function print_user_list() { global $is_admin, $is_assistant, $is_nonuser_admin, $login, $NONUSER_AT_TOP, $NONUSER_ENABLED, $single_user; if ($single_user == 'N' && $is_admin) { $userlist = user_get_users(); if ($NONUSER_ENABLED == 'Y') { $nonusers = get_nonuser_cals(); $userlist = !empty($NONUSER_AT_TOP) && $NONUSER_AT_TOP == 'Y' ? array_merge($nonusers, $userlist) : array_merge($userlist, $nonusers); } $num_users = $size = 0; $users = ''; for ($i = 0, $cnt = count($userlist); $i < $cnt; $i++) { $l = $userlist[$i]['cal_login']; $size++; $users .= ' <option value="' . $l . '"' . ($l == $login && !$is_assistant && !$is_nonuser_admin ? ' selected="selected"' : '') . '>' . $userlist[$i]['cal_fullname'] . '</option>'; } if ($size > 50) { $size = 15; } elseif ($size > 5) { $size = 5; } echo ' <tr> <td class="aligntop"><label for="caluser">' . translate('Calendar') . ':</label></td> <td> <select name="calUser" id="caluser" size="' . $size . '">' . $users . ' </select> </td> </tr>'; } }
function print_user_list() { global $single_user, $is_admin, $nonuser_enabled, $login, $is_nonuser_admin, $is_assistant; if ($single_user == "N" && $is_admin) { $userlist = get_my_users(); if ($nonuser_enabled == "Y") { $nonusers = get_nonuser_cals(); $userlist = !empty($nonuser_at_top) && $nonuser_at_top == "Y" ? array_merge($nonusers, $userlist) : array_merge($userlist, $nonusers); } $num_users = 0; $size = 0; $users = ""; for ($i = 0; $i < count($userlist); $i++) { $l = $userlist[$i]['cal_login']; $size++; $users .= "<option value=\"" . $l . "\""; if (!empty($id) && $id > 0) { if (!empty($participants[$l])) { $users .= " selected=\"selected\""; } } else { if ($l == $login && !$is_assistant && !$is_nonuser_admin) { $users .= " selected=\"selected\""; } } $users .= ">" . $userlist[$i]['cal_fullname'] . "</option>\n"; } if ($size > 50) { $size = 15; } else { if ($size > 5) { $size = 5; } } print "<tr><td style=\"vertical-align:top;\">\n"; print "<label for=\"caluser\">" . translate("Calendar") . "</label></td><td>\n"; print "<select name=\"calUser\" id=\"caluser\" size=\"{$size}\">{$users}\n"; print "</select>\n"; print "</td></tr>\n"; } }
} $can_add = $readonly == "N" || $is_admin == "Y"; if ($public_access == "Y" && $login == "__public__") { if ($public_access_can_add != "Y") { $can_add = false; } if ($public_access_others != "Y") { $user = ""; } // security precaution } if ($groups_enabled == "Y" && $user_sees_only_his_groups == "Y" && !$is_admin) { $valid_user = false; $userlist = get_my_users(); if ($nonuser_enabled == "Y") { $nonusers = get_nonuser_cals(); $userlist = array_merge($nonusers, $userlist); } for ($i = 0; $i < count($userlist); $i++) { if ($user == $userlist[$i]['cal_login']) { $valid_user = true; } } if ($valid_user == false) { $user = ""; // security precaution } } if (!empty($user)) { $u_url = "user={$user}&"; user_load_variables($user, "user_");
$error = translate("Database error") . ": " . dbi_error(); } if ($all_users) { $viewusers = array(); $users = get_my_users(); for ($i = 0; $i < count($users); $i++) { $viewusers[] = $users[$i]['cal_login']; } } else { // Make sure this user is allowed to see all users in this view // If this is a global view, it may include users that this user // is not allowed to see. if (!empty($user_sees_only_his_groups) && $user_sees_only_his_groups == 'Y') { $myusers = get_my_users(); if (!empty($nonuser_enabled) && $nonuser_enabled == "Y") { $myusers = array_merge($myusers, get_nonuser_cals()); } $userlookup = array(); for ($i = 0; $i < count($myusers); $i++) { $userlookup[$myusers[$i]['cal_login']] = 1; } $newlist = array(); for ($i = 0; $i < count($viewusers); $i++) { if (!empty($userlookup[$viewusers[$i]])) { $newlist[] = $viewusers[$i]; } } $viewusers = $newlist; } } if (count($viewusers) == 0) {
$login_url .= '?return_path=' . $login_return_path; $logout_url .= $login_url . '&action=logout'; } // Should we use another application's login/logout pages? if (substr($GLOBALS['user_inc'], 0, 9) == 'user-app-') { global $app_login_page, $app_logout_page; $logout_url = $app_logout_page; $login_url = 'login-app.php' . ($login_return_path != '' && $app_login_page['return'] != '' ? '?return_path=' . $login_return_path : ''); } if ($readonly != 'Y') { $tret .= '<br /><span class="prefix">' . $currentUserStr . ':</span> ' . (strlen($login) && $login != '__public__' ? $fullname . ' (<a title="' . $logoutStr . '" href="' . $logout_url . '">' . $logoutStr : $publicStr . ' (<a title="' . $loginStr . '" href="' . $login_url . '">' . $loginStr) . "</a>)\n"; } } // Manage Calendar links. if (!empty($NONUSER_ENABLED) && $NONUSER_ENABLED == 'Y') { $admincals = get_nonuser_cals($login); } // Make sure they have access to either month/week/day view. If they do not, // then we cannot create a URL that shows just the boss' events. So, we // would not include any of the "manage calendar of" links. $have_boss_url = true; if (!access_can_access_function(ACCESS_MONTH) && !access_can_access_function(ACCESS_WEEK) && !access_can_access_function(ACCESS_DAY)) { $have_boss_url = false; } if ($have_boss_url && ($has_boss || !empty($admincals[0]) || $is_admin && $PUBLIC_ACCESS)) { $grouplist = user_get_boss_list($login); if (!empty($admincals[0])) { $grouplist = array_merge($admincals, $grouplist); } if ($is_admin && $PUBLIC_ACCESS == 'Y') { $public = array('cal_login' => '__public__', 'cal_fullname' => $publicStr);
</table> </form> <?php } if (!empty($PUBLIC_ACCESS) && $PUBLIC_ACCESS == 'Y') { ?> <br /><br /> <a class="nav" href="index.php"> <?php etranslate('Access public calendar'); ?> </a><br /> <?php } $nulist = get_nonuser_cals(); for ($i = 0, $cnt = count($nulist); $i < $cnt; $i++) { if ($nulist[$i]['cal_is_public'] == 'Y') { ?> <a class="nav" href="nulogin.php?login=<?php echo $nulist[$i]['cal_login'] . '">' . translate('Access') . ' ' . $nulist[$i]['cal_fullname'] . ' ' . translate('calendar'); ?> </a><br /><?php } } if ($DEMO_MODE == 'Y') { // This is used on the sourceforge demo page echo 'Demo login: user = "******", password = "******"<br />'; } ?> <br /><br />
function display_unapproved_events($user) { global $public_access, $is_admin, $nonuser_enabled, $login; // Don't do this for public access login, admin user must approve public // events if ($user == "__public__") { return; } $sql = "SELECT COUNT(webcal_entry_user.cal_id) " . "FROM webcal_entry_user, webcal_entry " . "WHERE webcal_entry_user.cal_id = webcal_entry.cal_id " . "AND webcal_entry_user.cal_status = 'W' " . "AND ( webcal_entry.cal_ext_for_id IS NULL " . "OR webcal_entry.cal_ext_for_id = 0 ) " . "AND ( webcal_entry_user.cal_login = '******'"; if ($public_access == "Y" && $is_admin) { $sql .= " OR webcal_entry_user.cal_login = '******'"; } if ($nonuser_enabled == 'Y') { $admincals = get_nonuser_cals($login); for ($i = 0; $i < count($admincals); $i++) { $sql .= " OR webcal_entry_user.cal_login = '******'cal_login'] . "'"; } } $sql .= " )"; //print "SQL: $sql<br />\n"; $res = dbi_query($sql); if ($res) { if ($row = dbi_fetch_row($res)) { if ($row[0] > 0) { $str = translate("You have XXX unapproved events"); } $str = str_replace("XXX", $row[0], $str); echo "<a class=\"nav\" href=\"list_unapproved.php"; if ($user != $login) { echo "?user={$user}\""; } echo "\">" . $str . "</a><br />\n"; } dbi_free_result($res); } }
function get_my_nonusers($user = '', $add_public = false, $reason = 'invite') { global $GROUPS_ENABLED, $is_admin, $is_nonuser, $is_nonuser_admin, $login, $my_nonuser_array, $my_user_array, $PUBLIC_ACCESS, $PUBLIC_ACCESS_FULLNAME, $USER_SEES_ONLY_HIS_GROUPS, $USER_SORT_ORDER; $this_user = empty($user) ? $login : $user; // Return the global variable (cached). if (!empty($my_nonuser_array[$this_user . $add_public]) && is_array($my_nonuser_array)) { return $my_nonuser_array[$this_user . $add_public]; } $u = get_nonuser_cals(); if ($GROUPS_ENABLED == 'Y' && $USER_SEES_ONLY_HIS_GROUPS == 'Y' && !$is_admin) { // Get current user's groups. $rows = dbi_get_cached_rows('SELECT cal_group_id FROM webcal_group_user WHERE cal_login = ?', array($this_user)); $groups = $ret = $u_byname = array(); if ($rows) { for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) { $row = $rows[$i]; $groups[] = $row[0]; } } $groupcnt = count($groups); // Nonuser (public) can only see themself (unless access control is on). if ($is_nonuser && !access_is_enabled()) { return array($this_user); } for ($i = 0, $cnt = count($u); $i < $cnt; $i++) { $u_byname[$u[$i]['cal_login']] = $u[$i]; } if ($groupcnt == 0) { // Eek. User is in no groups... Return only themselves. if (isset($u_byname[$this_user])) { $ret[] = $u_byname[$this_user]; } $my_nonuser_array[$this_user . $add_public] = $ret; return $ret; } // Get other members of current users' groups. $sql = 'SELECT DISTINCT( wnc.cal_login ), cal_lastname, cal_firstname, cal_is_public FROM webcal_group_user wgu, webcal_nonuser_cals wnc WHERE ' . ($add_public ? 'wnc.cal_is_public = \'Y\' OR ' : '') . ' cal_admin = ? OR ( wgu.cal_login = wnc.cal_login AND cal_group_id '; if ($groupcnt == 1) { $sql .= '= ? )'; } else { // Build count ( $groups ) placeholders separated with commas. $placeholders = ''; for ($p_i = 0; $p_i < $groupcnt; $p_i++) { $placeholders .= $p_i == 0 ? '?' : ', ?'; } $sql .= "IN ( {$placeholders} ) )"; } // Add $this_user to beginning of query params. array_unshift($groups, $this_user); $rows = dbi_get_cached_rows($sql . ' ORDER BY ' . (empty($USER_SORT_ORDER) ? '' : "{$USER_SORT_ORDER}"), $groups); if ($rows) { for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) { $row = $rows[$i]; if (isset($u_byname[$row[0]])) { $ret[] = $u_byname[$row[0]]; } } } } else { // Groups not enabled... return all nonusers. $ret = $u; } // We add Public Access if $add_public= true. // Admin already sees all users. if (!$is_admin && $add_public && $PUBLIC_ACCESS == 'Y') { $pa = user_get_users(true); array_unshift($ret, $pa[0]); } // If user access control enabled, // remove any nonusers that this user does not have required access. if (access_is_enabled()) { $newlist = array(); for ($i = 0, $cnt = count($ret); $i < $cnt; $i++) { $can_list = access_user_calendar($reason, $ret[$i]['cal_login'], $this_user); if ($can_list == 'Y' || $can_list > 0) { $newlist[] = $ret[$i]; } } $ret = $newlist; } $my_nonuser_array[$this_user . $add_public] = $ret; return $ret; }
if (!$is_admin) { echo "<h2>" . translate("Error") . "</h2>\n" . translate("You are not authorized") . ".\n"; echo "</body>\n</html>"; exit; } if (!$NONUSER_PREFIX) { echo "<h2>" . translate("Error") . "</h2>\n" . translate("NONUSER_PREFIX not set") . ".\n"; echo "</body>\n</html>"; exit; } $add = getValue("add"); ?> <a name="tabnonusers"></a> <div id="tabscontent_nonusers"> <?php if (empty($error)) { echo "<a title=\"" . translate("Add New NonUser Calendar") . "\" href=\"edit_nonusers.php?add=1\" target=\"nonusersiframe\" onclick=\"javascript:show('nonusersiframe');\">" . translate("Add New NonUser Calendar") . "</a><br />\n"; // Displaying NonUser Calendars $userlist = get_nonuser_cals(); if (!empty($userlist)) { echo "<ul>"; for ($i = 0; $i < count($userlist); $i++) { echo "<li><a title=\"" . $userlist[$i]['cal_fullname'] . "\" href=\"edit_nonusers.php?nid=" . $userlist[$i]["cal_login"] . "\" target=\"nonusersiframe\" onclick=\"javascript:show('nonusersiframe');\">" . $userlist[$i]['cal_fullname'] . "</a></li>\n"; } echo "</ul>"; } } echo "<iframe name=\"nonusersiframe\" id=\"nonusersiframe\" style=\"width:90%;border-width:0px; height:250px;\"></iframe>"; ?> </div>
<img src="images/help.gif" alt="{$helpStr}" class="help" onclick="window.open( 'help_layers.php','cal_help','dependent,menubar,scrollbars,height=400,width=400,innerHeight=420,outerWidth=420' );" /> </h2> <form action="edit_layer_handler.php" method="post" onsubmit="return valid_form( this );" name="prefform">{$hiddenStr} <table cellspacing="2" cellpadding="3"> EOT; if ($single_user == 'N') { $otherlist = $userlist = get_my_users('', 'view'); if ($NONUSER_ENABLED == 'Y') { // Restrict NUC list if groups are enabled. $nonusers = get_my_nonusers($login, true, 'view'); $userlist = $NONUSER_AT_TOP == 'Y' ? array_merge($nonusers, $userlist) : array_merge($userlist, $nonusers); } if ($REMOTES_ENABLED == 'Y') { $remotes = get_nonuser_cals($login, true); $userlist = $NONUSER_AT_TOP == 'Y' ? array_merge($remotes, $userlist) : array_merge($userlist, $remotes); } $num_users = $osize = $size = 0; $others = $users = ''; for ($i = 0, $cnt = count($userlist); $i < $cnt; $i++) { if ($userlist[$i]['cal_login'] != $layer_user) { $size++; $users .= ' <option value="' . $userlist[$i]['cal_login'] . '"' . (!empty($layers[$id]['cal_layeruser']) && $layers[$id]['cal_layeruser'] == $userlist[$i]['cal_login'] ? ' selected="selected"' : '') . '>' . $userlist[$i]['cal_fullname'] . '</option>'; } } for ($i = 0, $cnt = count($otherlist); $i < $cnt; $i++) { if ($otherlist[$i]['cal_login'] != $layer_user) { $osize++; $others .= '
$newRemoteStr = translate('Add New Remote Calendar'); $targetStr = 'target="remotesiframe" onclick="showFrame( \'remotesiframe\' );">'; if (!$NONUSER_PREFIX) { echo print_error_header() . translate('NONUSER_PREFIX not set') . ' </body> </html>'; exit; } $add = getValue('add'); echo ' <a name="tabnonusers"></a> <div id="tabscontent_remotes">'; if (empty($error)) { echo ' <a title="' . $newRemoteStr . '" href="edit_remotes.php?add=1"' . $targetStr . $newRemoteStr . '</a><br />'; // Displaying Remote Calendars $userlist = get_nonuser_cals($login, true); if (!empty($userlist)) { echo ' <ul>'; for ($i = 0, $cnt = count($userlist); $i < $cnt; $i++) { echo ' <li><a title="' . $userlist[$i]['cal_fullname'] . '" href="edit_remotes.php?nid=' . $userlist[$i]['cal_login'] . '"' . $targetStr . $userlist[$i]['cal_fullname'] . '</a></li>'; } echo ' </ul>'; } } echo ' <iframe name="remotesiframe" id="remotesiframe" style="width: 90%; ' . 'border: 0; height: 250px;"></iframe> </div>';
function get_users_to_approve() { global $is_admin, $login, $NONUSER_ENABLED, $PUBLIC_ACCESS, $user; $app_user_hash = $app_users = $my_non_users = array(); $non_users = get_nonuser_cals(); foreach ($non_users as $nonuser) { if (user_is_nonuser_admin($login, $nonuser['cal_login'])) { $my_non_users[]['cal_login'] = $nonuser['cal_login']; // echo $nonuser['cal_login'] . "<br />"; } } // First, we list ourself. $app_users[] = $login; $app_user_hash[$login] = 1; if (access_is_enabled()) { $all = !empty($NONUSER_ENABLED) && $NONUSER_ENABLED == 'Y' ? array_merge(get_my_users(), $my_non_users) : get_my_users(); for ($j = 0, $cnt = count($all); $j < $cnt; $j++) { $x = $all[$j]['cal_login']; if (access_user_calendar('approve', $x)) { if (empty($app_user_hash[$x])) { $app_users[] = $x; $app_user_hash[$x] = 1; } } } } else { if ($is_admin && $PUBLIC_ACCESS == 'Y' && (empty($user) || $user != '__public__')) { $app_users[] = '__public__'; $app_users_hash['__public__'] = 1; } $all = $my_non_users; for ($j = 0, $cnt = count($all); $j < $cnt; $j++) { $x = $all[$j]['cal_login']; if (empty($app_user_hash[$x])) { $app_users[] = $x; $app_user_hash[$x] = 1; } } } return $app_users; }