Create($crm_db,$crm_user,$crm_host,$crm_pass); $gc_sql=$crm; // session handling $db_foo = $crm; // template handling $cdc = new MySQL_class; $cdc->Create($cdc_db,$cdc_user,$cdc_host,$cdc_pass); $tmp = new MySQL_class; $tmp->Create($template_db,$template_user,$template_host_2,$template_pass); // foil hackers unset($u_type,$u_id,$session_email); // start session start_session($php_sessid); $staging = ""; if(page_auth(3,$u_type,$cdc) == "yes") { $staging = "yes"; } // test login unset($u_type,$u_id,$session_email); start_session($sessid); if($u_id=="") { header("location: /store/login.php?next=$PHP_SELF"); exit(); } app_log('donation',$PHP_SELF,$search_word,$u_id,'view',$code,$array); $message_array = get_messages('donation_team',$language_c,$TEMPLATE_MESSAGE,$code,$tmp); // process ... // MANAGE TEAM if($submit_team) { if(!$team_name) { // Please enter a name for the team. $message .= $message_array['donation_team_01']; } if(!$campaign_id && !$team_id) { // Please select a donation campaign. $message .= $message_array['donation_team_02']; } // make sure the team exists $query = "select id from $DONATION_TEAM where id = '".ass($team_id)."' and brand = '$code' "; $data = $crm->mydata($query); if($data[id][0]) { $query = "select id from $DONATION_TEAM_MEMBER where contact_id = '$u_id' and donation_team_id = '$team_id' and brand = '$code' "; $data = $crm->mydata($query); if(!$data[id][0]) { echo"error: invalid ID"; exit(); } } } if($submit_team && !$message) { $query = "select id from $DONATION_TEAM where id = '".ass($team_id)."' and brand = '$code' "; $data = $crm->mydata($query); if(trim(strip_tags($description))=="") { $description = ""; } if(!$data[id][0]) { $query = "insert into $DONATION_TEAM set name = '".ass($team_name)."', description = '".ass($description)."', password = '".ass(trim($password))."', donation_id = '$donation_id', captain_contact_id = '$u_id', monetary_goal = '".ass($monetary_goal)."', id = '$team_id', brand = '$code' "; $crm->Insert($query); $query = "insert into $DONATION_TEAM_MEMBER set id = '".make_rand()."', contact_id = '".$u_id."', donation_team_id = '".ass($team_id)."', employee_id = '$u_id', date_time = '".gmdate("Y-m-d H:i:s")."', brand = '$code' "; $crm->Insert($query); } else { $query = "update $DONATION_TEAM set name = '".ass($team_name)."', description = '".ass($description)."', password = '".ass(trim($password))."', donation_id = '$donation_id', monetary_goal = '".ass($monetary_goal)."' where id = '$team_id' and brand = '$code' "; $crm->Update($query); } header("location: donation.php?team_id=$team_id&message=$message"); exit(); } // MANAGE TEAM MEMBERS if($submit_join_team) { if(!$team_id) { // Please select a donation campaign. $message .= $message_array['donation_team_03']; } // verify password if(trim($team_id)) { $query = "select password from $DONATION_TEAM where id = '".ass($team_id)."' and brand = '$code' "; $data = $crm->mydata($query); if(trim($data[password][0])) { if(trim($data[password][0])!=trim($password)) { // Unfortunately the password you entered is incorrect. $message .= $message_array['donation_team_04']; header("location: donation.php?team_id=$team_id&message=$message"); exit(); } } } } if($submit_join_team && !$message) { // make sure they are not already a member of this team $query = "select id from $DONATION_TEAM_MEMBER where donation_team_id = '".ass($team_id)."' and contact_id = '$u_id' and brand = '$code' "; $data = $crm->mydata($query); if($data[id][0]) { $query = "update $DONATION_TEAM_MEMBER set monetary_goal = '".ass($monetary_goal)."', date_time = '".gmdate("Y-m-d H:i:s")."' where donation_team_id = '".ass($team_id)."' and contact_id = '$u_id' and brand = '$code' "; $crm->Update($query); } else { $query = "insert into $DONATION_TEAM_MEMBER set id = '".make_rand()."', contact_id = '$u_id', monetary_goal = '".ass($monetary_goal)."', donation_team_id = '".ass($team_id)."', employee_id = '$u_id', date_time = '".gmdate("Y-m-d H:i:s")."', brand = '$code' "; $crm->Insert($query); } header("location: donation.php?team_id=$team_id"); exit(); } // start template engine $tpl = new rFastTemplate("."); $tpl->no_strict(); $tpl->quiet(); $tpl->define_raw( array( main => get_template('40',$TEMPLATE,$tmp,$code,$staging), body => get_template('234',$TEMPLATE,$tmp,$code,$staging) )); $tpl = show_login($u_id,$tpl); $tpl = html_chunks($staging,$tpl,$code,$brnd); // asign basic stuff $tpl->assign( array( SELF => $PHP_SELF, MESSAGE => $message, PAGE_TITLE => 'Team Manager', ALT_MESSAGE => strip_tags($alt_message) )); if($team_id && !$message) { $query = "select name, description, monetary_goal, password, donation_id from $DONATION_TEAM where id = '".ass($team_id)."' and brand = '$code' "; $data = $crm->mydata($query); $team_name = $data[name][0]; $donation_id = $data[donation_id][0]; $description = $data[description][0]; $password = $data[password][0]; $monetary_goal = $data[monetary_goal][0]; } if(!$team_id) { $team_id = make_rand(); } $query = "select d.id, d.name, d.description from $DONATION d, $CAMPAIGN c where c.activates_on <= '".gmdate("Y-m-d")."' and c.disables_on >= '".gmdate("Y-m-d")."' and d.campaign_id = c.id and c.brand = '$code' "; $data = $crm->mydata($query); for($a=0;$aassign(array( 'DONATION_ID' => $data[id][$a], DONATION_NAME => $data[name][$a], DONATION_CHECKED => $checked, DONATION_DESCRIPTION => $data[description][$a] )); $tpl->parse("DONATION",".donation"); } // team has to belong to a certain campaign $tpl->assign( array( TEAM_NAME => $team_name, DESCRIPTION => $description, PASSWORD => $password, MONETARY_GOAL => $monetary_goal, TEAM_ID => $team_id )); $tpl->parse( MAIN, array( "body", "main" )); $tpl->FastPrint(); exit(); // functions ?>