dex_bccf_admin_int_bookings_list.inc.php — Booking Calendar Contact Form trunk

booking-calendar-contact-form / dex_bccf_admin_int_bookings_list.inc.php

booking-calendar-contact-form Last commit date

addons 6 months ago captcha 4 months ago css 5 years ago images 7 years ago js 1 month ago languages 3 years ago README.txt 1 month ago banner.php 1 year ago changelog.txt 9 years ago cp-feedback.php 3 years ago cp_admin_int_add_booking.inc.php 3 years ago cp_admin_int_edition.inc.php 3 years ago dex-publish-wizzard.inc.php 2 years ago dex_bccf.php 1 month ago dex_bccf_admin_int.inc.php 3 years ago dex_bccf_admin_int_bookings_list.inc.php 1 year ago dex_bccf_admin_int_calendar_list.inc.php 2 months ago dex_scheduler.inc.php 4 months ago dex_scheduler_block.inc.php 2 years ago

dex_bccf_admin_int_bookings_list.inc.php

241 lines

1	<?php
2
3	if ( !is_admin() )
4	{
5	echo 'Direct access not allowed.';
6	exit;
7	}
8
9	if (!defined('CP_BCCF_CALENDAR_ID'))
10	define ('CP_BCCF_CALENDAR_ID',intval($_GET["cal"]));
11
12	global $wpdb;
13	$mycalendarrows = $wpdb->get_results( $wpdb->prepare( 'SELECT * FROM '.DEX_BCCF_CONFIG_TABLE_NAME .' WHERE `'.TDE_BCCFCONFIG_ID.'`=%d', CP_BCCF_CALENDAR_ID ) );
14
15	$message = "";
16
17	$records_per_page = 25;
18
19	if (!empty($_REQUEST['_wpnonce']) && wp_verify_nonce( $_REQUEST['_wpnonce'], 'uname_bccf' ) && isset($_GET['delmark']) && $_GET['delmark'] != '')
20	{
21	for ($i=0; $i<=$records_per_page; $i++)
22	if (isset($_GET['c'.$i]) && $_GET['c'.$i] != '')
23	$wpdb->query('DELETE FROM `'.DEX_BCCF_CALENDARS_TABLE_NAME.'` WHERE id='.intval($_GET['c'.$i]));
24	$message = "Marked items deleted";
25	}
26	else if (!empty($_REQUEST['_wpnonce']) && wp_verify_nonce( $_REQUEST['_wpnonce'], 'uname_bccf' ) && isset($_GET['del']) && $_GET['del'] == 'all')
27	{
28	if (CP_BCCF_CALENDAR_ID == '' \|\| CP_BCCF_CALENDAR_ID == '0')
29	$wpdb->query('DELETE FROM `'.DEX_BCCF_CALENDARS_TABLE_NAME.'`');
30	else
31	$wpdb->query('DELETE FROM `'.DEX_BCCF_CALENDARS_TABLE_NAME.'` WHERE reservation_calendar_id='.intval(CP_BCCF_CALENDAR_ID));
32	$message = "All items deleted";
33	}
34	else if (!empty($_REQUEST['_wpnonce']) && wp_verify_nonce( $_REQUEST['_wpnonce'], 'uname_bccf' ) && isset($_GET['ld']) && $_GET['ld'] != '')
35	{
36	$wpdb->query('DELETE FROM `'.DEX_BCCF_CALENDARS_TABLE_NAME.'` WHERE id='.intval($_GET['ld']));
37	$message = "Item deleted";
38	}
39
40	if ($message) echo "<div id='setting-error-settings_updated' class='updated settings-error'> <p><strong>".esc_html($message)."</strong></p></div>";
41
42	$current_user = wp_get_current_user();
43
44	if (cp_bccf_is_administrator() \|\| $mycalendarrows[0]->conwer == $current_user->ID) {
45
46	if (!empty($_GET["p"]))
47	$current_page = intval($_GET["p"]);
48	else
49	$current_page = 1;
50
51	$cond = '';
52	if (!empty($_GET["search"]))
53	{
54	if (is_numeric($_GET["search"]))
55	$cond .= " AND (title like '%".esc_sql($_GET["search"])."%' OR description LIKE '%".esc_sql($_GET["search"])."%' OR id=".intval($_GET["search"]).")";
56	else
57	$cond .= " AND (title like '%".esc_sql($_GET["search"])."%' OR description LIKE '%".esc_sql($_GET["search"])."%')";
58	}
59	if (!empty($_GET["dfrom"]) && $_GET["dfrom"] != '') $cond .= " AND (datatime_s >= '".esc_sql($_GET["dfrom"])."')";
60	if (!empty($_GET["dto"]) && $_GET["dto"] != '') $cond .= " AND (datatime_s <= '".esc_sql($_GET["dto"])." 23:59:59')";
61
62	$orderbylist = array('datatime_s DESC','datatime_s DESC','datatime_s ASC','id DESC','id ASC','status DESC,statuscancel DESC, id DESC','status ASC,statuscancel ASC, id ASC');
63	$orderby = $orderbylist[0];
64	if (isset($_GET["orderby"]) && $orderbylist[intval($_GET["orderby"])]) $orderby = $orderbylist[intval($_GET["orderby"])];
65
66
67	$events = $wpdb->get_results( "SELECT * FROM ".DEX_BCCF_CALENDARS_TABLE_NAME." WHERE reservation_calendar_id=".intval(CP_BCCF_CALENDAR_ID).$cond." ORDER BY ".esc_sql($orderby) );
68
69	$total_pages = ceil(count($events) / $records_per_page);
70
71	$option_calendar_enabled = dex_bccf_get_option('calendar_enabled', DEX_BCCF_DEFAULT_CALENDAR_ENABLED);
72
73	$nonce_un = wp_create_nonce( 'uname_bccf' );
74
75	?>
76	<script type="text/javascript">
77	function cp_deleteMessageItem(id)
78	{
79	if (confirm('Are you sure that you want to delete this item? Note: This cantion cannot be undone.'))
80	{
81	document.location = 'admin.php?page=dex_bccf.php&cal=<?php echo intval($_GET["cal"]); ?>&list=1&_wpnonce=<?php echo esc_js($nonce_un); ?>&ld='+id+'&r='+Math.random();
82	}
83	}
84	function cp_deletemarked()
85	{
86	if (confirm('Are you sure that you want to delete the marked items?'))
87	document.dex_table_form.submit();
88	}
89	function cp_deleteall()
90	{
91	if (confirm('Are you sure that you want to delete ALL bookings for this form?'))
92	{
93	document.location = 'admin.php?page=dex_bccf.php&cal=<?php echo intval(CP_BCCF_CALENDAR_ID); ?>&list=1&del=all&_wpnonce=<?php echo esc_js($nonce_un); ?>';
94	}
95	}
96	function cp_markall()
97	{
98	var ischecked = document.getElementById("cpcontrolck").checked;
99	<?php for ($i=($current_page-1)$records_per_page; $i<$current_page$records_per_page; $i++) if (isset($events[$i])) { ?>
100	document.forms.dex_table_form.c<?php echo $i-($current_page-1)*$records_per_page; ?>.checked = ischecked;
101	<?php } ?>
102	}
103	</script>
104	<div class="wrap">
105	<h1>Booking Calendar Contact Form - Bookings List</h1>
106
107	<input type="button" name="backbtn" value="Back to items list..." onclick="document.location='admin.php?page=dex_bccf.php';">
108
109
110	<div id="normal-sortables" class="meta-box-sortables">
111	<hr />
112	<h3>This booking list applies only to: <?php echo esc_html($mycalendarrows[0]->uname); ?></h3>
113	</div>
114
115
116	<form action="admin.php" method="get">
117	<input type="hidden" name="page" value="dex_bccf.php" />
118	<input type="hidden" name="cal" value="<?php echo esc_attr(CP_BCCF_CALENDAR_ID); ?>" />
119	<input type="hidden" name="list" value="1" />
120	<nobr>Search for: <input type="text" name="search" value="<?php if (!empty($_GET["search"])) echo esc_attr(sanitize_text_field($_GET["search"])); ?>" />      </nobr>
121	<nobr>From: <input autocomplete="off" type="text" id="dfrom" name="dfrom" value="<?php if (!empty($_GET["dfrom"])) echo esc_attr(sanitize_text_field($_GET["dfrom"])); ?>" />      </nobr>
122	<nobr>To: <input autocomplete="off" type="text" id="dto" name="dto" value="<?php if (!empty($_GET["dto"])) echo esc_attr(sanitize_text_field($_GET["dto"])); ?>" />      </nobr>
123	<nobr>OrderBy: <select id="orderby" name="orderby">
124	<option value="1" <?php if (isset($_GET["orderby"]) && $_GET["orderby"] == '1') echo ' selected'; ?>>Booked date - DESC</option>
125	<option value="2" <?php if (isset($_GET["orderby"]) && $_GET["orderby"] == '2') echo ' selected'; ?>>Booked date - ASC</option>
126	<option value="3" <?php if (isset($_GET["orderby"]) && $_GET["orderby"] == '3') echo ' selected'; ?>>Submission date - DESC</option>
127	<option value="4" <?php if (isset($_GET["orderby"]) && $_GET["orderby"] == '4') echo ' selected'; ?>>Submission date - ASC</option>
128	<option value="5" <?php if (isset($_GET["orderby"]) && $_GET["orderby"] == '5') echo ' selected'; ?>>Status - DESC</option>
129	<option value="6" <?php if (isset($_GET["orderby"]) && $_GET["orderby"] == '6') echo ' selected'; ?>>Status - ASC</option>
130	</select>      </nobr>
131	<span class="submit"><input type="submit" name="ds" value="Filter" /></span>
132	</form>
133
134	<br />
135
136	<?php
137
138
139	echo paginate_links( array(
140	'base' => 'admin.php?page=dex_bccf.php&cal='.CP_BCCF_CALENDAR_ID.'&list=1%_%&dfrom='.(!empty($_GET["dfrom"])?urlencode(sanitize_text_field($_GET["dfrom"])): '').'&dto='.(!empty($_GET["dfrom"])?urlencode(sanitize_text_field($_GET["dto"])): '').'&search='.(!empty($_GET["dfrom"])?urlencode(sanitize_text_field($_GET["search"])): ''),
141	'format' => '&p=%#%',
142	'total' => $total_pages,
143	'current' => $current_page,
144	'show_all' => False,
145	'end_size' => 1,
146	'mid_size' => 2,
147	'prev_next' => True,
148	'prev_text' => '« '.__('Previous','booking-calendar-contact-form'),
149	'next_text' => __('Next','booking-calendar-contact-form').' »',
150	'type' => 'plain',
151	'add_args' => False
152	) );
153
154	?>
155
156	<div id="dex_printable_contents">
157	<form name="dex_table_form" id="dex_table_form" action="admin.php" method="get">
158	<input type="hidden" name="page" value="dex_bccf.php" />
159	<input type="hidden" name="_wpnonce" value="<?php echo esc_attr($nonce_un); ?>" />
160	<input type="hidden" name="cal" value="<?php echo intval(CP_BCCF_CALENDAR_ID); ?>" />
161	<input type="hidden" name="list" value="1" />
162	<input type="hidden" name="delmark" value="1" />
163	<table class="wp-list-table widefat fixed pages" cellspacing="0">
164	<thead>
165	<tr>
166	<th width="30" class="cpnopr"><input type="checkbox" name="cpcontrolck" id="cpcontrolck" value="" onclick="cp_markall();"></th>
167	<th style="padding-left:7px;font-weight:bold;width:70px;">ID</th>
168	<th style="padding-left:7px;font-weight:bold;">Date</th>
169	<th style="padding-left:7px;font-weight:bold;">Title</th>
170	<th style="padding-left:7px;font-weight:bold;">Description</th>
171	<th style="padding-left:7px;font-weight:bold;" class="delbtn">Options</th>
172	</tr>
173	</thead>
174	<tbody id="the-list">
175	<?php for ($i=($current_page-1)$records_per_page; $i<$current_page$records_per_page; $i++) if (isset($events[$i])) { ?>
176	<tr class='<?php if (!($i%2)) { ?>alternate <?php } ?>author-self status-draft format-default iedit' valign="top">
177	<td width="1%" class="cpnopr"><input type="checkbox" name="c<?php echo $i-($current_page-1)*$records_per_page; ?>" value="<?php echo $events[$i]->id; ?>" /></td>
178	<td width="1%"><?php echo $events[$i]->id; ?></td>
179	<td><?php echo substr($events[$i]->datatime_s,0,10); ?><?php if ($option_calendar_enabled != 'false') { ?> - <?php echo substr($events[$i]->datatime_e,0,10); ?><?php } ?></td>
180	<td><?php echo esc_html($events[$i]->title); ?></td>
181	<td style="white-space: pre;"><?php echo esc_html( str_replace("<br /><br />","\n",str_replace("<br /><br />","\n",$events[$i]->description))); ?></td>
182	<td class="delbtn">
183	<input type="button" name="caldelete_<?php echo $events[$i]->id; ?>" value="Delete" onclick="cp_deleteMessageItem(<?php echo $events[$i]->id; ?>);" />
184	</td>
185	</tr>
186	<?php } ?>
187	</tbody>
188	</table>
189	</form>
190	</div>
191
192	<p class="submit"><input type="button" name="pbutton" value="Print" onclick="do_dexapp_print();" /></p>
193	<div style="clear:both"></div>
194	<p class="submit" style="float:left;"><input type="button" name="pbutton" value="Delete marked items" onclick="cp_deletemarked();" />       </p>
195	<p class="submit" style="float:left;"><input type="button" name="pbutton" value="Delete All Bookings" onclick="cp_deleteall();" /></p>
196	<div style="clear:both"></div>
197
198	</div>
199
200
201	<script type="text/javascript">
202	function do_dexapp_print()
203	{
204	w=window.open();
205	w.document.write("<style>.delbtn{display:none}table{border:2px solid black;width:100%;}th{border-bottom:2px solid black;text-align:left}td{padding-left:10px;border-bottom:1px solid black;}</style>"+document.getElementById('dex_printable_contents').innerHTML);
206	w.print();
207	w.close();
208	}
209
210	var $j = jQuery.noConflict();
211	$j(function() {
212	$j("#dfrom").datepicker({
213	dateFormat: 'yy-mm-dd'
214	});
215	$j("#dto").datepicker({
216	dateFormat: 'yy-mm-dd'
217	});
218	});
219
220	</script>
221
222
223
224
225	<?php } else { ?>
226	<br />
227	The current user logged in doesn't have enough permissions to edit this calendar. This user can edit only his/her own calendars. Please log in as administrator to get access to all calendars.
228
229	<?php } ?>
230
231
232
233
234
235
236
237
238
239
240
241