From 7b9bad73825f549aeed35b53a5f81137cc357cf4 Mon Sep 17 00:00:00 2001
From: Benjamin Southall <applemansigloo@gmail.com>
Date: Mon, 11 Sep 2017 07:29:05 +0900
Subject: [PATCH] Fixing deletion of events from calendar theme

---
 templates/themes/calendar/calendar.html    | 5 +++--
 templates/themes/calendar/calendarpost.php | 6 +++++-
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/templates/themes/calendar/calendar.html b/templates/themes/calendar/calendar.html
index 47b53eae..93712c0e 100644
--- a/templates/themes/calendar/calendar.html
+++ b/templates/themes/calendar/calendar.html
@@ -130,7 +130,7 @@
 					}
 					$.ajax({
 						url: 'calendarpost.php',
-						data: 'type=update&title='+ event.title+'&description='+ event.description + '&start='+ start +'&end='+ end +'&id='+ event.id ,
+						data: 'type=update&title='+ event.title+'&description='+ event.description + '&start='+ start +'&end='+ end +'&id='+ event.id +'&color=' + event.color +'&url=' + event.url  ,
 						type: "POST",
 						success: function(json) {
 							alert("Updated Successfully");
@@ -148,6 +148,7 @@
 								$('#calendar').fullCalendar('removeEvents', event.id);
 								alert("Updated Successfully");}
 						});
+						return false;
 
 					}
 				},
@@ -172,7 +173,7 @@
 					}
 					$.ajax({
 						url: 'calendarpost.php',
-						data: 'type=update&title='+ event.title+ '&description='+ event.description + '&start='+ start +'&end='+ end +'&id='+ event.id ,
+						data: 'type=update&title='+ event.title+'&description='+ event.description + '&start='+ start +'&end='+ end +'&id='+ event.id +'&color=' + event.color +'&url=' + event.url  ,
 						type: "POST",
 						success: function(json) {
 							alert("Updated Successfully");
diff --git a/templates/themes/calendar/calendarpost.php b/templates/themes/calendar/calendarpost.php
index a36e080c..5293a881 100644
--- a/templates/themes/calendar/calendarpost.php
+++ b/templates/themes/calendar/calendarpost.php
@@ -24,7 +24,9 @@ $method = $_SERVER['REQUEST_METHOD'];
 			break;
 		case "delete":
 			$id = $_POST['id'];	
-			$query = query("DELETE from calendar_events  WHERE id = :id") or error(db_error());
+			$query = prepare("DELETE from calendar_events  WHERE id = :id");
+			$query->bindValue(':id', $id);
+			$query->execute() or error(db_error($query));
 			break;
 		case "update":
 			$id = $_POST['id'];	
@@ -32,6 +34,8 @@ $method = $_SERVER['REQUEST_METHOD'];
 			$description = $_POST['description'];
 			$start = $_POST['start'];
 			$end = $_POST['end'];
+			$color = $_POST['color'];
+			$url = $_POST['url'];
 			$query = prepare(" UPDATE calendar_events SET title = :title, description = :description, start = :start, end = :end, url = :url, color =:color  WHERE id = :id");
 			$query->bindValue(':id', $id);
 			$query->bindValue(':title', $title);