/**
* Initialize view variables and check permissions.
* @param int $view_id id for the view
*/
function view_init($view_id)
{
global $views, $error, $login;
global $ALLOW_VIEW_OTHER, $is_admin;
global $view_name, $view_type, $custom_view;
//set this to prove we in are inside a custom view page
$custom_view = true;
if ((empty($ALLOW_VIEW_OTHER) || $ALLOW_VIEW_OTHER == 'N') && !$is_admin) {
// not allowed...
send_to_preferred_view();
}
if (empty($view_id)) {
do_redirect('views.php');
}
// Find view name in $views[]
$view_name = '';
$view_type = '';
$viewcnt = count($views);
for ($i = 0; $i < $viewcnt; $i++) {
if ($views[$i]['cal_view_id'] == $view_id) {
$view_name = htmlspecialchars($views[$i]['cal_name']);
$view_type = $views[$i]['cal_view_type'];
}
}
// If view_name not found, then the specified view id does not
// belong to current user.
if (empty($view_name)) {
$error = print_not_auth(34);
}
}
* (*) required field
*
* Security:
* Must have "allow view others" enabled ($allow_view_other) in
* System Settings unless the user is an admin user ($is_admin).
* If the view is not global, the user must be owner of the view.
* If the view is global, then and user_sees_only_his_groups is
* enabled, then we remove users not in this user's groups
* (except for nonuser calendars... which we allow regardless of group).
*/
include_once 'includes/init.php';
$error = "";
$DAYS_PER_TABLE = 7;
if ($allow_view_other == "N" && !$is_admin) {
// not allowed...
send_to_preferred_view();
}
if (empty($id)) {
do_redirect("views.php");
}
// Find view name in $views[]
$view_name = "";
for ($i = 0; $i < count($views); $i++) {
if ($views[$i]['cal_view_id'] == $id) {
$view_name = $views[$i]['cal_name'];
}
}
// If view_name not found, then the specified view id does not
// belong to current user.
if (empty($view_name)) {
$error = translate("You are not authorized");
} else {
$days = "nnnnnnn";
}
$sql = "INSERT INTO webcal_entry_repeats ( cal_id, " . "cal_type, cal_end, cal_days, cal_frequency ) VALUES " . "( {$id}, '{$rpt_type}', {$end}, '{$days}', {$freq} )";
dbi_query($sql);
$msg .= "<span style=\"font-weight:bold;\">SQL:</span> {$sql}<br />\n<br />";
}
}
}
// If we were editing this event, then go back to the last view (week, day,
// month). If this is a new event, then go to the preferred view for
// the date range that this event was added to.
if (empty($error)) {
$xdate = sprintf("%04d%02d%02d", $year, $month, $day);
$user_args = empty($user) ? '' : "user={$user}";
send_to_preferred_view($xdate, $user_args);
}
print_header();
if (strlen($conflicts)) {
?>
<h2><?php
etranslate("Scheduling Conflict");
?>
</h2>
<?php
etranslate("Your suggested time of");
?>
<span style="font-weight:bold;">
<?php
if (!empty($allday) && $allday == "Y") {
if ($row[0] == $id) {
$is_my_event = true;
echo "Event # " . $id . " is already on your calendar.";
exit;
}
dbi_free_result($res);
}
// Now lets make sure the user is allowed to add the event (not private)
$sql = "SELECT cal_access FROM webcal_entry WHERE cal_id = " . $id;
$res = dbi_query($sql);
if (!$res) {
echo translate("Invalid entry id") . ": {$id}";
exit;
}
$row = dbi_fetch_row($res);
if ($row[0] == "R" && !$is_my_event) {
$is_private = true;
etranslate("This is a private event and may not be added to your calendar.");
exit;
} else {
$is_private = false;
}
// add the event
if ($readonly == "N" && !$is_my_event && !$is_private) {
if (!dbi_query("INSERT INTO webcal_entry_user ( cal_id, cal_login, cal_status ) VALUES ( {$id}, '{$login}', 'A' )")) {
$error = translate("Error adding event") . ": " . dbi_error();
}
}
}
send_to_preferred_view("", "user=" . $_GET['user']);
exit;
