<?php
/**
* iLP System Offiziere Ereignisse anzeigen
*
* Autor: Florian "ApoY2k" Peschka
* Projekt: iLP System
* Paket: apoy2k.ilp.wrynn
* Lizenz: CreativeCommons (by-nc-sa)
* Kontakt: hide@address.com
* Version: 2.1.1
*/
// Alle Ereignisse suchen
if (!isset($tpl['url'][1]) || 'show' == $tpl['url'][1])
{
// Zusätzliche Header laden
$tpl['headincludes'][] = 'events.list';
$get_events = $db->prepare("SELECT ilp_event_types.name AS type_name, ilp_event_types.icon AS type_icon, ilp_events.id AS event_id, ilp_events.date AS event_date FROM ilp_event_types, ilp_events WHERE ilp_events.type = ilp_event_types.id ORDER BY ilp_events.date DESC, ilp_events.id DESC");
$get_events->execute();
// Wenn die Ereignisse gefunden wurde, deren Daten speichern.
if (1 <= $get_events->rowCount())
{
// Alle gefundenen Ereignisse speichern.
while($row = $get_events->fetch(PDO::FETCH_ASSOC))
{
$tpl['events'][] = $row;
}
}
else
{
$tpl['events']['error'] = true;
}
}
// Details eines bestimmten Ereignisses anzeigen
elseif ('edit' == $tpl['url'][1])
{
// Ereignisdaten bearbeiten
if (isset($tpl['url'][2]) && 'do' == $tpl['url'][2])
{
// Prüfen, ob ein gültiges Datum eingegeben wurde
if (isset($_POST['editevent_date']) && 1 == preg_match('/[0-9]{4}\-[0-9]{2}\-[0-9]{2}/', $_POST['editevent_date']))
{
// Wenn die Punktzahl geändert wurde, diese auf die Listen der Teilnehmer anwenden
$getvalue = $db->query("SELECT value FROM ilp_events WHERE id = ".$_POST['editevent_event_id']);
$event_value = $getvalue->fetch(PDO::FETCH_ASSOC);
if ($event_value['value'] != $_POST['editevent_value'])
{
// Differenz berechnen
$diff = $event_value['value'] - $_POST['editevent_value'];
// Teilnehmer suchen
$getattends = $db->query("SELECT user_id, value FROM ilp_event_attends WHERE event_id = ".$_POST['editevent_event_id']);
$attends = $getattends->fetchAll(PDO::FETCH_ASSOC);
foreach ($attends as $row)
{
// Wenn die Punkte des Teilnehmers dem Standardwert entsprechen, seine Liste anpassen
if ($event_value['value'] == $row['value'])
{
// Liste suchen
$getitems = $db->query("SELECT id, item_id, item_value FROM ilp_items WHERE user_id = ".$row['user_id']);
$items = $getitems->fetchAll(PDO::FETCH_ASSOC);
foreach ($items as $item)
{
// Neue Punktzahl berechnen
$new_value = $item['item_value'] - $diff;
writeLog($tpl['user']['id'], $row['user_id'], 'officer_change_item_value', array('item_id' => $item['item_id'], 'old_value' => $item['item_value'], 'new_value' => $new_value));
$setitem = $db->prepare("UPDATE ilp_items SET item_value = ? WHERE id = ?");
$setitem->execute(array($new_value, $item['id']));
if (1 != $setitem->rowCount())
{
$tpl['error']['action'] = 'Punktzahl anpassen';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:86';
$tpl['error']['result'] = serialize($setitem->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
// Teilnahme anpassen
$db->query("UPDATE ilp_event_attends SET value = ".$_POST['editevent_value']." WHERE user_id = ".$row['user_id']." AND event_id = ".$_POST['editevent_event_id']);
}
}
}
// Daten bearbeiten
writeLog($tpl['user']['id'], $tpl['user']['id'], 'officer_change_event', array('event_id' => $_POST['editevent_event_id'], 'type' => $_POST['editevent_type'], 'date' => $_POST['editevent_date'], 'comment' => $_POST['editevent_comment'], 'value' => $_POST['editevent_value']));
$editevent = $db->prepare("UPDATE ilp_events SET type = ?, date = ?, comment = ?, value = ? WHERE id = ?");
$editevent->execute(array($_POST['editevent_type'], $_POST['editevent_date'], $_POST['editevent_comment'], $_POST['editevent_value'], $_POST['editevent_event_id']));
if (1 == $editevent->rowCount() || '00000' == $editevent->errorCode())
{
header('Location: index.php?ilp='.ilpUrlEncode('events;edit;'.$_POST['editevent_event_id']));
}
else
{
$tpl['error']['action'] = 'Ereignis bearbeiten';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:106';
$tpl['error']['result'] = serialize($editevent->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
else
{
$tpl['error']['message'] = $lang['events']['details']['dateerror'];
$tpl['error']['ref'] = 'events;edit;'.$_POST['editevent_event_id'];
}
}
elseif ('do' != $tpl['url'][2])
{
// Zusätzliche Header laden
$tpl['headincludes'][] = 'events.detail';
$get_event = $db->prepare("SELECT ilp_events.id AS event_id, ilp_events.value, ilp_event_types.name AS type_name, ilp_event_types.icon AS type_icon, ilp_event_types.id AS type_id, ilp_events.date AS event_date, ilp_events.comment FROM ilp_event_types, ilp_events WHERE ilp_events.type = ilp_event_types.id AND ilp_events.id = ?");
$get_attends = $db->prepare("SELECT ilp_event_attends.value, ilp_event_attends.user_id, ilp_users.char FROM ilp_event_attends, ilp_users WHERE ilp_event_attends.user_id = ilp_users.id AND ilp_event_attends.event_id = ?");
$get_loots = $db->prepare("SELECT ilp_loots.id, ilp_loots.item_id, ilp_loots.looter_id, ilp_loots.value, ilp_users.char FROM ilp_loots, ilp_users, ilp_events WHERE ilp_loots.event_id = ilp_events.id AND ilp_loots.looter_id = ilp_users.id AND ilp_events.id = ? ORDER BY ilp_loots.id DESC");
// Ereignisarten suchen
$get_types = $db->prepare("SELECT id, `name` FROM ilp_event_types");
// Ereignis suchen
$get_event->execute(array($tpl['url'][2]));
// Wenn das Ereignis gefunden wurde, die Daten suchen und speichern.
if (1 == $get_event->rowCount())
{
$get_types->execute();
$tpl['event'] = $get_event->fetch(PDO::FETCH_ASSOC);
$tpl['event']['types'] = $get_types->fetchAll(PDO::FETCH_ASSOC);
$tpl['event']['comment'] = $tpl['event']['comment'];
// Alle Teilnehmer des Raids suchen
$get_attends->execute(array($tpl['url'][2]));
$tpl['event']['attends'] = array();
while ($row = $get_attends->fetch(PDO::FETCH_ASSOC))
{
// Charakterdaten auslesen und entschlüsselt übergeben.
$row['char'] = unserialize($row['char']);
$tpl['event']['attends'][] = $row;
}
$tpl['event']['attends'] = sortUsers($tpl['event']['attends']);
// Beute suchen
$get_loots->execute(array($tpl['url'][2]));
$tpl['event']['loots'] = array();
while ($row = $get_loots->fetch(PDO::FETCH_ASSOC))
{
// Charakterdaten auslesen und entschlüsselt übergeben.
$row['char'] = unserialize($row['char']);
$tpl['event']['loots'][] = $row;
}
}
else
{
$tpl['error']['action'] = 'Ereignis anzeigen';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:147';
$tpl['error']['result'] = var_dump($get_event->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
}
// Beute löschen
elseif ('deleteloot' == $tpl['url'][1])
{
if (isset($tpl['url'][2]) && 'do' == $tpl['url'][2])
{
// Prüfen, ob die Bestätigung richtig eingegeben wurde
if ($lang['page']['delete'] == $_POST['deleteloot_confirm'])
{
// Beute löschen
$deleteloot = $db->prepare("DELETE FROM ilp_loots WHERE id = ?");
$deleteloot->execute(array($_POST['deleteloot_loot_id']));
if (1 == $deleteloot->rowCount())
{
writeLog($tpl['user']['id'], $_POST['deleteloot_looter_id'], 'officer_delete_loot', array('event_id' => $_POST['deleteloot_event_id'], 'looter_id' => $_POST['deleteloot_looter_id'], 'item_id' => $_POST['deleteloot_item_id']));
header('Location: index.php?ilp='.ilpUrlEncode('events;edit;'.$_POST['deleteloot_event_id']));
}
else
{
$tpl['error']['action'] = 'Beute löschen';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:206';
$tpl['error']['result'] = serialize($deleteloot->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
else
{
$tpl['error']['message'] = $lang['events']['deleteloot']['confirm']['note'];
$tpl['error']['ref'] = 'events;deleteloot;'.$_POST['deleteloot_loot_id'].';'.$_POST['deleteloot_event_id'].';'.$_POST['deleteloot_looter_id'].';'.$_POST['deleteloot_item_id'];
}
}
else
{
// Zusätzliche Header laden
$tpl['headincludes'][] = 'events.deleteloot.form';
}
}
// Beute hinzufügen
elseif ('addloot' == $tpl['url'][1])
{
if (isset($tpl['url'][2]) && 'do' == $tpl['url'][2])
{
// Ermittlung der Kosten für den Gegenstand
$getvalue = $db->prepare("SELECT item_value FROM ilp_items WHERE user_id = ? AND item_id = ?");
$getvalue->execute(array($_POST['addloot_user'], $_POST['addloot_item_id']));
if (1 != $getvalue->rowcount())
{
$tpl['error']['message'] = $lang['events']['addloot']['itemerror'];
$tpl['error']['ref'] = 'events;addloot;'.$_POST['addloot_event'].';'.$_POST['addloot_user'].';'.$_POST['addloot_item_id'];
}
else
{
$value = $getvalue->fetch(PDO::FETCH_ASSOC);
$addloot_event = $db->prepare("INSERT INTO ilp_loots (event_id, looter_id, item_id, value) VALUES (?, ?, ?, ?)");
$addloot_list = $db->prepare("DELETE FROM ilp_items WHERE user_id = ? AND item_id = ?");
$addloot_event->execute(array($_POST['addloot_event'], $_POST['addloot_user'], $_POST['addloot_item_id'], $value['item_value']));
$addloot_list->execute(array($_POST['addloot_user'], $_POST['addloot_item_id']));
if (1 == $addloot_event->rowCount() && 1 == $addloot_list->rowCount())
{
writeLog($tpl['user']['id'], $_POST['addloot_user'], 'officer_add_loot', array('event_id' => $_POST['addloot_event'], 'item_id' => $_POST['addloot_item_id'], 'value' => $value['item_value']));
header('Location: index.php?ilp='.ilpUrlEncode('events;edit;'.$_POST['addloot_event']));
}
else
{
$tpl['error']['action'] = 'Beute hinzufügen';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:260';
$tpl['error']['result'] = serialize($addloot_event->errorInfo()).serialize($addloot_list->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
}
else
{
// Zusätzliche Header laden
$tpl['headincludes'][] = 'events.addloot.form';
// Ereignisse suchen
$get_events = $db->prepare("SELECT ilp_events.id, ilp_events.date, ilp_event_types.name FROM ilp_events, ilp_event_types WHERE ilp_events.type = ilp_event_types.id ORDER BY ilp_events.date DESC");
$get_events->execute();
$tpl['events'] = $get_events->fetchAll(PDO::FETCH_ASSOC);
// Spieler suchen
$get_users = $db->prepare("SELECT id AS user_id, `char` FROM ilp_users WHERE id != 0");
$get_users->execute();
while($row = $get_users->fetch(PDO::FETCH_ASSOC))
{
// Charakterstring umwandeln
$row['char'] = unserialize($row['char']);
$tpl['users'][] = $row;
}
$tpl['users'] = sortUsers($tpl['users']);
}
}
// Teilnehmer löschen
elseif ('deleteuser' == $tpl['url'][1])
{
if (isset($tpl['url'][2]) && 'do' == $tpl['url'][2])
{
// Prüfen, ob die Bestätigung richtig eingegeben wurde
if ($lang['page']['delete'] == $_POST['deleteuser_confirm'])
{
// Ermittlung der aktuellen Liste
$getitems = $db->prepare("SELECT id, item_id, item_value FROM ilp_items WHERE user_id = ?");
$getitems->execute(array($_POST['deleteuser_user_id']));
// Ermittlung der Punkte für dieses Ereignis
$getvalue = $db->prepare("SELECT value FROM ilp_event_attends WHERE user_id = ? AND event_id = ?");
$getvalue->execute(array($_POST['deleteuser_user_id'], $_POST['deleteuser_event_id']));
$value = $getvalue->fetch(PDO::FETCH_ASSOC);
// Punkte anpassen
$setvalue = $db->prepare("UPDATE ilp_items SET item_value = ? WHERE id = ?");
while ($row = $getitems->fetch(PDO::FETCH_ASSOC))
{
$new_value = $row['item_value'] - $value['value'];
writeLog($tpl['user']['id'], $_POST['deleteuser_user_id'], 'officer_change_item_value', array('item_id' => $row['item_id'], 'old_value' => $row['item_value'], 'new_value' => $new_value));
$setvalue->execute(array($new_value, $row['id']));
}
// Teilnahme löschen
$deleteuser = $db->prepare("DELETE FROM ilp_event_attends WHERE user_id = ? AND event_id = ?");
$deleteuser->execute(array($_POST['deleteuser_user_id'], $_POST['deleteuser_event_id']));
if (1 == $deleteuser->rowcount() || '00000' == $deleteuser->errorCode())
{
writeLog($tpl['user']['id'], $_POST['deleteuser_user_id'], 'officer_delete_attend', array('event_id' => $_POST['deleteuser_event_id'], 'user_id' => $_POST['deleteuser_user_id']));
header('Location: index.php?ilp='.ilpUrlEncode('events;edit;'.$_POST['deleteuser_event_id']));
}
else
{
$tpl['error']['action'] = 'Teilnehmer löschen';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:335';
$tpl['error']['result'] = serialize($deleteuser->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
else
{
$tpl['error']['message'] = $lang['events']['deleteuser']['confirm'];
$tpl['error']['ref'] = 'events;deleteuser;'.$_POST['deleteuser_user_id'].';'.$_POST['deleteuser_event_id'];
}
}
else
{
// Zusätzliche Header laden
$tpl['headincludes'][] = 'events.deleteuser.form';
}
}
// Punkte bearbeiten
elseif ('edituser' == $tpl['url'][1])
{
if (isset($tpl['url'][2]) && 'do' == $tpl['url'][2])
{
if (isset($_POST['edituser_value']))
{
$new_value = intval($_POST['edituser_value']);
// Ermittlung der aktuellen Liste
$getitems = $db->prepare("SELECT id, item_id, item_value FROM ilp_items WHERE user_id = ?");
$getitems->execute(array($_POST['edituser_user_id']));
// Ermittlung der Punkte für dieses Ereignis
$getvalue = $db->prepare("SELECT value FROM ilp_event_attends WHERE user_id = ? AND event_id = ?");
$getvalue->execute(array($_POST['edituser_user_id'], $_POST['edituser_event_id']));
$value = $getvalue->fetch(PDO::FETCH_ASSOC);
// Punkte anpassen
$setvalue = $db->prepare("UPDATE ilp_items SET item_value = ? WHERE id = ?");
while ($row = $getitems->fetch(PDO::FETCH_ASSOC))
{
$diff = $value['value'] - $new_value;
$new_item_value = $row['item_value'] - $diff;
// Wenn die Punktzahl verändert wird, diese anpassen
if ($new_item_value != $row['item_value'])
{
writeLog($tpl['user']['id'], $_POST['edituser_user_id'], 'officer_change_item_value', array('item_id' => $row['item_id'], 'old_value' => $row['item_value'], 'new_value' => $new_item_value));
$setvalue->execute(array($new_item_value, $row['id']));
if (1 != $setvalue->rowCount())
{
$tpl['error']['action'] = 'Punkte bearbeiten';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:395';
$tpl['error']['result'] = serialize($setvalue->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
}
// Teilnahme anpassen
writeLog($tpl['user']['id'], $_POST['edituser_user_id'], 'officer_edit_attend', array('event_id' => $_POST['edituser_event_id'], 'old_value' => $value['value'], 'new_value' => $new_value));
$setattend = $db->prepare("UPDATE ilp_event_attends SET value = ? WHERE user_id = ? AND event_id = ?");
$setattend->execute(array($new_value, $_POST['edituser_user_id'], $_POST['edituser_event_id']));
if (1 != $setattend->rowCount())
{
$tpl['error']['action'] = 'Teilnahme bearbeiten';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:411';
$tpl['error']['result'] = serialize($setvalue->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
if (!isset($tpl['error']))
{
header('Location: index.php?ilp='.ilpUrlEncode('events;edit;'.$_POST['edituser_event_id']));
}
}
else
{
$tpl['error']['message'] = $lang['error']['incomplete'];
$tpl['error']['ref'] = 'events;edituser;'.$_POST['edituser_user_id'].';'.$_POST['edituser_event_id'].';'.$_POST['edituser_old_value'];
}
}
else
{
// Zusätzliche Header laden
$tpl['headincludes'][] = 'events.edituser.form';
}
}
// Mehrere Teilnehmer hinzufügen
elseif ('users' == $tpl['url'][1])
{
if (isset($tpl['url'][2]) && 'do' == $tpl['url'][2])
{
if (isset($_POST['users']) && is_array($_POST['users']))
{
$users = $_POST['users'];
// Punktzahl des Ereignisses ermitteln
$getvalue = $db->prepare("SELECT value FROM ilp_events WHERE id = ?");
$getvalue->execute(array($_POST['event_id']));
$event_value = $getvalue->fetch(PDO::FETCH_ASSOC);
$set_value = $db->prepare("UPDATE ilp_items SET item_value = ? WHERE id = ?");
$set_attend = $db->prepare("INSERT INTO ilp_event_attends (event_id, user_id, value) VALUES (?, ?, ?)");
// Punktzahlen der Benutzer ermitteln
foreach ($users as $user)
{
// Teilnahme eintragen
writeLog($tpl['user']['id'], $user, 'officer_add_attend', array('event_id' => $_POST['event_id'], 'value' => $event_value['value']));
$set_attend->execute(array($_POST['event_id'], $user, $event_value['value']));
if (1 != $set_attend->rowCount() || '00000' != $set_attend->errorCode())
{
$tpl['error']['action'] = 'Teilnahme eitragen';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:464';
$tpl['error']['result'] = serialize($set_attend->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
else
{
$getitems = $db->query("SELECT id, item_id, item_value FROM ilp_items WHERE user_id = ".$user);
while ($items = $getitems->fetch(PDO::FETCH_ASSOC))
{
// Neue Punktzahl berechnen
$new_value = $items['item_value'] + $event_value['value'];
// Punktzahl speichern
writeLog($tpl['user']['id'], $user, 'officer_change_item_value', array('item_id' => $items['item_id'], 'old_value' => $items['item_value'], 'new_value' => $new_value));
// Wenn die Punktzahl verändert wird, diese anpassen
if ($new_value != $items['item_value'])
{
$set_value->execute(array($new_value, $items['id']));
if (1 != $set_value->rowCount() || '00000' != $set_value->errorCode())
{
$tpl['error']['action'] = 'Punktzahl erhöhen â User-ID: '.$user.', Item-ID: '.$items['item_id'];
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:489';
$tpl['error']['result'] = serialize($set_value->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
}
}
}
if (!isset($tpl['error']))
{
header('Location: index.php?ilp='.ilpUrlEncode('events;edit;'.$_POST['event_id']));
}
}
else
{
$tpl['error']['message'] = $lang['events']['users']['error'];
$tpl['error']['ref'] = 'events;users;'.$_POST['event_id'];
}
}
else
{
// Alle Spieler suchen und speichern
$getusers = $db->prepare("SELECT id AS user_id, `char` FROM ilp_users WHERE id != 0");
$getusers->execute();
// Charakterarray umwandeln
while ($row = $getusers->fetch(PDO::FETCH_ASSOC))
{
$row['char'] = unserialize($row['char']);
$tpl['users'][] = $row;
}
$tpl['users'] = sortUsers($tpl['users']);
}
}
// Ereignis erstellen
elseif ('create' == $tpl['url'][1])
{
if (isset($tpl['url'][2]) && 'do' == $tpl['url'][2])
{
if (isset($_POST['createevent_date']) && 1 == preg_match('/[0-9]{4}\-[0-9]{2}\-[0-9]{2}/', $_POST['createevent_date']))
{
if (isset($_POST['createevent_type']) && '' != $_POST['createevent_type'])
{
// Listen sperren
writeLog($tpl['user']['id'], $tpl['user']['id'], 'officer_lock_all_lists');
$db->query("UPDATE ilp_users SET locked = 1");
$db->query("UPDATE ilp_config SET config_value = 1 WHERE config_type = 'locked'");
// Ereignis erstellen
$createevent = $db->prepare("INSERT INTO ilp_events (type, date, created_id, comment) VALUES (?, ?, ?, ?)");
$createevent->execute(array($_POST['createevent_type'], $_POST['createevent_date'], $tpl['user']['id'], $_POST['createevent_comment']));
if (1 == $createevent->rowCount())
{
writeLog($tpl['user']['id'], $tpl['user']['id'], 'officer_create_event', array('type' => $_POST['createevent_type'], 'date' => $_POST['createevent_date'], 'comment' => $_POST['createevent_comment']));
header('Location: index.php?ilp='.ilpUrlEncode('events'));
}
else
{
$tpl['error']['action'] = 'Ereignis erstellen';
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:550';
$tpl['error']['result'] = serialize($createevent->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
else
{
$tpl['error']['message'] = $lang['events']['create']['typeerror'];
$tpl['error']['ref'] = 'events;create';
}
}
else
{
$tpl['error']['message'] = $lang['events']['details']['dateerror'];
$tpl['error']['ref'] = 'events;create';
}
}
else
{
// Ereignisarten suchen
$get_types = $db->prepare("SELECT id, `name` FROM ilp_event_types");
$get_types->execute();
$tpl['event']['types'] = $get_types->fetchAll(PDO::FETCH_ASSOC);
// Zusätzliche Header laden
$tpl['headincludes'][] = 'events.create.form';
}
}
// Ereignis löschen
elseif ('delete' == $tpl['url'][1] && isset($tpl['url'][2]) && 'do' == $tpl['url'][2])
{
// Prüfung, ob die Bestätigung richtig eingegeben wurde
if ($lang['page']['delete'] == $_POST['deleteevent_confirm'])
{
// Teilnehmer ermitteln
$getusers = $db->query("SELECT user_id, value FROM ilp_event_attends WHERE event_id = ".$_POST['deleteevent_event_id']);
$users = $getusers->fetchAll(PDO::FETCH_ASSOC);
$set_value = $db->prepare("UPDATE ilp_items SET item_value = ? WHERE id = ?");
// Punktzahlen der Benutzer ermitteln
foreach ($users as $user)
{
$getitems = $db->query("SELECT id, item_id, item_value FROM ilp_items WHERE user_id = ".$user['user_id']);
while ($items = $getitems->fetch(PDO::FETCH_ASSOC))
{
// Neue Punktzahl berechnen
$new_value = $items['item_value'] - $user['value'];
// Punktzahl speichern
writeLog($tpl['user']['id'], $user['user_id'], 'officer_change_item_value', array('item_id' => $items['item_id'], 'old_value' => $items['item_value'], 'new_value' => $new_value));
$set_value->execute(array($new_value, $items['id']));
if (1 != $set_value->rowCount())
{
$tpl['error']['action'] = 'Punktzahl verringern â User-ID: '.$user['user_id'].', Item-ID: '.$items['id'];
$tpl['error']['actor'] = $tpl['user']['login'].' â ID: '.$tpl['user']['id'];
$tpl['error']['location'] = 'events.php:619';
$tpl['error']['result'] = serialize($set_value->errorInfo());
$tpl['error']['level'] = '0 (base-php)';
}
}
}
// Beute löschen
$getloots = $db->query("SELECT id, looter_id, event_id, item_id FROM ilp_loots WHERE event_id = ".$_POST['deleteevent_event_id']);
while ($loot = $getloots->fetch(PDO::FETCH_ASSOC))
{
writeLog($tpl['user']['id'], $loot['looter_id'], 'officer_delete_loot', array('event_id' => $loot['event_id'], 'looter_id' => $loot['looter_id'], 'item_id' => $loot['item_id']));
$db->query("DELETE FROM ilp_loots WHERE id = ".$loot['id']);
}
// Ereignis löschen
writeLog($tpl['user']['id'], $tpl['user']['id'], 'officer_delete_event', array('event_id' => $_POST['deleteevent_event_id']));
$db->query("DELETE FROM ilp_events WHERE id = ".$_POST['deleteevent_event_id']);
if (!isset($tpl['error']))
{
header('Location: index.php?ilp='.ilpUrlEncode('events'));
}
}
else
{
$tpl['error']['message'] = $lang['events']['delete']['confirm'];
$tpl['error']['ref'] = 'events;edit;'.$_POST['deleteevent_event_id'];
}
}
// Alle Liste entsperren
elseif ('unlock' == $tpl['url'][1])
{
$db->query("UPDATE ilp_users SET locked = 0");
$db->query("UPDATE ilp_config SET config_value = 0 WHERE config_type = 'locked'");
$_SESSION['config']['locked'] = 0;
writeLog($tpl['user']['id'], $tpl['user']['id'], 'officer_unlock_all_lists');
header('Location: index.php?ilp='.$_GET['ref']);
}
?>