// Only admins can see this form if (!$is_admin) { showAccessDenied($day, $month, $year, $area, ""); exit; } // Get the details for this area $res = sql_query("SELECT * FROM {$tbl_area} WHERE id={$area} LIMIT 1"); if (!$res) { fatal_error(0, get_vocab("error_area") . $area . get_vocab("not_found")); } $row = sql_row_keyed($res, 0); sql_free($res); // Get the settings for this area, from the database if they are there, otherwise from // the config file. A little bit inefficient repeating the SQL query // we've just done, but it makes the code simpler and this page is not used very often. get_area_settings($area); echo "<form class=\"form_general\" id=\"edit_area\" action=\"edit_area_room.php\" method=\"post\">\n"; echo "<fieldset class=\"admin\">\n"; echo "<legend>" . get_vocab("editarea") . "</legend>\n"; // Any error messages echo "<fieldset>\n"; echo "<legend></legend>\n"; if (FALSE == $valid_email) { echo "<p class=\"error\">" . get_vocab('invalid_email') . "</p>\n"; } if (FALSE == $valid_resolution) { echo "<p class=\"error\">" . get_vocab('invalid_resolution') . "</p>\n"; } if (FALSE == $enough_slots) { echo "<p class=\"error\">" . get_vocab('too_many_slots') . "</p>\n"; }
function display_buttons($row, $is_series) { global $PHP_SELF; global $user, $reminders_enabled, $reminder_interval; $last_reminded = empty($row['reminded']) ? $row['last_updated'] : $row['reminded']; $returl = $PHP_SELF; $target_id = $is_series ? $row['repeat_id'] : $row['id']; // When we're going to view_entry.php we need to pass the id and series // in a query string rather than as hidden inputs. That's because some // pages called by view_entry use HTTP_REFERER to form a return URL, and // view_entry needs to have a valid id. $query_string = "id={$target_id}"; $query_string .= $is_series ? "&series=1" : ""; if (auth_book_admin($user, $row['room_id'])) { // approve echo "<form action=\"approve_entry_handler.php\" method=\"post\">\n"; echo "<div>\n"; echo "<input type=\"hidden\" name=\"action\" value=\"approve\">\n"; echo "<input type=\"hidden\" name=\"id\" value=\"{$target_id}\">\n"; echo "<input type=\"hidden\" name=\"series\" value=\"{$is_series}\">\n"; echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n"; echo "<input type=\"submit\" value=\"" . get_vocab("approve") . "\">\n"; echo "</div>\n"; echo "</form>\n"; // reject echo "<form action=\"view_entry.php?{$query_string}\" method=\"post\">\n"; echo "<div>\n"; echo "<input type=\"hidden\" name=\"action\" value=\"reject\">\n"; echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n"; echo "<input type=\"submit\" value=\"" . get_vocab("reject") . "\">\n"; echo "</div>\n"; echo "</form>\n"; // more info $info_time = $is_series ? $row['repeat_info_time'] : $row['entry_info_time']; $info_user = $is_series ? $row['repeat_info_user'] : $row['entry_info_user']; if (empty($info_time)) { $info_title = get_vocab("no_request_yet"); } else { $info_title = get_vocab("last_request") . ' ' . time_date_string($info_time); if (!empty($info_user)) { $info_title .= " " . get_vocab("by") . " {$info_user}"; } } echo "<form action=\"view_entry.php?{$query_string}\" method=\"post\">\n"; echo "<div>\n"; echo "<input type=\"hidden\" name=\"action\" value=\"more_info\">\n"; echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n"; echo "<input type=\"submit\" title=\"" . htmlspecialchars($info_title) . "\" value=\"" . get_vocab("more_info") . "\">\n"; echo "</div>\n"; echo "</form>\n"; } else { // get the area settings for this room get_area_settings(get_area($row['room_id'])); // if enough time has passed since the last reminder // output a "Remind Admin" button, otherwise nothing if ($reminders_enabled && working_time_diff(time(), $last_reminded) >= $reminder_interval) { echo "<form action=\"approve_entry_handler.php\" method=\"post\">\n"; echo "<div>\n"; echo "<input type=\"hidden\" name=\"action\" value=\"remind_admin\">\n"; echo "<input type=\"hidden\" name=\"id\" value=\"" . $row['id'] . "\">\n"; echo "<input type=\"hidden\" name=\"returl\" value=\"" . htmlspecialchars($returl) . "\">\n"; echo "<input type=\"submit\" value=\"" . get_vocab("remind_admin") . "\">\n"; echo "</div>\n"; echo "</form>\n"; } else { echo " "; } } }
function process_event($vevent) { global $import_default_type, $skip; global $morningstarts, $morningstarts_minutes, $resolution; // We are going to cache the settings ($resolution etc.) for the rooms // in order to avoid lots of database lookups static $room_settings = array(); // Set up the booking with some defaults $booking = array(); $booking['status'] = 0; $booking['rep_type'] = REP_NONE; $booking['type'] = $import_default_type; // Parse all the lines first because we'll need to get the start date // for calculating some of the other settings $properties = array(); $problems = array(); $line = current($vevent); while ($line !== FALSE) { $property = parse_ical_property($line); // Ignore any sub-components (eg a VALARM inside a VEVENT) as MRBS does not // yet handle things like reminders. Skip through to the end of the sub- // component. Just in case you can have sub-components at a greater depth // than 1 (not sure if you can), make sure we've got to the matching END. if ($property['name'] != 'BEGIN') { $properties[$property['name']] = array('params' => $property['params'], 'value' => $property['value']); } else { $component = $property['value']; while (!($property['name'] == 'END' && $property['value'] == $component) && ($line = next($vevent))) { $property = parse_ical_property($line); } } $line = next($vevent); } // Get the start time because we'll need it later if (!isset($properties['DTSTART'])) { trigger_error("No DTSTART", E_USER_WARNING); } else { $booking['start_time'] = get_time($properties['DTSTART']['value'], $properties['DTSTART']['params']); } // Now go through the rest of the properties foreach ($properties as $name => $details) { switch ($name) { case 'ORGANIZER': $booking['create_by'] = get_create_by($details['value']); break; case 'SUMMARY': $booking['name'] = $details['value']; break; case 'DESCRIPTION': $booking['description'] = $details['value']; break; case 'LOCATION': $error = ''; $booking['room_id'] = get_room_id($details['value'], $error); if ($booking['room_id'] === FALSE) { $problems[] = $error; } break; case 'DTEND': $booking['end_time'] = get_time($details['value'], $details['params']); break; case 'DURATION': trigger_error("DURATION not yet supported by MRBS", E_USER_WARNING); break; case 'RRULE': $rrule_errors = array(); $repeat_details = get_repeat_details($details['value'], $booking['start_time'], $rrule_errors); if ($repeat_details === FALSE) { $problems = array_merge($problems, $rrule_errors); } else { foreach ($repeat_details as $key => $value) { $booking[$key] = $value; } } break; case 'CLASS': if (in_array($details['value'], array('PRIVATE', 'CONFIDENTIAL'))) { $booking['status'] |= STATUS_PRIVATE; } break; case 'STATUS': if ($details['value'] == 'TENTATIVE') { $booking['status'] |= STATUS_TENTATIVE; } break; case 'UID': $booking['ical_uid'] = $details['value']; break; case 'SEQUENCE': $booking['ical_sequence'] = $details['value']; break; case 'LAST-MODIFIED': // We probably ought to do something with LAST-MODIFIED and use it // for the timestamp field break; default: break; } } // If we didn't manage to work out a username then just put the booking // under the name of the current user if (!isset($booking['create_by'])) { $booking['create_by'] = getUserName(); } // A SUMMARY is optional in RFC 5545, however a brief description is mandatory // in MRBS. So if the VEVENT didn't include a name, we'll give it one if (!isset($booking['name'])) { $booking['name'] = "Imported event - no SUMMARY name"; } // On the other hand a UID is mandatory in RFC 5545. We'll be lenient and // provide one if it is missing if (!isset($booking['ical_uid'])) { $booking['ical_uid'] = generate_global_uid($booking['name']); $booking['sequence'] = 0; // and we'll start the sequence from 0 } // LOCATION is optional in RFC 5545 but is obviously mandatory in MRBS. // We could maybe have a default room on the form and use that if (!isset($booking['room_id'])) { $problems[] = get_vocab("no_LOCATION"); } if (empty($problems)) { // Get the area settings for this room, if we haven't got them already if (!isset($room_settings[$booking['room_id']])) { get_area_settings(get_area($booking['room_id'])); $room_settings[$booking['room_id']]['morningstarts'] = $morningstarts; $room_settings[$booking['room_id']]['morningstarts_minutes'] = $morningstarts_minutes; $room_settings[$booking['room_id']]['resolution'] = $resolution; } // Round the start and end times to slot boundaries $date = getdate($booking['start_time']); $m = $date['mon']; $d = $date['mday']; $y = $date['year']; $am7 = mktime($room_settings[$booking['room_id']]['morningstarts'], $room_settings[$booking['room_id']]['morningstarts_minutes'], 0, $m, $d, $y); $booking['start_time'] = round_t_down($booking['start_time'], $room_settings[$booking['room_id']]['resolution'], $am7); $booking['end_time'] = round_t_up($booking['end_time'], $room_settings[$booking['room_id']]['resolution'], $am7); // Make the bookings $bookings = array($booking); $result = mrbsMakeBookings($bookings, NULL, FALSE, $skip); if ($result['valid_booking']) { return TRUE; } } // There were problems - list them echo "<div class=\"problem_report\">\n"; echo get_vocab("could_not_import") . " UID:" . htmlspecialchars($booking['ical_uid']); echo "<ul>\n"; foreach ($problems as $problem) { echo "<li>" . htmlspecialchars($problem) . "</li>\n"; } if (!empty($result['rules_broken'])) { echo "<li>" . get_vocab("rules_broken") . "\n"; echo "<ul>\n"; foreach ($result['rules_broken'] as $rule) { echo "<li>{$rule}</li>\n"; } echo "</ul></li>\n"; } if (!empty($result['conflicts'])) { echo "<li>" . get_vocab("conflict") . "\n"; echo "<ul>\n"; foreach ($result['conflicts'] as $conflict) { echo "<li>{$conflict}</li>\n"; } echo "</ul></li>\n"; } echo "</ul>\n"; echo "</div>\n"; return FALSE; }
$returl = get_form_var('returl', 'string'); $error = get_form_var('error', 'string'); // Check the user is authorised for this page checkAuthorised(); // Also need to know whether they have admin rights $user = getUserName(); $is_admin = authGetUserLevel($user) >= 2; // You're only allowed to make repeat bookings if you're an admin // or else if $auth['only_admin_can_book_repeat'] is not set $repeats_allowed = $is_admin || empty($auth['only_admin_can_book_repeat']); $row = mrbsGetBookingInfo($id, $series); $room = $row['room_id']; $area = $row['area_id']; // Get the area settings for the entry's area. In particular we want // to know how to display private/public bookings in this area. get_area_settings($row['area_id']); // Work out whether the room or area is disabled $room_disabled = $row['room_disabled'] || $row['area_disabled']; // Get the status $status = $row['status']; // Get the creator $create_by = $row['create_by']; // Work out whether this event should be kept private $private = $row['status'] & STATUS_PRIVATE; $writeable = getWritable($row['create_by'], $user, $row['room_id']); $keep_private = is_private_event($private) && !$writeable; // Work out when the last reminder was sent $last_reminded = empty($row['reminded']) ? $row['last_updated'] : $row['reminded']; if ($series == 1) { $repeat_id = $id; // Save the repeat_id
// update the more info fields mrbsUpdateMoreInfo($id, $series, $user, $note); $result = TRUE; // We'll assume success and end an email anyway break; // ACTION = "REMIND" // ACTION = "REMIND" case 'remind': // update the last reminded time mrbsUpdateLastReminded($id, $series); $result = TRUE; // We'll assume success and end an email anyway break; default: $result = FALSE; // should not get here break; } // switch ($action) // Now send an email if required and the operation was successful if ($result && $need_to_send_mail) { // Get the area settings for this area (we will need to know if periods are enabled // so that we will kniow whether to include iCalendar information in the email) get_area_settings($data['area_id']); // Send the email $result = notifyAdminOnBooking($data, $mail_previous, $is_new_entry, $series, $start_times, $action, $note); } } // Now it's all done go back to the previous view header("Location: {$returl}"); exit;