// Only admins can see this form
if (!$is_admin) {
showAccessDenied($day, $month, $year, $area, "");
exit;
}
// Get the details for this area
$res = sql_query("SELECT * FROM {$tbl_area} WHERE id={$area} LIMIT 1");
if (!$res) {
fatal_error(0, get_vocab("error_area") . $area . get_vocab("not_found"));
}
$row = sql_row_keyed($res, 0);
sql_free($res);
// Get the settings for this area, from the database if they are there, otherwise from
// the config file. A little bit inefficient repeating the SQL query
// we've just done, but it makes the code simpler and this page is not used very often.
get_area_settings($area);
echo "<form class=\"form_general\" id=\"edit_area\" action=\"edit_area_room.php\" method=\"post\">\n";
echo "<fieldset class=\"admin\">\n";
echo "<legend>" . get_vocab("editarea") . "</legend>\n";
// Any error messages
echo "<fieldset>\n";
echo "<legend></legend>\n";
if (FALSE == $valid_email) {
echo "<p class=\"error\">" . get_vocab('invalid_email') . "</p>\n";
}
if (FALSE == $valid_resolution) {
echo "<p class=\"error\">" . get_vocab('invalid_resolution') . "</p>\n";
}
if (FALSE == $enough_slots) {
echo "<p class=\"error\">" . get_vocab('too_many_slots') . "</p>\n";
}
function display_buttons($row, $is_series)
{
global $PHP_SELF;
global $user, $reminders_enabled, $reminder_interval;
$last_reminded = empty($row['reminded']) ? $row['last_updated'] : $row['reminded'];
$returl = $PHP_SELF;
$target_id = $is_series ? $row['repeat_id'] : $row['id'];
// When we're going to view_entry.php we need to pass the id and series
// in a query string rather than as hidden inputs. That's because some
// pages called by view_entry use HTTP_REFERER to form a return URL, and
// view_entry needs to have a valid id.
$query_string = "id={$target_id}";
$query_string .= $is_series ? "&series=1" : "";
if (auth_book_admin($user, $row['room_id'])) {
// approve
echo "<form action=\"approve_entry_handler.php\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"approve\">\n";
echo "<input type=\"hidden\" name=\"id\" value=\"{$target_id}\">\n";
echo "<input type=\"hidden\" name=\"series\" value=\"{$is_series}\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("approve") . "\">\n";
echo "</div>\n";
echo "</form>\n";
// reject
echo "<form action=\"view_entry.php?{$query_string}\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"reject\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("reject") . "\">\n";
echo "</div>\n";
echo "</form>\n";
// more info
$info_time = $is_series ? $row['repeat_info_time'] : $row['entry_info_time'];
$info_user = $is_series ? $row['repeat_info_user'] : $row['entry_info_user'];
if (empty($info_time)) {
$info_title = get_vocab("no_request_yet");
} else {
$info_title = get_vocab("last_request") . ' ' . time_date_string($info_time);
if (!empty($info_user)) {
$info_title .= " " . get_vocab("by") . " {$info_user}";
}
}
echo "<form action=\"view_entry.php?{$query_string}\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"more_info\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" title=\"" . htmlspecialchars($info_title) . "\" value=\"" . get_vocab("more_info") . "\">\n";
echo "</div>\n";
echo "</form>\n";
} else {
// get the area settings for this room
get_area_settings(get_area($row['room_id']));
// if enough time has passed since the last reminder
// output a "Remind Admin" button, otherwise nothing
if ($reminders_enabled && working_time_diff(time(), $last_reminded) >= $reminder_interval) {
echo "<form action=\"approve_entry_handler.php\" method=\"post\">\n";
echo "<div>\n";
echo "<input type=\"hidden\" name=\"action\" value=\"remind_admin\">\n";
echo "<input type=\"hidden\" name=\"id\" value=\"" . $row['id'] . "\">\n";
echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n";
echo "<input type=\"submit\" value=\"" . get_vocab("remind_admin") . "\">\n";
echo "</div>\n";
echo "</form>\n";
} else {
echo " ";
}
}
}
function process_event($vevent)
{
global $import_default_type, $skip;
global $morningstarts, $morningstarts_minutes, $resolution;
// We are going to cache the settings ($resolution etc.) for the rooms
// in order to avoid lots of database lookups
static $room_settings = array();
// Set up the booking with some defaults
$booking = array();
$booking['status'] = 0;
$booking['rep_type'] = REP_NONE;
$booking['type'] = $import_default_type;
// Parse all the lines first because we'll need to get the start date
// for calculating some of the other settings
$properties = array();
$problems = array();
$line = current($vevent);
while ($line !== FALSE) {
$property = parse_ical_property($line);
// Ignore any sub-components (eg a VALARM inside a VEVENT) as MRBS does not
// yet handle things like reminders. Skip through to the end of the sub-
// component. Just in case you can have sub-components at a greater depth
// than 1 (not sure if you can), make sure we've got to the matching END.
if ($property['name'] != 'BEGIN') {
$properties[$property['name']] = array('params' => $property['params'], 'value' => $property['value']);
} else {
$component = $property['value'];
while (!($property['name'] == 'END' && $property['value'] == $component) && ($line = next($vevent))) {
$property = parse_ical_property($line);
}
}
$line = next($vevent);
}
// Get the start time because we'll need it later
if (!isset($properties['DTSTART'])) {
trigger_error("No DTSTART", E_USER_WARNING);
} else {
$booking['start_time'] = get_time($properties['DTSTART']['value'], $properties['DTSTART']['params']);
}
// Now go through the rest of the properties
foreach ($properties as $name => $details) {
switch ($name) {
case 'ORGANIZER':
$booking['create_by'] = get_create_by($details['value']);
break;
case 'SUMMARY':
$booking['name'] = $details['value'];
break;
case 'DESCRIPTION':
$booking['description'] = $details['value'];
break;
case 'LOCATION':
$error = '';
$booking['room_id'] = get_room_id($details['value'], $error);
if ($booking['room_id'] === FALSE) {
$problems[] = $error;
}
break;
case 'DTEND':
$booking['end_time'] = get_time($details['value'], $details['params']);
break;
case 'DURATION':
trigger_error("DURATION not yet supported by MRBS", E_USER_WARNING);
break;
case 'RRULE':
$rrule_errors = array();
$repeat_details = get_repeat_details($details['value'], $booking['start_time'], $rrule_errors);
if ($repeat_details === FALSE) {
$problems = array_merge($problems, $rrule_errors);
} else {
foreach ($repeat_details as $key => $value) {
$booking[$key] = $value;
}
}
break;
case 'CLASS':
if (in_array($details['value'], array('PRIVATE', 'CONFIDENTIAL'))) {
$booking['status'] |= STATUS_PRIVATE;
}
break;
case 'STATUS':
if ($details['value'] == 'TENTATIVE') {
$booking['status'] |= STATUS_TENTATIVE;
}
break;
case 'UID':
$booking['ical_uid'] = $details['value'];
break;
case 'SEQUENCE':
$booking['ical_sequence'] = $details['value'];
break;
case 'LAST-MODIFIED':
// We probably ought to do something with LAST-MODIFIED and use it
// for the timestamp field
break;
default:
break;
}
}
// If we didn't manage to work out a username then just put the booking
// under the name of the current user
if (!isset($booking['create_by'])) {
$booking['create_by'] = getUserName();
}
// A SUMMARY is optional in RFC 5545, however a brief description is mandatory
// in MRBS. So if the VEVENT didn't include a name, we'll give it one
if (!isset($booking['name'])) {
$booking['name'] = "Imported event - no SUMMARY name";
}
// On the other hand a UID is mandatory in RFC 5545. We'll be lenient and
// provide one if it is missing
if (!isset($booking['ical_uid'])) {
$booking['ical_uid'] = generate_global_uid($booking['name']);
$booking['sequence'] = 0;
// and we'll start the sequence from 0
}
// LOCATION is optional in RFC 5545 but is obviously mandatory in MRBS.
// We could maybe have a default room on the form and use that
if (!isset($booking['room_id'])) {
$problems[] = get_vocab("no_LOCATION");
}
if (empty($problems)) {
// Get the area settings for this room, if we haven't got them already
if (!isset($room_settings[$booking['room_id']])) {
get_area_settings(get_area($booking['room_id']));
$room_settings[$booking['room_id']]['morningstarts'] = $morningstarts;
$room_settings[$booking['room_id']]['morningstarts_minutes'] = $morningstarts_minutes;
$room_settings[$booking['room_id']]['resolution'] = $resolution;
}
// Round the start and end times to slot boundaries
$date = getdate($booking['start_time']);
$m = $date['mon'];
$d = $date['mday'];
$y = $date['year'];
$am7 = mktime($room_settings[$booking['room_id']]['morningstarts'], $room_settings[$booking['room_id']]['morningstarts_minutes'], 0, $m, $d, $y);
$booking['start_time'] = round_t_down($booking['start_time'], $room_settings[$booking['room_id']]['resolution'], $am7);
$booking['end_time'] = round_t_up($booking['end_time'], $room_settings[$booking['room_id']]['resolution'], $am7);
// Make the bookings
$bookings = array($booking);
$result = mrbsMakeBookings($bookings, NULL, FALSE, $skip);
if ($result['valid_booking']) {
return TRUE;
}
}
// There were problems - list them
echo "<div class=\"problem_report\">\n";
echo get_vocab("could_not_import") . " UID:" . htmlspecialchars($booking['ical_uid']);
echo "<ul>\n";
foreach ($problems as $problem) {
echo "<li>" . htmlspecialchars($problem) . "</li>\n";
}
if (!empty($result['rules_broken'])) {
echo "<li>" . get_vocab("rules_broken") . "\n";
echo "<ul>\n";
foreach ($result['rules_broken'] as $rule) {
echo "<li>{$rule}</li>\n";
}
echo "</ul></li>\n";
}
if (!empty($result['conflicts'])) {
echo "<li>" . get_vocab("conflict") . "\n";
echo "<ul>\n";
foreach ($result['conflicts'] as $conflict) {
echo "<li>{$conflict}</li>\n";
}
echo "</ul></li>\n";
}
echo "</ul>\n";
echo "</div>\n";
return FALSE;
}
$returl = get_form_var('returl', 'string');
$error = get_form_var('error', 'string');
// Check the user is authorised for this page
checkAuthorised();
// Also need to know whether they have admin rights
$user = getUserName();
$is_admin = authGetUserLevel($user) >= 2;
// You're only allowed to make repeat bookings if you're an admin
// or else if $auth['only_admin_can_book_repeat'] is not set
$repeats_allowed = $is_admin || empty($auth['only_admin_can_book_repeat']);
$row = mrbsGetBookingInfo($id, $series);
$room = $row['room_id'];
$area = $row['area_id'];
// Get the area settings for the entry's area. In particular we want
// to know how to display private/public bookings in this area.
get_area_settings($row['area_id']);
// Work out whether the room or area is disabled
$room_disabled = $row['room_disabled'] || $row['area_disabled'];
// Get the status
$status = $row['status'];
// Get the creator
$create_by = $row['create_by'];
// Work out whether this event should be kept private
$private = $row['status'] & STATUS_PRIVATE;
$writeable = getWritable($row['create_by'], $user, $row['room_id']);
$keep_private = is_private_event($private) && !$writeable;
// Work out when the last reminder was sent
$last_reminded = empty($row['reminded']) ? $row['last_updated'] : $row['reminded'];
if ($series == 1) {
$repeat_id = $id;
// Save the repeat_id
// update the more info fields
mrbsUpdateMoreInfo($id, $series, $user, $note);
$result = TRUE;
// We'll assume success and end an email anyway
break;
// ACTION = "REMIND"
// ACTION = "REMIND"
case 'remind':
// update the last reminded time
mrbsUpdateLastReminded($id, $series);
$result = TRUE;
// We'll assume success and end an email anyway
break;
default:
$result = FALSE;
// should not get here
break;
}
// switch ($action)
// Now send an email if required and the operation was successful
if ($result && $need_to_send_mail) {
// Get the area settings for this area (we will need to know if periods are enabled
// so that we will kniow whether to include iCalendar information in the email)
get_area_settings($data['area_id']);
// Send the email
$result = notifyAdminOnBooking($data, $mail_previous, $is_new_entry, $series, $start_times, $action, $note);
}
}
// Now it's all done go back to the previous view
header("Location: {$returl}");
exit;
