<?
/**********************************************************************************
* *
* write_event.php *
* ------------------- *
* *
* Program : EverQuest Roster/Gallery v1.7b1 *
* Copyright : (C) 2001 - 2002 BladeTek Internet Services & *
* The EQRG Developement Team *
* Website : http://eqrg.roleplayersinteraction.com *
* Project Website : http://www.sourceforge.net/projects/eqrostergallery *
* Email : hide@address.com *
* *
* For license information, please read the COPYING file which *
* came with this edition *
* *
**********************************************************************************/
function add_event($vars) {
global $SESSION;
if (!$SESSION["uid"]) {
$err = ERR_NOT_LOGGED_IN;
} elseif (!trim($vars["name"])) {
$err = "The event name cannot be blank.";
} elseif (strlen($vars["name"]) > 40) {
$err = "The event name is too long. It may only be 40 characters in length.";
} elseif (!$vars["level1"]) {
$err = "The level field 1 can not be blank.";
} elseif (!$vars["level2"]) {
$err = "The level field 2 can not be blank.";
} elseif (!$vars["zone"]) {
$err = "The event zone cannot be blank.";
} elseif (!checkdate($vars["create_month"], $vars["create_day"], $vars["create_year"])) {
$err = "The event date is an invalid date.";
} elseif (mktime(0, 0, 0, $vars["create_month"], $vars["create_day"], $vars["create_year"]) < time() -1) {
$err = "The event date cannot be in the past.";
} elseif (strlen($vars["description"]) > 4096) {
$err = "The character notes field is too large.";
} else {
$query = "select id";
$query .= " from events";
$query .= " where name = '" . $vars["name"] . "'";
query_db($query, $exists);
$values = "0,";
$values .= "'" . $vars["name"] . "',";
$values .= "'" . $vars["level1"] . "',";
$values .= "'" . $vars["level2"] . "',";
$values .= "'" . $vars["zone"] . "',";
$values .= mktime(0, 0, 0, $vars["create_month"], $vars["create_day"], $vars["create_year"]) . ",";
$values .= "'" . $vars["description"] . "'";
$query = "insert into events (id, name, level1, level2, zone, date, description)";
$query .= "values ($values)";
update_db($query);
}
return $err;
}
function edit_event($id, $vars) {
global $SESSION, $LEVELS, $ZONES;
$temp = array_keys($vars);
$err = "";
$query = "";
if (!$SESSION["uid"]) {
$err = ERR_NOT_LOGGED_IN;
} elseif (!$vars["level1"]) {
$err = "The event level 1 cannot be blank.";
} elseif (!$vars["level2"]) {
$err = "The event level 2 cannot be blank.";
} elseif (!$vars["zone"]) {
$err = "The event zone cannot be blank.";
} elseif (!checkdate($vars["create_month"], $vars["create_day"], $vars["create_year"])) {
$err = "The event date is an invalid date.";
} elseif (mktime(0, 0, 0, $vars["create_month"], $vars["create_day"], $vars["create_year"]) < time()) {
$err = "The event date cannot be in the past.";
} elseif (strlen($vars["description"]) > 4096) {
$err = "The character notes field is too large.";
}
if (!$err) {
$query = "update events";
$query .= " set level1 = '" . $vars["level1"] . "', ";
$query .= " level2 = '" . $vars["level2"] . "', ";
$query .= " zone = '" . $vars["zone"] . "', ";
$query .= " date = " . mktime(0, 0, 0, $vars["create_month"], $vars["create_day"], $vars["create_year"]) . ", ";
$query .= " description = '" . addslashes(trim($vars["description"])) . "'";
$query .= " where id = $id";
update_db($query);
}
return $err;
}
function delete_event($id) {
global $SESSION;
if (!$id) {
$err = ERR_ID_BLANK;
} elseif (eregi("[^[:digit:]]", $id)) {
$err = ERR_ID_INVALID;
} else {
if ($SESSION["level"] != ADMIN) {
$err = ERR_NOT_ENOUGH_ACCESS;
} else {
$query = "delete from events";
$query .= " where id = $id";
update_db($query);
$query = "delete from eventreg";
$query .= " where eid = $id";
update_db($query);
}
}
return $err;
}
function delete_reg($id) {
global $SESSION, $cookie_login;
if (!$id) {
$err = ERR_ID_BLANK;
} elseif (eregi("[^[:digit:]]", $id)) {
$err = ERR_ID_INVALID;
} else {
$userid = $SESSION["uid"];
$query = "select owner";
$query .= " from eventreg";
$query .= " where eid = $id and owner = $userid";
query_db($query, $temp);
if ($temp["owner"] != $SESSION["uid"]) {
$err = "No character registered for this event.";
} else {
$query = "delete from eventreg";
$query .= " where eid = $id and owner = " . $SESSION["uid"] . "";
update_db($query);
}
}
return $err;
}
function event_reg($id, $vars) {
global $SESSION, $cookie_login;
if (!$id) {
$err = ERR_ID_BLANK;
} elseif (eregi("[^[:digit:]]", $id)) {
$err = ERR_ID_INVALID;
} else {
$query = "select owner";
$query .= " from eventreg";
$query .= " where eid = $id and ologin = '" . $cookie_login . "'";
query_db($query, $temp);
if (!$SESSION["uid"]) {
$err = "You must be logged in to use this feature.";
} elseif ($temp["owner"] == $SESSION["uid"] && $temp["ologin"] == $cookie_login) {
$err = "You are already have a character registered for this event.";
} else {
$values .= "'" . $id . "',";
$values .= "'" . $SESSION["uid"] . "',";
$values .= "'" . $cookie_login . "',";
$values .= "'" . $vars["userchar"] . "'";
$query = "insert into eventreg (eid, owner, ologin, userchar) ";
$query .= "values ($values)";
update_db($query);
}
}
return $err;
}
function guest_reg($id, $vars) {
global $CLASSES, $RACES, $options;
if (!$id) {
$err = ERR_ID_BLANK;
} elseif (eregi("[^[:digit:]]", $id)) {
$err = ERR_ID_INVALID;
} elseif (!strlen(trim($vars["guest_passwd"]))) {
$err = "The Guest password cannot be blank.";
} elseif (strcmp($vars["guest_passwd"], $options["guestpass"])) {
$err = "The Guest Password does not match the one in the database.";
} elseif (!strlen(trim($vars["unreg_passwd"]))) {
$err = "The UnRegister password cannot be blank.";
} elseif (!trim($vars["gname"])) {
$err = "The character name cannot be blank.";
} elseif (strlen($vars["gname"]) > 20) {
$err = "The character name is too long. It may only be 20 characters in length.";
} elseif (eregi("[^[:alpha:]]", $vars["gname"])) {
$err = "The character name contains invalid symbols.";
} elseif (strlen($vars["gsurname"]) > 40) {
$err = "The character surname is too long. It may only be 40 characters in length.";
} elseif (eregi("[^[:alpha:][:space:]`]", $vars["gsurname"])) {
$err = "The character surname contains invalid characters.";
} elseif (!$vars["glevel"]) {
$err = "The character level cannot be blank.";
} elseif (eregi("[^[:digit:]]", $vars["glevel"])) {
$err = "The character level must be numeric.";
} elseif ($vars["glevel"] < 1) {
$err = "The character level must be at least 1.";
} elseif ($vars["glevel"] > 65) {
$err = "The character level must be 65 or less.";
} elseif (!$vars["class"]) {
$err = "The character class cannot be blank.";
} elseif (!isset($CLASSES[$vars["class"]]["name"])) {
$err = "That class does not exist.";
} elseif (!$vars["race"]) {
$err = "The character race cannot be blank.";
} elseif (!isset($RACES[$vars["race"]])) {
$err = "That race does not exist.";
} elseif (!$CLASSES[$vars["class"]][$vars["race"]]) {
$err = "A " . $RACES[$vars["race"]] . " cannot be a " . strtolower($CLASSES[$vars["class"]]["name"]) . ".";
} else {
$values .= "'" . $id . "',";
$values .= "'" . $vars["unreg_passwd"] . "',";
$values .= "'" . $vars["gname"] . "',";
$values .= "'" . $vars["gsurname"] . "',";
$values .= "'" . $vars["race"] . "',";
$values .= "'" . $vars["class"] . "',";
$values .= "'" . $vars["glevel"] . "'";
$query = "insert into eventguest (eid, unreg_password, name, surname, race, class, level) ";
$query .= "values ($values)";
update_db($query);
}
return $err;
}
function delete_greg($id, $vars) {
if (!$id) {
$err = ERR_ID_BLANK;
} elseif (eregi("[^[:digit:]]", $id)) {
$err = ERR_ID_INVALID;
} else {
$query = "select unreg_password";
$query .= " from eventguest";
$query .= " where eid = $id and egid = " . $vars["userchar"] . "";
query_db($query, $temp);
if (!strlen(trim($vars["unreg_passwd"]))) {
$err = "The UnRegister Password cannot be blank.";
} elseif (strcmp($vars["unreg_passwd"], $temp["unreg_password"])) {
$err = "The UnRegister Password does not match the one in the database.";
} else {
$query = "delete from eventguest";
$query .= " where egid = " . $vars["userchar"] . " and unreg_password = '" . $vars["unreg_passwd"] . "'";
update_db($query);
}
}
return $err;
}
?>