[exec]
// Database variables.
$dbase['server'] = “localhost”;
$dbase['username'] = “brian_gigography”;
$dbase['password'] = “q3EjI4urU2RK”;
$dbase['database'] = “brian_gigography”;
//array for checking moderator or higher status
$admin_mod_groups = array(5,6,7);
if( !isset($_GET['gig_id']) )
{
$gigyear = (isset($_GET['y'])) ? intval($_GET['y']) : intval(date(‘Y’, time()));
$nextgigyear = $gigyear + 1;
// Connect to the database.
$connection = mysql_connect($dbase['server'], $dbase['username'], $dbase['password']) or die(“Error connecting to database.”);
mysql_select_db($dbase['database'], $connection);
// Grab all results.
$result = mysql_query(“SELECT s.id,s.date,v.city,v.stateProvince,v.country,v.name FROM Shows AS s, Venues AS v WHERE s.venue_id=v.id AND s.date>’$gigyear-00-00′ AND s.date<'$nextgigyear-00-00' ORDER BY s.date DESC");
// Values for sorting the display.
$temp_year = 0;
// Create links for the years. ‘;
echo '
for ($years = date(‘Y’, time()); $years > 2001; $years–)
{
echo ‘‘.$years.’ ‘;
}
echo ‘
// Create table and headings.
echo ‘
| Date | City | Country | Venue |
|---|---|---|---|
| ‘.$show_year.’ | |||
| ‘.$show_date.’ | ‘.$city_state.’ | ‘.stripslashes($show['country']).’ | ‘.stripslashes($show['name']).’ |
‘;
mysql_close($connection);
}
else
{
$id = (isset($_GET['gig_id'])) ? intval($_GET['gig_id']) : NULL;
$removeid = (isset($_GET['remove'])) ? intval($_GET['remove']) : NULL;
#include ‘class.inputfilter.php’;
// Declare the filter and remove any malicious comment from the post variables.
#$formFilter = new InputFilter();
#$postvars = $formFilter->process($_POST);
// Database variables.
$dbase['server'] = “localhost”;
$dbase['username'] = “brian_gigography”;
$dbase['password'] = “q3EjI4urU2RK”;
$dbase['database'] = “brian_gigography”;
echo ‘
// Add the comment if the form was submitted.
if( isset($_POST['form_sent']) && $vbulletin->userinfo['userid'] > 0 ) {
// Connect to the database.
$connection = mysql_connect($dbase['server'], $dbase['username'], $dbase['password']) or die(“Error connecting to database.”);
mysql_select_db($dbase['database'], $connection);
// Execute query.
mysql_query(“INSERT INTO gigs_comments (gig_id,comment_user,comment_text,comment_date) VALUES (‘”.$id.”‘,’”.$vbulletin->userinfo['username'].”‘,’”.nl2br(addslashes($postvars['text'])).”‘,’”.time().”‘)”) or die(mysql_error());
// Close database connection.
mysql_close($connection);
}
// Remove the specified comment.
if( $removeid && in_array($vbulletin->userinfo['usergroupid'], $admin_mod_groups) ) {
// Connect to the database.
$connection = mysql_connect($dbase['server'], $dbase['username'], $dbase['password']) or die(“Error connecting to database.”);
mysql_select_db($dbase['database'], $connection);
mysql_query(“DELETE FROM gigs_comments WHERE id=’”.$removeid.”‘”) or die(mysql_error());
// Close database connection.
mysql_close($connection);
}
// Display gig info.
if( $id ) {
// Connect to the database.
$connection = mysql_connect($dbase['server'], $dbase['username'], $dbase['password']) or die(“Error connecting to database.”);
mysql_select_db($dbase['database'], $connection);
// Grab gig-related info.
$result = mysql_query(“SELECT s.date,s.time,s.cost,s.is_all_ages,s.other_bands,s.notes,v.address1,v.city,v.stateProvince,v.country,v.name FROM Shows AS s, Venues AS v WHERE s.id=$id AND s.venue_id=v.id”) or die(mysql_error());
$show = mysql_fetch_assoc($result);
// Clean up some of the individual info details.
$show['date'] = date(“F j, Y”, strtotime($show['date']));
$show['is_all_ages'] = ($show['is_all_ages'] == 0) ? ‘No’ : ‘Yes’;
$show['time'] = (isset($show['time'])) ? $show['time'] : ‘N/A’;
$show['cost'] = (isset($show['cost'])) ? $show['cost'] : ‘N/A’;
$show['other_bands'] = (trim($show['other_bands']) != ”) ? stripslashes($show['other_bands']) : “N/A”;
$show['notes'] = (trim($show['notes']) != ” && trim($show['notes']) != ‘
‘) ? stripslashes($show['notes']) : “N/A”;
if( stripslashes($show['country']) == ‘US’ )
$city_state = stripslashes($show['city']).’, ‘.stripslashes($show['stateProvince']);
else
$city_state = stripslashes($show['city']);
// Some map-related code 
$address = $show['address1'].’, ‘.$city_state;
$_url = ‘http://maps.google.com/maps?output=js&q=’;
$_url .= sprintf(‘?output=js&q=%s’,rawurlencode($address));
$_result = false;
if( $_result = file_get_contents($_url) ) {
preg_match(‘!center:\s*{lat:\s*(-?\d+\.\d+),lng:\s*(-?\d+\.\d+)}!U’, $_result, $_match);
$long = $_match[2];
$lat = $_match[1];
}
// Display all the info now.
// Date, location.
echo ‘
‘.$show['name'].’ — ‘.$city_state.’ ‘.$show['country'].’
‘;
echo ‘
‘.$show['date'].’
‘;
// Map box.
echo ‘
echo ‘Map‘;
if( strpos($_result,’errortips’) > 1 || strpos($_result,’Did you mean:’) !== false ) {
echo ‘
Cannot fetch map.
‘;
echo ‘
‘;
echo ‘
‘;
echo ‘Venue Information:
‘;
echo $show['address1'].’
‘;
echo $city_state;
echo ‘
‘;
} else {
echo ‘
‘;
}
echo ‘
‘;
// Supporting band box.
echo ‘
echo ‘Supporting Bands‘;
echo ‘
‘.$show['other_bands'].’
‘;
echo ‘
‘;
// Other info.
echo ‘
echo ‘Notes‘;
echo ‘
‘.$show['notes'].’
‘;
echo ‘
‘;
// Comments
echo ‘
echo ‘Comments‘;
echo ‘
// Grab and display gig-related comments.
$result = mysql_query(“SELECT * FROM gigs_comments WHERE gig_id=’$id’”) or die(mysql_error());
if( mysql_num_rows($result) > 0 ) {
while( $comment = mysql_fetch_assoc($result) ) {
echo ‘‘;
echo ‘‘.$comment['comment_user'].’ on ‘.date(“j M Y”, $comment['comment_date']);
if( in_array($vbulletin->userinfo['usergroupid'], $admin_mod_groups) )
echo ‘ [X]‘;
echo ‘‘;
echo ‘
‘;
}
} else {
echo ‘
No comments to display.
‘;
}
echo ‘
‘;
// Some javascript to prevent multiple submits.
echo ‘‘;
// Display comment form if logged in.
if( $vbulletin->userinfo['userid'] > 0 ) {
echo ‘
echo ‘
‘;
echo ‘
Note: Only registered, logged-in members can post comments.
Do not attempt to use any form of HTML or BBcode, as it will not work.
‘;
echo ‘
‘;
}
echo ‘
‘;
// Close database connection.
mysql_close($connection);
} else {
echo ‘Invalid gig specified. Please return to the gigography and select a gig.’;
}
echo ‘
‘;
echo <<
END;
}
[/exec]