// webcalendar include directory.
$basedir = "..";
// points to the base WebCalendar directory relative to
// current working directory
$includedir = "../includes";
include "{$includedir}/config.php";
include "{$includedir}/php-dbi.php";
include "{$includedir}/functions.php";
include "{$includedir}/{$user_inc}";
include "{$includedir}/site_extras.php";
$debug = false;
// set to true to print debug info...
$only_testing = false;
// act like we're sending, but don't send -- for debugging
// Establish a database connection.
$c = dbi_connect($db_host, $db_login, $db_password, $db_database);
if (!$c) {
echo "Error connecting to database: " . dbi_error();
exit;
}
load_global_settings();
include "{$includedir}/translate.php";
if ($debug) {
echo "<br />\n";
}
// Get a list of people who have asked not to receive email
$res = dbi_query("SELECT cal_login FROM webcal_user_pref " . "WHERE cal_setting = 'EMAIL_REMINDER' " . "AND cal_value = 'N'");
$noemail = array();
if ($res) {
while ($row = dbi_fetch_row($res)) {
$user = $row[0];
function user_load_variables($login, $prefix)
{
global $PUBLIC_ACCESS_FULLNAME, $NONUSER_PREFIX, $cached_user_var;
global $app_host, $app_login, $app_pass, $app_db, $app_user_table;
global $c, $db_host, $db_login, $db_password, $db_database, $app_same_db;
if (!empty($cached_user_var[$login][$prefix])) {
return $cached_user_var[$login][$prefix];
}
$cached_user_var = array();
if ($NONUSER_PREFIX && substr($login, 0, strlen($NONUSER_PREFIX)) == $NONUSER_PREFIX) {
nonuser_load_variables($login, $prefix);
return true;
}
if ($login == '__public__') {
$GLOBALS[$prefix . 'login'] = $login;
$GLOBALS[$prefix . 'firstname'] = '';
$GLOBALS[$prefix . 'lastname'] = '';
$GLOBALS[$prefix . 'is_admin'] = 'N';
$GLOBALS[$prefix . 'email'] = '';
$GLOBALS[$prefix . 'fullname'] = $PUBLIC_ACCESS_FULLNAME;
$GLOBALS[$prefix . 'password'] = '';
return true;
}
// if application is in a separate db, we have to connect to it
if ($app_same_db != '1') {
$c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
}
$sql = "SELECT id, name, username, email FROM {$app_user_table} WHERE username = '******'";
$res = dbi_query($sql);
if ($res) {
if ($row = dbi_fetch_row($res)) {
$flname = explode(' ', $row[1]);
$fname = isset($flname[1]) ? $flname[0] : $row[1];
$lname = isset($flname[1]) ? $flname[1] : '';
$GLOBALS[$prefix . 'login'] = $login;
$GLOBALS[$prefix . 'firstname'] = $fname;
$GLOBALS[$prefix . 'lastname'] = $lname;
$GLOBALS[$prefix . 'is_admin'] = user_is_admin($row[0], get_admins());
$GLOBALS[$prefix . 'email'] = $row[3];
$GLOBALS[$prefix . 'fullname'] = $row[1];
}
dbi_free_result($res);
} else {
$error = db_error();
return false;
}
// if application is in a separate db, we have to connect back to the webcal db
if ($app_same_db != '1') {
$c = dbi_connect($db_host, $db_login, $db_password, $db_database);
}
//save these results
$cached_user_var[$login][$prefix] = true;
return true;
}
function do_config($fileLoc)
{
global $db_database, $db_host, $db_login, $db_password, $db_persistent, $db_type, $NONUSER_PREFIX, $phpdbiVerbose, $PROGRAM_DATE, $PROGRAM_NAME, $PROGRAM_URL, $PROGRAM_VERSION, $readonly, $run_mode, $settings, $single_user, $single_user_login, $TROUBLE_URL, $use_http_auth, $user_inc;
$PROGRAM_VERSION = 'v1.2.7';
$PROGRAM_DATE = '22 Feb 2013';
$PROGRAM_NAME = 'WebCalendar ' . "{$PROGRAM_VERSION} ({$PROGRAM_DATE})";
$PROGRAM_URL = 'http://www.k5n.us/webcalendar.php';
$TROUBLE_URL = 'docs/WebCalendar-SysAdmin.html#trouble';
// Open settings file to read.
$settings = array();
if (file_exists($fileLoc)) {
$fd = @fopen($fileLoc, 'rb', true);
}
if (empty($fd) && defined('__WC_INCLUDEDIR')) {
$fd = @fopen(__WC_INCLUDEDIR . '/settings.php', 'rb', true);
if ($fd) {
$fileLoc = __WC_INCLUDEDIR . '/settings.php';
}
}
// If still empty.... use __FILE__.
if (empty($fd)) {
$testName = get_full_include_path("settings.php");
$fd = @fopen($fileLoc, 'rb', true);
if ($fd) {
$fileLoc = $testName;
}
}
if (empty($fd) || filesize($fileLoc) == 0) {
// There is no settings.php file.
// Redirect user to install page if it exists.
if (file_exists('install/index.php')) {
header('Location: install/index.php');
exit;
} else {
die_miserable_death(translate('Could not find settings.php file...'));
}
}
// We don't use fgets () since it seems to have problems with Mac-formatted
// text files. Instead, we read in the entire file, and split the lines manually.
$data = '';
while (!feof($fd)) {
$data .= fgets($fd, 4096);
}
fclose($fd);
// Replace any combination of carriage return (\r) and new line (\n)
// with a single new line.
$data = preg_replace("/[\r\n]+/", "\n", $data);
// Split the data into lines.
$configLines = explode("\n", $data);
for ($n = 0, $cnt = count($configLines); $n < $cnt; $n++) {
$buffer = trim($configLines[$n], "\r\n ");
if (preg_match('/^#|\\/\\*/', $buffer) || preg_match('/^<\\?/', $buffer) || preg_match('/^\\?>/', $buffer)) {
// end PHP code
continue;
}
if (preg_match('/(\\S+):\\s*(\\S+)/', $buffer, $matches)) {
$settings[$matches[1]] = $matches[2];
}
// echo "settings $matches[1] => $matches[2]<br />";
}
$configLines = $data = '';
// Extract db settings into global vars.
$db_database = $settings['db_database'];
$db_host = $settings['db_host'];
$db_login = $settings['db_login'];
$db_password = $settings['db_password'];
$db_persistent = preg_match('/(1|yes|true|on)/i', $settings['db_persistent']) ? '1' : '0';
$db_type = $settings['db_type'];
// If no db settings, then user has likely started install but not yet
// completed. So, send them back to the install script.
if (empty($db_type)) {
if (file_exists('install/index.php')) {
header('Location: install/index.php');
exit;
} else {
die_miserable_death(translate('Incomplete settings.php file...'));
}
}
// Use 'db_cachedir' if found, otherwise look for 'cachedir'.
if (!empty($settings['db_cachedir'])) {
dbi_init_cache($settings['db_cachedir']);
} else {
if (!empty($settings['cachedir'])) {
dbi_init_cache($settings['cachedir']);
}
}
if (!empty($settings['db_debug']) && preg_match('/(1|true|yes|enable|on)/i', $settings['db_debug'])) {
dbi_set_debug(true);
}
foreach (array('db_type', 'db_host', 'db_login', 'db_password') as $s) {
if (empty($settings[$s])) {
die_miserable_death(str_replace('XXX', $s, translate('Could not find XXX defined in...')));
}
}
// Allow special settings of 'none' in some settings[] values.
// This can be used for db servers not using TCP port for connection.
$db_host = $db_host == 'none' ? '' : $db_host;
$db_password = $db_password == 'none' ? '' : $db_password;
$readonly = preg_match('/(1|yes|true|on)/i', $settings['readonly']) ? 'Y' : 'N';
if (empty($settings['mode'])) {
$settings['mode'] = 'prod';
}
$run_mode = preg_match('/(dev)/i', $settings['mode']) ? 'dev' : 'prod';
$phpdbiVerbose = $run_mode == 'dev';
$single_user = preg_match('/(1|yes|true|on)/i', $settings['single_user']) ? 'Y' : 'N';
if ($single_user == 'Y') {
$single_user_login = $settings['single_user_login'];
}
if ($single_user == 'Y' && empty($single_user_login)) {
die_miserable_death(str_replace('XXX', 'single_user_login', translate('You must define XXX in')));
}
$use_http_auth = preg_match('/(1|yes|true|on)/i', $settings['use_http_auth']) ? true : false;
// Type of user authentication.
$user_inc = $settings['user_inc'];
// If sqlite, the db file is in the include directory
if ($db_type == 'sqlite') {
$db_database = get_full_include_path($db_database);
}
// Check the current installation version.
// Redirect user to install page if it is different from stored value.
// This will prevent running WebCalendar until UPGRADING.html has been
// read and required upgrade actions completed.
$c = @dbi_connect($db_host, $db_login, $db_password, $db_database, false);
if ($c) {
$rows = dbi_get_cached_rows('SELECT cal_value FROM webcal_config
WHERE cal_setting = \'WEBCAL_PROGRAM_VERSION\'');
if (!$rows) {
// & does not work here...leave it as &.
header('Location: install/index.php?action=mismatch&version=UNKNOWN');
exit;
} else {
$row = $rows[0];
if (empty($row) || $row[0] != $PROGRAM_VERSION) {
// & does not work here...leave it as &.
header('Location: install/index.php?action=mismatch&version=' . (empty($row) ? 'UNKNOWN' : $row[0]));
exit;
}
}
dbi_close($c);
} else {
// Must mean we don't have a settings.php file.
// NOTE: if we get a connect error when running send_reminders.php,
// we may want to show that error message here.
// & does not work here...leave it as &.
header('Location: install/index.php?action=mismatch&version=UNKNOWN');
exit;
}
// We can add extra 'nonuser' calendars such as a holiday, corporate,
// departmental, etc. We need a unique prefix for these calendars
// so we don't get them mixed up with real logins. This prefix should be
// a maximum of 5 characters and should NOT change once set!
$NONUSER_PREFIX = '_NUC_';
if ($single_user != 'Y') {
$single_user_login = '';
}
}
$settings['use_http_auth'] = 'false';
$settings['single_user'] = '******';
$settings['user_inc'] = getPostValue('form_user_inc');
}
}
//Save Application Name and Server URL
$db_persistent = false;
$db_type = $settings['db_type'];
$db_password = $settings['db_password'] == 'none' ? '' : $settings['db_password'];
$_SESSION['application_name'] = getPostValue('form_application_name');
$_SESSION['server_url'] = getPostValue('form_server_url');
$db_database = $settings['db_database'];
if ($db_type == 'sqlite') {
$db_database = get_full_include_path($db_database);
}
$c = dbi_connect($settings['db_host'], $settings['db_login'], $db_password, $db_database, false);
if ($c) {
if (isset($_SESSION['application_name'])) {
dbi_execute("DELETE FROM webcal_config WHERE cal_setting = 'APPLICATION_NAME'");
dbi_execute("INSERT INTO webcal_config ( cal_setting, cal_value ) " . "VALUES ('APPLICATION_NAME', ?)", array($_SESSION['application_name']));
}
if (isset($_SESSION['server_url'])) {
dbi_execute("DELETE FROM webcal_config WHERE cal_setting = 'SERVER_URL'");
dbi_execute("INSERT INTO webcal_config ( cal_setting, cal_value ) " . "VALUES ('SERVER_URL', ?)", array($_SESSION['server_url']));
}
}
$do_load_admin = getPostValue('load_admin');
if (!empty($do_load_admin)) {
//add default admin user if not exists
db_load_admin();
//check if an Admin account exists
function dbi_query($sql, $fatalOnError = true, $showError = true)
{
global $c, $db_connection_info, $db_query_count, $phpdbiVerbose, $SQLLOG;
if (!isset($SQLLOG) && !empty($db_connection_info['debug'])) {
$SQLLOG = array();
}
if (!empty($db_connection_info['debug'])) {
$SQLLOG[] = $sql;
}
// echo "dbi_query!: " . htmlentities ( $sql ) . "<br />";
// Connect now if not connected.
if (is_array($db_connection_info) && !$db_connection_info['connected']) {
$c = dbi_connect($db_connection_info['host'], $db_connection_info['login'], $db_connection_info['password'], $db_connection_info['database'], false);
$db_connection_info['connected'] = true;
$db_connection_info['connection'] = $c;
// echo '<!-- Created delayed db connection (lazy) -->' . "\n";
}
$db_query_count++;
// If caching is enabled, then clear out the cache for any request
// that may update the datatabase.
if (!empty($db_connection_info['cachedir'])) {
if (!preg_match('/^select/i', $sql)) {
dbi_clear_cache();
if (!empty($db_connection_info['debug'])) {
$SQLLOG[] = translate('Cache cleared from previous SQL!');
}
}
}
// do_debug ( "SQL:" . $sql);
$found_db_type = false;
if (strcmp($GLOBALS['db_type'], 'mysql') == 0) {
$found_db_type = true;
$res = mysql_query($sql, $db_connection_info['connection']);
} elseif (strcmp($GLOBALS['db_type'], 'mysqli') == 0) {
$found_db_type = true;
$res = $GLOBALS['db_connection']->query($sql);
} elseif (strcmp($GLOBALS['db_type'], 'mssql') == 0) {
$found_db_type = true;
$res = mssql_query($sql);
} elseif (strcmp($GLOBALS['db_type'], 'oracle') == 0) {
if (false === ($GLOBALS['oracle_statement'] = OCIParse($GLOBALS['oracle_connection'], $sql))) {
dbi_fatal_error(translate('Error executing query.') . $phpdbiVerbose ? dbi_error() . "\n\n<br />\n" . $sql : '' . '', $fatalOnError, $showError);
}
return OCIExecute($GLOBALS['oracle_statement'], OCI_COMMIT_ON_SUCCESS);
} elseif (strcmp($GLOBALS['db_type'], 'postgresql') == 0) {
$found_db_type = true;
$res = pg_exec($GLOBALS['postgresql_connection'], $sql);
} elseif (strcmp($GLOBALS['db_type'], 'odbc') == 0) {
return odbc_exec($GLOBALS['odbc_connection'], $sql);
} elseif (strcmp($GLOBALS['db_type'], "ibm_db2") == 0) {
$found_db_type = true;
$res = db2_exec($GLOBALS['ibm_db2_connection'], $sql);
} elseif (strcmp($GLOBALS['db_type'], 'ibase') == 0) {
$found_db_type = true;
$res = ibase_query($sql);
} elseif (strcmp($GLOBALS['db_type'], 'sqlite') == 0) {
$found_db_type = true;
$res = sqlite_query($GLOBALS['sqlite_c'], $sql, SQLITE_NUM);
}
if ($found_db_type) {
if (!$res) {
dbi_fatal_error(translate('Error executing query.') . ($phpdbiVerbose ? dbi_error() . "\n\n<br />\n" . $sql : ''), $fatalOnError, $showError);
}
return $res;
} else {
dbi_fatal_error('dbi_query (): ' . translate('db_type not defined.'));
}
}
function user_load_variables($login, $prefix)
{
global $PUBLIC_ACCESS_FULLNAME, $NONUSER_PREFIX;
global $app_host, $app_login, $app_pass, $app_db, $pn_user_table;
global $c, $db_host, $db_login, $db_password, $db_database, $app_same_db;
if ($NONUSER_PREFIX && substr($login, 0, strlen($NONUSER_PREFIX)) == $NONUSER_PREFIX) {
nonuser_load_variables($login, $prefix);
return true;
}
if ($login == "__public__") {
$GLOBALS[$prefix . "login"] = $login;
$GLOBALS[$prefix . "firstname"] = "";
$GLOBALS[$prefix . "lastname"] = "";
$GLOBALS[$prefix . "is_admin"] = "N";
$GLOBALS[$prefix . "email"] = "";
$GLOBALS[$prefix . "fullname"] = $PUBLIC_ACCESS_FULLNAME;
$GLOBALS[$prefix . "password"] = "";
return true;
}
// if postnuke is in a separate db, we have to connect to it
if ($app_same_db != '1') {
$c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
}
$sql = "SELECT pn_uid, pn_name, pn_uname, pn_email FROM {$pn_user_table} WHERE pn_uname = '{$login}'";
$res = dbi_query($sql);
if ($res) {
if ($row = dbi_fetch_row($res)) {
list($fname, $lname) = split(" ", $row[1]);
$GLOBALS[$prefix . "login"] = $login;
$GLOBALS[$prefix . "firstname"] = $fname;
$GLOBALS[$prefix . "lastname"] = $lname;
$GLOBALS[$prefix . "is_admin"] = user_is_admin($row[0], get_admins());
$GLOBALS[$prefix . "email"] = $row[3];
$GLOBALS[$prefix . "fullname"] = $row[1];
}
dbi_free_result($res);
} else {
$error = "Database error: " . dbi_error();
return false;
}
// if postnuke is in a separate db, we have to connect back to the webcal db
if ($app_same_db != '1') {
$c = dbi_connect($db_host, $db_login, $db_password, $db_database);
}
return true;
}