<?php
param_to_global('id', 'int', 'old_id', 'principal_id');
$privilege_names = array('read', 'write-properties', 'write-content', 'unlock', 'read-acl', 'read-current-user-privilege-set', 'bind', 'unbind', 'write-acl', 'read-free-busy', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy');
$privilege_xlate = array('all' => translate('All privileges'), 'read' => translate('Read'), 'write-properties' => translate('Write Metadata'), 'write-content' => translate('Write Data'), 'unlock' => translate('Override a Lock'), 'read-acl' => translate('Read Access Controls'), 'read-current-user-privilege-set' => translate('Read Current User\'s Access'), 'bind' => translate('Create Events/Collections'), 'unbind' => translate('Delete Events/Collections'), 'write-acl' => translate('Write Access Controls'), 'read-free-busy' => translate('Read Free/Busy Information'), 'schedule-deliver-invite' => translate('Scheduling: Deliver an Invitation'), 'schedule-deliver-reply' => translate('Scheduling: Deliver a Reply'), 'schedule-query-freebusy' => translate('Scheduling: Query free/busy'), 'schedule-send-invite' => translate('Scheduling: Send an Invitation'), 'schedule-send-reply' => translate('Scheduling: Send a Reply'), 'schedule-send-freebusy' => translate('Scheduling: Send free/busy'), 'write' => translate('Write'), 'schedule-deliver' => translate('Scheduling: Delivery'), 'schedule-send' => translate('Scheduling: Sending'));
$can_write_principal = $session->AllowedTo('Admin') || $session->principal_id == $id;
if (!$can_write_principal && $id > 0) {
$target_principal = new Principal('principal_id', $id);
$can_write_principal = $session->HavePrivilegeTo('DAV::write', $target_principal->dav_name());
}
$delete_collection_confirmation_required = null;
$delete_principal_confirmation_required = null;
$delete_ticket_confirmation_required = null;
$delete_bind_in_confirmation_required = null;
$delete_binding_confirmation_required = null;
function handle_subaction($subaction)
{
global $session, $c, $id, $editor;
global $delete_collection_confirmation_required;
global $delete_principal_confirmation_required;
global $delete_ticket_confirmation_required;
global $delete_bind_in_confirmation_required;
global $delete_binding_confirmation_required;
dbg_error_log('admin-principal-edit', ':handle_action: Action %s', $subaction);
switch ($subaction) {
case 'delete_collection':
dbg_error_log('admin-principal-edit', ':handle_action: Deleting collection %s for principal %d', $_GET['dav_name'], $id);
if ($session->AllowedTo('Admin') || $id > 0 && $session->principal_id == $id) {
if ($session->CheckConfirmationHash('GET', 'confirm')) {
dbg_error_log('admin-principal-edit', ':handle_action: Allowed to delete collection %s for principal %d', $_GET['dav_name'], $id);
$qry = new AwlQuery('DELETE FROM collection WHERE dav_name=?;', $_GET['dav_name']);
send_dav_header();
// Avoid polluting global namespace
$allowed = implode(', ', array_keys($request->supported_methods));
// header( 'Allow: '.$allowed);
if (!($request->IsPrincipal() || isset($request->collection) || $request->method == 'PUT' || $request->method == 'MKCALENDAR' || $request->method == 'MKCOL')) {
if (preg_match('#^/principals/users(/.*/)$#', $request->path, $matches)) {
// Although this doesn't work with the iPhone, perhaps it will with iCal...
/** @todo integrate handling this URL into CalDAVRequest.php */
$redirect_url = ConstructURL('/caldav.php' . $matches[1]);
dbg_error_log('LOG WARNING', 'Redirecting %s for "%s" to "%s"', $request->method, $request->path, $redirect_url);
header('Location: ' . $redirect_url);
@ob_flush();
exit(0);
}
}
param_to_global('add_member', '.*');
$add_member = isset($add_member);
switch ($request->method) {
case 'OPTIONS':
include_once 'caldav-OPTIONS.php';
break;
case 'REPORT':
include_once 'caldav-REPORT.php';
break;
case 'PROPFIND':
include 'caldav-PROPFIND.php';
break;
case 'GET':
include 'caldav-GET.php';
break;
case 'HEAD':
}
$this->username = $principal->username();
$this->principal_id = $principal->principal_id();
$this->email = $principal->email();
$this->dav_name = $principal->dav_name();
$this->principal = $principal;
$this->logged_in = true;
}
function AllowedTo($do_something)
{
return $this->logged_in;
}
}
$session = new FakeSession();
$dest = new DAVResource($target);
$session = new FakeSession($dest->user_no());
if ($mode == 'append' && !$dest->Exists()) {
printf("The target '%s' does not exist.\n", $target);
exit(1);
}
if (!$dest->IsCollection()) {
printf("The target '%s' is not a collection.\n", $target);
exit(1);
}
$user_no = $dest->user_no();
$username = $session->username;
param_to_global('mode');
include_once 'caldav-PUT-functions.php';
controlRequestContainer($session->username, $dest->user_no(), $target, false, $dest->IsPublic() ? true : false);
import_collection($ics, $dest->user_no(), $target, $session->user_no, $mode == 'append');
printf(translate("Calendar '%s' was loaded from file.\n"), $target);
<?php
// +100 ini_set('display_errors', 'On');
// +100 error_reporting(E_ALL);
require_once './always.php';
require_once 'classEditor.php';
require_once 'classBrowser.php';
include "DAViCalSession.php";
$session->LoginRequired();
require_once 'AwlQuery.php';
param_to_global('action', '{(edit|browse)}', 'action');
param_to_global('component', '{[a-z0-9-_]+}', 't');
param_to_global('id', '{[a-z0-9-_]+}', 'id');
$c->stylesheets[] = 'css/' . $action . '.css';
if ($c->enable_row_linking) {
$c->scripts[] = 'js/browse.js';
}
require_once 'interactive-page.php';
$page_elements = array();
$code_file = sprintf('ui/%s-%s.php', $component, $action);
if (!@(include_once $code_file)) {
$c->messages[] = sprintf('No page found to %s %s%s%s', $action, $action == 'browse' ? '' : 'a ', $component, $action == 'browse' ? 's' : '');
include 'page-header.php';
include 'page-footer.php';
@ob_flush();
exit(0);
}
include 'page-header.php';
/**
* Page elements could be an array of viewers, browsers or something else
* that supports the Render() method... or a non-object which we assume is
<?php
param_to_global('principal_type', 'int', 'type');
param_to_global('principal_active', '([tf])', 'active');
$browser = new Browser(translate('Calendar Principals'));
if (isset($principal_type)) {
switch ($principal_type) {
case 1:
$browser->Title(translate('User Calendar Principals'));
break;
case 2:
$browser->Title(translate('Resource Calendar Principals'));
break;
case 3:
$browser->Title(translate('Group Principals'));
break;
}
}
$browser->AddColumn('principal_id', translate('ID'), 'right', '##principal_link##');
$browser->AddColumn('username', translate('Name'));
$rowurl = $c->base_url . '/admin.php?action=edit&t=principal&id=';
$browser->AddHidden('principal_link', "'<a href=\"{$rowurl}' || principal_id || '\">' || principal_id || '</a>'");
$browser->AddColumn('displayname', translate('Display Name'));
$browser->AddColumn('email', translate('EMail'));
$browser->AddColumn('member_of', translate('Is Member of'), '', '', 'is_member_of_list(principal_id)');
if (!isset($principal_type) || $principal_type == 3) {
$browser->AddColumn('members', translate('Has Members'), '', '', 'has_members_list(principal_id)');
}
$browser->SetOrdering('username', 'A');
$browser->SetJoins("dav_principal ");
if (isset($principal_active) && $principal_active == 'f') {
<?php
// Editor component for company records
$editor = new Editor(translate('Collection'), 'collection');
param_to_global('id', 'int', 'old_id', 'collection_id');
param_to_global('user_no', 'int');
param_to_global('principal_id', 'int');
param_to_global('collection_name', '{^.+$}');
if (isset($user_no)) {
$usr = getUserByID($user_no);
}
if (isset($principal_id)) {
$usr = getPrincipalByID($principal_id);
}
$editor->SetLookup('timezone', 'SELECT \'\', \'*** Unknown ***\' UNION SELECT tz_id, tz_locn FROM time_zone WHERE tz_id = tz_locn AND length(tz_spec) > 100 ORDER BY 1');
$editor->SetLookup('schedule_transp', 'SELECT \'opaque\', \'Opaque\' UNION SELECT \'transp\', \'Transparent\'');
$editor->AddAttribute('timezone', 'id', 'fld_timezone');
$editor->AddAttribute('schedule_transp', 'id', 'fld_schedule_transp');
$editor->AddAttribute('is_calendar', 'id', 'fld_is_calendar');
$editor->AddAttribute('is_addressbook', 'id', 'fld_is_addressbook');
$editor->AddAttribute('is_calendar', 'onclick', 'toggle_enabled(\'fld_is_calendar\',\'=fld_timezone\',\'=fld_schedule_transp\',\'!fld_is_addressbook\',\'=fld_ics_file\');');
$editor->AddAttribute('is_addressbook', 'onclick', 'toggle_enabled(\'fld_is_addressbook\',\'!fld_is_calendar\');');
$editor->AddField('use_default_privs', 'default_privileges IS NULL');
$editor->AddAttribute('use_default_privs', 'id', 'fld_use_default_privs');
$editor->AddAttribute('use_default_privs', 'onclick', 'toggle_visible(\'fld_use_default_privs\',\'!privileges_settings\');');
$editor->AddField('ics_file', "''");
$editor->AddAttribute('ics_file', 'title', translate('Upload a .ics calendar in iCalendar format to initialise or replace this calendar.'));
$editor->AddAttribute('ics_file', 'id', 'fld_ics_file');
$editor->SetWhere('collection_id=' . $id);
$privilege_names = array('read', 'write-properties', 'write-content', 'unlock', 'read-acl', 'read-current-user-privilege-set', 'bind', 'unbind', 'write-acl', 'read-free-busy', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy');
$params = array(':session_principal' => $session->principal_id, ':scan_depth' => $c->permission_scan_depth);
<?php
/**
* DAViCal Timezone Service handler
*
* @package davical
* @subpackage tzservice
* @author Andrew McMillan <*****@*****.**>
* @copyright Morphoss Ltd
* @license http://gnu.org/copyleft/gpl.html GNU GPL v3 or later
*/
require "./always.php";
require "PublicSession.php";
$session = new PublicSession();
param_to_global('action', '{[a-z_-]+}');
param_to_global('format', '{[a-z]+/[a-zA-Z0-9.+_-]+}');
param_to_global('changedsince', '{.*}', 'changesince');
param_to_global('start');
param_to_global('end');
param_to_global('lang');
$returnall = isset($_GET['returnall']);
param_to_global('tzid');
require_once 'CalDAVRequest.php';
$request = new CalDAVRequest();
$code_file = sprintf('tz/%s.php', $action);
if (!@(include_once $code_file)) {
$request->PreconditionFailed(400, "supported-action", 'The action "' . $action . '" is not understood.', 'urn:ietf:params:xml:ns:timezone-service');
}
$request->DoResponse(500, translate("The application failed to understand that request."));
<?php
param_to_global('external_active', '([tf])', 'active');
$browser = new Browser(translate('External Calendars'));
$browser->AddColumn('collection_id', translate('ID'), 'right', '##collection_link##');
$rowurl = $c->base_url . '/admin.php?action=edit&t=collection&id=';
$browser->AddHidden('collection_link', "'<a href=\"{$rowurl}' || collection_id || '\">' || collection_id || '</a>'");
$browser->AddColumn('dav_displayname', translate('Display Name'));
$browser->AddColumn('refs', translate('References'), 'right', '', '(select count(*) from dav_binding where bound_source_id=collection_id )');
$browser->SetOrdering('dav_displayname', 'A');
$browser->SetJoins("collection ");
$browser->SetWhere("parent_container='/.external/'");
$c->page_title = $browser->Title();
if ($c->enable_row_linking) {
$browser->RowFormat('<tr onMouseover="LinkHref(this,1);" title="' . htmlspecialchars(translate('Click to display user details')) . '" class="r%d">', '</tr>', '#even');
} else {
$browser->RowFormat('<tr class="r%d">', '</tr>', '#even');
}
$page_elements[] = $browser;
$externalqry = new AwlQuery("SELECT count(*) as count from collection where parent_container='/.external/' and collection_id not in ( select bound_source_id from dav_binding where external_url is not null)");
$externalqry->Exec('external-bind-url');
$external = $externalqry->Fetch();
if ($external->count > 0) {
$link = '<a href="' . $c->base_url . '/admin.php?action=edit&t=external&subaction=clean" class="submit">' . translate("Remove dangling external calendars") . '(' . $external->count . ')</a>';
$c->stylesheets[] = 'css/edit.css';
$page_elements[] = $link;
}
if (isset($c->public_freebusy_url) && $c->public_freebusy_url) {
require_once "PublicSession.php";
$session = new PublicSession();
} else {
require_once "HTTPAuthSession.php";
$session = new HTTPAuthSession();
}
/**
* Submission parameters recommended by calconnect, plus some generous alternatives
*/
param_to_global('fb_start', '#^[a-z0-9/:.,+-]+$#i', 'start', 'from');
param_to_global('fb_end', '#^[a-z0-9/:.,+-]+$#i', 'end', 'until', 'finish', 'to');
param_to_global('fb_period', '#^[+-]?P?(\\d+[WD]?)(T(\\d+H)?(\\d+M)?(\\d+S)?)?+$#', 'period');
param_to_global('fb_format', '#^\\S+/\\S+$#', 'format');
param_to_global('fb_user', '#^.*$#', 'user', 'userid', 'user_no', 'email');
param_to_global('fb_token', '#^[a-z0-9+/-]+$#i', 'token');
if (isset($fb_period)) {
$fb_period = strtoupper($fb_period);
}
if (!isset($fb_start) || $fb_start == '') {
$fb_start = date('Y-m-d\\TH:i:s', time() - 86400);
}
// no recommended default. -1 day
if (!isset($fb_period) && !isset($fb_end) || $fb_period == '' && $fb_end == '') {
$fb_period = 'P44D';
}
// 44 days - 2 days more than recommended default
/**
* If fb_user (user, userid, user_no or email parameter) then we adjust
* the path of the request to suit.
*/
