science-ation/admin/fundraising_sponsorship_handler.inc.php

<?
if($_POST['action']=="sponsorshipdelete") {
	$stmt = $pdo->prepare("DELETE FROM fundraising_donations WHERE id='".intval($_POST['delete'])."'");
	$stmt->execute();
	if($pdo->rowCount())
		happy_("Successfully removed sponsorship");
   exit;
}

if($_POST['action']=="sponsorshipedit" || $_POST['action']=="sponsorshipadd") {
	$sponsors_id=intval($_POST['sponsors_id']);
	$fundraising_donations_id=intval($_POST['fundraising_donations_id']);
	$fundraising_type=$_POST['fundraising_type'];
	
	$value=$_POST['value'];
	$status=$_POST['status'];
	$probability=$_POST['probability'];

	if($status=="confirmed" || $status=="received") $probability="100";
	if($probability==100 && $status=="pending") $status="confirmed";
}

if($_POST['action']=="sponsorshipedit") {

	if($fundraising_donations_id && $fundraising_type && $value) {
		$q=$pdo->prepare("SELECT * FROM fundraising_donations WHERE id='$fundraising_donations_id'");
		$q->execute();
		$current=$q->fetch(PDO::FETCH_OBJ);

		unset($log);
		$log=array();
		if($current->fundraising_type!=$fundraising_type)
			$log[]="Changed sponsorship type from $current->fundraising_type to $fundraising_type";

		if($current->value!=$value)
			$log[]="Changed sponsorship value from $current->value to $value";

		if($current->status!=$status)
			$log[]="Changed sponsorship status from $current->status to $status";

		if($current->probability!=$probability)
			$log[]="Changed sponsorship probability from $current->probability to $probability";

		if(count($log)) {
			$stmt = $pdo->prepare("UPDATE fundraising_donations SET fundraising_type='$fundraising_type', value='$value', status='$status', probability='$probability' WHERE id='$fundraising_donations_id'");
			$stmt->execute();
			foreach($log AS $l) {
					$stmt = $pdo->prepare("INSERT INTO fundraising_donor_logs (sponsors_id,dt,users_id,log) VALUES (
						'$current->sponsors_id',
						NOW(),
						'".$_SESSION['users_id']."',
						'".$l."')");
					$stmt->execute();
			}
			if($pdo->errorInfo())
				echo error_($pdo->errorInfo());
			else
                echo happy_("Saved sponsorship changes");
		}
		else
			echo error_("No changes were made");
	}
	else {
		echo error_("Required fields were missing, please try again".print_r($_POST,true));
	}
   exit;
}
if($_POST['action']=="sponsorshipadd") {
	if($sponsors_id && $fundraising_type && $value) {
		
		
		$stmt = $pdo->prepare("INSERT INTO fundraising_donations (sponsors_id,fundraising_type,value,status,probability,fiscalyear) VALUES ('$sponsors_id','$fundraising_type','$value','$status','$probability','{$config['FISCALYEAR']}')");
		$stmt->execute();

		
		$stmt = $pdo->prepare("INSERT INTO fundraising_donor_logs (sponsors_id,dt,users_id,log) VALUES (
		$stmt->execute();
			'$sponsors_id',
			NOW(),
			'".$_SESSION['users_id']."',
			'"."Created sponsorship: type=$fundraising_type, value=\$$value, status=$status, probability=$probability%")."')";
		happy_("Added new sponsorship");
	}
	else
		error_("Required fields were missing, please try again");
	if($pdo->errorInfo())
		error_($pdo->errorInfo());
   exit;
}

?>