forked from science-ation/science-ation
67 lines
2.4 KiB
PHP
67 lines
2.4 KiB
PHP
<?
|
|
if ($_POST['action'] == 'funddelete' && $_POST['delete']) {
|
|
// first lookup all the sponsorships inside the fund
|
|
$id = intval($_POST['delete']);
|
|
$q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE id='$id' AND year='" . $config['FISCALYEAR'] . "'");
|
|
$q->execute();
|
|
$f = $q->fetch(PDO::FETCH_OBJ);
|
|
// hold yer horses, no deleting system funds!
|
|
if ($f) {
|
|
if ($f->system == 'no') {
|
|
$stmt = $pdo->prepare("DELETE FROM fundraising_donations WHERE fundraising_goal='" . $f->type . "' AND fiscalyear='" . $config['FISCALYEAR'] . "'");
|
|
$stmt->execute();
|
|
$stmt = $pdo->prepare("DELETE FROM fundraising_goals WHERE id='$id'");
|
|
$stmt->execute();
|
|
if ($pdo->rowCount())
|
|
happy_('Successfully removed fund %1', array($f->name));
|
|
} else {
|
|
error_('Cannot remove system fund');
|
|
}
|
|
}
|
|
exit;
|
|
}
|
|
if ($_POST['action'] == 'fundedit' || $_POST['action'] == 'fundadd') {
|
|
$fundraising_id = intval($_POST['fundraising_id']);
|
|
if ($fundraising_id) {
|
|
$q = $pdo->prepare("SELECT * FROM fundraising_goals WHERE id='$fundraising_id'");
|
|
$q->execute();
|
|
$f = $q->fetch(PDO::FETCH_OBJ);
|
|
$system = $f->system;
|
|
}
|
|
$name = $_POST['name'];
|
|
$goal = $_POST['goal'];
|
|
$description = $_POST['description'];
|
|
$budget = intval($_POST['budget']);
|
|
}
|
|
|
|
if ($_POST['action'] == 'fundedit') {
|
|
if (($system == 'yes' && $budget) || ($system == 'no' && $budget && $goal && $name)) {
|
|
if ($system == 'yes') {
|
|
$stmt = $pdo->prepare("UPDATE fundraising SET budget='$budget', description='$description' WHERE id='$fundraising_id'");
|
|
$stmt->execute();
|
|
} else {
|
|
$stmt = $pdo->prepare("UPDATE fundraising SET budget='$budget', description='$description', goal='$goal', name='$name' WHERE id='$fundraising_id'");
|
|
$stmt->execute();
|
|
}
|
|
|
|
if ($pdo->errorInfo())
|
|
error_('MySQL Error: %1', array($pdo->errorInfo()));
|
|
else
|
|
happy_('Saved fund changes');
|
|
} else {
|
|
error_('Required fields were missing, please try again');
|
|
}
|
|
exit;
|
|
}
|
|
if ($_POST['action'] == 'fundadd') {
|
|
if ($goal && $type && $name) {
|
|
$stmt = $pdo->prepare("INSERT INTO fundraising_goals (goal,name,description,system,budget,fiscalyear) VALUES ('$goal','$name','$description','no','$budget','{$config['FISCALYEAR']}')");
|
|
$stmt->execute();
|
|
happy_('Added new fund');
|
|
} else
|
|
error_('Required fields were missing, please try again');
|
|
if ($pdo->errorInfo())
|
|
error_('MySQL Error: %1', array($pdo->errorInfo()));
|
|
exit;
|
|
}
|