*
* @copyright Copyright (c) 2007-2009 Luke Howell
*
* @license GPLv3 {@link http://www.gnu.org/licenses/gpl}
* @filesource
*/
/*
--------------------------------------------------------------------------
$Id$
--------------------------------------------------------------------------
This file is part of the WordPress Events Calendar plugin project.
For questions, help, comments, discussion, etc., please join our
forum at {@link http://www.wp-eventscalendar.com/forum}. You can
also go to Luke's ({@link http://www.lukehowelll.com}) blog.
WP Events Calendar is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see .
--------------------------------------------------------------------------
*/
if(!class_exists('EC_Management')):
require_once(EVENTSCALENDARCLASSPATH . '/ec_calendar.class.php');
require_once(EVENTSCALENDARCLASSPATH . '/ec_db.class.php');
require_once(EVENTSCALENDARCLASSPATH . '/ec_managementjs.class.php');
/**
* Dashboard management.
*
* Enables users to add/edit/delete events and control the widget.
*
* @package WP-Events-Calendar
* @since 6.0
*/
class EC_Management {
/**
* Month to manage.
* @var int
* @access private
*/
var $month;
/**
* Year to manage.
* @var int
* @access private
*/
var $year;
/**
* Hlds the http protocol string.
* @var string
* @access private
*/
var $deflinkout;
/**
* Holds the EC_Calendar object.
* @var object
* @access private
*/
var $calendar;
/**
* Holds the EC_DB object.
* @var Object
* @access private
*/
var $db;
/**
* Constructor.
*/
function EC_Management() {
$this->month = date('m');
$this->year = date('Y');
if (isset($_GET['EC_action'])) {
$this->month = $_GET['EC_action'] == 'switchMonthAdmin' ? $_GET['EC_month'] : date('m');
$this->year = $_GET['EC_action'] == 'switchMonthAdmin' ? $_GET['EC_year'] : date('Y');
}
$this->deflinkout = "http://";
$this->calendar = new EC_Calendar();
$this->db = new EC_DB();
}
/**
* Displays the admin calendar and Add Event form.
*
* If the form was submitted, adds or updates the event in database.
*
* @use EC_ManagementJS
*/
function display() {
global $wpdb, $current_user;
$js = new EC_ManagementJS();
// adds a new event to database
if(isset($_POST['EC_addEventFormSubmitted'])) {
// all the strings are escaped.
$title = $wpdb->escape($_POST['EC_title']);
$location = isset($_POST['EC_location']) && !empty($_POST['EC_location']) ? $wpdb->escape($_POST['EC_location']) : null;
$linkout = isset($_POST['EC_linkout']) && !empty($_POST['EC_linkout']) && ($_POST['EC_linkout'] != $this->deflinkout) ? $wpdb->escape($_POST['EC_linkout']) : null;
$description = $wpdb->escape($_POST['EC_description']);
$startDate = isset($_POST['EC_startDate']) && !empty($_POST['EC_startDate'])? $_POST['EC_startDate'] : date('Y-m-d');
$startTime = isset($_POST['EC_startTime']) && !empty($_POST['EC_startTime']) ? $_POST['EC_startTime'] : null;
$endDate = isset($_POST['EC_endDate']) && !empty($_POST['EC_endDate']) ? $_POST['EC_endDate'] : $startDate;
$endDate = strcmp($startDate, $endDate) > 0 ? $startDate : $endDate;
$endTime = isset($_POST['EC_endTime']) && !empty($_POST['EC_endTime']) ? $_POST['EC_endTime'] : null;
$accessLevel = $_POST['EC_accessLevel'];
$output = ""._c('Title','events-calendar').": $title ";
if(!empty($location) && !is_null($location))
$output .= ""._c('Location','events-calendar').": $location ";
if(!empty($linkout) && !is_null($linkout))
$output .= ""._c('Link out','events-calendar').": "._c('Click here','events-calendar')." ";
if(!empty($description) && !is_null($description))
$output .= ""._c('Description','events-calendar').": $description ";
if($startDate != $endDate )
$output .= ""._c('Start Date','events-calendar').": $startDate ";
if(!empty($startTime) || !is_null($startTime))
$output .= ""._c('Start Time','events-calendar').": $startTime ";
if($startDate != $endDate)
$output .= ""._c('End Date','events-calendar').": $endDate ";
if($startDate == $endDate)
$output .= ""._c('Date','events-calendar').": $startDate ";
if(!empty($endTime) && !empty($startTime) || !is_null($endTime) && !is_null($startTime))
$output .= ""._c('End Time','events-calendar').": $endTime ";
$post_id = null;
// do we have to insert a post?
if(isset($_POST['EC_doPost'])) {
$statusPost = $_POST['EC_statusPost'];
// FIXME $this->blog_post_author is not defined anywhere
// why is it here?
if (isset($this->blog_post_author) && !empty($this->blog_post_author))
$post_author = $this->blog_post_author;
else
$post_author = $current_user->data->ID;
$data = array(
'post_content' => stripslashes($output)
, 'post_title' => stripslashes($title)
, 'post_date' => date('Y-m-d H:i:s')
, 'post_category' => $post_author
, 'post_status' => $statusPost
, 'post_author' => $post_author
);
$post_id = wp_insert_post($data);
$results = $this->db->getLatestPost();
$postID = $results[0]->id;
}
$this->addEvent($title, $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID);
$splitDate = split("-", $startDate);
$this->month = $splitDate[1];
$this->year = $splitDate[0];
}
if(isset($_POST['EC_editEventFormSubmitted'])) {
$id = $_POST['EC_id'];
// some changes here. stop using $wpdb->escape. We are now using
// wpdb->insert in EC_DB. So no need to do it here and this is going
// to get rid of issue #40 where post title show quotes.
/*
$title = $wpdb->escape($_POST['EC_title']);
$location = isset($_POST['EC_location']) && !empty($_POST['EC_location']) ? $wpdb->escape($_POST['EC_location']) : null;
$linkout = isset($_POST['EC_linkout']) && !empty($_POST['EC_linkout']) && ($_POST['EC_linkout'] != $this->deflinkout) ? $wpdb->escape($_POST['EC_linkout']) : null;
$description = $wpdb->escape($_POST['EC_description']);
*/
$title = $_POST['EC_title'];
$location = isset($_POST['EC_location']) && !empty($_POST['EC_location']) ? $_POST['EC_location'] : null;
$linkout = isset($_POST['EC_linkout']) && !empty($_POST['EC_linkout']) && ($_POST['EC_linkout'] != $this->deflinkout) ? $_POST['EC_linkout'] : null;
$description = $_POST['EC_description'];
$startDate = isset($_POST['EC_startDate']) && !empty($_POST['EC_startDate'])? $_POST['EC_startDate'] : date('Y-m-d');
$startTime = isset($_POST['EC_startTime']) && !empty($_POST['EC_startTime']) ? $_POST['EC_startTime'] : null;
$endDate = isset($_POST['EC_endDate']) && !empty($_POST['EC_endDate']) ? $_POST['EC_endDate'] : $startDate;
$endDate = strcmp($startDate, $endDate) >= 0 ? $startDate : $endDate;
$endTime = isset($_POST['EC_endTime']) && !empty($_POST['EC_endTime']) ? $_POST['EC_endTime'] : null;
$accessLevel = $_POST['EC_accessLevel'];
$postID = isset($_POST['EC_postID']) && !empty($_POST['EC_postID']) ? $_POST['EC_postID'] : null;
$this->editEvent($id, $title, $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID);
$splitDate = split("-", $startDate);
$this->month = $splitDate[1];
$this->year = $splitDate[0];
}
// if user wants to edit an event, displays the form with data.
if(isset($_GET['EC_action']) && $_GET['EC_action'] == 'edit') {
$this->editEventForm($_GET['EC_id']);
// $js->calendarData($this->month, $this->year);
$js->calendarjs();
}
// otherwise, just show the calendar and the Add Event form
else {
$this->calendar->displayAdmin($this->year, $this->month);
$js->calendarData($this->month, $this->year);
$this->addEventForm();
}
}
/**
* Adds a new event to the database.
*
* @param string $title title of the event.
* @param string $location location of the event.
* @param string $linkout either a user provided URL or a link to the
* associated post if a post was published.
* @param string $startDate starting date of the event.
* @param string $startTime starting time of the event. Optional.
* @param string $endDate ending date of the event. If not provided, ewill be
* the same as starting date.
* @param string $endTime ending time of the event.
* @param int $accessLevel who can access this event.
* @param int $postID associated post id if available.
*/
function addEvent($title, $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID) {
$this->db->addEvent($title, $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID);
return;
}
/**
* Updates an already existing event in the database.
*
* @param string $title title of the event.
* @param string $location location of the event.
* @param string $linkout either a user provided URL or a link to the
* associated post if a post was published.
* @param string $startDate starting date of the event.
* @param string $startTime starting time of the event. Optional.
* @param string $endDate ending date of the event. If not provided, ewill be
* the same as starting date.
* @param string $endTime ending time of the event.
* @param int $accessLevel who can access this event.
* @param int $postID associated post id if available.
*/
function editEvent($id, $title, $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID) {
$this->db->editEvent($id, addslashes($title), $location, $linkout, $description, $startDate, $startTime, $endDate, $endTime, $accessLevel, $postID);
}
/**
* Outputs the Add Event form.
*
* Provides the HTML and Javascript necessary for the user to add and validate a new event.
*/
function addEventForm() {
?>
db->getEvent($id);
$event = $event[0];
$linkout = !is_null($event->eventLinkout) ? stripslashes($event->eventLinkout) : $this->deflinkout;
?>
$option )
$options[$key] = strip_tags(stripslashes($option));
update_option('widgetEventsCalendar', $options);
}
$title = htmlspecialchars($options['title'], ENT_QUOTES);
echo '';
?>