From 56ba9a8347cd6ac5cca08811e403eb72b629e7f8 Mon Sep 17 00:00:00 2001
From: Daniel Schwen
Date: Thu, 11 Feb 2016 13:36:48 -0700
Subject: [PATCH] Move security check into Functions.php and fix it (#309)
---
churchinfo/AddEvent.php | 14 +-
churchinfo/AutoPaymentDelete.php | 4 +-
churchinfo/AutoPaymentEditor.php | 169 ++++----
churchinfo/BackupDatabase.php | 14 +-
churchinfo/BatchWinnerEntry.php | 10 +-
churchinfo/CSVExport.php | 14 +-
churchinfo/CSVImport.php | 16 +-
churchinfo/Canvas05Editor.php | 34 +-
churchinfo/CanvassAutomation.php | 37 +-
churchinfo/CanvassEditor.php | 43 +-
churchinfo/CartToEvent.php | 8 +-
churchinfo/CartToFamily.php | 6 +-
churchinfo/CartToGroup.php | 4 +-
churchinfo/CartView.php | 17 +-
churchinfo/CheckVersion.php | 2 +-
churchinfo/Checkin.php | 94 ++---
churchinfo/Default.php | 31 +-
churchinfo/DepositSlipEditor.php | 134 +++---
churchinfo/DirectoryReports.php | 56 ++-
churchinfo/DonatedItemDelete.php | 2 +-
churchinfo/DonatedItemEditor.php | 68 ++--
churchinfo/DonationFundEditor.php | 22 +-
churchinfo/EditEventAttendees.php | 41 +-
churchinfo/EditEventTypes.php | 12 +-
churchinfo/ElectronicPaymentList.php | 28 +-
churchinfo/EventAttendance.php | 15 +-
churchinfo/EventEditor.php | 32 +-
churchinfo/EventNames.php | 25 +-
churchinfo/FamilyCustomFieldsEditor.php | 10 +-
churchinfo/FamilyEditor.php | 68 ++--
churchinfo/FamilyList.php | 6 +-
churchinfo/FamilyView.php | 100 +++--
churchinfo/FinancialReports.php | 8 +-
churchinfo/FindDepositSlip.php | 4 +-
churchinfo/FindFundRaiser.php | 5 +-
churchinfo/FundRaiserEditor.php | 30 +-
churchinfo/GenerateSeedData.php | 2 +-
churchinfo/GetText.php | 4 +-
churchinfo/GroupEditor.php | 11 +-
churchinfo/GroupList.php | 6 +-
churchinfo/GroupMeeting.php | 5 +-
churchinfo/GroupPropsEditor.php | 12 +-
churchinfo/GroupPropsFormEditor.php | 30 +-
churchinfo/GroupReports.php | 39 +-
churchinfo/GroupView.php | 36 +-
churchinfo/ImageDelete.php | 2 +-
churchinfo/ImageUpload.php | 2 +-
churchinfo/Include/CountryDropDown.php | 128 +++---
churchinfo/Include/Functions.php | 382 ++++++++++--------
churchinfo/Include/Header-function.php | 61 +--
churchinfo/Include/HeaderNotLoggedIn.php | 4 +-
churchinfo/LettersAndLabels.php | 14 +-
churchinfo/ListEvents.php | 10 +-
churchinfo/ManageEnvelopes.php | 2 +-
churchinfo/MapUsingGoogle.php | 7 +-
churchinfo/MemberRoleChange.php | 7 +-
churchinfo/MembersDashboard.php | 11 +-
churchinfo/Menu.php | 37 +-
churchinfo/NoteDelete.php | 4 +-
churchinfo/NoteEditor.php | 4 +-
churchinfo/OptionManager.php | 16 +-
churchinfo/PaddleNumDelete.php | 2 +-
churchinfo/PaddleNumEditor.php | 4 +-
churchinfo/PaddleNumList.php | 14 +-
churchinfo/PersonCustomFieldsEditor.php | 30 +-
churchinfo/PersonEditor.php | 52 ++-
churchinfo/PersonToGroup.php | 8 +-
churchinfo/PersonView.php | 66 ++-
churchinfo/PledgeDelete.php | 4 +-
churchinfo/PledgeDetails.php | 4 +-
churchinfo/PledgeEditor.php | 37 +-
churchinfo/PrintView.php | 6 +-
churchinfo/PropertyAssign.php | 6 +-
churchinfo/PropertyDelete.php | 4 +-
churchinfo/PropertyEditor.php | 11 +-
churchinfo/PropertyTypeDelete.php | 6 +-
churchinfo/PropertyTypeEditor.php | 5 +-
churchinfo/PropertyUnassign.php | 8 +-
churchinfo/QuerySQL.php | 6 +-
churchinfo/QueryView.php | 14 +-
churchinfo/RPCdummy.php | 6 +-
churchinfo/Register.php | 10 +-
churchinfo/ReminderReport.php | 4 +-
churchinfo/ReportList.php | 5 +-
churchinfo/Reports/SundaySchoolClassList.php | 8 +-
churchinfo/SelectDelete.php | 23 +-
churchinfo/SelectList.php | 27 +-
churchinfo/SettingsGeneral.php | 4 +-
churchinfo/SettingsReport.php | 2 +-
churchinfo/SettingsUser.php | 6 +-
churchinfo/SundaySchool.php | 8 +-
churchinfo/SundaySchoolClassView.php | 48 +--
churchinfo/TaxReport.php | 8 +-
churchinfo/UserDelete.php | 6 +-
churchinfo/UserEditor.php | 7 +-
churchinfo/UserList.php | 4 +-
churchinfo/UserPasswordChange.php | 12 +-
churchinfo/UserReset.php | 6 +-
churchinfo/VolunteerOpportunityEditor.php | 9 +-
churchinfo/WhyCameEditor.php | 20 +-
churchinfo/eGive.php | 22 +-
churchinfo/mailchimp/MailChimpDashboard.php | 6 +-
.../mailchimp/MailChimpMissingReport.php | 6 +-
.../vendor/fpdf17/makefont/makefont.php | 4 +-
churchinfo/vendor/google-map/GoogleMap.php | 4 +-
.../sdk-php-1.8.0/lib/AuthorizeNetARB.php | 2 +-
.../sdk-php-1.8.0/lib/AuthorizeNetCIM.php | 2 +-
.../sdk-php-1.8.0/lib/AuthorizeNetTD.php | 2 +-
108 files changed, 1223 insertions(+), 1354 deletions(-)
mode change 100755 => 100644 churchinfo/eGive.php
diff --git a/churchinfo/AddEvent.php b/churchinfo/AddEvent.php
index 3526006c8a..a0a4c14e74 100644
--- a/churchinfo/AddEvent.php
+++ b/churchinfo/AddEvent.php
@@ -118,10 +118,10 @@
@@ -309,8 +309,8 @@
-
-
+
+
-
+
diff --git a/churchinfo/AutoPaymentDelete.php b/churchinfo/AutoPaymentDelete.php
index 204d374e66..bbc4ccb4b4 100644
--- a/churchinfo/AutoPaymentDelete.php
+++ b/churchinfo/AutoPaymentDelete.php
@@ -75,6 +75,4 @@
-
+
diff --git a/churchinfo/AutoPaymentEditor.php b/churchinfo/AutoPaymentEditor.php
index 63b34433db..bcb906906a 100644
--- a/churchinfo/AutoPaymentEditor.php
+++ b/churchinfo/AutoPaymentEditor.php
@@ -42,7 +42,7 @@
$tEmail=$fam_Email;
$iInterval = 1;
$iFund = 1;
-
+
$bEnableBankDraft=0;
$bEnableCreditCard=0;
@@ -58,9 +58,9 @@
$tRoute="";
$tAccount="";
$tAccountVanco="";
-
+
$nAmount = 0;
-
+
$sSQL = "INSERT INTO autopayment_aut (
aut_FamID,
aut_EnableBankDraft,
@@ -117,9 +117,9 @@
"'" . 1 . "'," .
"'" . date ("YmdHis") . "'," .
$_SESSION['iUserID'] .
- ")";
+ ")";
RunQuery($sSQL);
-
+
$sSQL = "SELECT MAX(aut_ID) AS iAutID FROM autopayment_aut";
$rsAutID = RunQuery($sSQL);
extract(mysql_fetch_array($rsAutID));
@@ -165,7 +165,7 @@
$tCreditCard = FilterInput ($_POST["CreditCard"]);
$tExpMonth = FilterInput ($_POST["ExpMonth"]);
$tExpYear = FilterInput ($_POST["ExpYear"]);
-
+
$tBankName = FilterInput ($_POST["BankName"]);
$tRoute = FilterInput ($_POST["Route"]);
$tAccount = FilterInput ($_POST["Account"]);
@@ -260,7 +260,7 @@
$customerid = "$iAutID"; // This is an optional value that can be used to indicate a unique customer ID that is used in your system
// put aut_ID into the $customerid field
// Create object to preform API calls
-
+
$workingobj = new VancoTools($VancoUserid, $VancoPassword, $VancoClientid, $VancoEnc_key, $VancoTest);
// Call Login API to receive a session ID to be used in future API calls
$sessionid = $workingobj->vancoLoginRequest();
@@ -269,7 +269,7 @@
}
?>
-
@@ -482,7 +482,7 @@ function VancoErrorString (errNo)
case 1070: return "Transaction Cannot Be Voided";
case 1073: return "Transaction Processed More Than 25 Minutes Ago";
case 1127: return "Declined - Tran Not Permitted";
- case 1128: return "Unable To Process, Please Try Again";
+ case 1128: return "Unable To Process, Please Try Again";
}
}
@@ -497,24 +497,25 @@ function CreatePaymentMethod()
accountNum = Account.value;
if (document.getElementById("EnableCreditCard").checked)
accountNum = CreditCard.value;
-
+
$.ajax({
type: "POST",
- url: "",
- data: { "sessionid":"= $sessionid ?>",
- "nvpvar":"= $nvpvarcontent ?>",
- "newcustomer":"true",
- "accounttype":accountType,
- "accountnumber":accountNum,
- "routingnumber":Route.value,
- "expmonth": ExpMonth.value,
- "expyear": ExpYear.value,
+ url: "",
+ data: { "sessionid":"= $sessionid; ?>",
+ "nvpvar":"= $nvpvarcontent; ?>",
+ "newcustomer":"true",
+ "accounttype":accountType,
+ "accountnumber":accountNum,
+ "routingnumber":Route.value,
+ "expmonth": ExpMonth.value,
+ "expyear": ExpYear.value,
"email": Email.value,
- "name":FirstName.value + " " + LastName.value,
- "billingaddr1":Address1.value,
- "billingcity":City.value,
- "billingstate":State.value,
- "billingzip":Zip.value,
+ "name":FirstName.value + " " + LastName.value,
+ "billingaddr1":Address1.value,
+ "billingcity":City.value,
+ "billingstate":State.value,
+ "billingzip":Zip.value,
"name_on_card":FirstName.value + " " + LastName.value
},
dataType: 'jsonp',
@@ -525,7 +526,7 @@ function CreatePaymentMethod()
var errorList = vancodata["errorlist"];
$.ajax({
type: "POST",
- url: "",
+ url: "= $VancoUrltoredirect; ?>",
data: vancodata,
dataType: 'json',
async: true,
@@ -545,9 +546,9 @@ function CreatePaymentMethod()
errorArr = errorList.split(',');
errorStr = "";
for (var i = 0; i < errorArr.length; i++)
- errorStr += "Error " + errorArr[i] + ": " + VancoErrorString(Number(errorArr[i])) + "\n";
+ errorStr += "Error " + errorArr[i] + ": " + VancoErrorString(Number(errorArr[i])) + "\n";
alert (errorStr);
- window.location = "";
+ window.location = "= RedirectURL ("AutoPaymentEditor.php")."?AutID=$iAutID&FamilyID=$aut_FamID$&linkBack=$linkBack"; ?>";
}
},
error: function (jqXHR, textStatus, errorThrown, nashuadata) {
@@ -563,7 +564,7 @@ function CreatePaymentMethod()
});
}
-
@@ -598,7 +599,7 @@ function CreatePaymentMethod()
if ($iFamily == $fam_ID) { echo " selected"; }
echo ">" . $fam_Name . " " . FormatAddressLine($fam_Address1, $fam_City, $fam_State);
}
- ?>
+ ?>
@@ -624,13 +625,13 @@ function CreatePaymentMethod()
-
-
+ = gettext("Payment amount"); ?>
+
-
-
+ = gettext("Payment interval (months)"); ?>
+
@@ -652,130 +653,130 @@ function CreatePaymentMethod()
if ($fun_active != 'true') echo " (" . gettext("inactive") . ")";
echo "" ;
}
- ?>
+ ?>
-
+
-
-
+ = gettext("First name"); ?>
+
-
-
+ = gettext("Last name"); ?>
+
-
-
+ = gettext("Address 1"); ?>
+
-
-
+ = gettext("Address 2"); ?>
+
-
-
+ = gettext("City"); ?>
+
-
-
+ = gettext("State"); ?>
+
-
-
+ = gettext("Zip code"); ?>
+
-
-
+ = gettext("Country"); ?>
+
-
-
+ = gettext("Phone"); ?>
+
-
-
+ = gettext("Email"); ?>
+
-
-
+ = gettext("Credit Card"); ?>
+
-
-
-
+ = gettext("Vanco Credit Card Method"); ?>
+
-
-
-
+ = gettext("Expiration Month"); ?>
+
-
-
+ = gettext("Expiration Year"); ?>
+
-
-
+ = gettext("Bank Name"); ?>
+
-
-
+ = gettext("Bank Route Number"); ?>
+
-
-
-
-= gettext("Bank Account Number"); ?>
+
+
+
-
-
-
-= gettext("Vanco Bank Account Method"); ?>
+
+
+
-
- 0) {
?>
-
Save this record to enable storing private data at Vanco
-
-
@@ -786,6 +787,4 @@ function CreatePaymentMethod()
-
+
diff --git a/churchinfo/BackupDatabase.php b/churchinfo/BackupDatabase.php
index adc613073a..e8a2074f5d 100644
--- a/churchinfo/BackupDatabase.php
+++ b/churchinfo/BackupDatabase.php
@@ -29,7 +29,7 @@
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
die ("The Backup Utility will not work on a Windows based Server");
-}
+}
if (isset($sGZIPname)) $hasGZIP = true;
if (isset($sZIPname)) $hasZIP = true;
@@ -79,7 +79,7 @@
-
+
-
+
diff --git a/churchinfo/BatchWinnerEntry.php b/churchinfo/BatchWinnerEntry.php
index 599d85bcb0..cd4c05bd84 100644
--- a/churchinfo/BatchWinnerEntry.php
+++ b/churchinfo/BatchWinnerEntry.php
@@ -52,12 +52,12 @@
// Get Items for the drop-down
$sDonatedItemsSQL = "SELECT di_ID, di_Item, di_title, di_multibuy
FROM donateditem_di
- WHERE di_FR_ID = '" . $iCurrentFundraiser . "' ORDER BY SUBSTR(di_Item,1,1), CONVERT(SUBSTR(di_Item,2,3),SIGNED)";
+ WHERE di_FR_ID = '" . $iCurrentFundraiser . "' ORDER BY SUBSTR(di_Item,1,1), CONVERT(SUBSTR(di_Item,2,3),SIGNED)";
$rsDonatedItems = RunQuery($sDonatedItemsSQL);
//Get Paddles for the drop-down
-$sPaddleSQL = "SELECT pn_ID, pn_Num, pn_per_ID,
- a.per_FirstName AS buyerFirstName,
+$sPaddleSQL = "SELECT pn_ID, pn_Num, pn_per_ID,
+ a.per_FirstName AS buyerFirstName,
a.per_LastName AS buyerLastName
FROM paddlenum_pn
LEFT JOIN person_per a on a.per_ID=pn_per_ID
@@ -116,6 +116,4 @@
-
+
diff --git a/churchinfo/CSVExport.php b/churchinfo/CSVExport.php
index c3e4c1375b..d110166688 100644
--- a/churchinfo/CSVExport.php
+++ b/churchinfo/CSVExport.php
@@ -29,7 +29,7 @@
require "Include/Functions.php";
// If user does not have CSV Export permission, redirect to the menu.
-if (!$bExportCSV)
+if (!$bExportCSV)
{
Redirect("Menu.php");
exit;
@@ -192,7 +192,7 @@
- 0) or ($numFamCustomFields > 0)) {?>
+ 0) or ($numFamCustomFields > 0)) { ?>
@@ -405,6 +405,4 @@
$("#EnterDate1").datepicker({format:'yyyy-mm-dd'});
$("#EnterDate2").datepicker({format:'yyyy-mm-dd'});
-
+
diff --git a/churchinfo/CSVImport.php b/churchinfo/CSVImport.php
index b086dae61d..9bc03e5fd3 100644
--- a/churchinfo/CSVImport.php
+++ b/churchinfo/CSVImport.php
@@ -118,7 +118,7 @@ function AssignRoles()
// Set the page title and include HTML header
$sPageTitle = "CSV Import";
-require "Include/Header.php";?>
+require "Include/Header.php"; ?>
@@ -890,14 +890,14 @@ function AssignRoles()
-
+ = gettext("Check to confirm"); ?>
@@ -127,9 +126,9 @@
name="AssignCanvassers">
- = gettext("Randomly assign canvassers to all Families. The Canvassers are
- taken from the "Canvassers" Group.") ?>
-
+ = gettext("Randomly assign canvassers to all Families. The Canvassers are
+ taken from the "Canvassers" Group."); ?>
+ = gettext("Check to confirm") ?>
@@ -139,9 +138,9 @@
name="AssignNonPledging">
- = gettext("Randomly assign canvassers to non-pledging Families. The Canvassers are
- taken from the "BraveCanvassers" Group.") ?>
-
+ = gettext("Randomly assign canvassers to non-pledging Families. The Canvassers are
+ taken from the "BraveCanvassers" Group."); ?>
+ = gettext("Check to confirm") ?>
@@ -151,9 +150,9 @@
name="ClearCanvasserAssignments">
- Important
+ = gettext("Clear all the canvasser assignments for all families. Important
note: this will lose any canvasser assignments that have been made by hand.
"); ?>
-
+ = gettext("Check to confirm"); ?>
@@ -163,9 +162,9 @@
name="SetAllOkToCanvass">
- Important
+ = gettext("Turn on the "Ok To Canvass" field for all Families. Important
note: this will lose any "Ok To Canvass" fields that have been set by hand.
"); ?>
-
+ = gettext("Check to confirm"); ?>
@@ -175,9 +174,9 @@
name="ClearAllOkToCanvass">
- Important
+ = gettext("Turn off the "Ok To Canvass" field for all Families. Important
note: this will lose any "Ok To Canvass" fields that have been set by hand.
"); ?>
-
+ = gettext("Check to confirm"); ?>
@@ -219,15 +218,9 @@
name="NotInterestedReport">
- = gettext("Generate a PDF containing a report of the families marked "Not Interested"
- by the canvasser.") ?>
+ = gettext("Generate a PDF containing a report of the families marked "Not Interested" by the canvasser.") ?>
-
-
-
-
+
diff --git a/churchinfo/CanvassEditor.php b/churchinfo/CanvassEditor.php
index d3b0aad21f..478b6d5c75 100644
--- a/churchinfo/CanvassEditor.php
+++ b/churchinfo/CanvassEditor.php
@@ -66,7 +66,7 @@
if ($iCanvassID < 1) {
$sSQL = "INSERT INTO canvassdata_can (can_famID, can_Canvasser, can_FYID, can_date, can_Positive,
can_Critical, can_Insightful, can_Financial, can_Suggestion,
- can_NotInterested, can_WhyNotInterested)
+ can_NotInterested, can_WhyNotInterested)
VALUES (" . $iFamily . "," .
$iCanvasser . "," .
$iFYID . "," .
@@ -95,7 +95,7 @@
"can_Financial=\"" . $tFinancial . "\"," .
"can_Suggestion=\"" . $tSuggestion . "\"," .
"can_NotInterested=\"" . $bNotInterested . "\"," .
- "can_WhyNotInterested=\"" . $tWhyNotInterested .
+ "can_WhyNotInterested=\"" . $tWhyNotInterested .
"\" WHERE can_FamID = " . $iFamily;
//Execute the SQL
RunQuery($sSQL);
@@ -132,7 +132,7 @@
// Set some default values
$iCanvasser = $_SESSION['iUserID'];
$dDate = date("Y-m-d");
-
+
$dDate = "";
$tPositive = "";
$tCritical = "";
@@ -149,7 +149,6 @@
$rsBraveCanvassers = CanvassGetCanvassers (gettext ("BraveCanvassers"));
require "Include/Header.php";
-
?>
" name="CanvassEditor">
@@ -169,7 +168,7 @@
@@ -245,8 +244,6 @@
-
+
diff --git a/churchinfo/CartToEvent.php b/churchinfo/CartToEvent.php
index 6b69725293..db4a33d3e5 100644
--- a/churchinfo/CartToEvent.php
+++ b/churchinfo/CartToEvent.php
@@ -24,8 +24,8 @@
// Security: User must have Manage Groups & Roles permission
if (!$_SESSION['bManageGroups'])
{
- Redirect("Menu.php");
- exit;
+ Redirect("Menu.php");
+ exit;
}
// Was the form submitted?
@@ -41,7 +41,7 @@
$sSQL = "INSERT IGNORE INTO event_attend (event_id, person_id)";
$sSQL .= " VALUES ('".$iEventID."','".$_SESSION['aPeopleCart'][$element['key']]."')";
RunQuery($sSQL);
- $iCount++;
+ $iCount++;
}
$sGlobalMessage = $iCount . " records(s) successfully added to selected Event.";
@@ -99,7 +99,7 @@
" . gettext("Your cart is empty!") . "
";
+ echo "" . gettext("Your cart is empty!") . "
";
require "Include/Footer.php";
?>
diff --git a/churchinfo/CartToFamily.php b/churchinfo/CartToFamily.php
index 6d52614005..aebe632d3c 100644
--- a/churchinfo/CartToFamily.php
+++ b/churchinfo/CartToFamily.php
@@ -203,7 +203,7 @@
-
+ = gettext("If adding a new family, enter data below."); ?>
@@ -333,6 +333,4 @@
-
+
diff --git a/churchinfo/CartToGroup.php b/churchinfo/CartToGroup.php
index 9b6d26cbfd..e2c8db6829 100644
--- a/churchinfo/CartToGroup.php
+++ b/churchinfo/CartToGroup.php
@@ -134,7 +134,7 @@ function updateGroupRoles(generated_html)
echo "" . $grp_Name . " ";
}
echo "";
- ?>
+ ?>
@@ -144,7 +144,7 @@ function updateGroupRoles(generated_html)
- >
+ ">
--= gettext("OR") ?>--
= gettext("Create a New Group") ?>
diff --git a/churchinfo/CartView.php b/churchinfo/CartView.php
index 72fd340733..9e3336cd08 100644
--- a/churchinfo/CartView.php
+++ b/churchinfo/CartView.php
@@ -38,17 +38,17 @@
// Set the page title and include HTML header
$sPageTitle = gettext("View Your Cart");
-require "Include/Header.php";?>
+require "Include/Header.php"; ?>
-
= gettext("You have no items in your cart.") ;?>
+ if (!array_key_exists("Message", $_GET)) { ?>
+
= gettext("You have no items in your cart.") ; ?>
-
= $_GET["iCount"].' '.($_GET["iCount"] == 1 ? "Record":"Records").' Emptied into Event ID:'.$_GET["iEID"] ;?>
+
= $_GET["iCount"].' '.($_GET["iCount"] == 1 ? "Record":"Records").' Emptied into Event ID:'.$_GET["iEID"] ; ?>
16) { ?>
">
+ value="= gettext("Go To Labels"); ?>">
@@ -282,7 +282,7 @@ function codename()
@@ -672,5 +672,4 @@ function rmEmail()
RunQuery($sSQL);
echo 'Deleted Email message succesfuly ';
}
-
?>
diff --git a/churchinfo/CheckVersion.php b/churchinfo/CheckVersion.php
index bbd0b1c704..af1351299c 100644
--- a/churchinfo/CheckVersion.php
+++ b/churchinfo/CheckVersion.php
@@ -71,7 +71,7 @@
diff --git a/churchinfo/Checkin.php b/churchinfo/Checkin.php
index 4a2f2782a4..adefc1cd2f 100644
--- a/churchinfo/Checkin.php
+++ b/churchinfo/Checkin.php
@@ -81,7 +81,7 @@
- class="btn">
+ " class="btn">
--= gettext("OR") ?>--
= gettext("Add New Event") ?>
@@ -104,7 +104,7 @@
extract($aRow);
?>
-
+
@@ -190,10 +190,10 @@
null ) {
- loadperson($iAdultID);
+ loadperson($iAdultID);
}
- ?>
+ ?>
@@ -237,9 +237,9 @@
?>
- class="btn">
-
- " class="btn">
+
+
+ ?>
@@ -271,7 +271,7 @@
+ ?>
@@ -285,8 +285,8 @@
- name="Cancel" onClick="javascript:document.location='Checkin.php';">
- name="VerifyCheck" onClick="javascript:document.location='Checkin.php';">
+ " name="Cancel" onClick="javascript:document.location='Checkin.php';">
+ " name="VerifyCheck" onClick="javascript:document.location='Checkin.php';">
@@ -312,11 +312,11 @@
}
if(isset($_POST['VerifyCheck']) ){
$iAdultID = FilterInput($_POST["adult"],'int');
- ?>
+ ?>
-
-
-
+
+
+
@@ -348,7 +348,7 @@
+ ?>
@@ -361,7 +361,7 @@
-
+
- 0) {
$perRow = mysql_fetch_array($perOpps, MYSQL_BOTH);
- extract($perRow);
+ extract($perRow);
$sPerson = FormatFullName($per_Title,$per_FirstName,$per_MiddleName,$per_LastName,$per_Suffix,3);
} else {
$sPerson = "";
}
$per_Title='';$per_FirstName='';$per_MiddleName='';$per_LastName='';$per_Suffix='';
-
- //Get Person who checked person in
+
+ //Get Person who checked person in
if ($checkin_id > 0) {
$sSQL = "SELECT * FROM person_per WHERE per_ID = $checkin_id";
$perCheckin = RunQuery($sSQL);
@@ -410,14 +410,14 @@
}
$per_Title='';$per_FirstName='';$per_MiddleName='';$per_LastName='';$per_Suffix='';
- //Get Person who checked person out
+ //Get Person who checked person out
if ($checkout_id > 0) {
$sSQL = "SELECT * FROM person_per WHERE per_ID = $checkout_id";
$perCheckout = RunQuery($sSQL);
if (mysql_num_rows ($perCheckout) > 0) {
$perCheckoutRow = mysql_fetch_array($perCheckout, MYSQL_BOTH);
- extract($perCheckoutRow);
+ extract($perCheckoutRow);
$sCheckoutby = FormatFullName($per_Title,$per_FirstName,$per_MiddleName,$per_LastName,$per_Suffix,3);
} else
$sCheckoutby = '';
@@ -434,32 +434,32 @@
= $checkout_date ?>
= $sCheckoutby ?>
-
+
" class="btn" >
-
+
-
+= gettext("No Attendees Assigned to Event") ?>
-
-";
echo FormatFullName($per_Title, $per_FirstName, $per_MiddleName, $per_LastName, $per_Suffix, 0);
echo " ";
@@ -612,7 +612,7 @@ function loadperson($iPersonID){
-
';
}
@@ -625,11 +625,11 @@ function loadperson($iPersonID){
echo '' . $PhotoError . ' ';
echo '
-
-
';
}
diff --git a/churchinfo/Default.php b/churchinfo/Default.php
index 611aca8a1f..d9cc1fc6f4 100644
--- a/churchinfo/Default.php
+++ b/churchinfo/Default.php
@@ -373,42 +373,13 @@
document.LoginForm.User.focus();
diff --git a/churchinfo/DepositSlipEditor.php b/churchinfo/DepositSlipEditor.php
index 477d3ed4d4..663dd63186 100644
--- a/churchinfo/DepositSlipEditor.php
+++ b/churchinfo/DepositSlipEditor.php
@@ -41,7 +41,7 @@
$_SESSION['iCurrentDeposit'] = $iDepositSlipID;
// Set the session variable for default payment type so the new payment form will come up correctly
- if ($dep_Type == "Bank")
+ if ($dep_Type == "Bank")
$_SESSION['idefaultPaymentMethod'] = "CHECK";
else if ($dep_Type == "CreditCard")
$_SESSION['idefaultPaymentMethod'] = "CREDITCARD";
@@ -49,7 +49,7 @@
$_SESSION['idefaultPaymentMethod'] = "BANKDRAFT";
else if ($dep_Type == "eGive")
$_SESSION['idefaultPaymentMethod'] = "EGIVE";
-
+
// Security: User must have finance permission or be the one who created this deposit
if (! ($_SESSION['bFinance'] || $_SESSION['iUserID']==$dep_EnteredBy)) {
Redirect("Menu.php");
@@ -62,7 +62,7 @@
$sPageTitle = $dep_Type . " " . gettext("Deposit Slip Number: TBD");
else
$sPageTitle = $dep_Type . " " . gettext("Deposit Slip Number: ") . $iDepositSlipID;
-
+
//Is this the second pass?
if (isset($_POST["DepositSlipSubmit"])) {
//Get all the variables from the request object and assign them locally
@@ -96,7 +96,7 @@
// New deposit slip
if (! $iDepositSlipID)
{
- $sSQL = "INSERT INTO deposit_dep (dep_Date, dep_Comment, dep_EnteredBy, dep_Closed, dep_Type)
+ $sSQL = "INSERT INTO deposit_dep (dep_Date, dep_Comment, dep_EnteredBy, dep_Closed, dep_Type)
VALUES ('" . $dDate . "','" . $sComment . "'," . $_SESSION['iUserID'] . "," . $bClosed . ",'" . $sDepositType . "')";
$bGetKeyBack = True;
@@ -169,29 +169,29 @@
$method = "BANKDRAFT";
}
$dateToday = date ("Y-m-d");
-
+
$amount = $aut_Amount;
$FYID = $aut_FYID;
$interval = $aut_Interval;
$fund = $aut_Fund;
$authDate = $aut_NextPayDate;
$sGroupKey = genGroupKey($aut_ID, $aut_FamID, $fund, $dateToday);
-
+
// Check for this automatic payment already loaded into this deposit slip
$sSQL = "SELECT plg_plgID FROM pledge_plg WHERE plg_depID=" . $dep_ID . " AND plg_aut_ID=" . $aut_ID;
$rsDupPayment = RunQuery ($sSQL);
$dupCnt = mysql_num_rows ($rsDupPayment);
if ($amount > 0.00 && $dupCnt == 0) {
- $sSQL = "INSERT INTO pledge_plg (plg_FamID,
- plg_FYID,
- plg_date,
- plg_amount,
- plg_method,
- plg_DateLastEdited,
- plg_EditedBy,
- plg_PledgeOrPayment,
- plg_fundID,
+ $sSQL = "INSERT INTO pledge_plg (plg_FamID,
+ plg_FYID,
+ plg_date,
+ plg_amount,
+ plg_method,
+ plg_DateLastEdited,
+ plg_EditedBy,
+ plg_PledgeOrPayment,
+ plg_fundID,
plg_depID,
plg_aut_ID,
plg_CheckNo,
@@ -229,7 +229,7 @@
//Get the payments for this deposit slip
$sSQL = "SELECT plg_plgID,
- plg_amount,
+ plg_amount,
plg_scanString,
plg_aut_Cleared,
plg_aut_ResultID,
@@ -265,12 +265,12 @@
require_once 'vendor/sdk-php-1.8.0/AuthorizeNet.php';
include ("Include/AuthorizeNetConfig.php"); // Specific account information is in here
}
-
+
if ($sElectronicTransactionProcessor == "Vanco") {
include "Include/vancowebservices.php";
include "Include/VancoConfig.php";
}
-
+
while ($aTransaction =mysql_fetch_array($rsTransactions))
{
extract($aTransaction);
@@ -291,7 +291,7 @@
$donation->description = "UU Nashua Pledge";
$donation->email = $email;
$donation->phone = $phone;
-
+
// not setting these
// $donation->allow_partial_auth
// $donation->auth_code
@@ -337,19 +337,19 @@
// $donation->trans_id
// $donation->type
// $donation->version
-
+
if ($dep_Type == "CreditCard") {
$donation->card_num = $creditCard;
$donation->exp_date = $expMonth . "/" . $expYear;
} else {
// check payment info if supplied...
-
+
// Use eCheck:
$donation->bank_acct_name = $firstName . ' ' . $lastName;
$donation->bank_acct_num = $account;
$donation->bank_acct_type = 'CHECKING';
$donation->bank_name = $bankName;
-
+
$donation->setECheck(
$route,
$account,
@@ -359,12 +359,12 @@
'WEB'
);
}
-
+
$response = $donation->authorizeAndCapture();
if ($response->approved) {
$transaction_id = $response->transaction_id;
}
-
+
if ($response->approved) {
// Push the authorized transaction date forward by the interval
$sSQL = "UPDATE autopayment_aut SET aut_NextPayDate=DATE_ADD('" . $authDate . "', INTERVAL " . $aut_Interval . " MONTH) WHERE aut_ID = " . $aut_ID . " AND aut_Amount = " . $plg_amount;
@@ -373,13 +373,13 @@
$sSQL = "UPDATE autopayment_aut SET aut_Serial=aut_Serial+1 WHERE aut_ID = " . $aut_ID;
RunQuery ($sSQL);
}
-
+
if (! ($response->approved))
$response->approved = 0;
-
+
$sSQL = "UPDATE pledge_plg SET plg_aut_Cleared=" . $response->approved . " WHERE plg_plgID=" . $plg_plgID;
RunQuery($sSQL);
-
+
if ($plg_aut_ResultID) {
// Already have a result record, update it.
$sSQL = "UPDATE result_res SET " .
@@ -411,13 +411,13 @@
"'" . mysql_real_escape_string($response->avs_response) . "'," .
"'" . mysql_real_escape_string($response->transaction_id) . "')";
RunQuery($sSQL);
-
+
// Now get the ID for the newly created record
$sSQL = "SELECT MAX(res_ID) AS iResID FROM result_res";
$rsLastEntry = RunQuery($sSQL);
extract(mysql_fetch_array($rsLastEntry));
$plg_aut_ResultID = $iResID;
-
+
// Poke the ID of the new result record back into this pledge (payment) record
$sSQL = "UPDATE pledge_plg SET plg_aut_ResultID=" . $plg_aut_ResultID . " WHERE plg_plgID=" . $plg_plgID;
RunQuery($sSQL);
@@ -426,7 +426,7 @@
$customerid = "$aut_ID"; // This is an optional value that can be used to indicate a unique customer ID that is used in your system
// put aut_ID into the $customerid field
// Create object to preform API calls
-
+
$workingobj = new VancoTools($VancoUserid, $VancoPassword, $VancoClientid, $VancoEnc_key, $VancoTest);
// Call Login API to receive a session ID to be used in future API calls
$sessionid = $workingobj->vancoLoginRequest();
@@ -462,17 +462,17 @@
$retArr = array();
parse_str($addRet, $retArr);
-
+
$errListStr = "";
if (array_key_exists ("errorlist", $retArr))
$errListStr = $retArr["errorlist"];
-
+
$bApproved = false;
-
+
// transactionref=None&paymentmethodref=16610755&customerref=None&requestid=201411222041237455&errorlist=167
if ($retArr["transactionref"]!="None" && $errListStr == "")
$bApproved = true;
-
+
$errStr = "";
if ($errListStr != "") {
$errList = explode (",", $errListStr);
@@ -482,8 +482,8 @@
}
if ($errStr == "")
$errStr = "Success: Transaction reference number " . $retArr["transactionref"] . " ";
-
-
+
+
if ($bApproved) {
// Push the authorized transaction date forward by the interval
$sSQL = "UPDATE autopayment_aut SET aut_NextPayDate=DATE_ADD('" . $authDate . "', INTERVAL " . $aut_Interval . " MONTH) WHERE aut_ID = " . $aut_ID . " AND aut_Amount = " . $plg_amount;
@@ -492,26 +492,26 @@
$sSQL = "UPDATE autopayment_aut SET aut_Serial=aut_Serial+1 WHERE aut_ID = " . $aut_ID;
RunQuery ($sSQL);
}
-
+
$sSQL = "UPDATE pledge_plg SET plg_aut_Cleared='" . $bApproved . "' WHERE plg_plgID=" . $plg_plgID;
RunQuery($sSQL);
-
+
if ($plg_aut_ResultID) {
// Already have a result record, update it.
-
+
$sSQL = "UPDATE result_res SET res_echotype2='" . mysql_real_escape_string($errStr) . "' WHERE res_ID=" . $plg_aut_ResultID;
RunQuery($sSQL);
} else {
// Need to make a new result record
$sSQL = "INSERT INTO result_res (res_echotype2) VALUES ('" . mysql_real_escape_string($errStr) . "')";
RunQuery($sSQL);
-
+
// Now get the ID for the newly created record
$sSQL = "SELECT MAX(res_ID) AS iResID FROM result_res";
$rsLastEntry = RunQuery($sSQL);
extract(mysql_fetch_array($rsLastEntry));
$plg_aut_ResultID = $iResID;
-
+
// Poke the ID of the new result record back into this pledge (payment) record
$sSQL = "UPDATE pledge_plg SET plg_aut_ResultID=" . $plg_aut_ResultID . " WHERE plg_plgID=" . $plg_plgID;
RunQuery($sSQL);
@@ -526,7 +526,7 @@
if ($iDepositSlipID) {
//Editing....
//Get all the data on this record
-
+
$sSQL = "SELECT * FROM deposit_dep WHERE dep_ID = " . $iDepositSlipID;
$rsDepositSlip = RunQuery($sSQL);
extract(mysql_fetch_array($rsDepositSlip));
@@ -545,7 +545,7 @@
//Get the payments for this deposit slip
$sSQL = "SELECT plg_plgID, plg_famID, plg_date, plg_FYID, plg_amount, plg_CheckNo, plg_method, plg_comment, plg_aut_Cleared,
a.fam_Name AS FamilyName, b.fun_Name as fundName, plg_NonDeductible, plg_GroupKey
- FROM pledge_plg
+ FROM pledge_plg
LEFT JOIN family_fam a ON plg_FamID = a.fam_ID
LEFT JOIN donationfund_fun b ON plg_fundID = b.fun_ID
WHERE plg_depID = " . $iDepositSlipID . " AND plg_PledgeOrPayment='Payment' ORDER BY pledge_plg.plg_plgID, pledge_plg.plg_date";
@@ -566,7 +566,7 @@
?>
-" name="DepositSlipEditor">
+ " name="DepositSlipEditor">
@@ -577,7 +577,7 @@
" name="DepositSlipGeneratePDF" onclick="javascript:document.location='Reports/PrintDeposit.php?BankSlip=';">
" name="DepositSlipGeneratePDF" onclick="javascript:document.location='FinancialReports.php';">
- ";
@@ -601,15 +601,15 @@
-
+
".gettext("Deposit Type:")." ";
if ($sDepositType == "BankDraft")
$selectBankDraft = "Checked ";
@@ -626,8 +626,8 @@
} else {
echo " ";
}
- ?>
-
+ ?>
+
= gettext("Comment:") ?>
@@ -636,7 +636,7 @@
= gettext("Closed:") ?>
>= gettext("Close deposit slip (remember to press Save)") ?>
-" . gettext("Important note: failed transactions will be deleted permanantly when the deposit slip is closed.") . "";
}
@@ -730,7 +730,7 @@
if (array_key_exists($plg_GroupKey, $depositHash)) {
// add/tweak fields so existing key'ed record contains information of new record
-
+
// we could coherency check checkNo, famID, and date, but we won't since I don't know how we'd surface the error
list($e_plg_CheckNo, $e_plg_famID, $e_plg_date, $e_plg_FYID, $e_plg_amount, $e_fundName, $e_plg_comment, $e_plg_aut_Cleared, $e_plg_NonDeductible) = explode("|", $depositHash[$plg_GroupKey]);
@@ -771,31 +771,31 @@
$sRowClass = "PaymentRowColorA";
else
$sRowClass = "PaymentRowColorB";
- ?>
+ ?>
-
+
-
+ = $FamilyName ?>
-
+ = $plg_date ?>
-
+ = MakeFYString ($plg_FYID) ?>
-
+ = $plg_CheckNo ?>
-
+ = $fundName ?>
-
+ = $plg_amount ?>
-
+ = $plg_NonDeductible ?>
= $plg_method ?>
@@ -810,19 +810,19 @@
- ">View
+ ">View
- ">Edit
+ ">Edit
- ">Delete
+ ">Delete
- ">Details
+ ">Details
@@ -839,6 +839,4 @@
-
+
diff --git a/churchinfo/DirectoryReports.php b/churchinfo/DirectoryReports.php
index a1e8c0585d..71bd5904ea 100644
--- a/churchinfo/DirectoryReports.php
+++ b/churchinfo/DirectoryReports.php
@@ -113,11 +113,11 @@
-
+
-
+
= gettext("Which role is the head of household?") ?>
@@ -171,27 +171,27 @@
= gettext("Information to Include:") ?>
-
-
-
+ = gettext("Address") ?>
+ = gettext("Wedding Date") ?>
+ = gettext("Birthday") ?>
-
-
-
-
+ = gettext("Family Home Phone") ?>
+ = gettext("Family Work Phone") ?>
+ = gettext("Family Cell Phone") ?>
+ = gettext("Family Email") ?>
-
-
-
-
-
-
- = gettext("Personal Home Phone") ?>
+ = gettext("Personal Work Phone") ?>
+ = gettext("Personal Cell Phone") ?>
+ = gettext("Personal Email") ?>
+ = gettext("Personal Work/Other Email") ?>
+ = gettext("Photos") ?>
+ 0) {
- while ( $rowCustomField = mysql_fetch_array($rsCustomFields, MYSQL_ASSOC) ){
+ while ( $rowCustomField = mysql_fetch_array($rsCustomFields, MYSQL_ASSOC) ){
if (($aSecurityType[$rowCustomField['custom_FieldSec']] == 'bAll') or ($_SESSION[$aSecurityType[$rowCustomField['custom_FieldSec']]]))
{ ?>
-
+ = $rowCustomField['custom_Name'] ?>
= gettext("Church Name") ?>
-
+
= gettext("Address") ?>
-
+
= gettext("City") ?>
-
+
= gettext("State") ?>
-
+
= gettext("Zip") ?>
-
+
= gettext("Phone") ?>
-
+
= gettext("Disclaimer") ?>
-
+ = "$sDirectoryDisclaimer1 $sDirectoryDisclaimer2" ?>
@@ -280,11 +280,9 @@
- >
+ ">
onclick="javascript:document.location='Menu.php';">
-
+
diff --git a/churchinfo/DonatedItemDelete.php b/churchinfo/DonatedItemDelete.php
index 534f344f68..8df86fa15a 100644
--- a/churchinfo/DonatedItemDelete.php
+++ b/churchinfo/DonatedItemDelete.php
@@ -25,4 +25,4 @@
RunQuery($sSQL);
redirect ($linkBack);
-?>
\ No newline at end of file
+?>
diff --git a/churchinfo/DonatedItemEditor.php b/churchinfo/DonatedItemEditor.php
index 78e9d7b176..73615b27b0 100644
--- a/churchinfo/DonatedItemEditor.php
+++ b/churchinfo/DonatedItemEditor.php
@@ -58,7 +58,7 @@
$nMaterialValue = FilterInputArr($_POST,"MaterialValue");
$nMinimumPrice = FilterInputArr($_POST,"MinimumPrice");
$sPictureURL = FilterInputArr($_POST,"PictureURL");
-
+
if (! $bMultibuy) {
$bMultibuy = 0;
}
@@ -71,7 +71,7 @@
$sSQL = "INSERT INTO donateditem_di (di_FR_ID, di_Item, di_multibuy, di_donor_ID, di_buyer_ID, di_title, di_description, di_sellprice, di_estprice, di_materialvalue, di_minimum, di_picture, di_EnteredBy, di_EnteredDate)
VALUES (" . $iCurrentFundraiser . ",'" . $sItem . "','" . $bMultibuy . "','" . $iDonor . "','" . $iBuyer . "','" . html_entity_decode($sTitle) . "','" . html_entity_decode($sDescription) . "','" . $nSellPrice . "','" . $nEstPrice . "','" . $nMaterialValue . "','".$nMinimumPrice . "','" . mysql_real_escape_string($sPictureURL)."'";
$sSQL .= "," . $_SESSION['iUserID'] . ",'" . date("YmdHis") . "')";
- $bGetKeyBack = True;
+ $bGetKeyBack = True;
// Existing record (update)
} else {
$sSQL = "UPDATE donateditem_di SET di_FR_ID = " . $iCurrentFundraiser . ", di_Item = '". $sItem . "', di_multibuy = '" . $bMultibuy . "', di_donor_ID = " . $iDonor . ", di_buyer_ID = " . $iBuyer . ", di_title = '" . html_entity_decode($sTitle) . "', di_description = '" . html_entity_decode($sDescription) . "', di_sellprice = '" . $nSellPrice . "', di_estprice = '" . $nEstPrice . "', di_materialvalue = '" . $nMaterialValue . "', di_minimum = '" . $nMinimumPrice . "', di_picture = '" . mysql_real_escape_string($sPictureURL) . "', di_EnteredBy=" . $_SESSION['iUserID'] . ", di_EnteredDate = '" . date("YmdHis") . "'";
@@ -106,7 +106,7 @@
//Reload to editor to add another record
Redirect("DonatedItemEditor.php?CurrentFundraiser=$iCurrentFundraiser&linkBack=", $linkBack);
}
-
+
} else {
//FirstPass
@@ -124,7 +124,7 @@
FROM donateditem_di
LEFT JOIN person_per a ON di_donor_ID=a.per_ID
LEFT JOIN person_per b ON di_buyer_ID=b.per_ID
- WHERE di_ID = '" . $iDonatedItemID . "'";
+ WHERE di_ID = '" . $iDonatedItemID . "'";
$rsDonatedItem = RunQuery($sSQL);
extract(mysql_fetch_array($rsDonatedItem));
@@ -168,8 +168,8 @@
$sPeopleSQL = "SELECT per_ID, per_FirstName, per_LastName, fam_Address1, fam_City, fam_State FROM person_per JOIN family_fam on per_fam_id=fam_id ORDER BY per_LastName, per_FirstName";
//Get Paddles for the drop-down
-$sPaddleSQL = "SELECT pn_ID, pn_Num, pn_per_ID,
- a.per_FirstName AS buyerFirstName,
+$sPaddleSQL = "SELECT pn_ID, pn_Num, pn_per_ID,
+ a.per_FirstName AS buyerFirstName,
a.per_LastName AS buyerLastName
FROM paddlenum_pn
LEFT JOIN person_per a on a.per_ID=pn_per_ID
@@ -200,7 +200,7 @@
= gettext("Item:") ?>
-
+
= gettext("Multiple items:") ?>
>= gettext("Sell to everyone") ?>
@@ -222,22 +222,22 @@
echo ">" . $per_LastName . ", " . $per_FirstName;
echo " " . FormatAddressLine($fam_Address1, $fam_City, $fam_State);
}
- ?>
-
+ ?>
+
-
+
= gettext("Title:") ?>
-
+
= gettext("Estimated Price:") ?>
-
+
= gettext("Material Value:") ?>
@@ -249,10 +249,10 @@
-
+
-
+
-
+
-
+
-
-
+ = gettext("Description"); ?>
+ = htmlentities ($sDescription); ?>
-
-
+ = gettext("Picture URL"); ?>
+ = htmlentities ($sPictureURL); ?>
-
-
+
+
-
-
-
+
+
+
@@ -318,6 +318,4 @@
-
+
diff --git a/churchinfo/DonationFundEditor.php b/churchinfo/DonationFundEditor.php
index e123070367..dea1f6fad6 100644
--- a/churchinfo/DonationFundEditor.php
+++ b/churchinfo/DonationFundEditor.php
@@ -49,7 +49,7 @@
$sPageTitle = gettext("Donation Fund Editor");
-require "Include/Header.php";?>
+require "Include/Header.php"; ?>
@@ -173,7 +173,7 @@ function confirmDeleteFund( Fund ) {
0) echo $sDeleteError;
- ?>
+ ?>
@@ -199,27 +199,27 @@ function confirmDeleteFund( Fund ) {
for ($row=1; $row <= $numRows; $row++)
{
- ?>
+ ?>
-
+
" value="= htmlentities(stripslashes($aNameFields[$row]),ENT_NOQUOTES, "UTF-8") ?>" size="20" maxlength="30">
" . gettext("You must enter a name.") . " ";
- ?>
+ ?>
" value="= htmlentities(stripslashes($aDescFields[$row]),ENT_NOQUOTES, "UTF-8") ?>" size="40" maxlength="100">
- " value="1" >= gettext("Yes") ?>
- " value="0" >= gettext("No") ?>
+ >= gettext("Yes") ?>
+ >= gettext("No") ?>
- " Name="delete" onclick="confirmDeleteFund(= "'" . $aIDFields[$row] . "'" ?>);" >
+ " Name="delete" onclick="confirmDeleteFund('= $aIDFields[$row] ?>');" >
@@ -231,7 +231,7 @@ function confirmDeleteFund( Fund ) {
- Name="SaveChanges">
+ " Name="SaveChanges">
@@ -258,7 +258,7 @@ function confirmDeleteFund( Fund ) {
- Name="AddField">
+ " Name="AddField">
@@ -270,4 +270,4 @@ function confirmDeleteFund( Fund ) {
-
+
diff --git a/churchinfo/EditEventAttendees.php b/churchinfo/EditEventAttendees.php
index b63fef4163..c7a631b08b 100644
--- a/churchinfo/EditEventAttendees.php
+++ b/churchinfo/EditEventAttendees.php
@@ -22,7 +22,6 @@
$dpeSQL = "DELETE FROM event_attend WHERE event_id=$dpeEventID AND person_id=$dpePerID LIMIT 1";
RunQuery($dpeSQL);
$ShowAttendees = 1;
-
}
// Construct the form
?>
@@ -36,69 +35,69 @@
- Name: $EvtName") ?>
- Description: $EvtDesc") ?>
- Date: $EvtDate") ?>
+ = gettext("Name: $EvtName") ?>
+ = gettext("Description: $EvtDesc") ?>
+ = gettext("Date: $EvtDate") ?>
- Name="Exit" onclick="javascript:document.location='Menu.php';">
-
-
+ " Name="Exit" onclick="javascript:document.location='Menu.php';">
+
+
-
= FormatFullName($per_Title,$per_FirstName,$per_MiddleName,$per_LastName,$per_Suffix,3) ?>
- '.$sEmail.'':'Not Available'); ?>
- = ($sHomePhone ? $sHomePhone :'Not Available') ?>
+ = $sEmail ? '' . $sEmail . ' ' : 'Not Available' ?>
+ = $sHomePhone ? $sHomePhone : 'Not Available' ?>
-
-
-
+
+
+
" class="btn" onClick="return confirm('Are you sure you want to DELETE this person from Event ID:= $EventID ?>')">
-
+
-
+= gettext("No Attendees Assigned to Event") ?>
-
-
+
+
diff --git a/churchinfo/EditEventTypes.php b/churchinfo/EditEventTypes.php
index 6e7dd2ed50..445427601d 100644
--- a/churchinfo/EditEventTypes.php
+++ b/churchinfo/EditEventTypes.php
@@ -30,14 +30,14 @@
?>
- = gettext("Event Type").":".$aTypeID ?>
+ = gettext("Event Type") . ":" . $aTypeID ?>
" class="btn">
@@ -211,7 +211,5 @@ function confirmDeleteOpp( Opp ) {
-
+
diff --git a/churchinfo/ElectronicPaymentList.php b/churchinfo/ElectronicPaymentList.php
index d75083eb5f..ebb0eb781b 100644
--- a/churchinfo/ElectronicPaymentList.php
+++ b/churchinfo/ElectronicPaymentList.php
@@ -60,7 +60,7 @@ function ClearAccounts (AutID)
var xmlhttp = new XMLHttpRequest();
xmlhttp.uniqueid = AutID;
- xmlhttp.open("GET","?customerid="+AutID,true);
+ xmlhttp.open("GET","= RedirectURL("AutoPaymentClearAccounts.php"); ?>?customerid="+AutID,true);
xmlhttp.PaymentID = AutID; // So we can see it when the request finishes
xmlhttp.onreadystatechange=function() {
@@ -82,7 +82,7 @@ function DeleteAutoPayment (AutID)
var params="Delete=1"; // post with Delete already set so the page goes straight into the delete
- xmlhttp.open("POST","?linkBack=&AutID="+AutID,true);
+ xmlhttp.open("POST","= RedirectURL("AutoPaymentDelete.php") ?>?linkBack== RedirectURL("ElectronicPaymentList.php") ?>&AutID="+AutID,true);
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.setRequestHeader("Content-length", params.length);
xmlhttp.setRequestHeader("Connection", "close");
@@ -128,7 +128,7 @@ function CreatePaymentMethodsForChecked()
var id = checkboxes[i].id.split("Select")[1];
var xmlhttp = new XMLHttpRequest();
xmlhttp.uniqueid = id;
- xmlhttp.open("GET","?autid="+id,true);
+ xmlhttp.open("GET","= RedirectURL("ConvertOnePaymentXML.php"); ?>?autid="+id,true);
xmlhttp.onreadystatechange=function() {
if (this.readyState==4 && this.status==200) {
var jsonresp=JSON.parse(this.response);
@@ -252,20 +252,20 @@ function toggle(source, groupName) {
?>
-
-
-
-
-
-
+
= MakeFYString ($aut_FYID) ?>
+
= $aut_NextPayDate ?>
+
= $aut_Amount ?>
+
= $aut_Interval ?>
+
= $fun_Name ?>
+
= $aut_BankName ?>
4) echo "*****".substr($aut_Account,strlen($aut_Account)-4,4);?>
= $aut_AccountVanco ?>
-
-
+
= $aut_ExpMonth ?>
+
= $aut_ExpYear ?>
= $aut_CreditCardVanco ?>
@@ -279,10 +279,8 @@ function toggle(source, groupName) {
With checked:
-
+
-
+
diff --git a/churchinfo/EventAttendance.php b/churchinfo/EventAttendance.php
index 1a1233ae73..3fb7f9b06c 100644
--- a/churchinfo/EventAttendance.php
+++ b/churchinfo/EventAttendance.php
@@ -18,7 +18,7 @@
require "Include/Config.php";
require "Include/Functions.php";
-if (array_key_exists ('Action', $_POST) and $_POST['Action']== "Retrieve" && !empty($_POST['Event']))
+if (array_key_exists ('Action', $_POST) and $_POST['Action'] == "Retrieve" && !empty($_POST['Event']))
{
if ($_POST['Choice'] == "Attendees")
{
@@ -73,7 +73,7 @@
?>
- = gettext("There ".($numRows == 1 ? "is ".$numRows." event":"are ".$numRows." events"))." in this category" ?>
+ = gettext("There ". ($numRows == 1 ? "is " . $numRows . " event" : "are " . $numRows . " events")) . " in this category" ?>
= FormatFullName($aTitle[$row],$aFistName[$row],$aMiddleName[$row],$aLastName[$row],$aSuffix[$row],3) ?>
- '.$aEmail[$row].'':'Not Available'); ?>
+ = $aEmail[$row] ? ''.$aEmail[$row].' ':'Not Available' ?>
= ($aHomePhone[$row] ? $aHomePhone[$row]:'Not Available') ?>
-
-
+
+
+
diff --git a/churchinfo/EventEditor.php b/churchinfo/EventEditor.php
index a9d0cc83e2..d95f2fb248 100644
--- a/churchinfo/EventEditor.php
+++ b/churchinfo/EventEditor.php
@@ -391,7 +391,7 @@
-
+
@@ -535,4 +535,4 @@
$("#EventStartTime").timepicker({showMeridian: false});
$("#EventEndTime").timepicker({showMeridian: false});
-
+
diff --git a/churchinfo/EventNames.php b/churchinfo/EventNames.php
index 86e40e5fd8..e3073c1558 100644
--- a/churchinfo/EventNames.php
+++ b/churchinfo/EventNames.php
@@ -36,15 +36,15 @@
= $aTypeName[$row] ?>
-
+ = $recur[$row] ?>
= $aDefStartTime[$row] ?>
-
+ = $cCountList[$row] ?>
- Event"); ?>" class="btn")">
+ Event") ?>" class="btn")">
@@ -307,16 +307,13 @@ function confirmDeleteOpp( Opp ) {
= gettext("New Event Type") ?>
- class="btn">
+ " class="btn">
-
+}?>
+
-
+
+
diff --git a/churchinfo/FamilyCustomFieldsEditor.php b/churchinfo/FamilyCustomFieldsEditor.php
index 9bada9b903..9194a7f646 100644
--- a/churchinfo/FamilyCustomFieldsEditor.php
+++ b/churchinfo/FamilyCustomFieldsEditor.php
@@ -38,7 +38,7 @@
$sPageTitle = gettext("Custom Family Fields Editor");
-require 'Include/Header.php';?>
+require 'Include/Header.php'; ?>
@@ -407,11 +407,11 @@ function confirmDeleteField( Field ) {
= GetSecurityList($aSecurityGrp, $row . "FieldSec", $aSecurityType[$aFieldSecurity[$row]]) ?>
- " value="0" >= gettext("Left") ?>
- " value="1" >= gettext("Right") ?>
+ >= gettext("Left") ?>
+ >= gettext("Right") ?>
- " name="delete" onclick="return confirmDeleteField(= "'" . $aFieldFields[$row] . "'" ?>);">
+ " name="delete" onclick="return confirmDeleteField('= $aFieldFields[$row] ?>');">
- Name="SaveChanges">
+ " Name="SaveChanges">
diff --git a/churchinfo/FamilyEditor.php b/churchinfo/FamilyEditor.php
index 6f3703cf4c..b816a1a2d5 100644
--- a/churchinfo/FamilyEditor.php
+++ b/churchinfo/FamilyEditor.php
@@ -655,7 +655,7 @@
@@ -663,7 +663,7 @@
@@ -671,15 +671,15 @@
@@ -691,7 +691,7 @@
echo gettext("Province:");
}else{
echo gettext("State:");
- }?>
+ } ?>
@@ -704,7 +704,7 @@
echo gettext("Postal Code:");
else
echo gettext("Zip:");
- ?>
+ ?>
= gettext("Contact Info") ?>
- name="FamilySubmit" >
+ " name="FamilySubmit" >
@@ -759,7 +759,7 @@
- >= gettext("Do not auto-format") ?>
+ >= gettext("Do not auto-format") ?>
@@ -769,7 +769,7 @@
- >= gettext("Do not auto-format") ?>
+ >= gettext("Do not auto-format") ?>
@@ -796,7 +796,7 @@
@@ -876,17 +876,17 @@
+ if (($aSecurityType[$fam_custom_FieldSec] == 'bAll') or ($_SESSION[$aSecurityType[$fam_custom_FieldSec]])) { ?>
@@ -912,7 +912,7 @@
-
new person records."); }?>
+
new person records."); } ?>
-
+
-
+
-
+
-
+
@@ -979,7 +979,7 @@
if ($aRoles[$iCount] == $aFamilyRoleIDs[$c]) echo " selected";
echo ">" . $aFamilyRoleNames[$c] . "";
}
- ?>
+ ?>
@@ -1000,13 +1000,13 @@
-
+
Unk
- >
+ ?>
+ >= $x ?>
@@ -1014,15 +1014,15 @@
-
+ ?>
+
+ ?>
@@ -1074,6 +1074,4 @@
$("#WeddingDate").datepicker({format:'yyyy-mm-dd'});
-
+
diff --git a/churchinfo/FamilyList.php b/churchinfo/FamilyList.php
index ac6ed26faa..2e4fa9fcbf 100644
--- a/churchinfo/FamilyList.php
+++ b/churchinfo/FamilyList.php
@@ -46,19 +46,19 @@
extract($aRow);
?>
-
+
-
+
-
+ = $fam_Name ?>
".$fam_HomePhone."";
echo "".$fam_Address1." ".$fam_Address2." ";
diff --git a/churchinfo/FamilyView.php b/churchinfo/FamilyView.php
index 336205b0f3..01c649d95e 100644
--- a/churchinfo/FamilyView.php
+++ b/churchinfo/FamilyView.php
@@ -185,9 +185,9 @@ function getFamilyPhoto($iFamilyID) {
?>
0)) { ?>
-
+
-
Manage Family
+
Manage Family
Toggle Dropdown
@@ -212,7 +212,7 @@ function getFamilyPhoto($iFamilyID) {
0)) { ?>
-
+
@@ -220,11 +220,11 @@ function getFamilyPhoto($iFamilyID) {
-
-
= gettext("The") . " $fam_Name " . gettext("Family");?>
-
-
Edit
-
+
+
= gettext("The") . " $fam_Name " . gettext("Family"); ?>
+
+
Edit
+
Address:
@@ -326,10 +326,10 @@ function getFamilyPhoto($iFamilyID) {
= $Row["per_FirstName"]." ".$Row["per_LastName"] ?>
-
+ = getRoleLabel($Row["sFamRole"]) ?>
-
+ = FormatBirthDate($Row["per_BirthYear"], $Row["per_BirthMonth"], $Row["per_BirthDay"],"-",$Row["per_Flags"]) ?>
= gettext("Assign a New Property:") ?>
-
+
" . $pro_Name . "";
}
}
- ?>
+ ?>
@@ -536,29 +536,29 @@ function getFamilyPhoto($iFamilyID) {
else
$sRowClass = "RowColorB";
- ?>
+ ?>
-
+
-
+ = $payType ?>
-
+ = $aut_NextPayDate ?>
-
+ = $aut_Amount ?>
-
+ = $aut_Interval ?>
-
+ = $fundName ?>
- Edit
+ Edit
- Delete
+ Delete
= $aut_DateLastEdited ?>
@@ -572,7 +572,7 @@ function getFamilyPhoto($iFamilyID) {
- = gettext("Add a new automatic payment") ?>
+ = gettext("Add a new automatic payment") ?>
@@ -650,29 +650,29 @@ function getFamilyPhoto($iFamilyID) {
$sRowClass = "PaymentRowColorB";
}
- ?>
+ ?>
-
+
-
+ = $plg_PledgeOrPayment ?>
-
+ = $fundName ?>
-
+ = MakeFYString ($plg_FYID) ?>
-
+ = $plg_date ?>
-
+ = $plg_amount ?>
-
+ = $plg_NonDeductible ?>
-
+ = $plg_schedule ?>
= $plg_method ?>
@@ -681,10 +681,10 @@ function getFamilyPhoto($iFamilyID) {
= $plg_comment ?>
- Edit
+ Edit
- Delete
+ Delete
= $plg_DateLastEdited ?>
@@ -698,13 +698,13 @@ function getFamilyPhoto($iFamilyID) {
}
} // if bShowPledges
- ?>
+ ?>
- = gettext("Add a new pledge") ?>
- = gettext("Add a new payment") ?>
+ = gettext("Add a new pledge") ?>
+ = gettext("Add a new payment") ?>
@@ -712,7 +712,7 @@ function getFamilyPhoto($iFamilyID) {
- = MakeFYString ($_SESSION['idefaultFY']) . gettext(" Canvass Entry") ?>
+ = MakeFYString ($_SESSION['idefaultFY']) . gettext(" Canvass Entry") ?>
@@ -735,7 +735,7 @@ function getFamilyPhoto($iFamilyID) {
//Loop through all the notes
while($aRow = mysql_fetch_array($rsNotes)){
extract($aRow);
- ?>
+ ?>
@@ -752,19 +752,19 @@ function getFamilyPhoto($iFamilyID) {
echo $EnteredFirstName . " " . $EnteredLastName;
} else {
echo $EditedFirstName . " " . $EditedLastName;
- }?>
+ } ?>
-
+ = $nte_Text ?>
-
+
-
+
@@ -788,11 +788,11 @@ function getFamilyPhoto($iFamilyID) {
-
+
@@ -834,14 +834,14 @@ function getFamilyPhoto($iFamilyID) {
0 ) { ?>
-
You are about to email copy of the family information in pdf to the following emails
+
You are about to email copy of the family information in pdf to the following emails = implode(", ", $sFamilyEmails) ?>
Do you want to proceed?
@@ -859,6 +859,4 @@ function getFamilyPhoto($iFamilyID) {
$("#ShowSinceDate").datepicker({format:'yyyy-mm-dd'});
-
+
diff --git a/churchinfo/FinancialReports.php b/churchinfo/FinancialReports.php
index 281fe04e9d..fc3f676b65 100644
--- a/churchinfo/FinancialReports.php
+++ b/churchinfo/FinancialReports.php
@@ -114,7 +114,7 @@
$rsClassifications = RunQuery($sSQL);
?>
-
+ = gettext("Classification:") ?>
-
+ $rsFamilies = RunQuery($sSQL); ?>
+ = gettext("Filter by Family:") ?>
-
+ = gettext("Filter by Fund:") ?>
-
+
diff --git a/churchinfo/FindFundRaiser.php b/churchinfo/FindFundRaiser.php
index 7e3ae1f020..c0b9c604fd 100644
--- a/churchinfo/FindFundRaiser.php
+++ b/churchinfo/FindFundRaiser.php
@@ -241,6 +241,5 @@
$("#DateStart").datepicker({format:'yyyy-mm-dd'});
$("#DateEnd").datepicker({format:'yyyy-mm-dd'});
-
+
+
diff --git a/churchinfo/FundRaiserEditor.php b/churchinfo/FundRaiserEditor.php
index 933a66449d..2cf30d6b3a 100644
--- a/churchinfo/FundRaiserEditor.php
+++ b/churchinfo/FundRaiserEditor.php
@@ -147,7 +147,7 @@
?>
-" name="FundRaiserEditor">
+ " name="FundRaiserEditor">