!isset($TimeOut[1])||
!isset($TimeOut[2])) { $Error="Yes"; ?
>
617 <td
><span
class="TableMessage">
618 <br
/>You need to enter valid date
for event to end in MM
/DD
/YYYY format
.<br
/>
621 <?php
} if($_SESSION['UserGroup']==$Settings['GuestGroup']&&
622 $_POST['GuestName']==null) { $Error="Yes"; ?
>
624 <td
><span
class="TableMessage">
625 <br
/>You need to enter a Guest Name
.<br
/>
628 <?php
} if($_SESSION['UserGroup']==$Settings['GuestGroup']&&
629 $RGMatches==true) { $Error="Yes"; ?
>
631 <td
><span
class="TableMessage">
632 <br
/>This Guest Name is restricted to
use.<br
/>
635 <?php
} if($GroupInfo['CanAddEvents']=="no") { $Error="Yes"; ?
>
637 <td
><span
class="TableMessage">
638 <br
/>You
do not have permission to make a event here
.<br
/>
641 <?php
} if($RMatches==true) { $Error="Yes"; ?
>
643 <td
><span
class="TableMessage">
644 <br
/>This User Name is restricted to
use.<br
/>
647 <?php
} if ($Error=="Yes") {
648 redirect("refresh",$rbasedir.url_maker($exfile['index'],$Settings['file_ext'],"act=view",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index'],false),"4"); ?
>
650 <td
><span
class="TableMessage">
651 <br
/>Click
<a href
="<?php echo url_maker($exfile['index'],$Settings['file_ext'],"act
=view
",$Settings['qstr'],$Settings['qsep'],$prexqstr['index'],$exqstr['index']); ?>">here
</a
> to
goto index page
.<br
/> 
;
654 <?php
} if ($Error!="Yes") {
655 $TimeSIn = mktime(0,0,0,$TimeIn[0],$TimeIn[1],$TimeIn[2]);
656 $TimeSOut = mktime(23,59,59,$TimeOut[0],$TimeOut[1],$TimeOut[2]);
657 $EventMonth=GMTimeChange("m",$TimeSIn,0,0,"off");
658 $EventMonthEnd=GMTimeChange("m",$TimeSOut,0,0,"off");
659 $EventDay=GMTimeChange("d",$TimeSIn,0,0,"off");
660 $EventDayEnd=GMTimeChange("d",$TimeSOut,0,0,"off");
661 $EventYear=GMTimeChange("Y",$TimeSIn,0,0,"off");
662 $EventYearEnd=GMTimeChange("Y",$TimeSOut,0,0,"off");
664 $User1IP=$_SERVER['REMOTE_ADDR'];
665 if($_SESSION['UserGroup']==$Settings['GuestGroup']) { $User1Name = $_POST['GuestName']; }
666 if($_SESSION['UserGroup']!=$Settings['GuestGroup']) { $User1Name = $_SESSION['MemberName']; }
667 $query = sql_pre_query("INSERT INTO ".$Settings['sqltable']."events (\"UserID\", \"GuestName\", \"EventName\", \"EventText\", \"TimeStamp\", \"TimeStampEnd\", \"EventMonth\", \"EventMonthEnd\", \"EventDay\", \"EventDayEnd\", \"EventYear\", \"EventYearEnd\", \"IP\") VALUES\n".
668 "(%i, '%s', '%s', '%s', %i, %i, %i, %i, %i, %i, %i, %i, '%s')", array($User1ID,$User1Name,$_POST['EventName'],$_POST['EventText'],$TimeSIn,$TimeSOut,$EventMonth,$EventMonthEnd,$EventDay,$EventDayEnd,$EventYear,$EventYearEnd,$User1IP));
669 sql_query($query,$SQLStat);
670 $eventid = sql_get_next_id($Settings['sqltable'],"events",$SQLStat);
671 redirect("refresh",$rbasedir.url_maker($exfile['event'],$Settings['file_ext'],"act=event&id=".$eventid,$Settings['qstr'],$Settings['qsep'],$prexqstr['event'],$exqstr['event'],FALSE),"3");
673 <td
><span
class="TableMessage"><br
/>
674 Event
<?php
echo $_POST['EventName']; ?
> was started
.<br
/>
675 Click
<a href
="<?php echo url_maker($exfile['event'],$Settings['file_ext'],"act
=event
&id
=".$eventid,$Settings['qstr'],$Settings['qsep'],$prexqstr['event'],$exqstr['event']); ?>">here
</a
> to
continue to event
.<br
/> 
;
681 <tr
class="TableRow4">
682 <td
class="TableColumn4"> 
;</td
>
686 <div
class="DivEvents"> 
;</div
>
