Location: PHPKode > projects > EverQuest Roster/Gallery > html/includes/write_event.php
<?
        /**********************************************************************************
        *                                                                                 *
        *                              write_event.php                                    *
        *                            -------------------                                  *
        *                                                                                 *
        * Program           : EverQuest Roster/Gallery v1.7b1                               *
        * Copyright         : (C) 2001 - 2002 BladeTek Internet Services &                *
        *                                                     The EQRG Developement Team  *
        * Website           : http://eqrg.roleplayersinteraction.com                      *
        * Project Website   : http://www.sourceforge.net/projects/eqrostergallery         *
        * Email             : hide@address.com                                        *
        *                                                                                 *
        * For license information, please read the COPYING file which                     *
        * came with this edition                                                          *
        *                                                                                 *
        **********************************************************************************/

        function add_event($vars) {
                global $SESSION;

                if (!$SESSION["uid"]) {
                        $err = ERR_NOT_LOGGED_IN;
                } elseif (!trim($vars["name"])) {
                        $err = "The event name cannot be blank.";
                } elseif (strlen($vars["name"]) > 40) {
                        $err = "The event name is too long.  It may only be 40 characters in length.";
                } elseif (!$vars["level1"]) {
                        $err = "The level field 1 can not be blank.";
                } elseif (!$vars["level2"]) {
                        $err = "The level field 2 can not be blank.";
                } elseif (!$vars["zone"]) {
                        $err = "The event zone cannot be blank.";
                } elseif (!checkdate($vars["create_month"], $vars["create_day"], $vars["create_year"])) {
                        $err = "The event date is an invalid date.";
                } elseif (mktime(0, 0, 0, $vars["create_month"], $vars["create_day"], $vars["create_year"]) < time() -1) {
                        $err = "The event date cannot be in the past.";
                } elseif (strlen($vars["description"]) > 4096) {
                        $err = "The character notes field is too large.";

                } else {
                        $query  = "select id";
                        $query .= "  from events";
                        $query .= " where name = '" . $vars["name"] . "'";

                        query_db($query, $exists);

                                $values  = "0,";
                                $values .= "'" . $vars["name"] . "',";
                                $values .= "'" . $vars["level1"] . "',";
                                $values .= "'" . $vars["level2"] . "',";
                                $values .= "'" . $vars["zone"] . "',";
                                $values .= mktime(0, 0, 0, $vars["create_month"], $vars["create_day"], $vars["create_year"]) . ",";
                                $values .= "'" . $vars["description"] . "'";

                                $query  = "insert into events (id, name, level1, level2, zone, date, description)";
                                $query .= "values ($values)";

                                update_db($query);

                }

                return $err;
        }

        function edit_event($id, $vars) {
                global $SESSION, $LEVELS, $ZONES;

                $temp = array_keys($vars);
                $err = "";
                $query = "";

                if (!$SESSION["uid"]) {
                        $err = ERR_NOT_LOGGED_IN;
                } elseif (!$vars["level1"]) {
                        $err = "The event level 1 cannot be blank.";
                } elseif (!$vars["level2"]) {
                        $err = "The event level 2 cannot be blank.";
                } elseif (!$vars["zone"]) {
                        $err = "The event zone cannot be blank.";
                } elseif (!checkdate($vars["create_month"], $vars["create_day"], $vars["create_year"])) {
                        $err = "The event date is an invalid date.";
                } elseif (mktime(0, 0, 0, $vars["create_month"], $vars["create_day"], $vars["create_year"]) < time()) {
                        $err = "The event date cannot be in the past.";
                } elseif (strlen($vars["description"]) > 4096) {
                        $err = "The character notes field is too large.";
                }

                if (!$err) {
                        $query  = "update events";
                        $query .= "   set level1 = '" . $vars["level1"] . "', ";
                        $query .= "       level2 = '" . $vars["level2"] . "', ";
                        $query .= "       zone = '" . $vars["zone"] . "', ";
                        $query .= "       date = " . mktime(0, 0, 0, $vars["create_month"], $vars["create_day"], $vars["create_year"]) . ", ";
                        $query .= "       description = '" . addslashes(trim($vars["description"])) . "'";
                        $query .= " where id = $id";

                        update_db($query);

                }


                return $err;
        }

        function delete_event($id) {
                global $SESSION;

                if (!$id) {
                        $err = ERR_ID_BLANK;
                } elseif (eregi("[^[:digit:]]", $id)) {
                        $err = ERR_ID_INVALID;
                } else {

                        if ($SESSION["level"] != ADMIN) {
                                $err = ERR_NOT_ENOUGH_ACCESS;
                        } else {
                                $query  = "delete from events";
                                $query .= " where id = $id";

                                update_db($query);

                                $query  = "delete from eventreg";
                                $query .= " where eid = $id";

                                update_db($query);

                        }
                }

                return $err;
        }

        function delete_reg($id) {
                global $SESSION, $cookie_login;

                if (!$id) {
                        $err = ERR_ID_BLANK;
                } elseif (eregi("[^[:digit:]]", $id)) {
                        $err = ERR_ID_INVALID;
                } else {
                        $userid = $SESSION["uid"];
                        $query  = "select owner";
                        $query .= "  from eventreg";
                        $query .= " where eid = $id and owner = $userid";

                        query_db($query, $temp);

                        if ($temp["owner"] != $SESSION["uid"]) {
                                $err = "No character registered for this event.";
                        } else {
                                $query  = "delete from eventreg";
                                $query .= " where eid = $id and owner = " . $SESSION["uid"] . "";

                                update_db($query);
                        }
                }

                return $err;
        }

        function event_reg($id, $vars) {
                global $SESSION, $cookie_login;

                if (!$id) {
                        $err = ERR_ID_BLANK;
                } elseif (eregi("[^[:digit:]]", $id)) {
                        $err = ERR_ID_INVALID;
                } else {

                        $query  = "select owner";
                        $query .= "  from eventreg";
                        $query .= " where eid = $id and ologin = '" . $cookie_login . "'";

                        query_db($query, $temp);

                        if (!$SESSION["uid"]) {
                                $err = "You must be logged in to use this feature.";
                        } elseif ($temp["owner"] == $SESSION["uid"] && $temp["ologin"] == $cookie_login) {
                                $err = "You are already have a character registered for this event.";
                        } else {
                                $values .= "'" . $id . "',";
                                $values .= "'" . $SESSION["uid"] . "',";
                                $values .= "'" . $cookie_login . "',";
                                $values .= "'" . $vars["userchar"] . "'";

                                $query  = "insert into eventreg (eid, owner, ologin, userchar) ";
                                $query .= "values ($values)";

                                update_db($query);



                        }
                }

                return $err;
        }

        function guest_reg($id, $vars) {
                global $CLASSES, $RACES, $options;

                if (!$id) {
                        $err = ERR_ID_BLANK;
                } elseif (eregi("[^[:digit:]]", $id)) {
                        $err = ERR_ID_INVALID;
                } elseif (!strlen(trim($vars["guest_passwd"]))) {
                        $err = "The Guest password cannot be blank.";
                } elseif (strcmp($vars["guest_passwd"], $options["guestpass"])) {
                        $err = "The Guest Password does not match the one in the database.";
                } elseif (!strlen(trim($vars["unreg_passwd"]))) {
                        $err = "The UnRegister password cannot be blank.";
                } elseif (!trim($vars["gname"])) {
                        $err = "The character name cannot be blank.";
                } elseif (strlen($vars["gname"]) > 20) {
                        $err = "The character name is too long.  It may only be 20 characters in length.";
                } elseif (eregi("[^[:alpha:]]", $vars["gname"])) {
                        $err = "The character name contains invalid symbols.";
                } elseif (strlen($vars["gsurname"]) > 40) {
                        $err = "The character surname is too long.  It may only be 40 characters in length.";
                } elseif (eregi("[^[:alpha:][:space:]`]", $vars["gsurname"])) {
                        $err = "The character surname contains invalid characters.";
                } elseif (!$vars["glevel"]) {
                        $err = "The character level cannot be blank.";
                } elseif (eregi("[^[:digit:]]", $vars["glevel"])) {
                        $err = "The character level must be numeric.";
                } elseif ($vars["glevel"] < 1) {
                        $err = "The character level must be at least 1.";
                } elseif ($vars["glevel"] > 65) {
                        $err = "The character level must be 65 or less.";
                } elseif (!$vars["class"]) {
                        $err = "The character class cannot be blank.";
                } elseif (!isset($CLASSES[$vars["class"]]["name"])) {
                        $err = "That class does not exist.";
                } elseif (!$vars["race"]) {
                        $err = "The character race cannot be blank.";
                } elseif (!isset($RACES[$vars["race"]])) {
                        $err = "That race does not exist.";
                } elseif (!$CLASSES[$vars["class"]][$vars["race"]]) {
                        $err = "A " . $RACES[$vars["race"]] . " cannot be a " . strtolower($CLASSES[$vars["class"]]["name"]) . ".";
                } else {
                        $values .= "'" . $id . "',";
                        $values .= "'" . $vars["unreg_passwd"] . "',";
                        $values .= "'" . $vars["gname"] . "',";
                        $values .= "'" . $vars["gsurname"] . "',";
                        $values .= "'" . $vars["race"] . "',";
                        $values .= "'" . $vars["class"] . "',";
                        $values .= "'" . $vars["glevel"] . "'";

                        $query  = "insert into eventguest (eid, unreg_password, name, surname, race, class, level) ";
                        $query .= "values ($values)";

                        update_db($query);

                }

                return $err;
        }

        function delete_greg($id, $vars) {

                if (!$id) {
                        $err = ERR_ID_BLANK;
                } elseif (eregi("[^[:digit:]]", $id)) {
                        $err = ERR_ID_INVALID;
                } else {
                        $query  = "select unreg_password";
                        $query .= "  from eventguest";
                        $query .= " where eid = $id and egid = " . $vars["userchar"] . "";

                        query_db($query, $temp);

                        if (!strlen(trim($vars["unreg_passwd"]))) {
                                $err = "The UnRegister Password cannot be blank.";
                        } elseif (strcmp($vars["unreg_passwd"], $temp["unreg_password"])) {
                                $err = "The UnRegister Password does not match the one in the database.";
                        } else {
                                $query  = "delete from eventguest";
                                $query .= " where egid = " . $vars["userchar"] . " and unreg_password = '" . $vars["unreg_passwd"] . "'";

                                update_db($query);
                        }
                }

                return $err;
        }
?>
Return current item: EverQuest Roster/Gallery