From 3a82a2dc744ce1bcb29265a40affd23bbd93776a Mon Sep 17 00:00:00 2001
From: Nick Barry <nbarry@unl.edu>
Date: Wed, 15 Aug 2018 17:12:38 -0500
Subject: [PATCH] handle duplicate event name issues, modify admins, disable
 single sign out to match production

---
 include/events.class.php  | 20 +++++++++++++-------
 include/functions.inc.php |  4 ++++
 include/user.class.php    |  2 ++
 index.php                 | 11 ++++++++---
 templates/main.xhtml      |  5 +++--
 5 files changed, 30 insertions(+), 12 deletions(-)

diff --git a/include/events.class.php b/include/events.class.php
index 3598f8c..0ed8e8f 100644
--- a/include/events.class.php
+++ b/include/events.class.php
@@ -104,13 +104,19 @@ class Events
 			'grad_credit' => $grad_credit,
 			'semester_code' => $_SESSION['semester_code']
 		);
-		auto_insert( $this->db, 'events', $data );
-		$data['event_id'] = $this->db->Insert_ID();
-        if ( $this->sqlite ) {
-		    auto_insert( $this->sqlite, 'events', $data );
-        }
-		
-		return true;
+
+		$event = get_event_by_name($data['name']);
+		if ($event) {
+			//throw new Exception('Event name already exists!');
+			return false;
+		} else {
+			auto_insert( $this->db, 'events', $data );
+			$data['event_id'] = $this->db->Insert_ID();
+			if ( $this->sqlite ) {
+				auto_insert( $this->sqlite, 'events', $data );
+			}
+			return true;
+		}
 	}
 	
 	public function edit_event( $id, $name, $start_time, $end_time, $ugrad_credit, $grad_credit )
diff --git a/include/functions.inc.php b/include/functions.inc.php
index c14b38e..ccff270 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -710,6 +710,10 @@ function get_event($eventId) {
     return DB::get_instance()->GetRow('SELECT * FROM events WHERE event_id=?', array($eventId));
 }
 
+function get_event_by_name($eventName) {
+	return DB::get_instance()->GetRow('SELECT * FROM events WHERE `name`=?', array($eventName));
+}
+
 function get_course($courseId) {
     return DB::get_instance()->GetRow("SELECT * FROM courses WHERE course_id=?", array($courseId));
 }
diff --git a/include/user.class.php b/include/user.class.php
index 243e51c..b6bdc82 100644
--- a/include/user.class.php
+++ b/include/user.class.php
@@ -46,6 +46,8 @@ class User
             'nbarry10',     // Nick Barry
             'rfeese2',      // Roger Feese
             'breetz2',      // Brian Reetz
+            'jhaas3',       // Jeff Haas
+            'jbarrerasmilanes2', // Raul Barreras
         );
 
 		$ds = ldap_connect(Config::getInstance()->ldapHost,389);
diff --git a/index.php b/index.php
index 112e99d..9723d9b 100644
--- a/index.php
+++ b/index.php
@@ -23,7 +23,7 @@ ini_set( 'arg_separator.output', '&amp;' );
 
 $db = db::get_instance();
 import_new_records();
-validate_user_session();
+//validate_user_session();
 
 //update_credit_tardy_etc( 294, $db );
 
@@ -173,18 +173,23 @@ else if( $_GET['module'] == 'main' )
 	else if( $_GET['action'] == 'set_up_events' )
 	{
 		$eh = new Events();
+		$template['message'] = "";
 		$template['events'] = $eh->get_future_events();
 		$template['previous_events'] = $eh->get_past_events();
 		if( isset( $_POST['add_event'] ) )
 		{
-			$eh->add_event(
+			$result = $eh->add_event(
 				$_POST['name'],
 				strtotime( $_POST['year'] . '-' . $_POST['month'] . '-' . $_POST['day'] . ' ' . $_POST['start_hour'] . ':' . $_POST['start_min'] . $_POST['start_am_pm'] ),
 				strtotime( $_POST['year'] . '-' . $_POST['month'] . '-' . $_POST['day'] . ' ' . $_POST['end_hour'] . ':' . $_POST['end_min'] . $_POST['end_am_pm'] ),
 				$_POST['ugrad_credit'],
 				$_POST['grad_credit']
 			);
-			$refresh = 'index.php?module=main&action=set_up_events';
+			if ($result === false) {
+				$template['message'] = "Event name already exists!";
+			} else {
+				$refresh = 'index.php?module=main&action=set_up_events';
+			}
 		}
 		else if( isset( $_POST['edit_events'] ) )
 		{
diff --git a/templates/main.xhtml b/templates/main.xhtml
index b2bf4e2..65f701c 100644
--- a/templates/main.xhtml
+++ b/templates/main.xhtml
@@ -212,6 +212,7 @@ Add Comment:
 		<h2>Manage Events</h2>
 	</div>
 	<div class="round_body">
+		<?php if ($template['message']) { echo '<span style="color:red;">'.$template['message'].'</span><br><br>'; } ?>
 <em>Add New Event</em>
 <form action="index.php?module=main&amp;action=set_up_events" method="post">
 	<table>
@@ -224,7 +225,7 @@ Add Comment:
 			<th>Grad</th>
 		</tr>
 		<tr>
-			<td><input type="text" name="name" /></td>
+			<td><input type="text" name="name" id="name" /></td>
 			<td>
 				<select name="month">
 				<?php for( $i = 1; $i <= 12; $i++ ) { ?>
@@ -284,7 +285,7 @@ Add Comment:
 			</td>
 		</tr>
 	</table>
-	<input type="submit" name="add_event" value="Add Event" />
+	<input type="submit" name="add_event" value="Add Event" onclick="if(document.getElementById('name').value==''){alert('Event name is empty');return false;}" />
 </form>
 
 <?php if( is_array( $template['events'] ) && count( $template['events'] ) > 0 ) { ?>
-- 
GitLab