Oh no! Where's the JavaScript?
Your Web browser does not have JavaScript enabled or does not support JavaScript. Please enable JavaScript on your Web browser to properly view this Web site, or upgrade to a Web browser that does support JavaScript.
Not a member yet? Click here to register.
Forgot Password?
  1. Home
  2. Discussion Forum
  3. PHPFusion 8 Support
  4. Modifications and Requests - 8
  5. Admin Edit Script Not Working

Admin Edit Script Not Working

Asked Modified Viewed 1,246 times
Back to Forum Index Previous Topic Next Topic
Print
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Started this discussions
  • Answered 2 questions
asked
Senior Member

Hey guys. This is so incredibly frustrating. In my Bday Panel/Event Calendar infusion I have an 'edit_event.php' script that will not work in v8.00.19 ... it worked perfectly fine in v7.02.07. The event is not updated and all I really get is an undefined index error for 'event_id' ... Here is the script code. Please help:
Code Download source
<?php
/*-------------------------------------------------------+
| PHPFusion Content Management System
| Copyright (C) PHPFusion Inc
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: edit_event.php
| Author: Terry Broullette(Grimloch)
| Copyright © 2018 Terry Broullette(Grimloch)
| Web: https://www.whisperwillow.com
| Email: webmaster@whisperwillow.com
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../../../maincore.php";
require_once THEMES."templates/admin_header.php";
include INFUSIONS."bday_panel/infusion_db.php";
if (file_exists(INFUSIONS."bday_panel/locale/".$settings['locale'].".php")) {
   include INFUSIONS."bday_panel/locale/".$settings['locale'].".php";
} else {
   include INFUSIONS."bday_panel/locale/English.php";
}
if (!checkrights("BDC") || !defined("iAUTH") || $_GET['aid'] != iAUTH) { redirect(BASEDIR."index.php"); }
add_to_head("<script type='text/javascript' src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/jquery-ui.min.js'></script>");
add_to_head("<script type='text/javascript' src='".INFUSIONS."bday_panel/include/date.js'></script>");
add_to_head("<script type='text/javascript' src='".INFUSIONS."bday_panel/include/jquery.datePicker.js'></script>");
add_to_head("<link rel='stylesheet' href='".INFUSIONS."bday_panel/css/datePicker.css' type='text/css' />");
add_to_head("<link rel='stylesheet' href='".INFUSIONS."bday_panel/css/calendar.css' type='text/css' />");
add_to_head("<script type='text/javascript' charset='utf-8'>
Date.firstDayOfWeek = 0;
Date.format = 'yyyy-mm-dd';
 $(function()
 {
            $('.date-pick').datePicker({startDate:'1996-01-01'});
 });
</script>");
if (isset($_GET['event_id'])) {
$event_id = ($_GET['event_id']);
}
if (isset($_POST['edit_event'])) {
   if (isset($_POST['event_title'])) {
      $event_title = stripinput($_POST['event_title']);
   }
   if (isset($_POST['event_desc'])) {
      $event_desc = addslash($_POST['event_desc']);
   }
   if (isset($_POST['link_url'])) {
      $link_url = stripinput($_POST['link_url']);
   }
   if (isset($_POST['link_name'])) {
      $link_name = stripinput($_POST['link_name']);
   }
   if (isset($_POST['startdate'])) {
      $event_start = stripinput($_POST['startdate']);
   }
   if (isset($_POST['enddate'])) {
      $event_end = stripinput($_POST['enddate']);
   }
   if (isset($_POST['stime'])) {
      $start_time = stripinput($_POST['stime']);
   }
   if (isset($_POST['etime'])) {
      $end_time = stripinput($_POST['etime']);
   }
   if (isset($_POST['all_day'])) {
      $all_day = stripinput($_POST['all_day']);
   }
$var = ""; $mon = ""; $mon_name = ""; $month_name = ""; $event_day = "";
$part = $event_start;
$var = substr($part, 5, 2);
   if ($var == '01') { $mon = "1";
} elseif ($var == '02') { $mon = "2";
} elseif ($var == '03') { $mon = "3";
} elseif ($var == '04') { $mon = "4";
} elseif ($var == '05') { $mon = "5";
} elseif ($var == '06') { $mon = "6";
} elseif ($var == '07') { $mon = "7";
} elseif ($var == '08') { $mon = "8";
} elseif ($var == '09') { $mon = "9";
} else { $mon = $var; }
   $event_month = $mon;
   if ($mon == '1') { $mon_name = $locale['bp_900'];
} elseif ($mon == '2') { $mon_name = $locale['bp_901'];
} elseif ($mon == '3') { $mon_name = $locale['bp_902'];
} elseif ($mon == '4') { $mon_name = $locale['bp_903'];
} elseif ($mon == '5') { $mon_name = $locale['bp_904'];
} elseif ($mon == '6') { $mon_name = $locale['bp_905'];
} elseif ($mon == '7') { $mon_name = $locale['bp_906'];
} elseif ($mon == '8') { $mon_name = $locale['bp_907'];
} elseif ($mon == '9') { $mon_name = $locale['bp_908'];
} elseif ($mon == '10') { $mon_name = $locale['bp_909'];
} elseif ($mon == '11') { $mon_name = $locale['bp_910'];
} else { $mon_name = $locale['bp_911']; }
   $month_name = $mon_name;
$event_day = substr($part, 8, 2);
$result = dbquery("UPDATE ".DB_BDAY_EVENTS." SET event_title='$event_title', event_desc='$event_desc', link_url='$link_url', link_name='$link_name', event_start='$event_start', event_end='$event_end', event_month='$event_month', month_name='$month_name', start_time='$start_time', end_time='$end_time', all_day='$all_day', event_day='$event_day' WHERE event_id='$event_id'");
   redirect(BASEDIR."index.php");
}

$events = dbquery("SELECT * FROM ".DB_BDAY_EVENTS." WHERE event_id='$event_id'");
   while ($data = dbarray($events)) {
      $event_id = $data['event_id'];
      $evtitle = $data['event_title'];
      $evdesc = $data['event_desc'];
      $evurl = $data['link_url'];
      $evname = $data['link_name'];
      $evstart = $data['event_start'];
      $evend = $data['event_end'];
      $stime = $data['start_time'];
      $etime = $data['end_time'];
      $all_day = $data['all_day'];
      $evday = $data['event_day'];
   if ($all_day == '1') {
      $tspan = " All Day";
      } else {
      $tspan = "";
      }
   if ($stime) {
      $time_span = $stime." to ".$etime.$tspan;
      } else {
      $time_span = $tspan;
      }
}
opentable($locale['bp_300']);
require_once INCLUDES."bbcode_include.php";
echo "<form name='editform' method='post' action='".FUSION_SELF.$aidlink."'>\n";
echo "<table width='60%' border='0' cellpadding='0' cellspacing='0' align='center' class='tbl-brdr2'><tr>\n";
echo "<td align='center' width='100%'>\n";
echo "<table width='100%' border='0' cellpadding='5' cellspacing='5' align='center' class='tbl-brdr0'><tr>\n";
echo "<td class='title0' align='center' colspan='2'>".$locale['bp_314']."</td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_301']."*</td><td><input type='text' name='event_title' value='$evtitle' size='60' class='textbox' /></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_302']."</td><td><textarea name='event_desc' cols='58' rows='8' class='textbox' style='width:98%'>".parseubb(parsesmileys($evdesc))."</textarea></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_312']."</td><td>".display_bbcodes("98%", "event_desc", "editform")."</td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_303']."<br />&nbsp;".$locale['bp_304']."</td><td><input type='text' name='link_url' value='$evurl' size='60' class='textbox' /></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_305']."<br />&nbsp;".$locale['bp_306']."</td><td><input type='text' name='link_name' value='$evname' size='60' class='textbox' /></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
/* start New datePicker coding */
echo "<td valign='middle'>&nbsp;".$locale['bp_307']."</td><td valign='middle'><input class='date-pick' name='startdate' id='date-pick' value='$evstart'></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_308']."</td><td valign='middle'><input class='date-pick' name='enddate' id='date-pick' value='$evend'></td>\n";
echo "</tr><tr>\n";
/* end New datePicker coding */
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_317']."<br />&nbsp;".$locale['bp_318']."</td><td><input type='time' name='stime' value='$stime'>".$locale['bp_319']."<input type='time' name='etime' value='$etime'>".$locale['bp_320']."";
if ($all_day == "yes") { echo "<input type='radio' name='all_day' value='yes' checked />".$locale['bp_322']."&nbsp;&nbsp;&nbsp;&nbsp;<input type='radio' name='all_day' value='no' />".$locale['bp_321']."</td>\n";
} else { echo "<input type='radio' name='all_day' value='yes' />".$locale['bp_322']."&nbsp;&nbsp;&nbsp;&nbsp;<input type='radio' name='all_day' value='no' checked />".$locale['bp_321']."</td>\n"; }
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td class='title0' colspan='2' align='center'><input type='hidden' name='event_id' value='".$event_id."' /><input type='submit' name='edit_event' class='button' value='".$locale['bp_309']."'></td>\n";
echo "</tr></table></td></tr></table><br /><br />\n";
echo "</form>\n";
closetable();
require_once THEMES."templates/footer.php";
?>
0 replies

5 posts

R
Anonymous User
R
Anonymous User 367
  • Veteran Member, joined since
  • Contributed 939 posts on the community forums.
  • Started 2 threads in the forums
  • Answered 20 questions
answered
Veteran Member

Somewhere at top of file add $event_id = 0;
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Started this discussions
  • Answered 2 questions
answered
Senior Member

Actually that won't be needed. I fixed it after careful comparison to edit script that works on my other v8.00.19 site, and making a few subtle changes. Here is the script now:
Code Download source
<?php
/*-------------------------------------------------------+
| PHPFusion Content Management System
| Copyright (C) PHPFusion Inc
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: edit_event.php
| Author: Terry Broullette(Grimloch)
| Copyright © 2018 Terry Broullette(Grimloch)
| Web: https://www.whisperwillow.com
| Email: webmaster@whisperwillow.com
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../../../maincore.php";
require_once THEMES."templates/admin_header.php";
include INFUSIONS."bday_panel/infusion_db.php";
if (file_exists(INFUSIONS."bday_panel/locale/".$settings['locale'].".php")) {
   include INFUSIONS."bday_panel/locale/".$settings['locale'].".php";
} else {
   include INFUSIONS."bday_panel/locale/English.php";
}
if (ini_get('register_globals') != 1) {
   if ((isset($_POST) == true) && (is_array($_POST) == true)) extract($_POST, EXTR_OVERWRITE);
   if ((isset($_GET) == true) && (is_array($_GET) == true)) extract($_GET, EXTR_OVERWRITE);
}
if (!checkrights("BDC") || !defined("iAUTH") || $_GET['aid'] != iAUTH) { redirect(BASEDIR."index.php"); }
add_to_head("<script type='text/javascript' src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/jquery-ui.min.js'></script>");
add_to_head("<script type='text/javascript' src='".INFUSIONS."bday_panel/include/date.js'></script>");
add_to_head("<script type='text/javascript' src='".INFUSIONS."bday_panel/include/jquery.datePicker.js'></script>");
add_to_head("<link rel='stylesheet' href='".INFUSIONS."bday_panel/css/datePicker.css' type='text/css' />");
add_to_head("<link rel='stylesheet' href='".INFUSIONS."bday_panel/css/calendar.css' type='text/css' />");
add_to_head("<script type='text/javascript' charset='utf-8'>
Date.firstDayOfWeek = 0;
Date.format = 'yyyy-mm-dd';
 $(function()
 {
            $('.date-pick').datePicker({startDate:'1996-01-01'});
 });
</script>");
require_once INCLUDES."bbcode_include.php";

if (isset($_POST['edit_event'])) {
   if (isset($_POST['event_title'])) {
      $event_title = stripinput($_POST['event_title']);
   }
   if (isset($_POST['event_desc'])) {
      $event_desc = stripinput($_POST['event_desc']);
   }
   if (isset($_POST['link_url'])) {
      $link_url = stripinput($_POST['link_url']);
   }
   if (isset($_POST['link_name'])) {
      $link_name = stripinput($_POST['link_name']);
   }
   if (isset($_POST['event_start'])) {
      $event_start = stripinput($_POST['event_start']);
   }
   if (isset($_POST['event_end'])) {
      $event_end = stripinput($_POST['event_end']);
   }
   if (isset($_POST['start_time'])) {
      $start_time = stripinput($_POST['start_time']);
   }
   if (isset($_POST['end_time'])) {
      $end_time = stripinput($_POST['end_time']);
   }
   if (isset($_POST['all_day'])) {
      $all_day = stripinput($_POST['all_day']);
   }
$var = ""; $mon = ""; $mon_name = ""; $month_name = ""; $event_day = "";
$part = $event_start;
$var = substr($part, 5, 2);
   if ($var == '01') { $mon = "1";
} elseif ($var == '02') { $mon = "2";
} elseif ($var == '03') { $mon = "3";
} elseif ($var == '04') { $mon = "4";
} elseif ($var == '05') { $mon = "5";
} elseif ($var == '06') { $mon = "6";
} elseif ($var == '07') { $mon = "7";
} elseif ($var == '08') { $mon = "8";
} elseif ($var == '09') { $mon = "9";
} else { $mon = $var; }
   $event_month = $mon;
   if ($mon == '1') { $mon_name = $locale['bp_900'];
} elseif ($mon == '2') { $mon_name = $locale['bp_901'];
} elseif ($mon == '3') { $mon_name = $locale['bp_902'];
} elseif ($mon == '4') { $mon_name = $locale['bp_903'];
} elseif ($mon == '5') { $mon_name = $locale['bp_904'];
} elseif ($mon == '6') { $mon_name = $locale['bp_905'];
} elseif ($mon == '7') { $mon_name = $locale['bp_906'];
} elseif ($mon == '8') { $mon_name = $locale['bp_907'];
} elseif ($mon == '9') { $mon_name = $locale['bp_908'];
} elseif ($mon == '10') { $mon_name = $locale['bp_909'];
} elseif ($mon == '11') { $mon_name = $locale['bp_910'];
} else { $mon_name = $locale['bp_911']; }
   $month_name = $mon_name;
$event_day = substr($part, 8, 2);
$result = dbquery("UPDATE ".DB_BDAY_EVENTS." SET event_title='$event_title', event_desc='$event_desc', link_url='$link_url', link_name='$link_name', event_start='$event_start', event_end='$event_end', event_month='$event_month', month_name='$month_name', start_time='$start_time', end_time='$end_time', all_day='$all_day', event_day='$event_day' WHERE event_id='$event_id'");
   redirect(BASEDIR."index.php");
}

$event = dbquery("SELECT * FROM ".DB_BDAY_EVENTS." WHERE event_id='".$_GET['event_id']."'");
   $data = dbarray($event);
      $evid = $data['event_id'];
      $evtitle = $data['event_title'];
      $evdesc = $data['event_desc'];
      $evurl = $data['link_url'];
      $evname = $data['link_name'];
      $evstart = $data['event_start'];
      $evend = $data['event_end'];
      $stime = $data['start_time'];
      $etime = $data['end_time'];
      $all_day = $data['all_day'];
   if ($all_day == '1') {
      $tspan = " All Day";
      } else {
      $tspan = "";
      }
   if ($stime) {
      $time_span = $stime." to ".$etime.$tspan;
      } else {
      $time_span = $tspan;
      }
opentable($locale['bp_300']);
echo "<form name='editform' method='post' action='".FUSION_SELF.$aidlink."'>\n";
echo "<table width='60%' border='0' cellpadding='0' cellspacing='0' align='center' class='tbl-brdr2'><tr>\n";
echo "<td align='center' width='100%'>\n";
echo "<table width='100%' border='0' cellpadding='5' cellspacing='5' align='center' class='tbl-brdr0'><tr>\n";
echo "<td class='title0' align='center' colspan='2'>".$locale['bp_314']."</td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_301']."*</td><td><input type='text' name='event_title' value='$evtitle' size='60' class='textbox' /></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_302']."</td><td><textarea name='event_desc' cols='58' rows='8' class='textbox' style='width:98%'>$evdesc</textarea></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_312']."</td><td>".display_bbcodes("98%", "event_desc", "editform")."</td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_303']."<br />&nbsp;".$locale['bp_304']."</td><td><input type='text' name='link_url' value='$evurl' size='60' class='textbox' /></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_305']."<br />&nbsp;".$locale['bp_306']."</td><td><input type='text' name='link_name' value='$evname' size='60' class='textbox' /></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
/* start New datePicker coding */
echo "<td valign='middle'>&nbsp;".$locale['bp_307']."</td><td valign='middle'><input class='date-pick' name='event_start' id='date-pick' value='$evstart'></td>\n";
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_308']."</td><td valign='middle'><input class='date-pick' name='event_end' id='date-pick' value='$evend'></td>\n";
echo "</tr><tr>\n";
/* end New datePicker coding */
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td valign='middle'>&nbsp;".$locale['bp_317']."<br />&nbsp;".$locale['bp_318']."</td><td><input type='time' name='start_time' value='$stime'>".$locale['bp_319']."<input type='time' name='end_time' value='$etime'>".$locale['bp_320']."";
if ($all_day == "yes") { echo "<input type='radio' name='all_day' value='yes' checked />".$locale['bp_322']."&nbsp;&nbsp;&nbsp;&nbsp;<input type='radio' name='all_day' value='no' />".$locale['bp_321']."</td>\n";
} else { echo "<input type='radio' name='all_day' value='yes' />".$locale['bp_322']."&nbsp;&nbsp;&nbsp;&nbsp;<input type='radio' name='all_day' value='no' checked />".$locale['bp_321']."</td>\n"; }
echo "</tr><tr>\n";
echo "<td height='8' colspan='2'></td>\n";
echo "</tr><tr>\n";
echo "<td class='title0' colspan='2' align='center'><input type='hidden' name='event_id' value='".$evid."' /><input type='submit' name='edit_event' class='button' value='".$locale['bp_309']."'></td>\n";
echo "</tr></table></td></tr></table><br /><br />\n";
echo "</form>\n";
closetable();
require_once THEMES."templates/footer.php";
?>
0 replies
D
douwe_yntema
D
  • Senior Member, joined since
  • Contributed 667 posts on the community forums.
  • Started 57 threads in the forums
  • Answered 1 question
answered
Senior Member

This won't work either, because is line 209 the variable $event_id has no value, is not defined.
All input comes via POST, but event_id is coming via GET?
1 reply
C
Chan
C
Chan 0
Lead Developer of PHP-Fusion
  • Super Admin, joined since
  • Contributed 3,841 posts on the community forums.
  • Started 232 threads in the forums
  • Answered 6 questions
answered
Super Admin

I reviewed the codes above, and offer my suggestion in 2 areas,

1. Security - your dbquery event_id is unsanitized. Highly recommend to sanitize it.
2. If SQL error, it will generate a lot of errors.

My adjustments input:

Code Download source
<?php
/*-------------------------------------------------------+
| PHPFusion Content Management System
| Copyright (C) PHPFusion Inc
| http://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: edit_event.php
| Author: Terry Broullette(Grimloch)
| Copyright © 2018 Terry Broullette(Grimloch)
| Web: https://www.whisperwillow.com
| Email: webmaster@whisperwillow.com
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
require_once "../../../maincore.php";
require_once THEMES . "templates/admin_header.php";
include INFUSIONS . "bday_panel/infusion_db.php";
if (file_exists(INFUSIONS . "bday_panel/locale/" . $settings['locale'] . ".php")) {
   include INFUSIONS . "bday_panel/locale/" . $settings['locale'] . ".php";
} else {
   include INFUSIONS . "bday_panel/locale/English.php";
}
if (ini_get('register_globals') != 1) {
   if ((isset($_POST) == TRUE) && (is_array($_POST) == TRUE)) extract($_POST, EXTR_OVERWRITE);
   if ((isset($_GET) == TRUE) && (is_array($_GET) == TRUE)) extract($_GET, EXTR_OVERWRITE);
}
if (!checkrights("BDC") || !defined("iAUTH") || $_GET['aid'] != iAUTH) {
   redirect(BASEDIR . "index.php");
}
add_to_head(
   "<script type='text/javascript' src='https://ajax.googleapis.com/ajax/libs/jqueryui/1.8.18/jquery-ui.min.js'></script>"
);
add_to_head("<script type='text/javascript' src='" . INFUSIONS . "bday_panel/include/date.js'></script>");
add_to_head("<script type='text/javascript' src='" . INFUSIONS . "bday_panel/include/jquery.datePicker.js'></script>");
add_to_head("<link rel='stylesheet' href='" . INFUSIONS . "bday_panel/css/datePicker.css' type='text/css' />");
add_to_head("<link rel='stylesheet' href='" . INFUSIONS . "bday_panel/css/calendar.css' type='text/css' />");
add_to_head(
   "<script type='text/javascript' charset='utf-8'>
Date.firstDayOfWeek = 0;
Date.format = 'yyyy-mm-dd';
 $(function()
 {
 $('.date-pick').datePicker({startDate:'1996-01-01'});
 });
</script>"
);
require_once INCLUDES . "bbcode_include.php";

if (isset($_POST['edit_event'])) {
   if (isset($_POST['event_title'])) {
      $event_title = stripinput($_POST['event_title']);
   }
   if (isset($_POST['event_desc'])) {
      $event_desc = stripinput($_POST['event_desc']);
   }
   if (isset($_POST['link_url'])) {
      $link_url = stripinput($_POST['link_url']);
   }
   if (isset($_POST['link_name'])) {
      $link_name = stripinput($_POST['link_name']);
   }
   if (isset($_POST['event_start'])) {
      $event_start = stripinput($_POST['event_start']);
   }
   if (isset($_POST['event_end'])) {
      $event_end = stripinput($_POST['event_end']);
   }
   if (isset($_POST['start_time'])) {
      $start_time = stripinput($_POST['start_time']);
   }
   if (isset($_POST['end_time'])) {
      $end_time = stripinput($_POST['end_time']);
   }
   if (isset($_POST['all_day'])) {
      $all_day = stripinput($_POST['all_day']);
   }
   $var = "";
   $mon = "";
   $mon_name = "";
   $month_name = "";
   $event_day = "";
   $part = $event_start;
   $var = substr($part, 5, 2);
   if ($var == '01') {
      $mon = "1";
   } else if ($var == '02') {
      $mon = "2";
   } else if ($var == '03') {
      $mon = "3";
   } else if ($var == '04') {
      $mon = "4";
   } else if ($var == '05') {
      $mon = "5";
   } else if ($var == '06') {
      $mon = "6";
   } else if ($var == '07') {
      $mon = "7";
   } else if ($var == '08') {
      $mon = "8";
   } else if ($var == '09') {
      $mon = "9";
   } else {
      $mon = $var;
   }
   $event_month = $mon;
   if ($mon == '1') {
      $mon_name = $locale['bp_900'];
   } else if ($mon == '2') {
      $mon_name = $locale['bp_901'];
   } else if ($mon == '3') {
      $mon_name = $locale['bp_902'];
   } else if ($mon == '4') {
      $mon_name = $locale['bp_903'];
   } else if ($mon == '5') {
      $mon_name = $locale['bp_904'];
   } else if ($mon == '6') {
      $mon_name = $locale['bp_905'];
   } else if ($mon == '7') {
      $mon_name = $locale['bp_906'];
   } else if ($mon == '8') {
      $mon_name = $locale['bp_907'];
   } else if ($mon == '9') {
      $mon_name = $locale['bp_908'];
   } else if ($mon == '10') {
      $mon_name = $locale['bp_909'];
   } else if ($mon == '11') {
      $mon_name = $locale['bp_910'];
   } else {
      $mon_name = $locale['bp_911'];
   }
   $month_name = $mon_name;
   $event_day = substr($part, 8, 2);
   $result = dbquery(
      "UPDATE " . DB_BDAY_EVENTS . " SET event_title='$event_title', event_desc='$event_desc', link_url='$link_url', link_name='$link_name', event_start='$event_start', event_end='$event_end', event_month='$event_month', month_name='$month_name', start_time='$start_time', end_time='$end_time', all_day='$all_day', event_day='$event_day' WHERE event_id='$event_id'"
   );
   redirect(BASEDIR . "index.php");
}

$content = "Error encountered"; // localize this.

if (isset($_GET['event_id']) && isnum($_GET['event_id'])) {

   $event = dbquery("SELECT * FROM " . DB_BDAY_EVENTS . " WHERE event_id='" . intval($_GET['event_id']) . "'");
   $data = dbarray($event);
   $evid = $data['event_id'];
   $evtitle = $data['event_title'];
   $evdesc = $data['event_desc'];
   $evurl = $data['link_url'];
   $evname = $data['link_name'];
   $evstart = $data['event_start'];
   $evend = $data['event_end'];
   $stime = $data['start_time'];
   $etime = $data['end_time'];
   $all_day = $data['all_day'];
   $tspan = "";
   if ($all_day == '1') {
      $tspan = " All Day";
   }
   $time_span = $tspan;
   if ($stime) {
      $time_span = $stime . " to " . $etime . $tspan;
   }

   $content = "<form name='editform' method='post' action='" . FUSION_SELF . $aidlink . "'>\n";
   $content .= "<table width='60%' border='0' cellpadding='0' cellspacing='0' align='center' class='tbl-brdr2'><tr>\n";
   $content .= "<td align='center' width='100%'>\n";
   $content .= "<table width='100%' border='0' cellpadding='5' cellspacing='5' align='center' class='tbl-brdr0'><tr>\n";
   $content .= "<td class='title0' align='center' colspan='2'>" . $locale['bp_314'] . "</td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td height='8' colspan='2'></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td valign='middle'>&nbsp;" . $locale['bp_301'] . "*</td><td><input type='text' name='event_title' value='$evtitle' size='60' class='textbox' /></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td height='8' colspan='2'></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td valign='middle'>&nbsp;" . $locale['bp_302'] . "</td><td><textarea name='event_desc' cols='58' rows='8' class='textbox' style='width:98%'>$evdesc</textarea></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td height='8' colspan='2'></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td valign='middle'>&nbsp;" . $locale['bp_312'] . "</td><td>" . display_bbcodes(
         "98%", "event_desc", "editform"
      ) . "</td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td height='8' colspan='2'></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td valign='middle'>&nbsp;" . $locale['bp_303'] . "<br />&nbsp;" . $locale['bp_304'] . "</td><td><input type='text' name='link_url' value='$evurl' size='60' class='textbox' /></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td height='8' colspan='2'></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td valign='middle'>&nbsp;" . $locale['bp_305'] . "<br />&nbsp;" . $locale['bp_306'] . "</td><td><input type='text' name='link_name' value='$evname' size='60' class='textbox' /></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td height='8' colspan='2'></td>\n";
   $content .= "</tr><tr>\n";
   /* start New datePicker coding */
   $content .= "<td valign='middle'>&nbsp;" . $locale['bp_307'] . "</td><td valign='middle'><input class='date-pick' name='event_start' id='date-pick' value='$evstart'></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td height='8' colspan='2'></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td valign='middle'>&nbsp;" . $locale['bp_308'] . "</td><td valign='middle'><input class='date-pick' name='event_end' id='date-pick' value='$evend'></td>\n";
   $content .= "</tr><tr>\n";
   /* end New datePicker coding */
   $content .= "<td height='8' colspan='2'></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td valign='middle'>&nbsp;" . $locale['bp_317'] . "<br />&nbsp;" . $locale['bp_318'] . "</td><td><input type='time' name='start_time' value='$stime'>" . $locale['bp_319'] . "<input type='time' name='end_time' value='$etime'>" . $locale['bp_320'] . "";
   if ($all_day == "yes") {
      $content .= "<input type='radio' name='all_day' value='yes' checked />" . $locale['bp_322'] . "&nbsp;&nbsp;&nbsp;&nbsp;<input type='radio' name='all_day' value='no' />" . $locale['bp_321'] . "</td>\n";
   } else {
      $content .= "<input type='radio' name='all_day' value='yes' />" . $locale['bp_322'] . "&nbsp;&nbsp;&nbsp;&nbsp;<input type='radio' name='all_day' value='no' checked />" . $locale['bp_321'] . "</td>\n";
   }
   $content .= "</tr><tr>\n";
   $content .= "<td height='8' colspan='2'></td>\n";
   $content .= "</tr><tr>\n";
   $content .= "<td class='title0' colspan='2' align='center'><input type='hidden' name='event_id' value='" . $evid . "' /><input type='submit' name='edit_event' class='button' value='" . $locale['bp_309'] . "'></td>\n";
   $content .= "</tr></table></td></tr></table><br /><br />\n";
   $content .= "</form>\n";

}

opentable($locale['bp_300']).$content.closetable();

require_once THEMES . "templates/footer.php";
0 replies
G
Grimloch
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Started this discussions
  • Answered 2 questions
answered
Senior Member

Thanks Chan I appreciate that and have incorporated your suggestions in all my files that need it. Remembering that I am a 'shade-tree' coder, I have never really used $_GET much before and didn't really understand how to sanitize so I am grateful that it is now clear! I have another question for you and the team. I have fixed the large amounts of 'Cannot modify headers already sent by ......', by commenting out the header line in 'themes/templates/layout.php' with no apparent bad effects.
Code Download source
<?php
/*-------------------------------------------------------+
| PHPFusion Content Management System
| Copyright (C) PHPFusion Inc
| https://www.php-fusion.co.uk/
+--------------------------------------------------------+
| Filename: layout.php
| Author: PHPFusion Development Team
+--------------------------------------------------------+
| This program is released as free software under the
| Affero GPL license. You can redistribute it and/or
| modify it under the terms of this license which you
| can read by viewing the included agpl.txt or online
| at www.gnu.org/licenses/agpl.html. Removal of this
| copyright header is strictly prohibited without
| written permission from the original author(s).
+--------------------------------------------------------*/
/* header("Content-Type: text/html; charset=".$locale['charset']); */

What are your thoughts and why is that line there?

Never mind Chan, I uncommented that line because it didn't really make a difference after all.
Edited by Grimloch on 07-02-2019 23:05,
0 replies

Category Forum

Modifications and Requests - 8

Labels

None yet

Statistics

  • Views 0 views
  • Posts 5 posts
  • Votes 0 votes
  • Topic users 4 members

4 participants

C
C
Chan 0
Lead Developer of PHP-Fusion
  • Super Admin, joined since
  • Contributed 3,841 posts on the community forums.
  • Started 232 threads in the forums
  • Answered 6 questions
G
G
Energy can neither be created nor destroyed; only transformed !
  • Senior Member, joined since
  • Contributed 722 posts on the community forums.
  • Started 141 threads in the forums
  • Started this discussions
  • Answered 2 questions
D
D
  • Senior Member, joined since
  • Contributed 667 posts on the community forums.
  • Started 57 threads in the forums
  • Answered 1 question
R
R
Anonymous User 367
  • Veteran Member, joined since
  • Contributed 939 posts on the community forums.
  • Started 2 threads in the forums
  • Answered 20 questions

Notifications

Track thread

You are not receiving notifications from this thread.

Related Questions

Not yet