/* Decoded by unphp.net */
<?php ob_end_clean(); ?><?php
session_start();
require_once 'passwd.inc.php';
require_once 'connect.inc.php';
include ('../../php-mailer/class.phpmailer.php');
function zufallsstring($laenge = 19) {
$zeichen = '1234567890abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$zufalls_string = '';
$anzahl_zeichen = strlen($zeichen);
for ($i = 0;$i < $laenge;$i++) {
$zufalls_string.= $zeichen[mt_rand(0, $anzahl_zeichen - 1) ];
}
return $zufalls_string;
}
function make_date_2_sqldate($tag) {
$d = explode(".", $tag);
return sprintf("%04d-%02d-%02d", $d[2], $d[1], $d[0]);
}
function make_date_2_sqldatetime($tag) {
$d = explode(".", $tag);
return sprintf("%04d-%02d-%02d 00:00:00", $d[2], $d[1], $d[0]);
}
function make_date_2_germandatetime($date) {
$date = str_replace(" ", "-", $date);
$d = explode("-", $date);
$german = $d[2] . '.' . $d[1] . '.' . $d[0];
$zeit = explode(":", $d[3]);
$german.= ' ' . $zeit[0] . ':' . $zeit[1];
return $german;
}
function GETDate2sqldatetime($date) {
$d = explode("-", $date);
return $d[0] . '-' . $d[1] . '-' . $d[2] . ' ' . $d[3];
}
function get_date4php($date) {
$d = explode("-", $date);
return mktime(0, 0, 0, $d[1], $d[2], $d[0]);
}
function cleanuserinput($dirty) {
mysql_set_charset('utf8', CON);
if (get_magic_quotes_gpc()) {
$clean = mysql_real_escape_string(stripslashes($dirty));
} else {
$clean = mysql_real_escape_string($dirty);
}
return $clean;
}
function check_login($user, $password) {
if (!empty($user) && !empty($password)) {
$password = md5($password);
$sql = 'SELECT user, id, vorname, nachname, e_mail, status, code FROM ' . DB_USER . ' WHERE ((user = "' . $user . '" AND passwort = "' . $password . '") OR (e_mail = "' . cleanuserinput($_POST['user']) . '" AND passwort = "' . $password . '")) AND (status="U" OR status="A")';
$result = mysql_query($sql, CON);
if (mysql_num_rows($result) == 1) {
$tupel = mysql_fetch_array($result);
$_SESSION['user'] = $tupel['user'];
$_SESSION['name'] = $tupel['vorname'] . ' ' . $tupel['nachname'];
$_SESSION['e-mail'] = $tupel['e-mail'];
$_SESSION['usernamelow'] = strtolower($tupel['user']);
$_SESSION['id'] = $tupel['id'];
$_SESSION['status'] = $tupel['status'];
$_SESSION['time'] = time();
$_SESSION['code'] = $tupel['code'];
$_SESSION['si'] = SICHERHEITSCODE;
$sql = 'UPDATE ' . DB_USER . ' SET letzter_login="' . date("Y-m-d H:i:s", time()) . '" WHERE user_small = "' . strtolower($user) . '" OR e_mail = "' . $user . '"';
$result = mysql_query($sql, CON);
return true;
} else {
return false;
}
} else {
return false;
}
}
function check_user($se_code) {
$sql = 'SELECT user,code FROM ' . DB_USER . ' WHERE code="' . $se_code . '"';
$result = mysql_query($sql, CON);
if (false == $result) {
return false;
} else {
$tupel = mysql_fetch_array($result, MYSQL_ASSOC);
if ($_SESSION['user'] == "$tupel[user]" && $_SESSION['si'] == SICHERHEITSCODE && $_SESSION['code'] == "$tupel[ code ]") return true;
else return false;
}
}
function get_open($tag) {
$sql = 'SELECT * FROM ' . DB_OPEN . ' WHERE tag="' . $tag . '"';
$result = mysql_query($sql, CON);
if (false == $result) {
return false;
} else {
$tupel = mysql_fetch_array($result, MYSQL_ASSOC);
$tage = array('tag' => $tupel['tag'], 'von' => $tupel['von'], 'bis' => $tupel['bis'], 'pause_von' => $tupel['pause_von'], 'pause_bis' => $tupel['pause_bis']);
return $tage;
}
}
function set_open($tag, $von, $bis, $pause_von, $pause_bis) {
$sql = 'SELECT tag FROM ' . DB_OPEN . ' WHERE tag="' . $tag . '"';
$result = mysql_query($sql, CON);
if (false == $result || mysql_num_rows($result) == 0) {
$sql = 'INSERT INTO ' . DB_OPEN . ' VALUES ("' . $tag . '","' . $von . '","' . $bis . '","' . $pause_von . '","' . $pause_bis . '")';
$result = mysql_query($sql, CON);
if (false == $result) return false;
else return true;
} else {
$sql = 'UPDATE ' . DB_OPEN . ' SET von = "' . $von . '", bis = "' . $bis . '", pause_von = "' . $pause_von . '", pause_bis = "' . $pause_bis . '" WHERE tag = "' . $tag . '"';
$result = mysql_query($sql, CON);
if (false == $result) return false;
else return true;
}
}
function set_all_open($tage, $_POST) {
$fehler = false;
for ($tage_i = 0;$tage_i < count($tage);$tage_i++) {
$von_h = intval($_POST['open_von_h_' . strtolower($tage[$tage_i]) ]);
$von_m = intval($_POST['open_von_m_' . strtolower($tage[$tage_i]) ]);
$bis_h = intval($_POST['open_bis_h_' . strtolower($tage[$tage_i]) ]);
$bis_m = intval($_POST['open_bis_m_' . strtolower($tage[$tage_i]) ]);
$pause_von_h = intval($_POST['open_pause_von_h_' . strtolower($tage[$tage_i]) ]);;
$pause_von_m = intval($_POST['open_pause_von_m_' . strtolower($tage[$tage_i]) ]);
$pause_bis_h = intval($_POST['open_pause_bis_h_' . strtolower($tage[$tage_i]) ]);
$pause_bis_m = intval($_POST['open_pause_bis_m_' . strtolower($tage[$tage_i]) ]);
$sql_time_von = $von_h . ':' . $von_m . ':00';
$sql_time_bis = $bis_h . ':' . $bis_m . ':00';
$sql_time_pause_von = $pause_von_h . ':' . $pause_von_m . ':00';
$sql_time_pause_bis = $pause_bis_h . ':' . $pause_bis_m . ':00';
if (!set_open($tage[$tage_i], $sql_time_von, $sql_time_bis, $sql_time_pause_von, $sql_time_pause_bis)) $fehler = true;
}
if ($fehler) return false;
else return true;
}
function display_holiday() {
$sql = 'SELECT * FROM ' . DB_HOLIDAY . '';
$result = mysql_query($sql, CON);
if (false == $result) {
return false;
} else {
echo '<table class="holidays">' . "
";
echo '<tr><th>Von</th><th>Bis</th><th>Uhrzeit von</th><th>Uhrzeit bis</th><th>Pause von</th><th>Pause bis</th><th>Aktion</th></tr>' . "
";
$anzahl = 1;
while ($tupel = mysql_fetch_array($result, MYSQL_ASSOC)) {
echo '<tr id="row-' . $anzahl . '"><td>' . $tupel['tag_von'] . '</td><td>' . $tupel['tag_bis'] . '</td><td>' . $tupel['von'] . '</td><td>' . $tupel['bis'] . '</td><td>' . $tupel['pause_von'] . '</td><td>' . $tupel['pause_bis'] . '' . '</td><td><button onclick="deleteDate(\'' . $tupel['tag_von'] . '\',\'' . $tupel['tag_bis'] . '\',' . $anzahl . ');"><span class="red">X</span> entfernen</button></td></tr>' . "
";
$anzahl++;
}
echo '</table>' . "
";
return true;
}
}
function set_holiday($_POST) {
$tag_von = cleanuserinput($_POST['from']);
$tag_bis = cleanuserinput($_POST['to']);
$von_h = intval($_POST['open_von_h']);
$von_m = intval($_POST['open_von_m']);
$bis_h = intval($_POST['open_bis_h']);
$bis_m = intval($_POST['open_bis_m']);
$pause_von_h = intval($_POST['open_pause_von_h']);
$pause_von_m = intval($_POST['open_pause_von_m']);
$pause_bis_h = intval($_POST['open_pause_bis_h']);
$pause_bis_m = intval($_POST['open_pause_bis_m']);
$sql_time_von = $von_h . ':' . $von_m . ':00';
$sql_time_bis = $bis_h . ':' . $bis_m . ':00';
$sql_time_pause_von = $pause_von_h . ':' . $pause_von_m . ':00';
$sql_time_pause_bis = $pause_bis_h . ':' . $pause_bis_m . ':00';
if (empty($tag_von) || $tag_von == "") {
echo '<h2>Fehler! - Sie haben kein Datum eingegeben - <a href="../startseite/">zurück</a></h2>';
return false;
}
if (($sql_time_von == "0:0:00" && $sql_time_bis == "0:0:00") || $sql_time_bis == "0:0:00") {
echo '<h2>Fehler! - Sie haben keine Uhrzeit angegeben - <a href="../startseite/">zurück</a></h2>';
return false;
}
$tag_von = make_date_2_sqldate($tag_von);
if ($tag_bis != "" && !empty($tag_bis)) $tag_bis = make_date_2_sqldate($tag_bis);
else $tag_bis = 0;
$sql = 'SELECT tag_von FROM ' . DB_HOLIDAY . ' WHERE (tag_von > "' . $tag_von . '" AND tag_von < "' . $tag_bis . '") OR (tag_von < "' . $tag_von . '" AND tag_bis > "' . $tag_von . '") OR (tag_von = "' . $tag_von . '") OR (tag_bis = "' . $tag_von . '") OR (tag_bis = "' . $tag_von . '") ';
$result = mysql_query($sql, CON);
if (false == $result || mysql_num_rows($result) == 0) {
$sql = 'INSERT INTO ' . DB_HOLIDAY . ' VALUES ("' . $tag_von . '","' . $tag_bis . '","' . $sql_time_von . '","' . $sql_time_bis . '","' . $sql_time_pause_von . '","' . $sql_time_pause_bis . '")';
$result = mysql_query($sql, CON);
if (false == $result) {
return false;
} else {
return true;
}
} else {
echo '<h2>Fehler! - In dem angegebenen Datumsbereich existiert bereits ein eintrag. Bitte diesen Eintrag zuerst löschen. - <a href="../startseite/">zurück</a></h2>';
return false;
}
}
function delete_holiday($_POST) {
$tag_von = cleanuserinput($_POST['tag_von']);
$tag_bis = cleanuserinput($_POST['tag_bis']);
if (empty($tag_von) || $tag_von == "") {
return 'Fehler! - Sie haben kein Datum eingegeben';
}
$sql = 'DELETE FROM ' . DB_HOLIDAY . ' WHERE tag_von="' . $tag_von . '" AND tag_bis="' . $tag_bis . '"';
$result = mysql_query($sql, CON);
if (false == $result) {
return "Das Datum konnte nicht gelöscht werden, bitte wenden Sie sich an den Administrator!";
} else {
return "OK";
}
}
function get_price() {
$sql = 'SELECT preis FROM ' . DB_GAMEDATA . '';
$result = mysql_query($sql, CON);
if (false == $result) {
return false;
} else {
$tupel = mysql_fetch_array($result, MYSQL_ASSOC);
return $tupel['preis'];
}
}
function get_spielzeit() {
$sql = 'SELECT spielzeit FROM ' . DB_GAMEDATA . '';
$result = mysql_query($sql, CON);
if (false == $result) {
return false;
} else {
$tupel = mysql_fetch_array($result, MYSQL_ASSOC);
return $tupel['spielzeit'];
}
}
function set_gamedata($_POST) {
$preis = str_replace(",", ".", $_POST['preis']);
$preis = doubleval($preis);
$spielzeit = intval($_POST['spielzeit']);
$westen = intval($_POST['westen']);
$min_spieler = intval($_POST['min_spieler']);
$time_out = intval($_POST['time_out']);
$sql = 'SELECT preis FROM ' . DB_GAMEDATA . '';
$result = mysql_query($sql, CON);
if (false == $result || mysql_num_rows($result) == 0) {
$sql = 'INSERT INTO ' . DB_GAMEDATA . ' VALUES (' . $preis . ',' . $spielzeit . ',' . $time_out . ',' . $westen . ',' . $min_spieler . ')';
} else {
$sql = 'UPDATE ' . DB_GAMEDATA . ' SET preis = ' . $preis . ' , spielzeit = ' . $spielzeit . ',time_out = ' . $time_out . ', westen = ' . $westen . ',min_spieler = ' . $min_spieler . '';
}
$result = mysql_query($sql, CON);
if (false == $result) {
return false;
} else {
return true;
}
}
function get_gamedata() {
$sql = 'SELECT * FROM ' . DB_GAMEDATA . '';
$result = mysql_query($sql, CON);
if (false == $result || empty($result)) {
return false;
} else {
return $tupel = mysql_fetch_array($result, MYSQL_ASSOC);
}
}
function get_tagnr($date) {
return date("w", get_date4php($date));
}
function get_open_data($date, $tage) {
$date = cleanuserinput($date);
$tagname = $tage[get_tagnr($date) ];
$sql = 'SELECT * FROM ' . DB_HOLIDAY . ' WHERE (tag_von <= "' . $date . '" AND tag_bis >= "' . $date . '" AND tag_von != tag_bis AND tag_bis!="0000-00-00") OR (tag_von = "' . $date . '" AND tag_bis = "0000-00-00") OR (tag_von = "' . $date . '" AND tag_bis = "' . $date . '")';
$result = mysql_query($sql, CON);
if (false == $result || empty($result) || mysql_num_rows($result) == 0) {
return get_open($tagname);
} else {
return mysql_fetch_array($result, MYSQL_ASSOC);
}
}
function get_slotinfo($date, $gamedata) {
$sql = 'SELECT * FROM ' . DB_GAME . ' WHERE spielzeit = "' . $date . '"';
$result = mysql_query($sql, CON);
if (false == $result) {
return false;
} else {
if (mysql_num_rows($result) == 0) {
return array('verfuegbar' => $gamedata['westen'], 'spieler' => 0);
} else {
$verfuegbar = $gamedata['westen'];
$spieler = 0;
$bemerkung = false;
while ($tupel = mysql_fetch_array($result, MYSQL_ASSOC)) {
$sql = 'SELECT status,bemerkung FROM ' . DB_RESERVE . ' WHERE id = ' . $tupel['id_res'] . '';
$result_check = mysql_query($sql, CON);
$tupel_check = mysql_fetch_array($result_check, MYSQL_ASSOC);
if ($tupel_check['status'] != "C" && $tupel_check['status'] != "S") {
$verfuegbar-= $tupel['westen'];
$spieler+= $tupel['westen'];
if (!empty($tupel_check['bemerkung']) && $tupel_check['bemerkung'] != "Normalspiel") $bemerkung = true;
}
}
return array('verfuegbar' => $verfuegbar, 'spieler' => $spieler, 'bemerkung' => $bemerkung);
}
return false;
}
}
function get_free_slots($_POST, $tage) {
$date = cleanuserinput($_POST['date']);
$westen = intval($_POST['westen']);
$date = make_date_2_sqldate($date);
$data = get_open_data($date, $tage);
$gamedata = get_gamedata();
$spielzeit = $gamedata['spielzeit'];
$slots = "<h3>3. Schritt</h3>
";
for ($i = date("Y-m-d H:i:s", strtotime($date . ' ' . $data['von']));$i < date("Y-m-d H:i:s", strtotime($date . ' ' . $data['bis']));$i = date("Y-m-d H:i:s", strtotime($i) + ($spielzeit * 60))) {
$slots.= "";
$check_name = date("H:i:s", strtotime($i));
$time_show = date("H:i", strtotime($i));
$slot = get_slotinfo($i, $gamedata);
$pause_von_time = date("Y-m-d H:i:s", strtotime($date . ' ' . $data['pause_von']));
$pause_bis_time = date("Y-m-d H:i:s", strtotime($date . ' ' . $data['pause_bis']));
if (($data['pause_von'] != "00:00:00" && $data['pause_bis'] != "00:00:00" && ($i >= $pause_bis_time || $i < $pause_von_time)) || ($data['pause_von'] == "00:00:00" && $data['pause_bis'] == "00:00:00")) {
if (!$slot && $slot !== 0) {
return "Fehler mit der Datenbank, bitte wenden Sie sich an Ihren Administrator!";
} else {
if ($slot['verfuegbar'] < $gamedata['westen']) {
if ($slot['verfuegbar'] <= 0) $color = "red";
else $color = "orange";
} else {
$color = "green";
}
if ($slot['verfuegbar'] >= $westen) {
$slots.= '<div class="slot_check ' . $color . '"><div class="rounded_frame"><div class="roundedOne">
<input type="checkbox" value="' . $i . '" id="slot_check_' . $check_name . '" name="slot_check[]" />
<label for="slot_check_' . $check_name . '"></label>
</div></div>
<label for="slot_check_' . $check_name . '" class="slot_check_label"><strong>' . $time_show . '</strong> Verfügbar: ' . $slot['verfuegbar'] . ' Westen</label>
</div>' . "
";
} else {
$slots.= '<div class="slot_check red"><strong>' . $time_show . '</strong> Nicht genug Westen - Verfügbar: ' . $slot['verfuegbar'] . ' Westen</div>' . "
";
}
}
} else {
$slots.= '<div class="slot_check"> PAUSE </div>' . "
";
}
}
$slots.= '<div class="clear"></div>';
return $slots;
}
function edit_free_slots($_POST, $tage) {
$date = cleanuserinput($_POST['date']);
$date = make_date_2_sqldate($date);
$data = get_open_data($date, $tage);
$gamedata = get_gamedata();
$spielzeit = $gamedata['spielzeit'];
$slots = "";
for ($i = date("Y-m-d H:i:s", strtotime($date . ' ' . $data['von']));$i < date("Y-m-d H:i:s", strtotime($date . ' ' . $data['bis']));$i = date("Y-m-d H:i:s", strtotime($i) + ($spielzeit * 60))) {
$get_date = str_replace(" ", "-", $i);
$slots.= "";
$check_name = date("H:i:s", strtotime($i));
$time_show = date("H:i", strtotime($i));
$slot = get_slotinfo($i, $gamedata);
$pause_von_time = date("Y-m-d H:i:s", strtotime($date . ' ' . $data['pause_von']));
$pause_bis_time = date("Y-m-d H:i:s", strtotime($date . ' ' . $data['pause_bis']));
if (($data['pause_von'] != "00:00:00" && $data['pause_bis'] != "00:00:00" && ($i >= $pause_bis_time || $i < $pause_von_time)) || ($data['pause_von'] == "00:00:00" && $data['pause_bis'] == "00:00:00")) {
if (!$slot && $slot !== 0) {
return "Fehler mit der Datenbank, bitte wenden Sie sich an Ihren Administrator!";
} else {
if ($gamedata['westen'] == $slot['verfuegbar']) {
$color = "green";
} else {
if ($slot['verfuegbar'] > 0) $color = "orange";
else $color = "red";
}
if ($slot['bemerkung']) $bemerkung = '<span class="bemerkung">B</span>';
else $bemerkung = '';
$slots.= '<div class="slot_check ' . $color . '"><strong>' . $time_show . '</strong> Verfügbar: ' . $slot['verfuegbar'] . ' Westen <a href="../edit_reserve/?id=' . $get_date . '">ansehen / bearbeiten</a> ' . $bemerkung . '</div>' . "
";
}
} else {
$slots.= '<div class="slot_check"> PAUSE </div>' . "
";
}
}
$slots.= '<div class="clear"></div>';
return $slots;
}
function get_code() {
$code = zufallsstring(rand(34, 38));
$sql = 'SELECT code FROM ' . DB_RESERVE . ' WHERE code = "' . $code . '"';
$result = mysql_query($sql, CON);
while (mysql_num_rows($result) != 0) {
$code = zufallsstring(rand(34, 38));
$sql = 'SELECT code FROM ' . DB_RESERVE . ' WHERE code = "' . $code . '"';
$result = mysql_query($sql, CON);
}
if (mysql_num_rows($result) == 0) return $code;
}
function check_free_slots($timeslots, $anzahl) {
$check = true;
$gamedata = get_gamedata();
foreach ($timeslots as $key => $value) {
$slot = get_slotinfo($value, $gamedata);
if ($slot['verfuegbar'] < $anzahl) $check = false;
}
return $check;
}
function check_email($email) {
$nonascii = "€-ÿ";
$nqtext = "[^\$nonascii
\"]";
$qchar = "\[^$nonascii]";
$protocol = '(?:mailto:)';
$normuser = '[a-zA-Z0-9][a-zA-Z0-9_.-]*';
$quotedstring = "\"(?:$nqtext|$qchar)+\"";
$user_part = "(?:$normuser|$quotedstring)";
$dom_mainpart = '[a-zA-Z0-9][a-zA-Z0-9._-]*\.';
$dom_subpart = '(?:[a-zA-Z0-9][a-zA-Z0-9._-]*\.)*';
$dom_tldpart = '[a-zA-Z]{2,5}';
$domain_part = "$dom_subpart$dom_mainpart$dom_tldpart";
$regex = "$protocol?$user_part\@$domain_part";
return preg_match("/^$regex$/", $email);
}
function get_email_price($code) {
$sql = 'SELECT * FROM ' . DB_RESERVE . ' WHERE code = "' . $code . '"';
$result = mysql_query($sql, CON);
$tupel = mysql_fetch_array($result, MYSQL_ASSOC);
$sql = 'SELECT * FROM ' . DB_GAME . ' WHERE id_res = "' . $tupel['id'] . '"';
$result_game = mysql_query($sql, CON);
$spielzeiten = '<br/><h4>Spielzeiten:</h4>';
while ($tupel_game = mysql_fetch_array($result_game, MYSQL_ASSOC)) {
$spielzeiten.= '' . make_date_2_germandatetime($tupel_game['spielzeit']) . '<br/>';
$westen = $tupel_game['westen'];
}
$preis = str_replace(",", ".", $tupel['preis']);
$text = 'Ihre Daten:<br>
Vorname: ' . $tupel['vorname'] . '<br>
Nachname: ' . $tupel['nachname'] . '<br>
Anzahl der gebuchten Westen: ' . $westen . '<br>
' . $spielzeiten . '
<br>Preis: ' . $preis . ' EUR<br>
<br>Bemerkung: ' . $tupel['bemerkung'] . '<br><br>
';
return $text;
}
function send_mail_html($e_mail, $betreff, $text) {
$message = utf8_decode($text);
$betreff = utf8_decode($betreff);
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->Host = "smtp.lasertag-fun-center.de";
$mail->SMTPAuth = true;
$mail->Username = "web260p11";
$mail->Password = "kalJdahdzr67";
$mail->IsHTML(true);
$mail->From = "noreply@lasertag-fun-center.de";
$mail->FromName = "Lasertag Fun Center";
if (check_email($e_mail)) {
$mail->AddAddress($e_mail);
$mail->Subject = $betreff;
$mail->Body = $message;
if ($mail->Send()) {
return true;
} else {
return false;
}
}
}
function send_mail($e_mail, $betreff, $text) {
$message = htmlspecialchars($text, ENT_QUOTES);
$betreff = htmlspecialchars($betreff);
$headers = array();
$headers[] = "MIME-Version: 1.0";
$headers[] = "Content-type: text/plain; charset=utf-8";
$headers[] = "Content-Transfer-Encoding: quoted-printable";
$absender = 'Lasertag Fun Center <wiemann@lasertag-fun-center.de>';
$headers[] = "From: {$absender}";
$headers[] = "X-Mailer: PHP/" . phpversion();
if (check_email($e_mail)) {
mail($e_mail, $betreff, $text, implode("
", $headers));
}
}
function set_reserve($_POST) {
$gamedata = get_gamedata();
$westen = intval($_POST['spieler_anzahl']);
$slots = count($_POST['slot_check']);
$datetime = date("Y-m-d H:i:s", time());
$vorname = cleanuserinput($_POST['vorname']);
$nachname = cleanuserinput($_POST['nachname']);
$anrede = cleanuserinput($_POST['anrede']);
$e_mail = cleanuserinput($_POST['e_mail']);
$plz = intval($_POST['plz']);
$ort = cleanuserinput($_POST['ort']);
$telefon = cleanuserinput($_POST['telefon']);
$gutschein = cleanuserinput($_POST['gutschein']);
$bemerkung = cleanuserinput($_POST['bemerkung']);
if (isset($_POST['telefon_bestellung'])) $status = "C";
else $status = "R";
$code = get_code();
$post_preis = str_replace(",", ".", $_POST['price']);
$post_preis = doubleval($post_preis);
$preis = $post_preis;
if ($slots > 0 && check_free_slots($_POST['slot_check'], $westen) && $vorname != "" && $nachname != "" && $telefon != "" && filter_var($e_mail, FILTER_VALIDATE_EMAIL)) {
$sql = 'INSERT INTO ' . DB_RESERVE . ' (vorname,nachname,anrede,e_mail,strasse,plz,ort,telefon,anfrage,status,code,preis,gutschein,bemerkung) VALUES ("' . $vorname . '","' . $nachname . '","' . $anrede[0] . '","' . $e_mail . '","' . $strasse . '",' . $plz . ',"' . $ort . '","' . $telefon . '","' . $datetime . '","' . $status . '","' . $code . '",' . $preis . ',"' . $gutschein . '","' . $bemerkung . '")';
$result = mysql_query($sql, CON);
if (false == $result) return false;
$sql = 'SELECT id FROM ' . DB_RESERVE . ' WHERE vorname = "' . $vorname . '" AND nachname = "' . $nachname . '" AND anfrage = "' . $datetime . '" AND code ="' . $code . '"';
$result = mysql_query($sql, CON);
if (false == $result || empty($result) || mysql_num_rows($result) == 0) {
return false;
} else {
$tupel = mysql_fetch_array($result, MYSQL_ASSOC);
foreach ($_POST['slot_check'] as $key => $value) {
$sql = 'INSERT INTO ' . DB_GAME . ' (id_res,spielzeit,anfrage,westen) VALUES (' . $tupel['id'] . ',"' . $value . '","' . $datetime . '",' . $westen . ')';
$result = mysql_query($sql, CON);
if (false == $result) return false;
}
if (isset($_POST['telefon_bestellung'])) {
$status = "C";
$txtdata = get_txt();
$ges_name = $anrede . ' ' . $vorname . ' ' . $nachname;
$text = 'Sehr geehrte(r) ' . $ges_name . ',<br><br>Vielen Dank für Ihre Buchung! Bitte klicken Sie innerhalb der nächsten ' . $gamedata['time_out'] . ' Stunden, auf den unten stehenden Link um Ihre Reservierung zu bestätigen.<br><br>';
$text.= $txtdata['txt_e_mail_confirm'] . '<br><br>';
$text.= '<a href="' . URL . 'confirm/?set=' . $code . '"><strong>Hier klicken um Ihre Reservierung zu bestätigen</strong></a><br><br>
Sollte der oben angegebene Link nicht funtkionieren, kopieren Sie folgende URL und fügen diese in der Adresszeile Ihres Browser ein.<br><br>
' . URL . 'confirm/?set=' . $code . '<br><br>
Mit freundlichen Grüßen<br>Ihr Lasertag Fun Center Team';
$betreff = "Bestätigen Sie Ihre Reservierung - Lasertag Fun Center";
if (!send_mail_html($e_mail, $betreff, $text)) {
return false;
}
}
return true;
}
}
return false;
}
function show_reserve_slot($date, $gamedata) {
$sql = 'SELECT * FROM ' . DB_GAME . ' WHERE spielzeit = "' . $date . '"';
$result = mysql_query($sql, CON);
while ($tupel = mysql_fetch_array($result, MYSQL_ASSOC)) {
$sql = 'SELECT * FROM ' . DB_RESERVE . ' WHERE id = ' . $tupel['id_res'] . '';
$result_check = mysql_query($sql, CON);
$tupel_check = mysql_fetch_array($result_check, MYSQL_ASSOC);
if ($tupel_check['status'] != "S") {
$sql = 'SELECT westen,count(id_res) as spieleanzahl FROM ' . DB_GAME . ' WHERE id_res = "' . $tupel['id_res'] . '"';
$result_id_res = mysql_query($sql, CON);
$tupel_id_res = mysql_fetch_array($result_id_res, MYSQL_ASSOC);
if ($tupel_check['anrede'] == "m" || $tupel_check['anrede'] == "H") $anrede = "Herr";
else $anrede = "Frau";
if (!empty($tupel_check['bemerkung']) && $tupel_check['bemerkung'] != "Normalspiel") $bemerkungsklasse = '- <span class="bemerkung">Bemerkung</span>';
else $bemerkungsklasse = '';
if ($tupel_check['status'] == "C") {
echo '<h3 class="' . $tupel_check['id'] . '"><span class="red">X NICHT BESTÄTIGT </span> ' . $anrede . ' ' . $tupel_check['vorname'] . ' ' . $tupel_check['nachname'] . ' - Spiele: ' . $tupel_id_res['spieleanzahl'] . ' - Anzahl der Westen: ' . $tupel_id_res['westen'] . ' - Preis: ' . $tupel_check['preis'] . ' EUR ' . $bemerkungsklasse . '</h3>';
} else {
echo '<h3 class="' . $tupel_check['id'] . '"> ' . $anrede . ' ' . $tupel_check['vorname'] . ' ' . $tupel_check['nachname'] . ' - Spiele: ' . $tupel_id_res['spieleanzahl'] . ' - Anzahl der Westen: ' . $tupel_id_res['westen'] . ' - Preis: ' . $tupel_check['preis'] . ' EUR ' . $bemerkungsklasse . '</h3>';
}
echo '<div class="' . $tupel_check['id'] . '"><p>';
$sql = 'SELECT * FROM ' . DB_GAME . ' WHERE id_res = "' . $tupel['id_res'] . '"';
$result_game = mysql_query($sql, CON);
echo '<br/><strong>E-Mail: </strong>' . $tupel_check['e_mail'];
echo '<br/><strong>Telefon: </strong>' . $tupel_check['telefon'];
echo '<h4>Spielzeiten:</h4>';
while ($tupel_game = mysql_fetch_array($result_game, MYSQL_ASSOC)) {
echo '<div id="' . $tupel_game['id'] . '">' . make_date_2_germandatetime($tupel_game['spielzeit']) . ' <button onclick="deleteSlot(' . $tupel_game['id'] . ');"><span class="red">X</span> entfernen</button></div>';
}
echo '<br/><strong>Bemerkung: </strong>' . $tupel_check['bemerkung'];
echo '<br/><strong>Gebucht am </strong>' . make_date_2_germandatetime($tupel_check['anfrage']);
echo '<br/><strong>Gutschein:</strong>' . $tupel_check['gutschein'];
echo '<br><button onclick="setStorno(' . $tupel_check['id'] . ');">Gesamte Reservierung stornieren</button>';
echo '</p></div>';
}
}
}
function count_slots($id) {
$sql = 'SELECT count(id_res) as spieleanzahl FROM ' . DB_GAME . ' WHERE id_res = ' . $id . '';
$result = mysql_query($sql, CON);
if ($result == false) {
return false;
} else {
$tupel = mysql_fetch_array($result, MYSQL_ASSOC);
return $tupel['spieleanzahl'];
}
}
function set_storno($id) {
$sql = 'DELETE FROM ' . DB_GAME . ' WHERE id_res = ' . $id . ';';
$result = mysql_query($sql, CON);
$sql = 'UPDATE ' . DB_RESERVE . ' SET status = "S" WHERE id = ' . $id . '';
$result = mysql_query($sql, CON);
if ($result == false) return false;
else return true;
}
function get_price_reserve($id) {
$sql = 'SELECT preis FROM ' . DB_RESERVE . ' WHERE id = ' . $id . '';
$result = mysql_query($sql, CON);
if ($result == false) {
return false;
} else {
$tupel = mysql_fetch_array($result, MYSQL_ASSOC);
return $tupel['preis'];
}
}
function delete_slot($id) {
$sql = 'SELECT id_res FROM ' . DB_GAME . ' WHERE id = ' . $id . ' GROUP BY id';
$result = mysql_query($sql, CON);
$tupel = mysql_fetch_array($result, MYSQL_ASSOC);
$id_res = $tupel['id_res'];
$preis = get_price_reserve($id_res);
$slots = count_slots($id_res);
if ($slots > 1) {
$preis = doubleval($preis / $slots * ($slots - 1));
$sql = 'DELETE FROM ' . DB_GAME . ' WHERE id = ' . $id . ';';
$result = mysql_query($sql, CON);
if ($result == false) {
return false;
} else {
$sql = 'UPDATE ' . DB_RESERVE . ' SET preis = ' . $preis . ' WHERE id = ' . $id_res . '';
$result = mysql_query($sql, CON);
if ($result == false) return false;
else return true;
}
} else {
if (set_storno($id_res)) return "last";
else return false;
}
}
function show_reservedata($seite, $type) {
$anzahl_pro_seite = 40;
$von = ($seite - 1) * $anzahl_pro_seite;
$sql = 'SELECT count(*) as anzahl FROM ' . DB_RESERVE . '';
$result_anzahl = mysql_query($sql, CON);
$tupel_anzahl = mysql_fetch_array($result_anzahl, MYSQL_ASSOC);
if ($type == "date") $sql = 'SELECT * FROM ' . DB_RESERVE . ' ORDER BY anfrage desc LIMIT ' . $von . ',' . $anzahl_pro_seite . '';
else $sql = 'SELECT * FROM ' . DB_RESERVE . ' ORDER BY nachname asc LIMIT ' . $von . ',' . $anzahl_pro_seite . '';
$result = mysql_query($sql, CON);
echo 'Seite ' . $seite . '<br><br>';
echo '<table class="show_reservedata"><tr><th><a href="../statistik/">Nachname</a></th><th>Vorname</th><th>E-Mail</th><th>Telefon</th><th><a href="../statistik_date/">Datum</a></th><th>Westen</th></tr>' . "
";
while ($tupel = mysql_fetch_array($result, MYSQL_ASSOC)) {
$sql_westen = 'SELECT westen FROM ' . DB_GAME . ' WHERE id_res = ' . $tupel['id'] . ' LIMIT 0,1';
$result_westen = mysql_query($sql_westen, CON);
$tupel_westen = mysql_fetch_array($result_westen, MYSQL_ASSOC);
echo '<tr><td>' . $tupel['nachname'] . '</td><td>' . $tupel['vorname'] . '</td><td>' . $tupel['e_mail'] . '</td><td>' . $tupel['telefon'] . '</td><td>' . $tupel['anfrage'] . '</td><td>' . $tupel_westen['westen'] . '</td></tr>' . "
";
}
echo '</table>' . "
";
$vorher = ($seite > 1 ? ($seite - 1) : 1);
$anzahl_seiten = ceil($tupel_anzahl['anzahl'] / $anzahl_pro_seite);
$nachher = ($seite >= $anzahl_seiten ? $anzahl_seiten : ($seite + 1));
echo '<div class="site_nav"><br><br>Seiten: <a href="?site=' . $vorher . '">' . $vorher . '</a>.<a href="?site=' . $nachher . '">' . $nachher . '</a>...<a href="?site=' . $anzahl_seiten . '">' . $anzahl_seiten . '</a></div>';
}
function get_txt() {
$sql = 'SELECT * FROM ' . DB_TXT . '';
$result = mysql_query($sql, CON);
if (false == $result || empty($result)) {
return false;
} else {
return $tupel = mysql_fetch_array($result, MYSQL_ASSOC);
}
}
function set_txt($_POST) {
$site_title = cleanuserinput($_POST['site_title']);
$headline = cleanuserinput($_POST['headline']);
$price_info = cleanuserinput($_POST['price_info']);
$txt_info_e_mail = cleanuserinput(nl2br($_POST['txt_info_e_mail']));
$button_txt = cleanuserinput($_POST['button_txt']);
$txt_e_mail_confirm = cleanuserinput(nl2br($_POST['txt_e_mail_confirm']));
$txt_e_mail_reserve = cleanuserinput(nl2br($_POST['txt_e_mail_reserve']));
$sql = 'SELECT site_title FROM ' . DB_TXT . '';
$result = mysql_query($sql, CON);
if (false == $result || mysql_num_rows($result) == 0) {
$sql = 'INSERT INTO ' . DB_TXT . ' VALUES ("' . $site_title . '","' . $headline . '", "' . $price_info . '","' . $txt_info_e_mail . '","' . $button_txt . '","' . $txt_e_mail_confirm . '","' . $txt_e_mail_reserve . '")';
} else {
$sql = 'UPDATE ' . DB_TXT . ' SET site_title = "' . $site_title . '" , headline = "' . $headline . '" , price_info = "' . $price_info . '" , txt_info_e_mail = "' . $txt_info_e_mail . '" , button_txt = "' . $button_txt . '" , txt_e_mail_confirm = "' . $txt_e_mail_confirm . '" , txt_e_mail_reserve = "' . $txt_e_mail_reserve . '"';
}
$result = mysql_query($sql, CON);
if (false == $result) {
return false;
} else {
return true;
}
} ?>
