item = intval($_GET["cal"]); $current_user = wp_get_current_user(); $current_user_access = current_user_can('edit_pages'); $current_page = intval($_GET["p"]); if (!$current_page) $current_page = 1; $records_per_page = 50; if ( !is_admin() || (!$current_user_access && !@in_array($current_user->ID, unserialize($this->get_option("cp_user_access",""))))) { echo 'Direct access not allowed.'; exit; } $message = ""; if (isset($_GET['delmark']) && $_GET['delmark'] != '') { for ($i=0; $i<=$records_per_page; $i++) if (isset($_GET['c'.$i]) && $_GET['c'.$i] != '') $wpdb->query('DELETE FROM `'.$wpdb->prefix.$this->table_messages.'` WHERE id='.intval($_GET['c'.$i])); $message = "Marked items deleted"; } else if (isset($_GET['del']) && $_GET['del'] == 'all') { if ($this->item == '' || $this->item == '0') $wpdb->query('DELETE FROM `'.$wpdb->prefix.$this->table_messages.'`'); else $wpdb->query('DELETE FROM `'.$wpdb->prefix.$this->table_messages.'` WHERE formid='.$this->item); $message = "All items deleted"; } else if (isset($_GET['lu']) && $_GET['lu'] != '') { $this->verify_nonce ($_GET["anonce"], 'cpappb_actions_booking'); $myrows = $wpdb->get_results( $wpdb->prepare("SELECT * FROM ".$wpdb->prefix.$this->table_messages." WHERE id=%d", $_GET['lu']) ); $params = unserialize($myrows[0]->posted_data); $params["paid"] = $_GET["status"]; $params["payment_type"] = __('Manually updated','appointment-hour-booking'); $wpdb->query( $wpdb->prepare('UPDATE `'.$wpdb->prefix.$this->table_messages.'` SET posted_data=%s WHERE id=%d', serialize($params), $_GET['lu']) ); $message = "Item updated"; } else if (isset($_GET['ld']) && $_GET['ld'] != '') { $this->verify_nonce ($_GET["anonce"], 'cpappb_actions_booking'); $wpdb->query( $wpdb->prepare('DELETE FROM `'.$wpdb->prefix.$this->table_messages.'` WHERE id=%d', $_GET['ld']) ); $message = "Item deleted"; } else if (isset($_GET['ud']) && $_GET['ud'] != '') { $this->verify_nonce ($_GET["anonce"], 'cpappb_actions_booking'); $this->update_status($_GET['ud'], $_GET['status']); $message = "Status updated"; } if ($this->item != 0) $myform = $wpdb->get_results( $wpdb->prepare('SELECT * FROM '.$wpdb->prefix.$this->table_items .' WHERE id=%d' ,$this->item) ); $cond = ''; if ($_GET["search"] != '') $cond .= " AND (data like '%".esc_sql($_GET["search"])."%' OR posted_data LIKE '%".esc_sql($_GET["search"])."%')"; if ($_GET["dfrom"] != '') $cond .= " AND (`time` >= '".esc_sql( date("Y-m-d",strtotime($_GET["dfrom"])))."')"; if ($_GET["dto"] != '') $cond .= " AND (`time` <= '".esc_sql(date("Y-m-d",strtotime($_GET["dto"])))." 23:59:59')"; if ($this->item != 0) $cond .= " AND formid=".$this->item; $events_query = "SELECT * FROM ".$wpdb->prefix.$this->table_messages." WHERE 1=1 ".$cond." ORDER BY `time` DESC"; /** * Allows modify the query of messages, passing the query as parameter * returns the new query */ $events_query = apply_filters( 'cpappb_messages_query', $events_query ); $events = $wpdb->get_results( $events_query ); $total_pages = ceil(count($events) / $records_per_page); if ($message) echo "

".$message."

"; $nonce = wp_create_nonce( 'cpappb_actions_booking' ); ?>

- item != 0) echo $myform[0]->form_name; else echo 'All forms'; ?>

">   " >   " >  
'admin.php?page='.$this->menu_parameter.'&cal='.$this->item.'&list=1%_%&dfrom='.urlencode($_GET["dfrom"]).'&dto='.urlencode($_GET["dto"]).'&search='.urlencode($_GET["search"]), 'format' => '&p=%#%', 'total' => $total_pages, 'current' => $current_page, 'show_all' => False, 'end_size' => 1, 'mid_size' => 2, 'prev_next' => True, 'prev_text' => __('« Previous'), 'next_text' => __('Next »'), 'type' => 'plain', 'add_args' => False ) ); ?>
" />
posted_data); $cancelled = false; $status = ''; for($k=0; $k
id; ?> format_date(substr($events[$i]->time,0,16)).date(" H:i",strtotime($events[$i]->time)); ?> notifyto; ?> ",str_replace('<','<',$events[$i]->data)); foreach ($posted_data as $item => $value) if (strpos($item,"_url") && $value != '') { $data = str_replace ($posted_data[str_replace("_url","",$item)],''.$posted_data[str_replace("_url","",$item)].'
',$data); } $data = str_replace("<img ","		 '.(@$posted_data["paid"]=='1'?__('Paid','appointment-hour-booking').'
'.$posted_data["payment_type"]:'').''; ?>		 );" />
* Contains non-approved or cancelled dates'; ?> render_status_box('statusbox'.$events[$i]->id, $status); ?>