Location: PHPKode > projects > ARBS > arbs-1.5.1.78/admin.php
<?php
/*
 * ARBS - Advanced Resource Booking System
 * Copyright (C) 2005-2007 ITMC der TU Dortmund
 * Based on MRBS by Daniel Gardner <http://mrbs.sourceforge.net/>
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 51 Franklin Street, Fifth Floor,
 * Boston, MA 02110-1301, USA.
 */

include_once("glob_inc.inc.php");

//fake register globals, its save in the admin-only section
foreach($_GET as $key=>$val){
	$$key=$val;
}

if(!getAuthorised(getUserName(), getUserPassword(), 1)){
	showAccessDenied($day, $month, $year, $area);
	exit;
}
else{
	//hier saven/�ndern
	$area_error="";
	$category_error="";
	if(isset($submit)){
		if($edit_type=="period"){
			if(strlen($title)==0)
			$pid_error=_("Please enter an description.");

			if(strlen($pid_error)==0){
				if($pid==0){
					$kl = "id,title,startdate,enddate";
					$startDate = mktime(0,0,0,$startmonth,$startday,$startyear);
					$endDate = mktime(0,0,0,$endmonth,$endday,$endyear);
					$vl = "'','$title','$startDate','$endDate'";
					$sql = "INSERT INTO mrbs_periods ($kl) VALUES ($vl)";
				}
				else{
					$startDate = mktime(0,0,0,$startmonth,$startday,$startyear);
					$endDate = mktime(0,0,0,$endmonth,$endday,$endyear);
					$sql ="update mrbs_periods set title='$title',startdate='$startDate',endDate='$endDate' where id='$pid'";
				}
				if(strlen($sql)>0){
					$res = sql_query($sql);
					if(!$res)
					fatal_error(1, sql_error()."<br>".$sql);
				}
				if($pid==0)
				$pid=mysql_insert_id();
			}
		}
		if($edit_type=="area"){
			if(strlen($area_name)==0)
			$area_error=_("Please enter a name.");

			if(strlen($area_error)==0){
				if($area==0){
					$kl = "id,area_name";
					$vl = "'','$area_name'";
					$sql = "INSERT INTO mrbs_area ($kl) VALUES ($vl)";
				}
				else{
					$sql ="update mrbs_area set area_name='$area_name' where id='$area'";
				}
				if(strlen($sql)>0){
					$res = sql_query($sql);
					if(! $res) fatal_error(1, sql_error()."<br>".$sql);
				}
				if($area==0)
				$area =mysql_insert_id();
			}
		}
		if($edit_type=="category"){
			if(strlen($category_name)==0)
			$category_error=_("Please enter a name.");

			if(strlen($category_error)==0){
				if($category==0){
					$kl = "id,name,area_id";
					$vl = "'','$category_name','$area'";
					$sql = "INSERT INTO mrbs_category ($kl) VALUES ($vl)";
				}
				else{
					$sql ="update mrbs_category set name='$category_name' where id='$category'";
					//set multicat database
					sql_query("DELETE FROM mrbs_multicat WHERE CID=$category");
					$n=0;
					foreach($multicat as $d){
						if(substr($d,0,1)=="x"){
							$d=substr($d,1);
							$isextra=1;
						}
						else
						$isextra=0;
						sql_query("INSERT INTO mrbs_multicat VALUES($category,$d,$n,$isextra)");
						$n++;
					}

				}
				if(strlen($sql)>0){
					$res = sql_query($sql);
					if(!$res)
					fatal_error(1, sql_error()."<br>".$sql);
				}
				if($category==0)
				$category =mysql_insert_id();
			}
		}
		if($edit_type=="room"){
			if(strlen($room_name)==0)
			$room_error=_("Please enter a name.");
			if(strlen($room_error)==0){
				if($room==0){
					$kl = "id,room_name,area_id,capacity,description,comment,limit_hour,limit_day,limit_week,infotext,infourl,adminmail,hidden";
					$vl = "'','$room_name','$area','$capacity','$description','$comment','$limit_hour','$limit_day','$limit_week','$infotext','$infourl','$adminmail','$hidden'";
					$sql = "INSERT INTO mrbs_room ($kl) VALUES ($vl)";
				}
				else{
					//check if capacity has been lowered. if true, check if some appointments can no longer be satisfied
					$res=sql_query("SELECT capacity FROM mrbs_room WHERE id=$room");
					$zeile=mysql_fetch_row($res);
					$oldcapacity=$zeile[0];
					//it *has* been lowered, so perform check
					if($oldcapacity>$capacity){
						global $ret;
						//function fills global array 'ret' with ID's of entrys to be notified and deleted
						$ret=array();
						$ex="1";
						function checkTimeslot($start,$end,$room,$slots){
							global $ret,$ex;

							printf(_("Checking %s to %s:"),date("d.m.y H:i",$start),date("d.m.y H:i",$end));
							$res=sql_query("SELECT id,start_time,end_time,(end_time-start_time)as sorta FROM mrbs_entry WHERE $ex AND room_id=$room AND ((start_time<$start AND end_time>$end) OR (0 AND start_time>$start AND start_time< $end) OR (0 AND end_time >$start AND end_time <$end)) ORDER BY start_time,sorta LIMIT 0,1");
							printf(_("%d hits, %d slots free"), mysql_num_rows($res), $slots);
							echo "<br />";
							//no more entrys in this timeslot ?
							if(mysql_num_rows($res)==0){
								return;
							}
							//no avaible slots free? push id and check for other entrys in this timeslot
							$zeile=mysql_fetch_row($res);
							$ex.=" AND ID!=".$zeile[0];
							if($slots==0){
								$ret[]=$zeile[0];
								checkTimeslot($start,$end,$room,0);
								return;
							}
							//still slots left
							#			checkTimeslot($start>$zeile[1]?$start:$zeile[1],$end<$zeile[2]?$end:$zeile[2],$room,($slots-1));
							checkTimeslot($start,max($start,$zeile[1]),$room,($slots-1));
							checkTimeslot(max($start,$zeile[1]),min($end,$zeile[2]),$room,($slots-1));
							checkTimeslot(min($end,$zeile[2]),$end,$room,($slots-1));


						}
						//in the beginning, full timeslot range begining at current date
						$so=time();
						$eo=sql_query1("SELECT MAX(end_time) FROM mrbs_entry WHERE room_id=$room LIMIT 0,1");

						$ex="1";						#checkTimeslot($so,$eo,$room,$capacity);
						for($start=$so;$start<$eo;$start+=$resolution){
							$end=$start+$resolution;
							$e2=$start+24*3600;
							//to make the check faster, see if there are more then $capacity bookings in the next 24 hours
							$res=sql_query("SELECT count(ID) FROM mrbs_entry WHERE $ex AND room_id=$room AND ((start_time<$start AND end_time>$e2) OR (start_time>$start AND start_time< $e2) OR (end_time >$start AND end_time <$e2))");

							$zeile=mysql_fetch_row($res);
							if($zeile[0]<$capacity){
								$start+=24*3600;
							}
							else{
								$res=sql_query("SELECT ID FROM mrbs_entry WHERE $ex AND room_id=$room AND ((start_time<$start AND end_time>$end) OR (start_time>$start AND start_time< $end) OR (end_time >$start AND end_time <$end)) LIMIT $capacity,$oldcapacity");
								while($zeile=mysql_fetch_row($res)){
									$ret[]=$zeile[0];
								}
							}
						}
						$ret=array_unique($ret);

						if(count($ret)>0){
							echo "<b>";
							echo _("The capacity was reduced. Please check the entries with the following IDs because they're causing conflicts with the reduced capacity.");
							echo "</b><br />";
							foreach($ret as $val){
								$res=sql_query("SELECT start_time,end_time,title FROM mrbs_entry WHERE id=$val");
								$zeile=mysql_fetch_row($res);
								echo "<a href=view_entry.php?id=$val target=_blank>",$val,"</a> ";
								printf(_("%s to %s"), date("d.m.y H:i",$zeile[0]), date("d.m.y H:i",$zeile[1]));
								echo " ", $zeile[2], "<br>";
							}
						}
					}
					//end of capacity check

					$sql ="update mrbs_room set room_name='$room_name',area_id='$area',capacity='$capacity',description='$description',comment='$comment',limit_hour='$limit_hour',limit_day='$limit_day',limit_week='$limit_week',infourl='$infourl',infotext='$infotext',adminmail='$adminmail',hidden='$hidden' where id='$room'";
				}
				if(strlen($sql)>0){
					$res = sql_query($sql);
					if(!$res)
					fatal_error(1, sql_error()."<br>".$sql);
				}
				if($room==0){
					$room =mysql_insert_id();
					sql_query("INSERT INTO mrbs_multicat(CID,RID) VALUES($category,$room)");
				}
			}
		}
		if($edit_type=="type"){
			//Status updaten
			if($filter=="series"){
				$repID = sql_query1("select repeat_id from mrbs_entry where id='$changeid'");
				$oldType = sql_query1("select type from mrbs_repeat where id='$repID'");
				$email = sql_query1("select advisor_email from mrbs_entry where id='$changeid'");

				$sql = "update mrbs_entry set type='$changetype' where repeat_id='$repID'";
				$res = sql_query($sql);
				if(! $res)
				fatal_error(1, sql_error()."<br>".$sql);
				$sql = "update mrbs_repeat set type='$changetype' where id='$repID'";
				$res = sql_query($sql);
				if(! $res)
				fatal_error(1, sql_error()."<br>".$sql);
			}
			else{
				$repID=0;
				$oldType = sql_query1("select type from mrbs_entry where id='$changeid'");
				$email = sql_query1("select advisor_email from mrbs_entry where id='$changeid'");
				//see if we got an series or single booking
				$repid=sql_query1("select repeat_id from mrbs_entry where id='$changeid'");
				if($repid==0){
					$sql = "update mrbs_entry set type='$changetype' where id='$changeid'";
				}
				else{
					$sql = "update mrbs_entry set type='$changetype' where repeat_id='$repid'";
				}
				$res = sql_query($sql);
				if(! $res)
				fatal_error(1, sql_error()."<br>".$sql);
			}
			if($sendmail_user_on_update&&strlen($email)>0 && $email != -1){
				//get Mail-Template
				$text = getMailTemplate("type",$changetype);
				$pText = mailParseText($text,$changeid);
				if (strlen($pText)>0){
					mailto($email,$mrbs_robot_email,getSubject($pText),removeSubject($pText));
				}
			}

		}
	}
	if(isset($del_type)){
		if($del_type=="period"){
			$sql = "delete from mrbs_periods where id='$pid'";
			//unset pid, otherwise we get "unknown pid" message below for its deleted already
			unset($pid);
			$res = sql_query($sql);
			if(! $res)
			fatal_error(1, sql_error()."<br>".$sql);
		}
		if($del_type=="area"){
			//entries
			$sql = "select id from mrbs_room where area_id=$area order by room_name";
			$res1 = sql_query($sql);
			if($res1){
				for ($i = 0; ($row = sql_row($res1, $i)); $i++){
					$sql = "delete from mrbs_entry where room_id='".$row[0]."'";
					$res = sql_query($sql);
					if(! $res)
					fatal_error(1, sql_error()."<br>".$sql);
					$sql = "delete from mrbs_repeat where room_id='".$row[0]."'";
					$res = sql_query($sql);
					if(! $res)
					fatal_error(1, sql_error()."<br>".$sql);
				}
			}
			//rooms
			$sql = "delete from mrbs_room where area_id='$area'";
			$res = sql_query($sql);
			if(! $res)
			fatal_error(1, sql_error()."<br>".$sql);
			//cat
			$sql = "delete from mrbs_category where area_id='$area'";
			$res = sql_query($sql);
			if(! $res)
			fatal_error(1, sql_error()."<br>".$sql);
			//area
			$sql = "delete from mrbs_area where id='$area'";
			unset($area);
		}
		if($del_type=="category"){
			//entries
			$sql = "select r.id from mrbs_room AS r LEFT JOIN mrbs_multicat AS m on r.ID=m.RID where m.CID='$category'";
			$res1 = sql_query($sql);
			if($res1){
				for ($i = 0; ($row = sql_row($res1, $i)); $i++){
					$sql = "delete from mrbs_entry where room_id='".$row[0]."'";
					$res = sql_query($sql);
					if(! $res)
					fatal_error(1, sql_error()."<br>".$sql);
					$sql = "delete from mrbs_repeat where room_id='".$row[0]."'";
					$res = sql_query($sql);
					if(! $res)
					fatal_error(1, sql_error()."<br>".$sql);
					$res=sql_query("DELETE FROM mrbs_room WHERE id='".$row[0]."'");
				}
			}
			//cats
			$sql = "delete from mrbs_category where id='$category'";
			unset($category);
		}
		if($del_type=="room"){
			$sql = "delete from mrbs_entry where room_id='$room'";
			$res = sql_query($sql);
			if(! $res)
			fatal_error(1, sql_error()."<br>".$sql);
			$sql = "delete from mrbs_repeat where room_id='$room'";
			$res = sql_query($sql);
			if(! $res)
			fatal_error(1, sql_error()."<br>".$sql);
			$sql = "delete from mrbs_room where id='$room'";
			unset($room);
		}
		//if there is an sql query defined, execute it now
		if(strlen($sql)>0){
			$res = sql_query($sql);
			if(! $res)
			fatal_error(1, sql_error()."<br>".$sql);
		}
	}
	# STRIPPED ONE LINE INDENT. folloing code is still member of the else-part of:
	# !getAuthorised(getUserName(), getUserPassword(), 1)
	#(ie you can still asume the user is logged in as admin)


	if(!getWritable($create_by, getUserName())){
		showAccessDenied($day, $month, $year, $area);
		exit;
	}
	print_header($day, $month, $year, $area);

	//layout
	?>
<table cellpadding="5" cellspacing="0" width="100%">
	<tr>
		<td colspan=2>&#160;</td>
	</tr>
	<tr>
		<td colspan=2>
		<h2><?php echo(_("Administration")); ?></h2>
		</td>
	</tr>
	<?php
	if(isset($area))
	$section="areas";
	if(isset($pid))
	$section="periods";
	?>
	<tr>
		<td colspan=2 style="border: 2px solid;"><a
			href="admin.php?section=areas"
			<?php if($section=="areas") echo "style='color:red'"; ?>><?php echo(_("Manage devices")); ?></a><br>
		<br>
		<a href="admin.php?section=periods"
		<?php if($section=="periods") echo "style='color:red'"; ?>><?php echo(_("Manage terms")); ?></a><br>
		<br>
		<a href="admin.php?section=listing"
		<?php if($section=="listing") echo "style='color:red'"; ?>><?php echo(_("Event overview")); ?></a><br>
		<br>
		<a href=stats.php target=_blank><?php echo(_("Statistics")); ?></a><br>
		<br>
		<a href=shownoconfirm.php target=_blank><?php echo(_("Show unconfirmed bookings")); ?></a><br>
		<br>
		<?php
		if($mod_history_enable){
			echo "<a href=mod_history.php>", _("System recovery"), "</a><br><br>";
		}
		?> <?php echo($startpage); ?> <?php
		if($entryPrintEnabled){
			?>
		<form method="GET" action="print_all.php"><?php
		genDateSelector("", $day, $month, $year);
		?> <input type="submit" value="<?php echo(_("Print an overview")); ?>"></form>
		<?php } ?>
	
	</tr>
	</td>
	<tr>
		<td width="20%" style="border: 2px solid; border-top-width: 0px;"><?php
		if($section=="periods"){
			echo "<table>";
			echo "<td><u>", _("Periods"), "</u><br>";
			$sql="select id, title from mrbs_periods order by startdate";
			$res = sql_query($sql);
			if($res){
				for ($i = 0; ($row = sql_row($res, $i)); $i++){
					if( $pview != 1 )
					echo "<a href=\"admin.php?pid=$row[0]\"><nobr>";
					if($row[0] == $area){
						$this_period_name = htmlspecialchars($row[1]);
						if( $pview != 1 )
						echo "<font color=\"red\">$this_period_name</font></a><br>\n";
					}
					elseif($pview != 1)
					echo htmlspecialchars($row[1]) . "</nobr></a><br>\n";
				}
			}
			?></td>
	</tr>
</table>
</td>
<td
	style="border: 2px solid; border-left-width: 0px; border-top-width: 0px;"
	width="100%"><?php	if(isset($pid)){
		if($pid==0){
			$btn_caption=_("add");
		}
		else{
			$sql = "SELECT title,startdate,enddate FROM mrbs_periods WHERE id=$pid";
			$res = sql_query($sql);
			if(! $res)
			fatal_error(1, sql_error());
			if(sql_count($res) != 1)
			fatal_error(1, strftime(_("Period ID %s not found"), $pid));
			$row = sql_row($res, 0);
			sql_free($res);
			$btn_caption=_("change");
			$startday   = strftime('%d', $row[1]);
			$startmonth = strftime('%m', $row[1]);
			$startyear  = strftime('%Y', $row[1]);
			$endday   = strftime('%d', $row[2]);
			$endmonth = strftime('%m', $row[2]);
			$endyear  = strftime('%Y', $row[2]);
		}
		echo "<form action=\"admin.php\" method=\"get\">";
		formHiddenFields();
		?>
<table cellpadding="0" cellspacing="0" width="100%">
	<input type="hidden" name="edit_type" value="period">
	<input type="hidden" name="pid" value="<?php echo($pid)?>">
	<?php
	//show pid error msg
	if(strlen($pid_error)!=0)
	echo "<tr><td style='color:#ff0000'>", _("Error"), ":</td><td style='color:#ff0000'>$pid_error</td></tr>";
	?>
	<tr>
		<td><?php echo(_("Description of this period")) ?>:&#160;</td>
		<td width=100%><input type="text" name="title"
			value="<?php echo($row[0])?>"></td>
	</tr>
	<tr>
		<td><?php echo(_("Start-Date")); ?>:&#160;</td>
		<td width=100%><?php genDateSelector("start",$startday,$startmonth,$startyear)?></td>
	</tr>
	<tr>
		<td><?php echo(_("End-Date")); ?>:&#160;</td>
		<td width=100%><?php genDateSelector("end",$endday,$endmonth,$endyear)?></td>
	</tr>
	<tr>
		<td>&#160;</td>
		<td><input type="submit" name="submit" value="<?php echo($btn_caption)?>"></td>
	</tr>
	<tr>
		<td colspan="2">&#160;</td>
	</tr>
	<?php
	if($pid>0){
		?>
	<tr>
		<td><nobr><a href="admin.php?pid=0"><?php echo(_("Create period")); ?></a></nobr></td>
		<td style="text-align: right"><a
			href="confirmdelete.php?pid=<?php echo($pid); ?>&del_type=pid"><?php echo(_("Delete this period")); ?></a></td>
	</tr>
	<?php
}
}
else{
	/// The two %s-signs will be replaced by a href-tags, thus making the text between them a hyperlink
	printf(_("Please select a period first or %screate%s a new one."), "<a href=\"admin.php?pid=0\">", "</a>");
}
echo "</td></tr></table></form>";
}
elseif($section=="areas"){
	echo "<table>";
	echo "<td><u>", _("Areas"), "</u><br>";
	$sql = "select id, area_name from mrbs_area order by area_name";
	$res = sql_query($sql);
	if($res){
		for ($i = 0; ($row = sql_row($res, $i)); $i++){
			if( $pview != 1 )
			echo "<a href=\"admin.php?area=$row[0]\"><nobr>";
			if($row[0] == $area){
				$this_area_name = htmlspecialchars($row[1]);
				if( $pview != 1 )
				echo "<font color=\"red\">$this_area_name</font></a><br>\n";
			}
			elseif( $pview != 1 )
			echo htmlspecialchars($row[1]) . "</nobr></a><br>\n";
		}
	}

	echo "</td></tr>";
	echo "</table>";
	?>
	</td>
	<td
		style="border: 2px solid; border-left-width: 0px; border-top-width: 0px;"
		width="100%"><br>
		<?php
		if(isset($area)){
			if($area==0){
				$btn_caption=_("add");
			}
			else{
				$sql = "SELECT area_name FROM mrbs_area WHERE id=$area";
				$res = sql_query($sql);
				if(! $res)
				fatal_error(1, sql_error());
				if(sql_count($res) != 1)
				fatal_error(1, sprintf(_("Area ID %s not found"), $area));
				$row = sql_row($res, 0);
				sql_free($res);
				$btn_caption=_("change");
			}

			?>
	<form action="admin.php" method="get"><?php formHiddenFields(); ?>
	<table cellpadding="0" cellspacing="0" width="100%">
		<input type="hidden" name="edit_type" value="area">
		<input type="hidden" name="area" value="<?php echo($area); ?>">
		<?php
		//show error?
		if(strlen($area_error)!=0)
		echo "<tr><td style='color:#ff0000'>Fehler:</td><td style='color:#ff0000'>$area_error</td></tr>";
		?>
		<tr>
			<td>Bereichsname:&#160;</td>
			<td width=100%><input type="text" name="area_name"
				value="<?php echo($row[0]); ?>"></td>
		</tr>
		<tr>
			<td>&#160;</td>
			<td><input type="submit" name="submit" value="<?php echo($btn_caption); ?>"></td>
		</tr>
		<tr>
			<td colspan="2">&#160;</td>
		</tr>
		<?php
		if($area>0){
			?>
		<tr>
			<td><nobr><a href="admin.php?area=0"><?php echo(_("Create area")); ?></a></nobr></td>
			<td style="text-align: right"><a
				href="confirmdelete.php?area=<?php echo($area); ?>&del_type=area"><?php echo(_("Delete this area")); ?></a></td>
		</tr>
		<?php
}
echo "</table></form>";
}
else{
	/// The two %s-signs will be replaced by a href-tags, thus making the text between them a hyperlink
	printf(_("Please select an area first or<br>%screate%s a new one."), "<a href=\"admin.php?area=0\">", "</a>");
}
echo "</td></tr>";
if($area>0){
	$sql = "select count(*) from mrbs_category where area_id=$area";
	$res = sql_query($sql);
	$row = sql_row($res,0);
	$categoryCount = $row[0];
	if($categoryCount==0){
		$sql = "select count(*) from mrbs_room where area_id=$area";
		$res = sql_query($sql);
		$row = sql_row($res,0);
		$roomCount = $row[0];
	}
	if(($roomCount==0 && !isset($room)) || ($categoryCount!=0  && isset($room))){
		$sql = "select id, name from mrbs_category where area_id=$area order by name";
		$res = sql_query($sql);
		echo "<tr><td style=\"border:2px solid;border-top-width:0px\">";
		echo "<table>";
		echo "<td><u>", _("Category"), "</u><br>";
		if($res){
			for ($i = 0; ($row = sql_row($res, $i)); $i++){
				if( $pview != 1 )
				echo "<a href=\"admin.php?area=$area&category=$row[0]\"><nobr>";
				if($row[0] == $category){
					$this_category_name = htmlspecialchars($row[1]);
					if( $pview != 1 )
					echo "<font color=\"red\">$this_category_name</font></a><br>\n";
				}
				elseif( $pview != 1 )
				echo htmlspecialchars($row[1]) . "</nobr></a><br>\n";
			}
		}
		echo "</td></tr>";
		echo "</table>";
		?>
		</td>
		<td
			style="border: 2px solid; border-left-width: 0px; border-top-width: 0px"
			width="100%"><br>
			<?php
			if(isset($category)){
				if($category==0){
					$btn_caption=_("add");
				}
				else{
					$sql = "SELECT name FROM mrbs_category WHERE id=$category";
					$res = sql_query($sql);
					if(! $res)
					fatal_error(1, sql_error());
					if(sql_count($res) != 1)
					fatal_error(1, sprintf(_("Cytegory ID %s not found"), $category));
					$row = sql_row($res, 0);
					sql_free($res);
					$btn_caption=_("Submit changes");
				}
				?>
		<form action="admin.php" method="get"><?php formHiddenFields(); ?>
		<table cellpadding="0" cellspacing="0" width="100%">
			<input type="hidden" name="edit_type" value="category">
			<input type="hidden" name="area" value="<?php echo($area); ?>">
			<input type="hidden" name="category" value="<?php echo($category); ?>">
			<script language=javascript src=js/forms.js></script>
			<?php
			if(strlen($category_error)!=0)
			echo "<tr><td style='color:#ff0000'>", _("Error"), ":</td><td style='color:#ff0000'>$category_error</td></tr>";
			?>
			<tr>
				<td><nobr><?php echo(_("Name of the category")); ?>:&#160;</nobr></td>
				<td width=100%><input type="text" name="category_name"
					value="<?php echo($row[0]); ?>"></td>
			</tr>
			<?php
			//only show rooms selector on change

			if(isset($category)){
				?>
			<tr>
				<td colspan=2><a href="javascript:flipdiv('roomselectdiv');"><?php echo(_("Change the rooms of this category")); ?></a><br>
				<div id=roomselectdiv
					style="overflow: hidden; visibility: hidden; height: 1px;">
				<table width=100% border=0 cellpadding=5>
					<tr>
						<td><b><?php echo(_("Rooms in this system")); ?></b></td>
						<td><b><?php echo(_("Rooms in this category")); ?></b></td>
						<td>&nbsp;</td>
					</tr>
					<tr>
						<td><select size=10 multiple id=exclude style="width: 200px;">
						<?php
						//fetch all rooms and add them to first select
						$res=sql_query("SELECT ID,room_name,hidden FROM mrbs_room ORDER BY room_name");
						while($zeile=mysql_fetch_row($res)){
							echo "<option value=",$zeile[0],">",$zeile[1];
							if ($zeile[2]=='true') echo " (", _("hidden"), ")";
							echo "</option>";
						}
						?>
						</select><br>
						<a href=javascript:moveoption('exclude','include')><?php echo(_("Add to category")); ?></a></td>
						<td><select style="width: 200px;" name=multicat[] size=10 multiple
							id=include></select> <script language=javascript>
<?php
//fetch rooms wich correspond to this category and move them via javascript to the other select
//also mark them as extra if needed
$res=sql_query("SELECT RID,extra FROM mrbs_multicat WHERE CID=$category ORDER BY uorder");
while($zeile=mysql_fetch_row($res)){
	echo "selectByValue('$zeile[0]','exclude');moveoption('exclude','include');";
	if($zeile[1]==1)
		echo "selectByValue('$zeile[0]','include');mark('include');";
}
?>
</script> <br>
						<a href=javascript:moveoption('include','exclude')><?php echo(_("Remove from category")); ?></a></td>
						<td width=33%><br>
						<a href=javascript:movedown('include')><?php echo(_("Move up")); ?></a><br>
						<br>
						<a href=javascript:moveup('include')><?php echo(_("Move down")); ?></a><br>
						<br>
						<a href=javascript:mark('include')><?php echo(_("Mark as hightlighted")); ?></a><br>
						<br>
						<?php echo(_("(Devices marked as highlighted appear in the overview page in an extra box)")); ?></td>
					</tr>
				</table>
				</div>
				</td>
			</tr>
			<?php
}
?>
			<tr>
				<td>&#160;</td>
				<td><input onclick="javascript:selectall('include');" type="submit"
					name="submit" value="<?php echo($btn_caption); ?>"></td>
			</tr>
			<tr>
				<td colspan="2">&#160;</td>
			</tr>
			<?php
			if($category>0){
				?>
			<tr>
				<td><nobr><a href="admin.php?area=<?php echo($area)?>&category=0"><?php echo(_("Create category")); ?></a></nobr></td>
				<td style="text-align: right"><a
					href="confirmdelete.php?area=<?php echo($area)?>&category=<?php echo($category)?>&del_type=category">
					<?php echo(_("Delete this category")); ?></a></td>
			</tr>
			<?php
}
echo "</table></form>";
}
else{
	/// The two %s-signs will be replaced by a href-tags, thus making the text between them a hyperlink
	printf(_("Please select a category first - or %screate%s a new one."), "<a href=\"admin.php?area=$area&category=0\">", "</a>");
}
echo "</td></tr>";
}
}
if($area>0 && (($categoryCount==0 && $roomCount!=0) ||(isset($category) && $category!=0) || ($roomCount == 0 && $categoryCount==0 && (!isset($category) || (isset($room) && isset($category)))))){
	echo "<tr><td style=\"border:2px solid;border-top-width:0px\">";
	echo "<table><td><u>", _("Room"), "</u><br>";
	if(!isset($category))
	$category=0;
	$sql = "select r.id, r.room_name, r.hidden from mrbs_room AS r LEFT JOIN mrbs_multicat AS m ON r.ID=m.RID WHERE m.CID=$category order by room_name";
	$res = sql_query($sql);
	if($res){
		for ($i = 0; ($row = sql_row($res, $i)); $i++){
			if( $pview != 1 )
			echo "<a href=\"admin.php?area=$area&category=$category&room=$row[0]\"><nobr>";
			if($row[0] == $room){
				$this_room_name = htmlspecialchars($row[1]);
				if( $pview != 1 ) {
					echo "<font color=\"red\">$this_room_name</font></a>";
					if ($row[2]=='true') echo " (", _("hidden"), ")";
					echo "<br>\n";
				}
			}
			elseif( $pview != 1 ) {
				echo htmlspecialchars($row[1]) . "</nobr></a>";
				if ($row[2]=='true') echo " (", _("hidden"), ")";
				echo "<br>\n";
			}
		}
	}
	echo "</td></tr></table>";
	?>
			</td>
			<td
				style="border: 2px solid; border-left-width: 0px; border-top-width: 0px"
				width="100%"><br>
				<?php
				if(isset($room)){
					if($room==0){
						$btn_caption=_("add");
						if(strlen($room_error)==0)
						$row = explode(".","..1.0.0.0.");
						else
						$row = explode(".","$room_name.$description.$capacity.$limit_hour.$limit_day.$limit_week.$comment");
						$row[10]="false";
					}
					else{
						$sql = "SELECT room_name,description,capacity,limit_hour,limit_day,limit_week,comment,infourl,infotext,adminmail,hidden FROM mrbs_room WHERE id=$room";
						$res = sql_query($sql);
						if(! $res)
						fatal_error(1, sql_error());
						if(sql_count($res) != 1)
						fatal_error(1, sprintf(_("Room ID %s not found."), $room));
						$row = sql_row($res, 0);
						sql_free($res);
						$btn_caption=_("change");
					}
					?>
			<form action="admin.php"><?php formHiddenFields(); ?>
			<table>
				<tr>
					<td>
					<table cellpadding="0" cellspacing="0" width="100%">
						<input type="hidden" name="edit_type" value="room">
						<input type="hidden" name="area" value="<?php echo($area); ?>">
						<input type="hidden" name="category" value="<?php echo($category); ?>">
						<input type="hidden" name="room" value="<?php echo($room); ?>">
						<?php
						if(strlen($room_error)!=0)
						echo "<tr><td style='color:#ff0000'>Fehler:</td><td style='color:#ff0000'>$room_error</td></tr>";
						?>
						<tr>
							<td><nobr><?php echo(_("Name of this Room")); ?>:&#160;</nobr></td>
							<td width=100%><input type="text" name="room_name"
								value="<?php echo($row[0]); ?>"></td>
						</tr>
						<tr>
							<td><nobr><?php echo(_("Description")); ?>:&#160;</nobr></td>
							<td width=100%><textarea name="description"><?php echo($row[1]); ?></textarea></td>
						</tr>
						<tr>
							<td><nobr><?php echo(_("Capacity")); ?>:&#160;</nobr></td>
							<td width=100%><input type="text" name="capacity"
								value="<?php echo($row[2]); ?>"></td>
						</tr>
						<tr>
							<td><nobr><?php echo(_("Maximum number of hours")); ?>:&#160;</nobr></td>
							<td width=100%><input type="text" name="limit_hour"
								value="<?php echo($row[3]); ?>"></td>
						</tr>
						<tr>
							<td><nobr><?php echo(_("Maximum numbers of days")); ?>:&#160;</nobr></td>
							<td width=100%><input type="text" name="limit_day"
								value="<?php echo($row[4]); ?>"></td>
						</tr>
						<tr>
							<td><nobr><?php echo(_("Maximum number of weeks")); ?>:&#160;</nobr></td>
							<td width=100%><input type="text" name="limit_week"
								value="<?php echo($row[5]); ?>"></td>
						</tr>
						<tr>
							<td><nobr><?php echo(_("Comment")); ?>:&#160;</nobr></td>
							<td width=100%><textarea name="comment"><?php echo($row[6]); ?></textarea></td>
						</tr>
						<tr>
							<td><?php echo(_("URL to info page")); ?></td>
							<td><input type=text name=infourl value="<?php echo($row[7]); ?>"></td>
						</tr>
						<tr>
							<td><?php echo(_("Additional Information")); ?></td>
							<td><input type=text name=infotext value="<?php echo($row[8]); ?>"></td>
						</tr>
						<tr>
							<td><?php echo(_("Room-admin's eMail")); ?></td>
							<td><input type=text name=adminmail value="<?php echo($row[9]); ?>"></td>
						</tr>
						<tr>
							<td>Status</td>
							<td><input type="radio" name="hidden" value="false"
							<?php if($row[10]=="false") print "checked"; ?>><?php echo(_("visible")); ?><br>
							<input type="radio" name="hidden" value="true"
							<?php if($row[10]=="true") print "checked"; ?>><?php echo(_("hidden")); ?></td>
						</tr>

						<tr>
							<td>&#160;</td>
							<td><input type="submit" name="submit" value="<?php echo($btn_caption); ?>"></td>
						</tr>
						<tr>
							<td colspan="2">&#160;</td>
						</tr>
						<?php
						echo "</table></td><td><u>", _("This room will be visible in the following categories:"), "</u><br>";
						$res=sql_query("SELECT c.ID,c.name,a.area_name FROM mrbs_category AS c LEFT JOIN mrbs_area AS a ON c.area_id=a.id LEFT JOIN mrbs_multicat AS m on m.CID=c.ID WHERE m.RID=$room ORDER BY a.area_name,c.name ");
						while($zeile=mysql_fetch_row($res)){
							echo $zeile[2].":".$zeile[1]."<br>";
						}
						echo "</td></tr>";
						if($room>0){

							?>
						<tr>
							<td><nobr><a
								href="admin.php?area=<?php echo($area); ?>&category=<?php echo($category); ?>&room=0"><?php echo(_("Create a Room")); ?></a></nobr></td>
							<td style="text-align: right"><a
								href="confirmdelete.php?area=<?php echo($area); ?>&category=<?php echo($category); ?>&room=<?php echo($room); ?>&del_type=room">
								<?php echo(_("Delete this room")); ?></a></td>
						</tr>


						<?php
}
echo "</table> </form>";
}
else{
	/// The two %s-signs will be replaced by a href-tags, thus making the text between them a hyperlink
	printf(_("Please select a room or %screate%s a new one."), "<a href=\"admin.php?area=$area&category=$category&room=0\">", "</a>");
	if($roomCount!=0 && $categoryCount==0){
		echo "<br><br>";
		/// The two %s-signs will be replaced by a href-tags, thus making the text between them a hyperlink
		printf(_("If you want to add more categories to this area then please click %shere%s."), "<a href=\"makecat.php?area=$area\">", "</a>");
	}
}
}
}
elseif($section=="listing"){
	$minOpt="F";
	$maxOpt="G";
	if(!isset($submit)){
		$startTime = time();
		$startday   = strftime('%d', $startTime);
		$startmonth = strftime('%m', $startTime);
		$startyear  = strftime('%Y', $startTime);
		$endday   = $startday;
		$endmonth = $startmonth+1;
		$endyear  = $startyear;
		if($endmonth==13){
			$endyear++;
			$endmonth=1;
		}
		$filter_type="all";
		$type="F";
	}
	?>
						<form action="admin.php" method="get">
						<table width="100%" cellpadding="2" cellspacing="1">
							<input type="hidden" name="section" value="listing">
							<tr style="background-color: #DDDDDD">
								<td colspan="3"><b><u><?php echo(_("Filter rules")); ?>:</u></b></td>
							</tr>
							<tr style="background-color: #DDDDDD">
							<?php 
								#formHiddenFields(); 
							?>
								<td><b><u><?php echo(_("Status")); ?>:</u></b><br>
								<SELECT NAME="type">
									<option value="A"><?php echo(_("All")); ?></option>
									<?php
									for ($c = $minOpt; $c <= $maxOpt; $c++){
										if(!empty($typel[$c]))
										echo "<OPTION VALUE=\"$c\"" . ($type == $c ? " SELECTED" : "") . ">$typel[$c]</option>\n";
									}
									?>
								</SELECT></td>
								<td><b><u><?php echo(_("Period")); ?>:</u></b><br>
								<table cellpadding="0" cellspacing="1">
									<tr>
										<td><?php echo(_("from")); ?>:</td>
										<td><?php genDateSelector("start",$startday,$startmonth,$startyear)?>
										</td>
									</tr>
									<tr>
										<td><?php echo(_("till")); ?>:</td>
										<td><?php genDateSelector("end",$endday,$endmonth,$endyear)?></td>
									</tr>
								</table>
								</td>
								<td><b> <?php
								echo "<u>";
								echo(_("Type of entries"));
								echo "</u></b><br>";
								echo "<input type=radio name=filter_type value=single ",(($filter_type=="single")?"checked":""), ">", _("Single entries"), "<br>";
								echo "<input type=radio name=filter_type value=series ",(($filter_type=="series")?"checked":"") ,">", _("Multiple entries"), "<br>";
								echo "<input type=radio name=filter_type value=all ",(($filter_type=="all")?"checked":""),">", _("Single and multiple entries"),"<br>";
								?></td>
							</tr>
							<tr style="background-color: #DDDDDD">
								<td colspan="3" class="CR"><input type="submit" name="submit"
									value="<?php echo(_("Create view")); ?>"></td>
							</tr>
						</table>
						</form>
						<?php if(isset($submit)){?>
						<table width="100%" cellspacing="1" cellpadding="2">
						<?php
						if($filter_type=="single")
						$title = _("Standalone entries");
						if($filter_type=="series")
						$title = _("Series");
						if($filter_type=="all")
						{
							$title = _("Standalone and series");
						}
						if(isset($detail))
						{
							$title = _("Standalone entries belonging to this series");
						}
						echo "<tr style=\"background-color:#e0e4f1\"><td colspan='5'><b>", sprintf(_("Viewing: %s"), $title), "</b></td></tr>";
						?>
							<tr style="background-color: #e0e4f1">
								<td><b><?php echo(_("Type, Start-date")); ?></b></td>
								<td><b><?php echo(_("Tutor")); ?></b></td>
								<td><b><?php echo(_("Title")); ?></b></td>
								<td><b><?php echo(_("Device")); ?></b></td>
								<td><b><?php echo(_("Actions")); ?></b></td>
							</tr>
							<?php
							$startdate = mktime(0,0,0,$startmonth,$startday,$startyear);
							$enddate = mktime(0,0,0,$endmonth,$endday+1,$endyear);
							$sql="";
							if($type!='A'){
								$sql_series = "select
			e.title,
			e.description,
			e.id,
			e.room_id,
			e.start_time,
			e.type,
			e.repeat_id,ro.room_name 
				from mrbs_entry as e left join mrbs_repeat as r on e.repeat_id=r.id left join mrbs_room as ro ON ro.id=e.room_id where 
			r.start_time>'$startdate' and 
			r.start_time<'$enddate' and 
			e.type='$type' AND 
			e.repeat_id!=0 group by e.repeat_id";

								$sql_single = "select
			e.title,
			e.description,
			e.id,
			e.room_id,
			e.start_time,
			e.type,
			e.repeat_id,r.room_name 
				from mrbs_entry as e left join mrbs_room as r on e.room_id=r.id where 
			e.type='$type' and 
			e.start_time>'$startdate' and 
			e.start_time<'$enddate' and 
			e.repeat_id=0";
							}
							else{
								$sql_series = "SELECT
			e.title,
			e.description,
			e.id,
			e.room_id,
			e.start_time,
			e.type,
			e.repeat_id,ro.room_name 
				FROM mrbs_repeat AS r LEFT JOIN mrbs_entry AS e ON r.id=e.repeat_id left join mrbs_room as ro on ro.id=e.room_id WHERE 
			r.start_time>'$startdate' AND 
			r.start_time<'$enddate' AND e.repeat_id!=0 group by e.repeat_id";
									
								$sql_single = "select
			e.title,
			e.description,
			e.id,
			e.room_id,
			e.start_time,
			e.type,
			e.repeat_id,r.room_name
				from mrbs_entry as e left join mrbs_room as r on e.room_id=r.id where 
			e.start_time>'$startdate' and 
			e.start_time<'$enddate' and 
			e.repeat_id=0";
							}
							if($filter_type=="single")
							$sql[0] = $sql_single;
							if($filter_type=="series")
							$sql[0] = $sql_series;
							if($filter_type=="all")
							{
								$sql[0] = $sql_single;
								$sql[1] = $sql_series;
							}
							$entryCount=0;
							for ($j=0;isset($sql[$j]);$j++) {
								$res = sql_query($sql[$j]);
								while($row=mysql_fetch_row($res)) {
									$entryCount++;
									$start_date = strftime('%A %d %B %Y <br>%X', $row[4]);
									echo "<tr style=\"background-color:#e0e4f1\">";
									if($filter_type=="single" || $filter_type=="all" && $j==0)
									echo "<td><i>", _("Standalone entry"), "</i><br>".parseDate($start_date)."</td>";
									if($filter_type=="series" || $filter_type=="all" && $j==1)
									echo "<td><i>", _("Series"), "</i><br>".parseDate($start_date)."</td>";
									echo "<td>".$row[0]."</td>";
									echo "<td>".$row[1]."</td>";
									$room_id=$row[3];
									$roomName=$row[7];//mrbsGetRoomName($room_id);
									echo "<td>".$roomName."</td>";
									echo "<td>";
									echo "<form action=\"admin.php\" method=\"get\">";
									echo "<table width=\"100%\" cellpadding=\"0\" cellspacing=\"0\">";
									echo "<tr><td>";
									$id=$row[2];
									$view ="admin";

									if($filter_type=="single" || $filter_type=="all" && $j==0)
									{
										echo "<a href=\"view_entry.php?view=week&id=$id\" target=\"blank\">", _("Show entry"), "</a><br>";
										echo "<a href=\"edit_entry.php?view=$view&id=$id\">", _("Change entry"), "</a><br>";
										echo "<A HREF=\"del_entry.php?view=".urlencode("admin.php?".$QUERY_STRING)."&room=$room_id&id=$id&series=0&fromAdmin=1\" onClick=\"return confirm('", _("Are you sure you want to delete this entry?"), "');\">", _("Delete entry"), "</A>";
									}
									if(($filter_type=="series" || $filter_type=="all") && $j==1){
										$repid=$row[6];
										$qr = sql_query("SELECT min(id) from mrbs_entry where repeat_id=$repid limit 1");
										$rw = sql_row($qr,0);
										$id = $rw[0];
										echo "<a href=\"view_entry.php?view=week&id=$id\" target=\"blank\">", _("Show entry"), "</a><br>";
										echo "<a href=\"edit_entry.php?view=$view&id=$id&edit_type=series&day=$day&month=$month&year=$year\">", _("Change all entries"), "</a><br>";
										echo "<A HREF=\"del_entry.php?view=".urlencode("admin.php?".$QUERY_STRING)."&room=$room_id&id=$id&series=1&fromAdmin=1\" onClick=\"return confirm('", _("Are you sure you want to delete this entry?"), "');\">", _("Delete all entries"), "</A><br>";
										echo "<a href=\"admin.php?section=listing&submit=true&type=$type&detail=$repid\">", _("Show sub-entries"), "</a>";
									}
									echo "</td>";
									echo "<td width=\"150px\">";
			#formHiddenFields();
                        echo "<input type=\"hidden\" name=\"filter_type\" value=\"$filter_type\">";
			echo "<input type=\"hidden\" name=\"changeid\" value=\"$id\">";
			echo "<input type=\"hidden\" name=\"edit_type\" value=\"type\">";
			echo "<input type=\"hidden\" name=\"section\" value=\"$section\">";
			echo "<input type=\"hidden\" name=\"startday\" value=\"$startday\">";
			echo "<input type=\"hidden\" name=\"startmonth\" value=\"$startmonth\">";
			echo "<input type=\"hidden\" name=\"startyear\" value=\"$startyear\">";
			echo "<input type=\"hidden\" name=\"endday\" value=\"$endday\">";
			echo "<input type=\"hidden\" name=\"endmonth\" value=\"$endmonth\">";
			echo "<input type=\"hidden\" name=\"endyear\" value=\"$endyear\">";
			echo "<input type=\"hidden\" name=\"type\" value=\"$type\">";
			echo "<SELECT NAME=\"changetype\">";
			for ($c = $minOpt; $c <= $maxOpt; $c++){
				if(!empty($typel[$c]))
					echo "<OPTION VALUE=\"$c\"" . ($row[5] == $c ? " SELECTED" : "") . ">$typel[$c]\n";
			}
			echo "</SELECT><br>";
			echo "<input type=\"submit\" name=\"submit\" value=\"", _("Change status"), "\">";
			echo "</td></tr></table>";
			echo "</td>";
			echo "</tr></form>";
		}
	}
	if($entryCount==0){
		echo "<tr style=\"background-color:#e0e4f1\">";
		echo "<td colspan=5>",_("There are no entries matching the filter rules."), "</td></tr>";
	}
	echo "</table>";
	}
}
?>
							</td>
							</tr>
						</table>
						</HTML>
						<?php
}
?>
Return current item: ARBS