banner.php
5 years ago
cp-feedback.php
5 years ago
cp_admin_int_edition.inc.php
5 years ago
cpabc_appointments_admin_addbk.inc.php
5 years ago
cpabc_appointments_admin_int.inc.php
5 years ago
cpabc_appointments_admin_int_bookings_list.inc.php
5 years ago
cpabc_appointments_admin_int_calendar_list.inc.php
5 years ago
cpabc_apps_go.inc.php
5 years ago
cpabc_apps_on.inc.php
5 years ago
cpabc_publish_wizzard.inc.php
5 years ago
cpabc_scheduler.inc.php
5 years ago
index.html
5 years ago
cpabc_appointments_admin_int_bookings_list.inc.php
233 lines
| 1 | <?php |
| 2 | |
| 3 | if ( !is_admin() ) |
| 4 | { |
| 5 | echo 'Direct access not allowed.'; |
| 6 | exit; |
| 7 | } |
| 8 | |
| 9 | if (!defined('CP_CALENDAR_ID')) |
| 10 | define ('CP_CALENDAR_ID', 1); |
| 11 | |
| 12 | global $wpdb; |
| 13 | |
| 14 | $message = ""; |
| 15 | |
| 16 | $records_per_page = 50; |
| 17 | |
| 18 | function cpabc_bklist_verify_nonce() { |
| 19 | if (isset($_GET['rsave']) && $_GET['rsave'] != '') |
| 20 | $nonce = sanitize_text_field($_GET['rsave']); |
| 21 | else |
| 22 | $nonce = sanitize_text_field($_POST['rsave']); |
| 23 | $verify_nonce = wp_verify_nonce( $nonce, 'uname_abc_bklist'); |
| 24 | if (!$verify_nonce) |
| 25 | { |
| 26 | echo 'Error: Form cannot be authenticated (nonce failed). Please contact our <a href="https://abc.dwbooster.com/contact-us">support service</a> for verification and solution. Thank you.'; |
| 27 | exit; |
| 28 | } |
| 29 | } |
| 30 | |
| 31 | if (isset($_GET['delmark']) && $_GET['delmark'] != '') |
| 32 | { |
| 33 | cpabc_bklist_verify_nonce(); |
| 34 | for ($i=0; $i<=$records_per_page; $i++) |
| 35 | if (isset($_GET['c'.$i]) && $_GET['c'.$i] != '') |
| 36 | $wpdb->query( $wpdb->prepare('DELETE FROM `'.CPABC_APPOINTMENTS_CALENDARS_TABLE_NAME.'` WHERE id=%d', $_GET['c'.$i]) ); |
| 37 | $message = "Marked items deleted"; |
| 38 | } |
| 39 | else if (isset($_GET['ld']) && $_GET['ld'] != '') |
| 40 | { |
| 41 | cpabc_bklist_verify_nonce(); |
| 42 | $wpdb->query( $wpdb->prepare('DELETE FROM `'.CPABC_APPOINTMENTS_CALENDARS_TABLE_NAME.'` WHERE id=%d', $_GET['ld']) ); |
| 43 | $message = "Item deleted"; |
| 44 | } |
| 45 | else if (isset($_GET['del']) && $_GET['del'] == 'all') |
| 46 | { |
| 47 | cpabc_bklist_verify_nonce(); |
| 48 | $wpdb->query( $wpdb->prepare( 'DELETE FROM `'.CPABC_APPOINTMENTS_CALENDARS_TABLE_NAME.'` WHERE appointment_calendar_id=%d', CP_CALENDAR_ID ) ); |
| 49 | $message = "All items deleted"; |
| 50 | } |
| 51 | |
| 52 | |
| 53 | $mycalendarrows = $wpdb->get_results( 'SELECT * FROM '.CPABC_APPOINTMENTS_CONFIG_TABLE_NAME .' WHERE `'.CPABC_TDEAPP_CONFIG_ID.'`='.CP_CALENDAR_ID); |
| 54 | |
| 55 | if ( 'POST' == $_SERVER['REQUEST_METHOD'] && isset( $_POST['cpabc_appointments_post_options'] ) ) |
| 56 | echo "<div id='setting-error-settings_updated' class='updated settings-error'> <p><strong>Settings saved.</strong></p></div>"; |
| 57 | |
| 58 | $current_user = wp_get_current_user(); |
| 59 | |
| 60 | if (cpabc_appointment_is_administrator() || $mycalendarrows[0]->conwer == $current_user->ID) { |
| 61 | |
| 62 | $current_page = intval(cpabc_get_get_param("p")); |
| 63 | if (!$current_page) $current_page = 1; |
| 64 | |
| 65 | $cond = ''; |
| 66 | if (cpabc_get_get_param("search") != '') |
| 67 | { |
| 68 | $search_text = sanitize_text_field($_GET["search"]); |
| 69 | $cond .= " AND (title like '%".esc_sql($search_text)."%' OR description LIKE '%".esc_sql($search_text)."%')"; |
| 70 | } |
| 71 | if (cpabc_get_get_param("dfrom") != '') $cond .= " AND (datatime >= '".esc_sql(sanitize_text_field($_GET["dfrom"]))."')"; |
| 72 | if (cpabc_get_get_param("dto") != '') $cond .= " AND (datatime <= '".esc_sql(sanitize_text_field($_GET["dto"]))." 23:59:59')"; |
| 73 | |
| 74 | |
| 75 | $events = $wpdb->get_results( "SELECT * FROM ".CPABC_APPOINTMENTS_CALENDARS_TABLE_NAME." WHERE appointment_calendar_id=".CP_CALENDAR_ID.$cond." ORDER BY datatime DESC" ); |
| 76 | $total_pages = ceil(count($events) / $records_per_page); |
| 77 | |
| 78 | if ($message) echo "<div id='setting-error-settings_updated' class='updated settings-error'><p><strong>".$message."</strong></p></div>"; |
| 79 | |
| 80 | $nonce_un = wp_create_nonce( 'uname_abc_bklist' ); |
| 81 | |
| 82 | ?> |
| 83 | <script type="text/javascript"> |
| 84 | function cp_deleteMessageItem(id) |
| 85 | { |
| 86 | if (confirm('Are you sure that you want to delete this item?')) |
| 87 | { |
| 88 | document.location = 'admin.php?page=cpabc_appointments.php&rsave=<?php echo $nonce_un; ?>&cal=<?php echo intval($_GET["cal"]); ?>&list=1&ld='+id+'&r='+Math.random(); |
| 89 | } |
| 90 | } |
| 91 | function do_dexapp_deleteall() |
| 92 | { |
| 93 | if (confirm('Are you sure that you want to delete ALL bookings for this calendar? Note: This action cannot be undone.')) |
| 94 | { |
| 95 | document.location = 'admin.php?page=cpabc_appointments.php&rsave=<?php echo $nonce_un; ?>&cal=<?php echo intval($_GET["cal"]); ?>&list=1&del=all&r='+Math.random(); |
| 96 | } |
| 97 | } |
| 98 | </script> |
| 99 | <div class="wrap"> |
| 100 | <h1>Appointment Booking Calendar - Bookings List</h1> |
| 101 | |
| 102 | <input type="button" name="backbtn" value="Back to items list..." onclick="document.location='admin.php?page=cpabc_appointments.php';"> |
| 103 | |
| 104 | |
| 105 | <div id="normal-sortables" class="meta-box-sortables"> |
| 106 | <hr /> |
| 107 | <h3>This booking list applies only to: <?php echo $mycalendarrows[0]->uname; ?></h3> |
| 108 | </div> |
| 109 | |
| 110 | |
| 111 | <form action="admin.php" method="get"> |
| 112 | <input type="hidden" name="page" value="cpabc_appointments.php" /> |
| 113 | <input type="hidden" name="cal" value="<?php echo CP_CALENDAR_ID; ?>" /> |
| 114 | <input type="hidden" name="list" value="1" /> |
| 115 | Search for: <input type="text" name="search" value="<?php echo esc_attr(cpabc_get_get_param("search")); ?>" /> |
| 116 | From: <input autocomplete="off" type="text" id="dfrom" name="dfrom" value="<?php echo esc_attr(cpabc_get_get_param("dfrom")); ?>" /> |
| 117 | To: <input autocomplete="off" type="text" id="dto" name="dto" value="<?php echo esc_attr(cpabc_get_get_param("dto")); ?>" /> |
| 118 | <nobr><span class="submit"><input type="submit" name="ds" value="Filter" /></span> |
| 119 | <span class="submit"><input type="submit" name="cpabc_appointments_csv" value="Export to CSV" /></span></nobr> |
| 120 | |
| 121 | </form> |
| 122 | |
| 123 | <br /> |
| 124 | |
| 125 | <?php |
| 126 | |
| 127 | |
| 128 | echo paginate_links( array( |
| 129 | 'base' => 'admin.php?page=cpabc_appointments.php&cal='.CP_CALENDAR_ID.'&list=1%_%&dfrom='.urlencode(sanitize_text_field(cpabc_get_get_param("dfrom"))).'&dto='.urlencode(sanitize_text_field(cpabc_get_get_param("dto"))).'&search='.urlencode(sanitize_text_field(cpabc_get_get_param("search"))), |
| 130 | 'format' => '&p=%#%', |
| 131 | 'total' => $total_pages, |
| 132 | 'current' => $current_page, |
| 133 | 'show_all' => False, |
| 134 | 'end_size' => 1, |
| 135 | 'mid_size' => 2, |
| 136 | 'prev_next' => True, |
| 137 | 'prev_text' => '« '.__('Previous','appointment-booking-calendar'), |
| 138 | 'next_text' => __('Next','appointment-booking-calendar').' »', |
| 139 | 'type' => 'plain', |
| 140 | 'add_args' => False |
| 141 | ) ); |
| 142 | |
| 143 | ?> |
| 144 | |
| 145 | <div id="cpabc_printable_contents"> |
| 146 | <form name="dex_table_form" id="dex_table_form" action="admin.php" method="get"> |
| 147 | <input type="hidden" name="page" value="cpabc_appointments.php" /> |
| 148 | <input type="hidden" name="cal" value="<?php echo intval($_GET["cal"]); ?>" /> |
| 149 | <input type="hidden" name="list" value="1" /> |
| 150 | <input type="hidden" name="rsave" value="<?php echo $nonce_un; ?>" /> |
| 151 | <input type="hidden" name="delmark" value="1" /> |
| 152 | <table class="wp-list-table widefat fixed pages" cellspacing="0" width="100%"> |
| 153 | <thead> |
| 154 | <tr> |
| 155 | <th width="30" class="cpnopr"></th> |
| 156 | <th style="padding-left:7px;font-weight:bold;">Date</th> |
| 157 | <th style="padding-left:7px;font-weight:bold;">Title</th> |
| 158 | <th style="padding-left:7px;font-weight:bold;">Description</th> |
| 159 | <th style="padding-left:7px;font-weight:bold;">Quantity</th> |
| 160 | <th class="cpnopr" style="padding-left:7px;font-weight:bold;">Options</th> |
| 161 | </tr> |
| 162 | </thead> |
| 163 | <tbody id="the-list"> |
| 164 | <?php for ($i=($current_page-1)*$records_per_page; $i<$current_page*$records_per_page; $i++) if (isset($events[$i])) { ?> |
| 165 | <tr class='<?php if (!($i%2)) { ?>alternate <?php } ?>author-self status-draft format-default iedit' valign="top"> |
| 166 | <td width="1%" class="cpnopr"><input type="checkbox" name="c<?php echo $i-($current_page-1)*$records_per_page; ?>" value="<?php echo $events[$i]->id; ?>" /></td> |
| 167 | <td><?php echo substr($events[$i]->datatime,0,16); ?></td> |
| 168 | <td><?php echo str_replace('<','<',$events[$i]->title); ?></td> |
| 169 | <td><?php echo str_replace('--br />','<br />',str_replace('<','<',str_replace('<br />','--br />',$events[$i]->description))); ?></td> |
| 170 | <td><?php echo $events[$i]->quantity; ?></td> |
| 171 | <td class="cpnopr"> |
| 172 | <input type="button" name="caldelete_<?php echo $events[$i]->id; ?>" value="Delete" onclick="cp_deleteMessageItem(<?php echo $events[$i]->id; ?>);" /> |
| 173 | </td> |
| 174 | </tr> |
| 175 | <?php } ?> |
| 176 | </tbody> |
| 177 | </table> |
| 178 | </form> |
| 179 | </div> |
| 180 | |
| 181 | <br /><input type="button" name="pbutton" value="Print" onclick="do_dexapp_print();" /> |
| 182 | <div style="clear:both"></div> |
| 183 | <p class="submit" style="float:left;"><input type="button" name="pbutton" value="Delete marked items" onclick="do_dexapp_deletemarked();" /> </p> |
| 184 | |
| 185 | <p class="submit" style="float:left;"><input type="button" name="pbutton" value="Delete All Bookings" onclick="do_dexapp_deleteall();" /></p> |
| 186 | |
| 187 | |
| 188 | </div> |
| 189 | |
| 190 | |
| 191 | <script type="text/javascript"> |
| 192 | function do_dexapp_print() |
| 193 | { |
| 194 | w=window.open(); |
| 195 | w.document.write("<style>.cpnopr{display:none;};table{border:2px solid black;width:100%;}th{border-bottom:2px solid black;text-align:left}td{padding-left:10px;border-bottom:1px solid black;}</style>"+document.getElementById('cpabc_printable_contents').innerHTML); |
| 196 | w.print(); |
| 197 | } |
| 198 | function do_dexapp_deletemarked() |
| 199 | { |
| 200 | document.dex_table_form.submit(); |
| 201 | } |
| 202 | var $j = jQuery.noConflict(); |
| 203 | $j(function() { |
| 204 | $j("#dfrom").datepicker({ |
| 205 | dateFormat: 'yy-mm-dd' |
| 206 | }); |
| 207 | $j("#dto").datepicker({ |
| 208 | dateFormat: 'yy-mm-dd' |
| 209 | }); |
| 210 | }); |
| 211 | |
| 212 | </script> |
| 213 | |
| 214 | |
| 215 | |
| 216 | |
| 217 | <?php } else { ?> |
| 218 | <br /> |
| 219 | The current user logged in doesn't have enough permissions to edit this calendar. This user can edit only his/her own calendars. Please log in as administrator to get access to all calendars. |
| 220 | |
| 221 | <?php } ?> |
| 222 | |
| 223 | |
| 224 | |
| 225 | |
| 226 | |
| 227 | |
| 228 | |
| 229 | |
| 230 | |
| 231 | |
| 232 | |
| 233 |