set_filenames(array( 'genheader' => 'generic_header.tpl', 'genfooter' => 'generic_footer.tpl', 'header' => 'addattendee_header.tpl', 'body' => 'addattendee_body.tpl', 'footer' => 'addattendee_footer.tpl' )); define( PREG_EMAIL, '/^(?:[\w-]*\w\.)*[\w-]*\w@(?:[a-zA-Z](?:[\w-]*\w)?\.)+[a-zA-Z](?:[\w-]*\w)?$/' ); define( PREG_NUMBER, '/^\d+$/' ); define( MAXLEN_EMAIL, 64 ); define( MAXLEN_POSTER, 64 ); define( MAXLEN_SEAT, 64 ); define( TITEMS, "ebfc_tour_items" ); define( TLOCS, "ebfc_tour_locations" ); define( TEMAILIDS, "ebfc_tour_emailids" ); define( DATEFORMAT, "'%W %M %e, %Y'" ); $ItemRawEmail = ""; $ItemRawSeat = ""; $ItemRawPoster = ""; $ItemRawTourId = -1; $ItemUniqueId = ""; $ValidItemData = 0; if( isset( $HTTP_POST_VARS['itemposter'] ) || isset( $HTTP_POST_VARS['itememail'] ) || isset( $HTTP_POST_VARS['itemseat'] ) || isset( $HTTP_POST_VARS['venueid'] ) ) { if( isset( $HTTP_POST_VARS['itememail'] ) ) { $ItemRawEmail = stripslashes( $HTTP_POST_VARS['itememail'] ); $ItemEmail = PrepareStringForDB( $HTTP_POST_VARS['itememail'] ); } if( isset( $HTTP_POST_VARS['itemseat'] ) ) { $ItemRawSeat = stripslashes( $HTTP_POST_VARS['itemseat'] ); $ItemSeat = PrepareStringForDB( $HTTP_POST_VARS['itemseat'] ); } else { $ItemSeat = ""; } if( isset( $HTTP_POST_VARS['itemposter'] ) ) { $ItemRawPoster = stripslashes( $HTTP_POST_VARS['itemposter'] ); $ItemPoster = PrepareStringForDB( $HTTP_POST_VARS['itemposter'] ); } if( isset( $HTTP_POST_VARS['venueid'] ) && preg_match( PREG_NUMBER, $HTTP_POST_VARS['venueid'] ) && $HTTP_POST_VARS['venueid'] > 0 ) { $ItemVenue = ( int )( $HTTP_POST_VARS['venueid'] / 100 ); $ItemDay = ( int )( $HTTP_POST_VARS['venueid'] % 100 ); $Sql = "SELECT id FROM " . TLOCS . " WHERE id='$ItemVenue' AND numdates>='$ItemDay'" . " AND 0<'$ItemDay'"; ++$NumSqlQueries; mysql_query( $Sql, $DBLink ); if( mysql_affected_rows( $DBLink ) > 0 ) { $ItemRawTourId = $HTTP_POST_VARS['venueid']; } else { $ItemVenue = -1; $ItemDay = -1; } } if( isset( $HTTP_POST_VARS['uniqueid'] ) && preg_match( PREG_SECRET, $HTTP_POST_VARS['uniqueid'] ) ) { $ItemUniqueId = $HTTP_POST_VARS['uniqueid']; $Sql = "SELECT id FROM " . TITEMS . " WHERE uniqueid='$ItemUniqueId'"; ++$NumSqlQueries; mysql_query( $Sql, $DBLink ); if( mysql_affected_rows( $DBLink ) > 0 ) { $ItemUniqueId = ""; } } if( $ItemRawTourId < 0 ) { $Error = 15; $ErrorInfo = "Please select a valid venue"; } else if( !isset( $HTTP_POST_VARS['itemposter'] ) || strlen( $ItemPoster ) > MAXLEN_POSTER || strlen( $ItemPoster ) < 1 ) { $Error = 10; $ErrorInfo = "Please enter a valid name up to " . MAXLEN_POSTER . " characters"; } else if( !isset( $HTTP_POST_VARS['itememail'] ) || !preg_match( PREG_EMAIL, $HTTP_POST_VARS['itememail'] ) || strlen( $ItemEmail ) > MAXLEN_EMAIL ) { $Error = 8; $ErrorInfo = "Please enter a valid email address up to " . MAXLEN_EMAIL . " characters"; } else if( isset( $HTTP_POST_VARS['itemseat'] ) # optional && strlen( $ItemSeat ) > MAXLEN_SEAT ) { $Error = 9; $ErrorInfo = "Please enter a valid seat up to " . MAXLEN_SEAT . " characters"; } else if( !strcmp( "", $ItemUniqueId ) ) { $Error = 16; $ErrorInfo = "Please retry your submission"; } if( !$Error ) { $Error = AddEmailId( $DBLink, $ItemRawEmail, $ItemEmailId ); $ValidItemData = 1; } } if( $Error > 0 ) { // If we've already encountered an error, don't process more } else if( isset( $HTTP_POST_VARS['additem' ] ) && $ValidItemData ) { $Sql = "INSERT INTO ". TITEMS ." (tourid,datenum,poster,email,emailid,seat,postdate," ."uniqueid) VALUES " ."('$ItemVenue','$ItemDay','$ItemPoster','$ItemEmail'" .",'$ItemEmailId','$ItemSeat',NOW(),'$ItemUniqueId')"; ++$NumSqlQueries; mysql_query( $Sql, $DBLink ); if( 0 >= mysql_affected_rows( $DBLink ) ) { $Error = 6; $ErrorInfo = "SQL query failed: " . mysql_error( $DBLink ) .": $Sql"; } else { $ErrorInfo = "Entry added successfully. Please allow up to 48 hours for the next page update"; } } $Template->assign_vars(array( 'UID' => $UidField, 'UNIQUEID' => GenerateSecret( ) )); if( $Error ) { $Template->assign_vars(array( 'POSTER' => $ItemRawPoster, 'EMAIL' => $ItemRawEmail, 'SEAT' => $ItemRawSeat )); } else { # Data successfully inserted into table, don't display prior values $ItemRawTourId = -1; $Template->assign_vars(array( 'POSTER' => "", 'EMAIL' => "", 'SEAT' => "" )); } $Sql = "SELECT id,city,numdates,DATE_FORMAT(date1," . DATEFORMAT .") AS fdate1,DATE_FORMAT(date2," . DATEFORMAT .") AS fdate2,DATE_FORMAT(date3," . DATEFORMAT .") AS fdate3,DATE_FORMAT(date4," . DATEFORMAT .") AS fdate4,DATE_FORMAT(date5," . DATEFORMAT .") AS fdate5,DATE_FORMAT(date6," . DATEFORMAT .") AS fdate6,DATE_FORMAT(date7," . DATEFORMAT .") AS fdate7,DATE_FORMAT(date8," . DATEFORMAT .") AS fdate8,DATE_FORMAT(date9," . DATEFORMAT .") AS fdate9 FROM " . TLOCS ." ORDER BY date1 ASC"; ++$NumSqlQueries; $Result = mysql_query( $Sql, $DBLink ); if( !$Result ) { $Error = 1; $ErrorInfo = "SQL query failed: " . mysql_error( $DBLink ) .": $Sql"; } else if( !mysql_affected_rows( $DBLink ) ) { $Error = 2; $ErrorInfo = "No rows were returned"; } else { $Template->assign_block_vars('venue', array( 'FIELDID' => "0", 'CITY' => "Please select a venue", 'SELECTVENUE' => "" )); while( ( $RowSet = mysql_fetch_assoc( $Result ) ) ) { $CurTourId = $RowSet['id']; $CurTourCity = $RowSet['city']; $CurNumDates = $RowSet['numdates']; for( $Ctr = 1; $Ctr <= $CurNumDates; ++$Ctr ) { $CurFieldId = $CurTourId * 100 + $Ctr; $CurTourDate = $RowSet['fdate' . $Ctr]; $SelectVenue = ""; if( ( $CurTourId * 100 + $Ctr ) == $ItemRawTourId ) { $SelectVenue = "SELECTED"; } $Template->assign_block_vars('venue', array( 'FIELDID' => $CurFieldId, 'CITY' => "$CurTourCity -- $CurTourDate", 'SELECTVENUE' => $SelectVenue )); } } } $Template->assign_vars(array( 'ERRORMSG' => $ErrorInfo )); $Template->assign_var_from_handle( 'GENERICHEADER', 'genheader' ); $Template->pparse( 'header' ); $Template->pparse( 'body' ); // Determine page render time $EndTime = microtime( ); list( $StartUSec, $StartSec ) = explode( " ", $StartTime ); list( $EndUSec, $EndSec ) = explode( " ", $EndTime ); $TotalTime = ( int )( ( $EndSec - $StartSec ) * 1000 + ( $EndUSec - $StartUSec ) * 1000 ); $Template->assign_vars(array( 'GENTIME' => "$TotalTime", 'NUMQUERIES' => "$NumSqlQueries" )); $Template->assign_var_from_handle( 'GENERICFOOTER', 'genfooter' ); $Template->pparse( 'footer' ); ?>