Server IP : 104.21.14.48 / Your IP : 3.137.190.150 [ Web Server : Apache System : Linux b70eb322-3aee-0c53-7c82-0db91281f2c6.secureserver.net 6.1.90-1.el9.elrepo.x86_64 #1 SMP PREEMPT_DYNAMIC Thu May 2 12:09:22 EDT 2024 x86_64 User : root ( 0) PHP Version : 8.0.30.2 Disable Function : NONE Domains : 0 Domains MySQL : ON | cURL : ON | WGET : ON | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /var/chroot/var/www/wp-content/plugins/appointment-hour-booking/ |
Upload File : |
<?php if ( ! defined( 'ABSPATH' ) ) exit; // Exit if accessed directly $this->item = intval($_GET["cal"]); $current_user = wp_get_current_user(); $current_user_access = current_user_can('manage_options'); if ( !is_admin() || (!$current_user_access && !@in_array($current_user->ID, unserialize($this->get_option("cp_user_access",""))))) { echo 'Direct access not allowed.'; exit; } $firstday = 0; if ($this->item != 0) { $myform = $wpdb->get_results( $wpdb->prepare('SELECT * FROM '.$wpdb->prefix.$this->table_items .' WHERE id=%d' ,$this->item) ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared $raw_form_str = $this->cleanJSON( $myform[0]->form_structure ); $form_data = json_decode( $raw_form_str ); foreach($form_data[0] as $item) { if ($item->ftype == 'fapp') { $firstday = $item->firstDay; break; } } } $default_from = date("Y-m-d",strtotime("today -10 days")); $default_to = date("Y-m-d",strtotime("today +30 days")); $rawfrom = (isset($_GET["dfrom"]) ? sanitize_text_field($_GET["dfrom"]) : ''); $rawto = (isset($_GET["dto"]) ? sanitize_text_field(@$_GET["dto"]) : ''); $rawfrom = str_replace(',',' ',$rawfrom); $rawto = str_replace(',',' ',$rawto); if ($this->get_option('date_format', 'mm/dd/yy') == 'dd/mm/yy' || $this->get_option('date_format', 'mm/dd/yy') == 'd M, y') { $rawfrom = str_replace('/','.',$rawfrom); $rawto = str_replace('/','.',$rawto); } $dfrom = ($rawfrom != '' ? date("Y-m-d", strtotime($rawfrom)) : $default_from); $dto = ($rawto != '' ? date("Y-m-d", strtotime($rawto)) : $default_to); if ($this->get_option('date_format', 'mm/dd/yy') == 'd M, y') { $dfrom_formatted = date("d/m/Y", strtotime($dfrom)); $dto_formatted = date("d/m/Y", strtotime($dto)); } else { $dfrom_formatted = $this->format_date($dfrom); $dto_formatted = $this->format_date($dto); } ?> <h1><?php esc_html_e('Schedule','appointment-hour-booking'); ?> - <?php if ($this->item != 0) echo esc_html($myform[0]->form_name); else echo 'All forms'; ?></h1> <div class="ahb-buttons-container"> <?php if (!isset($_GET["calendarview"])) { ?> <input type="button" value="<?php esc_html_e('Change to Schedule Calendar View','appointment-hour-booking'); ?>" class="button button-primary" onclick="document.location='?page=<?php echo esc_attr($this->menu_parameter); ?>&cal=<?php echo intval($this->item); ?>&schedule=1&calendarview=1';" /> <?php } else { ?> <input type="button" value="<?php esc_html_e('Change to Schedule List View','appointment-hour-booking'); ?>" class="button button-primary" onclick="document.location='?page=<?php echo esc_attr($this->menu_parameter); ?>&cal=<?php echo intval($this->item); ?>&schedule=1';" /> <input type="button" value="<?php esc_html_e('Customize Contents of this Calendar','appointment-hour-booking'); ?>" class="button" style="margin-left:20px;" onclick="document.location='?page=<?php echo esc_attr($this->menu_parameter); ?>_settings&gotab=schedulecalarea';" /> <?php } ?> <a href="<?php print esc_attr(admin_url('admin.php?page='.$this->menu_parameter));?>" class="ahb-return-link">←<?php esc_html_e('Return to the calendars list','appointment-hour-booking'); ?></a> <div class="clear"></div> </div> <?php if (!isset($_GET["calendarview"])) { ?> <div class="ahb-section-container"> <div class="ahb-section"> <form action="admin.php" method="get"> <input type="hidden" name="page" value="<?php echo esc_attr($this->menu_parameter); ?>" /> <input type="hidden" name="cal" value="<?php echo intval($this->item); ?>" /> <input type="hidden" name="schedule" value="1" /> <nobr><label><?php esc_html_e('From','appointment-hour-booking'); ?>:</label> <input autocomplete="off" type="text" id="dfrom" name="dfrom" value="<?php echo esc_attr($dfrom_formatted); ?>" > </nobr> <nobr><label><?php esc_html_e('To','appointment-hour-booking'); ?>:</label> <input autocomplete="off" type="text" id="dto" name="dto" value="<?php echo esc_attr($dto_formatted); ?>" > </nobr> <nobr><?php esc_html_e('Paid Status','appointment-hour-booking'); ?>: <select id="paid" name="paid"> <option value=""><?php esc_html_e('All','appointment-hour-booking'); ?></option> <option value="1" <?php if (!empty($_GET["paid"])) echo ' selected'; ?>><?php esc_html_e('Paid only','appointment-hour-booking'); ?></option> </select></nobr> <nobr><?php esc_html_e('Booking Status','appointment-hour-booking'); ?>: <?php $this->render_status_box('status', (!isset($_GET["status"])?'all':sanitize_text_field($_GET["status"])), true); ?></nobr> <nobr><label><?php esc_html_e('Item','appointment-hour-booking'); ?>:</label> <select id="cal" name="cal"> <?php if ($current_user_access) { ?> <option value="0">[<?php esc_html_e('All Items','appointment-hour-booking'); ?>]</option><?php } ?> <?php $myrows = $wpdb->get_results( "SELECT * FROM ".$wpdb->prefix.$this->table_items ); // phpcs:ignore WordPress.DB.PreparedSQL.NotPrepared $saved_id = $this->item; foreach ($myrows as $item) { $this->setId($item->id); if ($current_user_access || @in_array($current_user->ID, unserialize($this->get_option("cp_user_access","")))) echo '<option value="'.intval($item->id).'"'.(intval($item->id)==intval($saved_id)?" selected":"").'>'.esc_html($item->form_name).'</option>'; } $this->setId($saved_id); ?> </select></nobr> <div style="float:right;margin-top:3px;"> <nobr> <input type="submit" name="ds" value="<?php esc_html_e('Filter','appointment-hour-booking'); ?>" class="button-primary button" style=""> <input type="submit" name="<?php echo esc_attr($this->prefix); ?>_csv2" value="<?php esc_html_e('Export to CSV','appointment-hour-booking'); ?>" class="button" style="margin-left:10px;"> </nobr> </div> </form> <div style="clear:both"></div> </div> </div> <br /> <div id="dex_printable_contents"> <div class="cpapp_no_wrap"> <div class="cpappb_field_0 cpappb_field_header"><?php esc_html_e('Date','appointment-hour-booking'); ?></div> <div class="cpappb_field_1 cpappb_field_header"><?php esc_html_e('Slot','appointment-hour-booking'); ?></div> <div class="cpappb_field_2 cpappb_field_header"><?php esc_html_e('Service','appointment-hour-booking'); ?></div> <div class="cpappb_field_3 cpappb_field_header"><?php esc_html_e('Qty','appointment-hour-booking'); ?></div> <div class="cpappb_field_4 cpappb_field_header"><?php esc_html_e('Paid','appointment-hour-booking'); ?></div> <div class="cpappb_field_5 cpappb_field_header"><?php esc_html_e('Email','appointment-hour-booking'); ?></div> <div class="cpappb_field_6 cpappb_field_header"><?php esc_html_e('Data','appointment-hour-booking'); ?></div> <div class="cpappb_field_7 cpappb_field_header"><?php esc_html_e('Status','appointment-hour-booking'); ?></div> <div class="cpappb_field_8 cpappb_field_header"><?php esc_html_e('Options','appointment-hour-booking'); ?></div> <div class="cpapp_break"></div> </div> <div class="cpapp_break"></div> <?php echo $this->filter_list( array( // phpcs:ignore WordPress.Security.EscapeOutput 'calendar' => ($this->item != 0 ? intval($this->item) : ''), 'fields' => 'DATE,TIME,SERVICE,quantity,paid,email,data,cancelled,options', 'from' => esc_html($dfrom), 'to' => esc_html($dto), 'paidonly' => esc_html( (!empty($_GET["paid"])?sanitize_text_field($_GET["paid"]):'')), 'status' => (!isset($_GET["status"])?'all':esc_html(sanitize_text_field($_GET["status"]))) ) ); ?> </div> <div class="ahb-buttons-container"> <input type="button" value="<?php esc_html_e('Print','appointment-hour-booking'); ?>" class="button button-primary" onclick="do_dexapp_print();" /> <a href="<?php print esc_attr(admin_url('admin.php?page='.$this->menu_parameter));?>" class="ahb-return-link">←<?php esc_html_e('Return to the calendars list','appointment-hour-booking'); ?></a> <div class="clear"></div> </div> <?php } else { ?> <div id="cpabc_printable_contents"> <p><?php _e('The purpose of this page is to <strong>display the bookings/schedule in a calendar view</strong>. You can add bookings from the public booking form or','appointment-hour-booking'); ?> <a href="?page=<?php echo esc_attr($this->menu_parameter); ?>&cal=<?php echo intval($this->item); ?>&addbk=1"><?php esc_html_e('add bookings from the dashboard','appointment-hour-booking'); ?></a> <?php _e('and the bookings will appear in this calendar.<br />For CSV export, print and filter options switch to the "<strong>List View</strong>" with the button above this text.','appointment-hour-booking'); ?> </p> <div class="clearer"></div> <script type="text/javascript"> var pathCalendar = "<?php echo esc_js($this->get_site_url( true )); ?>?cp_app_action=mv&formid=<?php echo intval($this->item); ?>"; var dc_subjects = "";var dc_locations = ""; initMultiViewCal("cal<?php echo intval($this->item); ?>", <?php echo intval($this->item); ?>, {viewDay:true, viewWeek:true, viewMonth:true, viewNMonth:true, viewList:true, viewdefault:"week", numberOfMonths:12, showtooltip:false, tooltipon:0, shownavigate:false, url:"", target:0, start_weekday: <?php echo intval($firstday); ?>, language:"en-GB", cssStyle:"cupertino", edition:true, btoday:true, dialogWidth: 330, bnavigation:true, brefresh:true, bnew:false, path:pathCalendar, userAdd:false, userEdit:false, userDel:false, userEditOwner:false, userDelOwner:false, showtooltipdwm:true, userOwner:0 ,cellheight:62 , palette:0, paletteDefault:"F00", <?php $otherparams = get_option('cp_cpappb_schcalcontent_otherparams',''); if ($otherparams != '') $otherparams = rtrim($otherparams,",").","; echo str_replace('"','"',esc_html($otherparams)); // phpcs:ignore WordPress.Security.EscapeOutput ?> paletteFull:["FFF","FCC","FC9","FF9","FFC","9F9","9FF","CFF","CCF","FCF","CCC","F66","F96","FF6","FF3","6F9","3FF","6FF","99F","F9F","BBB","F00","F90","FC6","FF0","3F3","6CC","3CF","66C","C6C","999","C00","F60","FC3","FC0","3C0","0CC","36F","63F","C3C","666","900","C60","C93","990","090","399","33F","60C","939","333","600","930","963","660","060","366","009","339","636","000","300","630","633","330","030","033","006","309","303"]}); </script> <div id="multicalendar"><div id="cal<?php echo intval($this->item); ?>" class="multicalendar"></div></div> <div style="clear:both;height:20px" ></div> </div> <?php } ?> <script type="text/javascript"> function do_dexapp_print() { w=window.open(); w.document.write("<style>.cpappb_field_header {font-weight: bold;background-color: #dcdcdc;}.cpapp_break { clear: both; }.cpappb_field_0, .cpappb_field_1,.cpappb_field_2, .cpappb_field_3,.cpappb_field_4, .cpappb_field_5,.cpappb_field_6, .cpappb_field_7,.cpappb_field_8, .cpappb_field_9,.cpappb_field_10, .cpappb_field_11{float: left; min-width: 80px;padding-right:11px;border-bottom: 1px dotted #777777;margin-left: 1px; padding: 5px;margin: 2px;}.cpappb_field_0 {color: #44aa44;font-weight: bold; }.cpappb_field_1 {color: #aaaa44;font-weight: bold; }.cpappb_field_2{width:180px;}.cpappb_field_3{min-width: 20px;width:20px ;max-width:20px;}.cpappb_field_5{width:200px;overflow:hidden;}.cpappb_field_4,.cpappb_field_6{display:none;}.cpnopr{display:none;};table{border:2px solid black;width:100%;}th{border-bottom:2px solid black;text-align:left}td{padding-left:10px;border-bottom:1px solid black;}.cpappb_field_8 {display:none;}</style>"+document.getElementById('dex_printable_contents').innerHTML); w.print(); w.close(); } <?php $dformatc = $this->get_option('date_format', 'mm/dd/yy'); if ($dformatc == 'd M, y') $dformatc = 'dd/mm/yy'; ?> var $j = jQuery.noConflict(); $j(function() { $j("#dfrom").datepicker({ dateFormat: '<?php echo esc_js($dformatc); ?>' }); $j("#dto").datepicker({ dateFormat: '<?php echo esc_js($dformatc); ?>' }); }); </script>