diff --git a/categories.php b/categories.php index df1476e..40ae694 100755 --- a/categories.php +++ b/categories.php @@ -1,121 +1,136 @@ '; - echo '
'; +echo '
'; +echo '
'; - if ( $_POST ) - { - $queryDelete = 'UPDATE categories SET permanent=0 WHERE categoryID = '; - $queryAdd = 'UPDATE categories SET permanent=1 WHERE categoryID = '; - - $addArray = array_keys( $_POST, 'add' ); - $deleteArray = array_keys( $_POST, 'delete' ); +if ($_POST) { + $query_delete = 'UPDATE categories SET permanent=0 WHERE categoryID = '; + $query_add = 'UPDATE categories SET permanent=1 WHERE categoryID = '; + $add_array = array_keys($_POST, 'add'); + $delete_array = array_keys($_POST, 'delete'); - if ( $addArray ) - { - $queryAdd .= implode( ' OR categoryID = ', $addArray ); - $resultAdd = mysql_query($queryAdd); - echo mysql_error(); - /* To do: error check */ - } + if ($addArray) { + $query_add .= implode(' OR categoryID = ', $add_array); + $result_add = mysql_query($query_add); + echo mysql_error(); + /* To do: error check */ + } - if ( $deleteArray ) - { - $queryDelete .= implode( ' OR categoryID = ', $deleteArray ); - $resultDelete = mysql_query($queryDelete); - echo mysql_error(); - /* To do: error check */ - } - } + if ($delete_array) { + $query_delete .= implode(' OR categoryID = ', $delete_array); + $result_delete = mysql_query($query_delete); + echo mysql_error(); + /* To do: error check */ + } +} - $queryPerm = "SELECT * FROM categories +$query_perm = "SELECT * FROM categories WHERE permanent=1 ORDER BY requestCount DESC, categoryName ASC"; - $resultPerm = mysql_query($queryPerm); +$result_perm = mysql_query($query_perm); - $queryTemp = "SELECT * FROM categories +$query_temp = "SELECT * FROM categories WHERE permanent=0 ORDER BY requestCount DESC, categoryName ASC"; - $resultTemp = mysql_query($queryTemp); - ?> +$result_temp = mysql_query($query_temp); +?> -
- - - - + +
-

Permanent Categories

-
+ + + - - - - - + + + + + - + - - - - - + + + + + - + - - - + + + - - - - - + + + + + - + - - - - - + + + + + - + -
+

Permanent Categories

+
CategoryRequestsDelete
CategoryRequestsDelete
-

Temporary Categories

-
+

Temporary Categories

+
CategoryRequestsAdd
CategoryRequestsAdd
+ - -
+ + - +th { + text-align: left; + font-size: 14px; +color: #555; +} + - '; - require_once 'sidebar.php'; - echo '
'; - require_once 'footer.php'; +'; +require_once 'sidebar.php'; +echo '
'; +require_once 'footer.php'; ?> diff --git a/categoryAdmin2.php b/categoryAdmin2.php old mode 100644 new mode 100755 index c201b25..c40b454 --- a/categoryAdmin2.php +++ b/categoryAdmin2.php @@ -1,6 +1,26 @@ @@ -91,7 +111,7 @@ +======= +
+ + + +>>>>>>> 1ef07e0bea934714cba763681af66315bd2e000b
@@ -130,7 +140,7 @@ function date_to_string($array) { $endingDate = explode("-", $array[0][4]); $endingTime = explode(":", $array[0][5]); $googleDate = sprintf("%04d%02d%02dT%02d%02d00Z/%04d%02d%02dT%02d%02d00Z", - $startingDate[1], $startingDate[1], $startingDate[2], + $startingDate[0], $startingDate[1], $startingDate[2], ($startingTime[0] + 6), $endingTime[1], $endingDate[0], $endingDate[1], $endingDate[2], ($endingTime[0] + 06), $endingTime[1]); diff --git a/edit_submit.php b/edit_submit.php index e55ba28..3761a0c 100644 --- a/edit_submit.php +++ b/edit_submit.php @@ -31,7 +31,7 @@ $end_time = $end_temp[1]; $start = $start_date.' '.$start_time; $end = $end_date.' '.$end_time; - if(($start < $right_now) || ($end < $right_now)) { + if(($end < $right_now) || ($end < $start)) { header('Location: '.ed(false).'edit.php?time=f&s=t&eventID='.$eventID); exit(); } diff --git a/flag_admin.php b/flag_admin.php new file mode 100644 index 0000000..c47ed15 --- /dev/null +++ b/flag_admin.php @@ -0,0 +1,36 @@ +'; + echo '
'; + echo 'Administration page for flagged events


'; + + $flagged_query = "SELECT eventID, eventName, flaggedCount FROM events + WHERE events.flagged=1"; + $flagged_result = mysql_query($flagged_query); + + if (mysql_num_rows($flagged_result) != 0) { + while($row = mysql_fetch_row($flagged_result)) { + echo ''.$row[1].' has been flagged '.$row[2].' times'; + echo '
'; + echo ' I checked it dude. It is ok now... '; + echo '
'; + echo '
'; + } + } + + } else { + header('Location: '.ed(false).'index.php'); + exit(); + } + + echo '
'; + include 'sidebar.php'; + echo '
'; + include 'footer.php'; +?> \ No newline at end of file diff --git a/flag_event.php b/flag_event.php new file mode 100644 index 0000000..6686b4b --- /dev/null +++ b/flag_event.php @@ -0,0 +1,26 @@ + diff --git a/flag_reset.php b/flag_reset.php new file mode 100644 index 0000000..083df0a --- /dev/null +++ b/flag_reset.php @@ -0,0 +1,24 @@ + \ No newline at end of file diff --git a/forms.php b/forms.php index 105c531..9c69bef 100644 --- a/forms.php +++ b/forms.php @@ -10,6 +10,9 @@ else : if($_GET['s'] == 'f') { echo '

Missing some fields; event not added

'; + } + if($_GET['s'] == 'time') { + echo '

You cannot add an old event

'; } elseif ($_GET['s'] == 't') { echo '

Your event has been added sucessfully

'; diff --git a/functions/query_events.php b/functions/query_events.php old mode 100644 new mode 100755 index 7fcbb3e..4459283 --- a/functions/query_events.php +++ b/functions/query_events.php @@ -10,11 +10,30 @@ function get_event_comments($eventID) { AND comments.eventID = $eventID;"; $comment_result = mysql_query($comment_query); $comments = array(); - if($comment_result) + if(mysql_num_rows($comment_result) != 0) while($row = mysql_fetch_array($comment_result)) $comments[] = $row; return $comments; } + + function get_number_of_flagged() { + $flagged_query = "SELECT count(*) FROM events + WHERE events.flagged=1"; + $flagged_result = mysql_query($flagged_query); + $row = mysql_fetch_array($flagged_result); + + return $row[0]; + } + + function get_number_of_flaggedCount() { + $flagged_query = "SELECT sum(flaggedCount) FROM events + WHERE events.flagged=1"; + $flagged_result = mysql_query($flagged_query); + $row = mysql_fetch_array($flagged_result); + + return $row[0]; + } + function get_tag_ids($tag) { $query = "SELECT DISTINCT tags.eventID @@ -24,7 +43,7 @@ function get_tag_ids($tag) { AND events.startDate >= '".date('Y-m-d')."';"; $result = mysql_query($query); - if ($result) { + if (mysql_num_rows($result) != 0) { $eventIDs = array(); while($row = mysql_fetch_row($result)) $eventIDs[] = $row[0]; } else { @@ -33,17 +52,17 @@ function get_tag_ids($tag) { return $eventIDs; } - - function get_basic_search_ids () { + + function get_basic_search_ids () { $criteria = addslashes($_GET["input"]); $terms = explode(" ", $criteria); - + $input = array(); + $input[] = 'events.endDate >= "'.date('Y-m-d').'"'; $input[] = "locations.locationID = events.locationID"; $input[] = "categories.categoryID = events.categoryID"; $input[] = "users.userID = events.userID"; $input[] = "tags.eventID = events.eventID"; - $input[] = "events.startDate >= \"".date('Y-m-d')."\""; $inputpt2 = array(); foreach ($terms as $term) { @@ -59,13 +78,52 @@ function get_basic_search_ids () { } } - $query = "SELECT events.eventID FROM events, locations, categories, users, tags "; + $query = "SELECT DISTINCT events.eventID FROM events, locations, categories, users, tags "; + $query .= "WHERE " . implode(" AND ", $input) ; + $query .= " AND (" . implode(" OR ", $inputpt2) . ")" ; + + $resource = mysql_query($query); + + if (mysql_num_rows($resource) != 0) { + $eventIDs = array(); + while($row = mysql_fetch_row($resource)) $eventIDs[] = $row[0]; + } else { + $eventIDs = get_basic_search_ids_without_tags(); + } + + return $eventIDs; + } + + function get_basic_search_ids_without_tags () { + $criteria = addslashes($_GET["input"]); + $terms = explode(" ", $criteria); + + $input = array(); + $input[] = 'events.endDate >= "'.date('Y-m-d').'"'; + $input[] = "locations.locationID = events.locationID"; + $input[] = "categories.categoryID = events.categoryID"; + $input[] = "users.userID = events.userID"; + + $inputpt2 = array(); + foreach ($terms as $term) { + if(strlen($term) > 0){ + $inputpt2[] = "(events.eventName LIKE '%$term%')"; + $inputpt2[] = "(events.description LIKE '%$term%')"; + $inputpt2[] = "(locations.locationName LIKE '%$term%')"; + $inputpt2[] = "(categories.categoryName LIKE '%$term%')"; + $inputpt2[] = "(users.displayName LIKE '%$term%')"; + } else { + return false; + } + } + + $query = "SELECT DISTINCT events.eventID FROM events, locations, categories, users "; $query .= "WHERE " . implode(" AND ", $input) ; $query .= " AND (" . implode(" OR ", $inputpt2) . ")" ; $resource = mysql_query($query); - if ($resource) { + if (mysql_num_rows($resource) != 0) { $eventIDs = array(); while($row = mysql_fetch_row($resource)) $eventIDs[] = $row[0]; } else { @@ -144,7 +202,7 @@ function get_advance_search_ids () { $resource = mysql_query($query); - if ($resource) { + if (mysql_num_rows($resource) != 0) { $eventIDs = array(); while($row = mysql_fetch_row($resource)) $eventIDs[] = $row[0]; } else { @@ -155,7 +213,7 @@ function get_advance_search_ids () { $query = "SELECT events.eventID FROM events, locations, categories "; $query .= "WHERE " . implode(" AND ", $input_current) . ";"; $resource = mysql_query($query); - if ($resource) while($row = mysql_fetch_row($resource)) $eventIDs[] = $row[0]; + if (mysql_num_rows($resource) != 0) while($row = mysql_fetch_row($resource)) $eventIDs[] = $row[0]; } return $eventIDs; @@ -166,6 +224,7 @@ function get_events($eventIDs,$sort='time',$limit=10) { if ($eventIDs === false) return false; $IDs = array(); $results = array(); + $oderby = false; $query = "SELECT events.eventName, events.description, @@ -193,16 +252,30 @@ function get_events($eventIDs,$sort='time',$limit=10) { $query .= implode(" OR ", $IDs); $query .= ") "; - if ($sort == 'time') $query .= 'ORDER BY events.startDate ASC'; - if ($sort == 'popularity') $query .= 'ORDER BY events.startDate ASC, events.popularity DESC'; - if ($sort == 'location') $query .= 'ORDER BY events.startDate ASC, locations.locationName ASC'; - if ($sort == 'category') $query .= 'ORDER BY events.startDate ASC, categories.categoryName ASC'; + if ($sort == 'time') { + $query .= 'ORDER BY events.startDate ASC, events.startTime'; + $orderby = true; + } + if ($sort == 'popularity') { + $query .= 'ORDER BY events.startDate ASC, events.popularity DESC, events.startTime'; + $orderby = true; + } + if ($sort == 'location') { + $query .= 'ORDER BY events.startDate ASC, locations.locationName ASC, events.startTime'; + $orderby = true; + } + if ($sort == 'category') { + $query .= 'ORDER BY events.startDate ASC, categories.categoryName ASC, events.startTime'; + $orderby = true; + } + if(!$orderby){ + $query .= 'ORDER BY events.startTime'; + } $query .= ' LIMIT '.$limit; - $result = mysql_query($query); - if ($result) { + if (mysql_num_rows($result) != 0) { while($row = mysql_fetch_row($result))$results[] = $row; return $results; } else { diff --git a/header.php b/header.php index 09e03d5..7d5bf4c 100755 --- a/header.php +++ b/header.php @@ -35,10 +35,7 @@
- +
diff --git a/js/fancy_login.php b/js/fancy_login.php index 9c495c7..9e95cd6 100644 --- a/js/fancy_login.php +++ b/js/fancy_login.php @@ -28,15 +28,16 @@ var submit_tag = function () { var tag = $('input#tag-list').val(); var eventID = $('.event_listing').attr("id"); + var html = $('.event_listing').attr("id"); $.ajax({ type: "POST", url: "submit_tag.php", - data: ({tags:tag,eventID:eventID}), - success: function (r) { - $('span.val.tags').append(", "+encodeURI(tag)); - } - + data: ({tags:tag,eventID:eventID}), + success: function (r) { + $('span.val.tags').load(' span.val.tags').hide().fadeIn("slow"); + } + }); } diff --git a/search.php b/search.php index dda5686..de3e7b7 100755 --- a/search.php +++ b/search.php @@ -8,7 +8,7 @@
- +
diff --git a/sidebar.php b/sidebar.php index 1559226..a73f63e 100644 --- a/sidebar.php +++ b/sidebar.php @@ -1,5 +1,6 @@ '; ?>
diff --git a/submit.php b/submit.php index f06f319..ed83624 100644 --- a/submit.php +++ b/submit.php @@ -6,7 +6,7 @@ // get variables from form page foreach($_POST as $field_name => $value) $$field_name = addslashes($value); -echo $eventID; + echo $eventID; // Category and Location processing if ($location == 'other') { $location = $location_other; @@ -40,6 +40,10 @@ $end_time = $end_temp[1]; $start = $start_date.' '.$start_time; $end = $end_date.' '.$end_time; + if(($start < $right_now) || ($end < $right_now) || ($end < $start)) { + header('Location: '.ed(false).'forms.php?s=time'); + exit(); + } // sanitize description box $description = htmlspecialchars($description); diff --git a/user_accounts/login_processing.php b/user_accounts/login_processing.php index 95e7460..d1982ad 100755 --- a/user_accounts/login_processing.php +++ b/user_accounts/login_processing.php @@ -5,7 +5,7 @@ if(isset($_POST['username']) && isset($_POST['password'])) { require_once '../global.php'; - $user = addslashes($_POST['username']); + $user = trim(addslashes($_POST['username'])); $pass = $static ? $_POST['password'] : md5($_POST['password']); $query = "SELECT * FROM users ";