function processGroupInput($checks = 1)
{
global $submitErr, $submitErrMsg, $user;
$return = array();
$return["groupid"] = getContinuationVar("groupid");
$return["type"] = getContinuationVar("type");
$return["custom"] = getContinuationVar("custom", 1);
$return["courseroll"] = getContinuationVar("courseroll", 0);
$return["name"] = getContinuationVar('name', processInputVar("name", ARG_STRING));
$return["affiliationid"] = getContinuationVar('affiliationid', processInputVar("affiliationid", ARG_NUMERIC, $user['affiliationid']));
$return["resourcetypeid"] = getContinuationVar('resourcetypeid', processInputVar("resourcetypeid", ARG_NUMERIC));
$return["owner"] = getContinuationVar('owner', processInputVar("owner", ARG_STRING));
$return["ownergroup"] = processInputVar("ownergroup", ARG_NUMERIC);
$return["editgroupid"] = getContinuationVar('editgroupid', processInputVar("editgroupid", ARG_NUMERIC));
$return["isowner"] = getContinuationVar("isowner");
$return["initialmax"] = getContinuationVar('initialmax', processInputVar("initialmax", ARG_NUMERIC));
$return["totalmax"] = getContinuationVar('totalmax', processInputVar("totalmax", ARG_NUMERIC));
$return["maxextend"] = getContinuationVar('maxextend', processInputVar("maxextend", ARG_NUMERIC));
$return["overlap"] = getContinuationVar('overlap', processInputVar("overlap", ARG_NUMERIC, 0));
$return['editgroupids'] = getContinuationVar('editgroupids');
$editgroupids = explode(',', $return['editgroupids']);
$return['ownergroupids'] = getContinuationVar('ownergroupids');
$ownergroupids = explode(',', $return['ownergroupids']);
$groupwasnone = getContinuationVar('groupwasnone');
$editname = getContinuationVar('editname', 1);
$affils = getAffiliations();
if (!array_key_exists($return['affiliationid'], $affils)) {
$return['affiliationid'] = $user['affiliationid'];
}
if (!$checks) {
return $return;
}
if ($return['custom'] == 1 && $return['courseroll'] == 0 && $editname) {
if ($return['type'] == 'user' && !preg_match('/^[-a-zA-Z0-9_\\.: ]{3,30}$/', $return["name"])) {
$submitErr |= GRPNAMEERR;
$submitErrMsg[GRPNAMEERR] = "Name must be between 3 and 30 characters " . "and can only contain letters, numbers, " . "spaces, and these characters: - . _ :";
} elseif ($return['type'] == 'resource' && !preg_match('/^[-a-zA-Z0-9_\\. ]{3,30}$/', $return["name"])) {
$submitErr |= GRPNAMEERR;
$submitErrMsg[GRPNAMEERR] = "Name must be between 3 and 30 characters " . "and can only contain letters, numbers, " . "spaces, and these characters: - . _";
}
}
if ($return['type'] == 'user') {
$extraid = $return['affiliationid'];
} else {
$extraid = $return['resourcetypeid'];
}
if (!empty($return["type"]) && !empty($return["name"]) && !($submitErr & GRPNAMEERR) && checkForGroupName($return["name"], $return["type"], $return["groupid"], $extraid)) {
$submitErr |= GRPNAMEERR;
$submitErrMsg[GRPNAMEERR] = "A group already exists with this name.";
}
if ($return['custom'] == 1 && $return['courseroll'] == 0 && $return["type"] == "user" && !validateUserid($return["owner"])) {
$submitErr |= GRPOWNER;
$submitErrMsg[GRPOWNER] = "Submitted ID is not valid";
}
if ($return["type"] == "user" && $return["courseroll"] == 0 && $return["custom"] == 1 && ($return['editgroupid'] == 0 && !$groupwasnone || !in_array($return['editgroupid'], $editgroupids)) || $return['type'] == 'resource' && !in_array($return['ownergroup'], $ownergroupids)) {
$submitErr |= EDITGROUPERR;
$submitErrMsg[EDITGROUPERR] = "Invalid group was selected";
}
if ($return["type"] == "user" && $return["initialmax"] < 30) {
$submitErr |= INITIALMAXERR;
$submitErrMsg[INITIALMAXERR] = "Initial max time must be at least 30 " . "minutes";
}
if ($return["type"] == "user" && $return["totalmax"] < 30) {
$submitErr |= TOTALMAXERR;
$submitErrMsg[TOTALMAXERR] = "Total max time must be at least 30 " . "minutes";
}
if ($return["type"] == "user" && $return["maxextend"] < 15) {
$submitErr |= MAXEXTENDERR;
$submitErrMsg[MAXEXTENDERR] = "Max extend time must be at least 15 " . "minutes";
}
if (checkUserHasPerm('Set Overlapping Reservation Count') && $return["type"] == "user" && ($return["overlap"] < 0 || $return["overlap"] == 1)) {
$submitErr |= MAXOVERLAPERR;
$submitErrMsg[MAXOVERLAPERR] = "Overlap can be 0 or greater than or equal to 2";
}
return $return;
}
function processGroupInput($checks = 1)
{
global $submitErr, $submitErrMsg, $user, $viewmode;
$return = array();
$return["groupid"] = getContinuationVar("groupid");
$return["type"] = getContinuationVar("type");
$return["name"] = getContinuationVar('name', processInputVar("name", ARG_STRING));
$return["affiliationid"] = getContinuationVar('affiliationid', processInputVar("affiliationid", ARG_NUMERIC, $user['affiliationid']));
$return["resourcetypeid"] = getContinuationVar('resourcetypeid', processInputVar("resourcetypeid", ARG_NUMERIC));
$return["owner"] = getContinuationVar('owner', processInputVar("owner", ARG_STRING));
$return["ownergroup"] = processInputVar("ownergroup", ARG_NUMERIC);
$return["editgroupid"] = getContinuationVar('editgroupid', processInputVar("editgroupid", ARG_NUMERIC));
$return["isowner"] = getContinuationVar("isowner");
$return["initialmax"] = getContinuationVar('initialmax', processInputVar("initialmax", ARG_NUMERIC));
$return["totalmax"] = getContinuationVar('totalmax', processInputVar("totalmax", ARG_NUMERIC));
$return["maxextend"] = getContinuationVar('maxextend', processInputVar("maxextend", ARG_NUMERIC));
$return["overlap"] = getContinuationVar('overlap', processInputVar("overlap", ARG_NUMERIC, 0));
$affils = getAffiliations();
if (!array_key_exists($return['affiliationid'], $affils)) {
$return['affiliationid'] = $user['affiliationid'];
}
if (!$checks) {
return $return;
}
if (!ereg('^[-a-zA-Z0-9_\\.: ]{3,30}$', $return["name"])) {
$submitErr |= GRPNAMEERR;
$submitErrMsg[GRPNAMEERR] = "Name must be between 3 and 30 characters " . "and can only contain letters, numbers, and " . "these characters: - _ . :";
}
if ($return['type'] == 'user') {
$extraid = $return['affiliationid'];
} else {
$extraid = $return['resourcetypeid'];
}
if (!empty($return["type"]) && !empty($return["name"]) && !($submitErr & GRPNAMEERR) && checkForGroupName($return["name"], $return["type"], $return["groupid"], $extraid)) {
$submitErr |= GRPNAMEERR;
$submitErrMsg[GRPNAMEERR] = "A group already exists with this name.";
}
if ($return["type"] == "user" && !validateUserid($return["owner"])) {
$submitErr |= GRPOWNER;
$submitErrMsg[GRPOWNER] = "Submitted ID is not valid";
}
if ($return["type"] == "user" && $return["initialmax"] < 30) {
$submitErr |= INITIALMAXERR;
$submitErrMsg[INITIALMAXERR] = "Initial max time must be at least 30 " . "minutes";
}
if ($return["type"] == "user" && $return["totalmax"] < 30) {
$submitErr |= TOTALMAXERR;
$submitErrMsg[TOTALMAXERR] = "Total max time must be at least 30 " . "minutes";
}
if ($return["type"] == "user" && $return["maxextend"] < 15) {
$submitErr |= MAXEXTENDERR;
$submitErrMsg[MAXEXTENDERR] = "Max extend time must be at least 15 " . "minutes";
}
if ($viewmode == ADMIN_DEVELOPER && $return["type"] == "user" && ($return["overlap"] < 0 || $return["overlap"] == 1)) {
$submitErr |= MAXOVERLAPERR;
$submitErrMsg[MAXOVERLAPERR] = "Overlap can be 0 or greater than or equal to 2";
}
return $return;
}
function validateAPIgroupInput($items, $exists)
{
# initialMaxTime
if (array_key_exists('initialMaxTime', $items)) {
if (!is_numeric($items['initialMaxTime']) || $items['initialMaxTime'] < 1 || $items['initialMaxTime'] > 65535) {
return array('status' => 'error', 'errorcode' => 21, 'errormsg' => 'submitted initialMaxTime is invalid');
}
}
# totalMaxTime
if (array_key_exists('totalMaxTime', $items)) {
if (!is_numeric($items['totalMaxTime']) || $items['totalMaxTime'] < 1 || $items['totalMaxTime'] > 65535) {
return array('status' => 'error', 'errorcode' => 22, 'errormsg' => 'submitted totalMaxTime is invalid');
}
}
# maxExtendTime
if (array_key_exists('maxExtendTime', $items)) {
if (!is_numeric($items['maxExtendTime']) || $items['maxExtendTime'] < 1 || $items['maxExtendTime'] > 65535) {
return array('status' => 'error', 'errorcode' => 23, 'errormsg' => 'submitted maxExtendTime is invalid');
}
}
# affiliation
if (array_key_exists('affiliation', $items)) {
$esc_affiliation = mysql_escape_string($items['affiliation']);
$affilid = getAffiliationID($esc_affiliation);
if (is_null($affilid)) {
return array('status' => 'error', 'errorcode' => 17, 'errormsg' => 'unknown affiliation');
}
$items['affiliationid'] = $affilid;
}
# name
if (array_key_exists('name', $items)) {
if (!ereg('^[-a-zA-Z0-9_\\.: ]{3,30}$', $items['name'])) {
return array('status' => 'error', 'errorcode' => 19, 'errormsg' => 'Name must be between 3 and 30 characters ' . 'and can only contain letters, numbers, and ' . 'these characters: - _ . :');
}
$esc_name = mysql_escape_string($items['name']);
$doesexist = checkForGroupName($esc_name, 'user', '', $affilid);
if ($exists && !$doesexist) {
return array('status' => 'error', 'errorcode' => 18, 'errormsg' => 'user group with submitted name and affiliation does not exist');
} elseif (!$exists && $doesexist) {
return array('status' => 'error', 'errorcode' => 27, 'errormsg' => 'existing user group with submitted name and affiliation');
} elseif ($exists && $doesexist) {
$items['id'] = getUserGroupID($esc_name, $affilid);
}
}
# owner
if (array_key_exists('owner', $items)) {
if (!validateUserid(mysql_escape_string($items['owner']))) {
return array('status' => 'error', 'errorcode' => 20, 'errormsg' => 'submitted owner is invalid');
}
}
# managingGroup
if (array_key_exists('managingGroup', $items)) {
$parts = explode('@', $items['managingGroup']);
if (count($parts) != 2) {
return array('status' => 'error', 'errorcode' => 24, 'errormsg' => 'submitted managingGroup is invalid');
}
$esc_mgName = mysql_escape_string($parts[0]);
$esc_mgAffil = mysql_escape_string($parts[1]);
$mgaffilid = getAffiliationID($esc_mgAffil);
if (!checkForGroupName($esc_mgName, 'user', '', $mgaffilid)) {
return array('status' => 'error', 'errorcode' => 25, 'errormsg' => 'submitted managingGroup does not exist');
}
$items['managingGroupID'] = getUserGroupID($esc_mgName, $mgaffilid);
$items['managingGroupName'] = $parts[0];
$items['managingGroupAffilid'] = $mgaffilid;
}
$items['status'] = 'success';
return $items;
}
function XMLRPCaddResourceGroup($name, $managingGroup, $type)
{
global $user;
if (!in_array("groupAdmin", $user['privileges'])) {
return array('status' => 'error', 'errorcode' => 16, 'errormsg' => 'access denied for managing groups');
}
$validate = array('managingGroup' => $managingGroup);
$rc = validateAPIgroupInput($validate, 0);
if ($rc['status'] == 'error') {
return $rc;
}
if ($typeid = getResourceTypeID($type)) {
if (checkForGroupName($name, 'resource', '', $typeid)) {
return array('status' => 'error', 'errorcode' => 76, 'errormsg' => 'resource group already exists');
}
if (get_magic_quotes_gpc()) {
$name = stripslashes($name);
}
if (!preg_match('/^[-a-zA-Z0-9_\\. ]{3,30}$/', $name)) {
return array('status' => 'error', 'errorcode' => 87, 'errormsg' => 'Name must be between 3 and 30 characters and can only contain letters, numbers, spaces, and these characters: - . _');
}
$name = mysql_real_escape_string($name);
$data = array('type' => 'resource', 'ownergroup' => $rc['managingGroupID'], 'resourcetypeid' => $typeid, 'name' => $name);
if (!addGroup($data)) {
return array('status' => 'error', 'errorcode' => 26, 'errormsg' => 'failure while adding group to database');
}
} else {
return array('status' => 'error', 'errorcode' => 68, 'errormsg' => 'invalid resource type');
}
return array('status' => 'success');
}