/**
* Return all tags.
*
* @return string Standard JSON envelope
*/
public function list_()
{
$filters = $_GET;
unset($filters['__route__']);
$userObj = new User();
if ($userObj->isOwner()) {
$filters['permission'] = 0;
}
$tagField = $userObj->isOwner() ? 'countPrivate' : 'countPublic';
$tags = getDb()->getTags($filters);
if (is_array($tags)) {
foreach ($tags as $key => $tag) {
$tags[$key]['count'] = $tag[$tagField];
unset($tags[$key]['countPublic'], $tags[$key]['countPrivate'], $tags[$key]['owner']);
}
}
return $this->success('Tags for the user', $tags);
}
/**
* Get the owner's groups
*
* @return string Standard JSON envelope
*/
public function list_()
{
getAuthentication()->requireAuthentication();
$userObj = new User();
if (!$userObj->isOwner()) {
return $this->forbidden('You do not have permission to access this API.', false);
}
$groups = $this->group->getGroups();
if ($groups === false) {
return $this->error('An error occurred trying to get your groups', false);
}
return $this->success('A list of your groups', (array) $groups);
}
public function authorizePost()
{
$userObj = new User();
if (!$userObj->isOwner()) {
$this->route->run('/error/403', EpiRoute::httpGet);
die;
}
if (!isset($_POST['name']) || empty($_POST['name'])) {
$this->route->run('/error/500', EpiRoute::httpGet);
die;
}
// TODO make permissions an array
$consumerKey = getCredential()->add($_POST['name'], array());
if (!$consumerKey) {
getLogger()->warn(sprintf('Could not add credential for: %s', json_encode($consumerKey)));
$this->route->run('/error/500', EpiRoute::httpGet);
die;
}
$consumer = getDb()->getCredential($consumerKey);
$token = $consumer['userToken'];
$res = getCredential()->convertToken($consumer['id'], Credential::typeRequest);
if (!$res) {
getLogger()->warn(sprintf('Could not convert credential for: %s', json_encode($token)));
$this->route->run('/error/500', EpiRoute::httpGet);
die;
}
// we have to fetch this again to have the consumer key and secret
$consumer = getDb()->getCredentialByUserToken($token);
$callback = null;
$separator = '?';
if (isset($_GET['oauth_callback'])) {
$callback = $_GET['oauth_callback'];
if (stripos($callback, '?') !== false) {
$separator = '&';
}
}
$callback .= "{$separator}oauth_consumer_key={$consumer['id']}&oauth_consumer_secret={$consumer['clientSecret']}&oauth_token={$consumer['userToken']}&oauth_token_secret={$consumer['userSecret']}&oauth_verifier={$consumer['verifier']}";
$this->route->redirect($callback, null, true);
/*$callback = urlencode($_GET['oauth_callback']);
$this->route->redirect("/v1/oauth/authorize?oauth_token={$consumer['userToken']}&oauth_callback={$callback}");*/
}
public static function deleteEvent($frm_submitted)
{
global $obj_db;
if (isset($frm_submitted['delete_all']) && $frm_submitted['delete_all'] === true && isset($frm_submitted['rep_event_id']) && $frm_submitted['rep_event_id'] > 0) {
// part of repeat , delete all items
$str_query = 'DELETE FROM events WHERE repeating_event_id = ' . $frm_submitted['rep_event_id'] . ' AND user_id = ' . $_SESSION['calendar-uid']['uid'];
$obj_result = mysqli_query($obj_db, $str_query);
if ($obj_result !== false) {
// delete row from repeating_events
$str_query = 'DELETE FROM repeating_events WHERE rep_event_id = ' . $frm_submitted['rep_event_id'];
$obj_result = mysqli_query($obj_db, $str_query);
if ($obj_result !== false) {
return true;
}
}
} else {
if ($frm_submitted['rep_event_id'] > 0) {
// part of repeat , delete only this one
$str_query = 'DELETE FROM events WHERE event_id = ' . $frm_submitted['event_id'] . ' AND user_id = ' . $_SESSION['calendar-uid']['uid'];
$obj_result = mysqli_query($obj_db, $str_query);
// the pattern is broken, put bln_broken in db,
// so that we know it that we have to show the repair pattern button
$str_update_query = 'UPDATE repeating_events SET bln_broken = 1 WHERE rep_event_id = ' . $frm_submitted['rep_event_id'];
$res = mysqli_query($obj_db, $str_update_query);
if ($obj_result !== false) {
// check if there is only one item left in this repeat,
// if yes then delete row in repeating_events table and set repeating_event_id to 0 in events table
if (self::OneHasLeftOfThisRepeat($frm_submitted['rep_event_id'])) {
$str_query = 'DELETE FROM repeating_events WHERE rep_event_id = ' . $frm_submitted['rep_event_id'];
$obj_result = mysqli_query($obj_db, $str_query);
if ($obj_result !== false) {
// update row
//$str_update_query = 'UPDATE events SET repeating_event_id = 0 WHERE event_id = '.$frm_submitted['event_id'];
$str_update_query = 'UPDATE events SET repeating_event_id = 0 WHERE repeating_event_id = ' . $frm_submitted['rep_event_id'];
$obj_result = mysqli_query($obj_db, $str_query);
if ($obj_result !== false) {
return true;
}
} else {
echo 'Error while trying to delete the row in repeating_events table';
}
}
return true;
} else {
echo 'Error while trying to delete the event';
}
} else {
/*
* normal event
*/
$str_query = 'DELETE FROM events WHERE event_id = ' . $frm_submitted['event_id'];
$bln_admin_and_full_control = ADMIN_HAS_FULL_CONTROL && (User::isAdmin() || User::isSuperAdmin());
if (User::isOwner() || $bln_admin_and_full_control) {
// dont need to search on user_id
} else {
$str_query .= ' AND user_id = ' . $_SESSION['calendar-uid']['uid'];
}
$obj_result = mysqli_query($obj_db, $str_query);
if ($obj_result !== false) {
return true;
}
}
}
return false;
}
getPlugin()->load();
} else {
$runUpgrade = false;
$runSetup = true;
// setup and enable routes for setup
$baseDir = dirname(dirname(__FILE__));
$paths = new stdClass();
$paths->libraries = "{$baseDir}/libraries";
$paths->configs = "{$baseDir}/configs";
$paths->controllers = "{$baseDir}/libraries/controllers";
$paths->docroot = "{$baseDir}/html";
$paths->external = "{$baseDir}/libraries/external";
$paths->adapters = "{$baseDir}/libraries/adapters";
$paths->models = "{$baseDir}/libraries/models";
$paths->templates = "{$baseDir}/templates";
$paths->themes = "{$baseDir}/html/assets/themes";
$configObj->set('paths', $paths);
if (!$hasConfig) {
require $configObj->get('paths')->libraries . '/dependencies.php';
}
require $configObj->get('paths')->libraries . '/routes-setup.php';
require $configObj->get('paths')->libraries . '/routes-error.php';
require $configObj->get('paths')->controllers . '/SetupController.php';
$configObj->loadString(file_get_contents(sprintf('%s/html/assets/themes/%s/config/settings.ini', dirname(dirname(__FILE__)), getTheme()->getThemeName())));
// Before we run the setup in edit mode, we need to validate ownership
$userObj = new User();
if (isset($_GET['edit']) && !$userObj->isOwner()) {
$routeObj->run('/error/403');
die;
}
}
/**
* Display the upload form for photos.
*
* @return string HTML
*/
public function upload()
{
$userObj = new User();
if (!$userObj->isOwner()) {
$this->route->run('/error/403');
return;
}
$this->theme->setTheme();
// defaults
$crumb = $this->session->get('crumb');
$template = sprintf('%s/upload.php', $this->config->paths->templates);
$groupsResp = $this->api->invoke('/groups/list.json');
$body = $this->template->get($template, array('crumb' => $crumb, 'groups' => $groupsResp['result'], 'licenses' => $this->utility->getLicenses()));
$this->theme->display('template.php', array('body' => $body, 'page' => 'upload'));
}
