/**
* Initialize view variables and check permissions.
* @param int $view_id id for the view
*/
function view_init($view_id)
{
global $views, $error, $login;
global $ALLOW_VIEW_OTHER, $is_admin;
global $view_name, $view_type, $custom_view;
//set this to prove we in are inside a custom view page
$custom_view = true;
if ((empty($ALLOW_VIEW_OTHER) || $ALLOW_VIEW_OTHER == 'N') && !$is_admin) {
// not allowed...
send_to_preferred_view();
}
if (empty($view_id)) {
do_redirect('views.php');
}
// Find view name in $views[]
$view_name = '';
$view_type = '';
$viewcnt = count($views);
for ($i = 0; $i < $viewcnt; $i++) {
if ($views[$i]['cal_view_id'] == $view_id) {
$view_name = htmlspecialchars($views[$i]['cal_name']);
$view_type = $views[$i]['cal_view_type'];
}
}
// If view_name not found, then the specified view id does not
// belong to current user.
if (empty($view_name)) {
$error = print_not_auth(34);
}
}
function redirect_away()
{
if (array_key_exists('return', $_GET)) {
do_redirect($_GET['return']);
} else {
do_redirect('');
}
# index.php
exit;
}
//check if form submitted
if (!isset($_POST['email'])) {
return false;
}
//variables not set yet
//get variables
$email = set_post('email', '');
if (empty($email) || !email_is_valid($email)) {
notices_set('Invalid email.', 'error');
return false;
}
//check if it is valid
$sql = sql_query(" SELECT id FROM `users` WHERE email='{$email}' LIMIT 1 ");
if (sql_count($sql) <= 0) {
notices_set('Invalid email.', 'error');
return false;
}
$data = sql_fetch($sql);
//create code
$confirm = confirm_token_create($email);
//delete all tokens for that email
sql_query(" DELETE FROM `password_reset` WHERE user='******'id']}' LIMIT 1 ");
//insert
sql_query(" INSERT INTO `password_reset` (user, token) VALUES('{$data['id']}' , '{$confirm}') \n\t\t\tON DUPLICATE KEY UPDATE token='{$confirm}' ");
//send email
email_send('password_reset', 'Planling Password Reset', array($email => $email), array('{{%LINK%}}' => 'http://' . MAIN_URL . '/password?e=' . $email . '&t=' . $confirm));
//set message
notices_set('Instructions on how to reset your password has been sent to <strong>' . $email . '</strong>.', 'success');
//redirect user
do_redirect();
<?php
require 'inc.bootstrap.php';
if ( is_logged_in(false) && isset($_SESSION['series']) ) {
unset($_SESSION['series']);
}
do_redirect('login');
// $icon_props = getimagesize ( $file['tmp_name'] );
// print_r ($icon_props );
$path_parts = pathinfo($_SERVER['SCRIPT_FILENAME']);
$fullIcon = $path_parts['dirname'] . '/' . $icon_path . 'cat-' . $id . '.gif';
renameIcon($id);
$file_result = move_uploaded_file($file['tmp_name'], $fullIcon);
// echo "Upload Result:" . $file_result;
} else {
if ($file['size'] > $icon_max_size) {
$error = translate('File size exceeds maximum.');
} else {
if ($file['type'] != 'image/gif') {
$error = translate('File is not a gif image.');
}
}
}
}
// Copy icon if local file specified.
$urlname = getPostvalue('urlname');
if (!empty($urlname) && file_exists($icon_path . $urlname)) {
copy($icon_path . $urlname, $icon_path . 'cat-' . $id . '.gif');
}
}
}
}
}
if (empty($error)) {
do_redirect('category.php');
}
print_header();
echo print_error($error) . print_trailer();
<?php
include_once 'includes/init.php';
$USERS_PER_TABLE = 6;
if ($allow_view_other == "N" && !$is_admin) {
// not allowed...
do_redirect("{$STARTVIEW}.php");
}
// Find view name in $views[]
$view_name = "";
for ($i = 0; $i < count($views); $i++) {
if ($views[$i]['cal_view_id'] == $id) {
$view_name = $views[$i]['cal_name'];
}
}
$INC = array('js/popups.php');
print_header($INC);
// Initialise la date au premier du mois en cours
if ($timeb == 0) {
$date = substr($date, 0, 6) . "01";
}
set_today($date);
// Week timebar
if ($timeb == 1) {
$next = mktime(3, 0, 0, $thismonth, $thisday + 7, $thisyear);
} else {
$next = mktime(3, 0, 0, $thismonth + 1, $thisday, $thisyear);
}
$nextyear = date("Y", $next);
$nextmonth = date("m", $next);
$nextday = date("d", $next);
* event as deleted.
*
* Security:
* Events will only be deleted if they were created by the selected
* user. Events where the user was a participant (but not did not
* create) will remain unchanged.
*
*/
include_once 'includes/init.php';
require_valide_referring_url();
// Set this to true do show the SQL at the bottom of the page
$purgeDebug = false;
$sqlLog = '';
if (!$is_admin) {
// must be admin...
do_redirect('index.php');
exit;
}
$ALL = 0;
$previewStr = translate('Preview');
$allStr = translate('All');
$purgingStr = translate('Purging events for');
$deleteStr = translate('Delete');
$delete = getPostValue('delete');
$do_purge = false;
if (!empty($delete)) {
$do_purge = true;
}
$purge_all = getPostValue('purge_all');
$purge_deleted = getPostValue('purge_deleted');
$end_year = getPostValue('end_year');
if ($send_user_mail == "Y" && strlen($tempemail) && $send_email != "N") {
if ($GLOBALS['LANGUAGE'] != $user_language && !empty($user_language) && $user_language != 'none') {
reset_language($user_language);
}
$msg = translate("Hello") . ", " . $tempfullname . ".\n\n" . translate("An appointment has been rejected by") . " " . $login_fullname . ". " . translate("The subject was") . " \"" . $name . " \"\n" . translate("The description is") . " \"" . $description . "\"\n" . translate("Date") . ": " . date_to_str($fmtdate) . "\n" . (empty($hour) && empty($minute) ? "" : translate("Time") . ": " . display_time($hour * 10000 + $minute * 100)) . "\n\n\n";
if (!empty($server_url)) {
$url = $server_url . "view_entry.php?id=" . $id;
$msg .= "\n\n" . $url;
}
$from = $email_fallback_from;
if (strlen($login_email)) {
$from = $login_email;
}
$extra_hdrs = "From: {$from}\r\nX-Mailer: " . translate("Title");
mail($tempemail, translate($application_name) . " " . translate("Notification") . ": " . $name, html_to_8bits($msg), $extra_hdrs);
activity_log($id, $login, $partlogin[$i], $LOG_NOTIFICATION, "Event rejected by {$app_user}");
}
}
}
if (empty($error)) {
if ($ret == "list") {
do_redirect("list_unapproved.php?user={$app_user}");
} else {
do_redirect("view_entry.php?id={$id}&user={$app_user}");
}
exit;
}
print_header();
echo "<h2>" . translate("Error") . "</h2>\n";
echo "<p>" . $error . "</p>\n";
print_trailer();
if ($event_owner == $login || user_is_assistant($login, $event_owner)) {
$can_delete = true;
}
}
dbi_free_result($res);
}
}
if (empty($error) && !$can_delete) {
$error = print_not_auth(6);
}
if (empty($error) && $can_delete) {
if (!dbi_execute('DELETE FROM webcal_blob WHERE cal_blob_id = ?', array($blid))) {
$error = db_error();
} else {
if ($event_id > 0) {
$removeStr = translate('Removed');
if ($type == 'A') {
activity_log($event_id, $login, $login, LOG_ATTACHMENT, $removeStr . ': ' . $name);
} elseif ($type == 'C') {
activity_log($event_id, $login, $login, LOG_COMMENT, $removeStr);
}
}
if ($event_id > 0) {
do_redirect('view_entry.php?id=' . $event_id);
}
do_redirect(get_preferred_view());
}
}
// Some kind of error...
print_header();
echo print_error($error) . print_trailer();
function send_to_preferred_view($indate = '', $args = '')
{
do_redirect(get_preferred_view($indate, $args));
}
if ($res) {
$row = dbi_fetch_row($res);
$name = $row[0];
dbi_free_result($res);
}
for ($i = 0; $i < count($partlogin); $i++) {
// does this user want email for this?
$send_user_mail = get_pref_setting($partlogin[$i], "EMAIL_EVENT_REJECTED");
user_load_variables($partlogin[$i], "temp");
if ($send_user_mail == "Y" && strlen($tempemail) && $send_email != "N") {
$fmtdate = sprintf("%04d%02d%02d", $year, $month, $day);
$msg = translate("Hello") . ", " . $tempfullname . ".\n\n" . translate("An appointment has been rejected by") . " " . $login_fullname . ". " . translate("The subject was") . " \"" . $name . " \"\n" . translate("The description is") . " \"" . $description . "\"\n" . translate("Date") . ": " . date_to_str($fmtdate) . "\n" . (empty($hour) && empty($minute) ? "" : translate("Time") . ": " . display_time($hour * 10000 + $minute * 100)) . "\n\n\n";
if (!empty($server_url)) {
$url = $server_url . "view_entry.php?id=" . $id;
$msg .= "\n\n" . $url;
}
$from = $email_fallback_from;
if (strlen($login_email)) {
$from = $login_email;
}
$extra_hdrs = "From: {$from}\nX-Mailer: " . translate("Title");
mail($tempemail, translate($application_name) . " " . translate("Notification") . ": " . $name, html_to_8bits($msg), $extra_hdrs);
activity_log($id, $login, $partlogin[$i], $LOG_NOTIFICATION, "Event rejected by {$app_user}");
}
}
}
if ($ret == "list") {
do_redirect("list_unapproved.php");
} else {
do_redirect("view_entry.php?id={$id}");
}
// The source code packaged with this file is Free Software, Copyright (C) 2012 by
// Ricardo Galli <gallir at gallir dot com>.
// It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise.
// You can get copies of the licenses here:
// http://www.affero.org/oagpl.html
// AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING".
// Use the alternate server for api, if it exists
//$globals['alternate_db_server'] = 'backend';
include '../config.php';
$db->connect_timeout = 3;
if (!$current_user->user_id) {
die;
}
if (!empty($_GET['redirect'])) {
do_redirect($_GET['redirect']);
exit(0);
}
header('Content-Type: application/json; charset=utf-8');
http_cache(5);
$notifications = new stdClass();
$notifications->posts = (int) Post::get_unread_conversations($current_user->user_id);
$notifications->comments = (int) Comment::get_unread_conversations($current_user->user_id);
$notifications->privates = (int) PrivateMessage::get_unread($current_user->user_id);
$notifications->friends = count(User::get_new_friends($current_user->user_id));
$notifications->total = $notifications->posts + $notifications->privates + $notifications->friends + $notifications->comments;
echo json_encode($notifications);
function do_redirect($type)
{
global $globals, $current_user;
$url = '/';
$page = get_preferred_view();
if (access_can_view_page($page)) {
send_to_preferred_view();
} else {
// User's preferences need to be updated to their preferred view.
if (access_can_access_function(ACCESS_PREFERENCES)) {
do_redirect('pref.php');
}
// User does not have access to preferences...
// So, we need to pick another page.
if (access_can_access_function(ACCESS_WEEK)) {
do_redirect('week.php');
} elseif (access_can_access_function(ACCESS_MONTH)) {
do_redirect('month.php');
} elseif (access_can_access_function(ACCESS_DAY)) {
do_redirect('day.php');
} elseif (access_can_access_function(ACCESS_YEAR)) {
do_redirect('year.php');
}
// At this point, this user cannot view the preferred view in their
// preferences (and they cannot update their preferences), and they cannot
// view any of the standard day/week/month/year pages. All that's left is a
// custom view that is either created by them or a global view.
if (count($views) > 0) {
do_redirect($views[0]['url']);
}
// No views either? You gotta be kidding me! ;-)
}
} else {
do_redirect('month.php');
}
} else {
$error = translate("Database error") . ": " . dbi_error();
}
}
}
# update user list
if ($error == "") {
dbi_query("DELETE FROM webcal_group_user WHERE cal_group_id = {$id}");
for ($i = 0; $i < count($users); $i++) {
dbi_query("INSERT INTO webcal_group_user ( cal_group_id, cal_login ) " . "VALUES ( {$id}, '{$users[$i]}' )");
}
}
}
}
if ($error == "") {
do_redirect("groups.php");
}
?>
<HTML>
<HEAD>
<TITLE><?php
etranslate($application_name);
?>
</TITLE>
<?php
include "includes/styles.php";
?>
</HEAD>
<BODY BGCOLOR="<?php
echo $BGCOLOR;
?>
/**
* Sends a redirect to the user's preferred view.
*
* The user's preferred view is stored in the $STARTVIEW global variable. This
* is loaded from the user preferences (or system settings if there are no user
* prefererences.)
*
* @param string $indate Date to pass to preferred view in YYYYMMDD format
* @param string $args Arguments to include in the URL (such as "user=joe")
*/
function send_to_preferred_view($indate = "", $args = "")
{
$url = get_preferred_view($indate, $args);
do_redirect($url);
}
$redir = "?date={$thisdate}";
}
if ($user != "") {
if ($redir != "") {
$redir .= "&";
}
$redir .= "user={$user}";
}
$url = "{$STARTVIEW}.php" . $redir;
}
}
if (empty($error)) {
if ($is_assistant || $is_nonuser_admin) {
$url = $url . (strpos($url, "?") === false ? "?" : "&") . "user={$user}";
}
do_redirect($_SESSION['referer']);
$_SESSION['referer'] = '';
exit;
}
print_header();
?>
<h2><?php
etranslate("Error");
?>
</h2>
<blockquote>
<?php
echo $error;
?>
</blockquote>
}
if (strlen($value) > 0) {
$sql = "INSERT INTO webcal_config " . "( cal_setting, cal_value ) VALUES " . "( '{$setting}', '{$value}' )";
if (!dbi_query($sql)) {
$error = translate("Error") . ": " . dbi_error() . "<br /><br /><span style=\"font-weight:bold;\">SQL:</span> {$sql}";
break;
}
}
}
}
}
if (empty($error)) {
if (empty($ovrd)) {
do_redirect("admin.php");
} else {
do_redirect("admin.php?ovrd={$ovrd}");
}
}
print_header();
?>
<h2><?php
etranslate("Error");
?>
</h2>
<?php
etranslate("The following error occurred");
?>
:
<blockquote>
} else {
// Check for cookie...
if (!empty($webcalendar_session)) {
$encoded_login = $webcalendar_session;
if (empty($encoded_login)) {
// invalid session cookie
$session_not_found = true;
} else {
$login_pw = split('\\|', decode_string($encoded_login));
$login = $login_pw[0];
$cryptpw = $login_pw[1];
// make sure we are connected to the database for password check
$c = dbi_connect($db_host, $db_login, $db_password, $db_database);
if (!$c) {
echo "Error connecting to database:<BLOCKQUOTE>" . dbi_error() . "</BLOCKQUOTE>\n";
exit;
}
if (!user_valid_crypt($login, $cryptpw)) {
do_debug("User not logged in; redirecting to login page");
if (empty($login_return_path)) {
do_redirect("login.php");
} else {
do_redirect("login.php?return_path={$login_return_path}");
}
}
do_debug("Decoded login from cookie: {$login}");
}
}
}
}
}
}
exit;
}
// reset one show
else if ( isset($_GET['resetshow']) ) {
if ( $show = Show::get($_GET['resetshow']) ) {
// delete seasons/episodes
$db->delete('seasons', array('series_id' => $_GET['resetshow']));
// delete tvdb series id
$db->update('series', array('tvdb_series_id' => 0, 'changed' => time()), array('id' => $_GET['resetshow']));
}
return do_redirect('index');
}
// keep db hot
else if ( isset($_GET['keepalive']) ) {
$db->delete('variables', array('name' => 'keepalive'));
$db->insert('variables', array('name' => 'keepalive', 'value' => time()));
exit('OK');
}
// lazy/async load inactive shows
else if ( isset($_GET['inactive']) ) {
require 'tpl.shows.php';
exit;
}
}
if (empty($error) && !dbi_query("INSERT INTO webcal_report_template " . "( cal_report_id, cal_template_type, cal_template_text ) VALUES ( " . "{$report_id}, 'P', '{$page_template}' )")) {
$error = translate("Database error") . ": " . dbi_error();
}
if (empty($error) && !dbi_query("INSERT INTO webcal_report_template " . "( cal_report_id, cal_template_type, cal_template_text ) VALUES ( " . "{$report_id}, 'D', '{$day_template}' )")) {
$error = translate("Database error") . ": " . dbi_error();
}
if (empty($error) && !dbi_query("INSERT INTO webcal_report_template " . "( cal_report_id, cal_template_type, cal_template_text ) VALUES ( " . "{$report_id}, 'E', '{$event_template}' )")) {
$error = translate("Database error") . ": " . dbi_error();
}
}
if (empty($error)) {
if ($updating_public) {
do_redirect("report.php?public=1");
} else {
do_redirect("report.php");
}
exit;
}
print_header();
?>
<h2><?php
etranslate("Error");
?>
</h2>
<blockquote>
<?php
echo htmlentities($error);
?>
</blockquote>
<?php
/* $Id: assistant_edit.php,v 1.38 2007/07/28 19:21:57 bbannon Exp $ */
include_once 'includes/init.php';
if (empty($login) || $login == '__public__') {
// Do not allow public access.
do_redirect(empty($STARTVIEW) ? 'month.php' : "{$STARTVIEW}");
exit;
}
if ($user != $login) {
$user = ($is_admin || $is_nonuser_admin) && $user ? $user : $login;
}
print_header($GROUPS_ENABLED == 'Y' ? array('js/assistant_edit.php/true') : '');
ob_start();
echo '
<form action="assistant_edit_handler.php" method="post" ' . 'name="assistanteditform">' . ($user ? '
<input type="hidden" name="user" value="' . $user . '" />' : '') . '
<h2>';
$assistStr = translate('Assistants');
if ($is_nonuser_admin) {
nonuser_load_variables($user, 'nonuser');
echo $nonuserfullname . ' ' . $assistStr . '<br />
-- ' . translate('Admin mode') . ' --';
} else {
echo translate('Your assistants');
}
echo '</h2>
' . display_admin_link() . '
<table>
<tr>
<td class="aligntop"><label for="users">' . $assistStr . ':</label></td>
if ($public_access_can_add != 'Y') {
// do not allow add
if (strstr($PHP_SELF, "edit_entry.php") || strstr($PHP_SELF, "edit_entry_handler.php")) {
$not_auth = true;
}
}
}
if (empty($is_admin) || !$is_admin) {
if (strstr($PHP_SELF, "admin.php") || strstr($PHP_SELF, "admin_handler.php") || strstr($PHP_SELF, "groups.php") || strstr($PHP_SELF, "group_edit.php") || strstr($PHP_SELF, "group_edit_handler.php") || strstr($PHP_SELF, "edit_template.php") || strstr($PHP_SELF, "activity_log.php")) {
$not_auth = true;
}
}
// restrict access if calendar is read-only
if ($readonly == "Y") {
if (strstr($PHP_SELF, "activity_log.php") || strstr($PHP_SELF, "adminhome.php") || strstr($PHP_SELF, "admin.php") || strstr($PHP_SELF, "approve_entry.php") || strstr($PHP_SELF, "category_handler.php") || strstr($PHP_SELF, "category.php") || strstr($PHP_SELF, "del_entry.php") || strstr($PHP_SELF, "edit_report_handler.php") || strstr($PHP_SELF, "edit_report.php") || strstr($PHP_SELF, "edit_template.php") || strstr($PHP_SELF, "edit_user_handler.php") || strstr($PHP_SELF, "edit_user.php") || strstr($PHP_SELF, "group_edit_handler.php") || strstr($PHP_SELF, "groups.php") || strstr($PHP_SELF, "import_handler.php") || strstr($PHP_SELF, "import_handler.php") || strstr($PHP_SELF, "import.php") || strstr($PHP_SELF, "layers.php") || strstr($PHP_SELF, "layer_toggle.php") || strstr($PHP_SELF, "list_unapproved.php") || strstr($PHP_SELF, "pref_handler.php") || strstr($PHP_SELF, "pref.php") || strstr($PHP_SELF, "pref_handler.php") || strstr($PHP_SELF, "purge.php") || strstr($PHP_SELF, "reject_entry.php") || strstr($PHP_SELF, "set_entry_cat.php") || strstr($PHP_SELF, "users.php") || strstr($PHP_SELF, "views_edit_handler.php") || strstr($PHP_SELF, "views.php")) {
$not_auth = true;
}
}
// We can't call translate() here because translate.php gets loaded
// after this include file :-(
// So, instead of an error message that may be in the wrong language,
// just redirect to some other page.
if ($not_auth) {
/*
echo "<html>\n<head>\n<title>" . translate($application_name) . " " .
translate("Error") . "</title>\n</head>\n<body>\n";
echo "<h2>" . translate ( "Error" ) . "</h2>\n" .
translate ( "You are not authorized" );
*/
do_redirect("week.php");
}
<?php
include_once $gfplugins . 'webcalendar/www/includes/init.php';
if (empty($login) || $login == "__public__") {
// do not allow public access
do_redirect(empty($STARTVIEW) ? "month.php" : "{$STARTVIEW}");
exit;
}
if ($user != $login) {
$user = ($is_admin || $is_nonuser_admin) && $user ? $user : $login;
}
if ($groups_enabled == "Y") {
$INC = array('js/assistant_edit.php');
} else {
$INC = '';
}
print_header($INC);
?>
<form action="assistant_edit_handler.php" method="post" name="assistanteditform">
<?php
if ($user) {
echo "<input type=\"hidden\" name=\"user\" value=\"{$user}\" />\n";
}
if ($is_nonuser_admin) {
nonuser_load_variables($user, "nonuser");
echo "<h2>" . $nonuserfullname . " " . translate("Assistants") . "<br />\n-- " . translate("Admin mode") . " --</h2>\n";
} else {
echo "<h2>" . translate("Your assistants") . "</h2>\n";
}
?>
exit_error("Error", "First activate the $pluginname plugin through the Project's Admin Interface");
}
$userperm = $group->getPermission($user);//we´ll check if the user belongs to the group
if ( !$userperm->IsMember()) {
exit_error("Access Denied", "You are not a member of this project");
}
//only project admin can access here
if ( $userperm->isAdmin() ) {
webcalendar_Project_Header(array('title'=>$pluginname . ' Project Plugin!','pagename'=>"$pluginname",'sectionvals'=>array(group_getname($id))));
// DO THE STUFF FOR THE PROJECT ADMINISTRATION PART HERE
echo "We are in the Project webcalendar plugin <font color=\"#ff0000\">ADMINISTRATION</font> <br>";
echo "Greetings from planet " . $world; // $world comes from the config file in /etc
} else {
exit_error("Access Denied", "You are not a project Admin");
}
}
}
*/
include_once $gfplugins . 'webcalendar/www/includes/init.php';
// If not yet logged in, you will be redirected to login.php before
// we get to this point (by connect.php included above)
if (!empty($STARTVIEW)) {
send_to_preferred_view();
} else {
do_redirect("month.php");
}
site_project_footer(array());
// Local Variables:
// mode: php
// c-file-style: "bsd"
// End:
$res = dbi_query("SELECT MAX(cal_layerid) FROM webcal_user_layers");
if ($res) {
$row = dbi_fetch_row($res);
$layerid = $row[0] + 1;
} else {
$layerid = 1;
}
dbi_query("INSERT INTO webcal_user_layers ( " . "cal_layerid, cal_login, cal_layeruser, cal_color, cal_dups ) " . "VALUES ('{$layerid}', '{$layer_user}', '{$layeruser}', " . "'{$layercolor}', '{$dups}')");
}
}
}
if ($error == "") {
if ($updating_public) {
do_redirect("layers.php?public=1");
} else {
do_redirect("layers.php");
}
exit;
}
print_header();
?>
<h2><?php
etranslate("Error");
?>
</h2>
<blockquote>
<?php
echo $error;
?>
</blockquote>
$time = $row[3];
dbi_free_result($res);
}
if ($time != '-1') {
$hour = substr($time, 0, 2);
$minute = substr($time, 2, 2);
}
for ($i = 0; $i < count($partlogin); $i++) {
// does this user want email for this?
$send_user_mail = get_pref_setting($partlogin[$i], "EMAIL_EVENT_REJECTED");
user_load_variables($partlogin[$i], "temp");
if ($send_user_mail == "Y" && strlen($tempemail) && $send_email != "N") {
$msg = translate("Hello") . ", " . $tempfullname . ".\n\n" . translate("An appointment has been rejected by") . " " . $login_fullname . ". " . translate("The subject was") . " \"" . $name . " \"\n" . translate("The description is") . " \"" . $description . "\"\n" . translate("Date") . ": " . date_to_str($fmtdate) . "\n" . (empty($hour) && empty($minute) ? "" : translate("Time") . ": " . display_time($hour * 10000 + $minute * 100)) . "\n\n\n";
if (!empty($server_url)) {
$url = $server_url . "view_entry.php?id=" . $id;
$msg .= "\n\n" . $url;
}
$from = $email_fallback_from;
if (strlen($login_email)) {
$from = $login_email;
}
$extra_hdrs = "From: {$from}\r\nX-Mailer: " . translate("Title");
mail($tempemail, translate($application_name) . " " . translate("Notification") . ": " . $name, html_to_8bits($msg), $extra_hdrs);
activity_log($id, $login, $partlogin[$i], $LOG_NOTIFICATION, "Event rejected by {$app_user}");
}
}
}
//if ( $ret == "list" )
do_redirect("list_unapproved.php?user={$app_user}");
//else
// do_redirect ( "view_entry.php?id=$id&user=$app_user" );
include_once 'includes/init.php';
load_user_layers();
$status = getValue('status', '(on|off)', true);
$public = getValue('public');
if ($ALLOW_VIEW_OTHER != 'Y') {
print_header();
echo print_not_auth(7) . print_trailer();
exit;
}
$updating_public = false;
$url = 'layers.php';
if ($is_admin && !empty($public) && $PUBLIC_ACCESS == 'Y') {
$updating_public = true;
$layer_user = '******';
$url .= '?public=1';
} else {
$layer_user = $login;
}
dbi_execute('DELETE FROM webcal_user_pref WHERE cal_login = ?
AND cal_setting = \'LAYERS_STATUS\'', array($layer_user));
$sql = 'INSERT INTO webcal_user_pref ( cal_login, cal_setting, cal_value )
VALUES ( ?, \'LAYERS_STATUS\', ? )';
if (!dbi_execute($sql, array($layer_user, $status == 'off' ? 'N' : 'Y'))) {
$error = translate('Unable to update preference') . ': ' . dbi_error() . '<br /><br /><span class="bold">SQL:</span> ' . $sql;
break;
}
if (empty($error)) {
do_redirect($url);
}
print_header();
echo print_error($error, true) . print_trailer();
}
} else {
$catowner = "'{$login}'";
}
$sql = "INSERT INTO webcal_categories " . "( cat_id, cat_owner, cat_name ) " . "VALUES ( {$id}, {$catowner}, '{$catname}' )";
if (!dbi_query($sql)) {
$error = translate("Database error") . ": " . dbi_error();
}
} else {
$error = translate("Database error") . ": " . dbi_error();
}
}
}
}
if (empty($error)) {
do_redirect("category.php");
}
print_header();
?>
<h2><?php
etranslate("Error");
?>
</h2>
<blockquote>
<?php
echo $error;
?>
</blockquote>
<?php
* Must have "allow view others" enabled ($allow_view_other) in
* System Settings unless the user is an admin user ($is_admin).
* If the view is not global, the user must be owner of the view.
* If the view is global, then and user_sees_only_his_groups is
* enabled, then we remove users not in this user's groups
* (except for nonuser calendars... which we allow regardless of group).
*/
include_once 'includes/init.php';
$error = "";
$DAYS_PER_TABLE = 7;
if ($allow_view_other == "N" && !$is_admin) {
// not allowed...
send_to_preferred_view();
}
if (empty($id)) {
do_redirect("views.php");
}
// Find view name in $views[]
$view_name = "";
for ($i = 0; $i < count($views); $i++) {
if ($views[$i]['cal_view_id'] == $id) {
$view_name = $views[$i]['cal_name'];
}
}
// If view_name not found, then the specified view id does not
// belong to current user.
if (empty($view_name)) {
$error = translate("You are not authorized");
}
$INC = array('js/popups.php');
print_header($INC);
if ($nlastname) {
$sql .= ' cal_lastname = ?,';
$sql_params[] = $nlastname;
}
if ($nfirstname) {
$sql .= ' cal_firstname = ?,';
$sql_params[] = $nfirstname;
}
$sql_params[] = $nadmin;
$sql_params[] = $nid;
if (!dbi_execute($sql . ' cal_admin = ? WHERE cal_login = ?', $sql_params)) {
$error = db_error();
}
} else {
// Adding
if (preg_match('/^[\\w]+$/', $nid)) {
$nid = $NONUSER_PREFIX . $nid;
if (!dbi_execute('INSERT INTO webcal_nonuser_cals ( cal_login,
cal_firstname, cal_lastname, cal_admin ) VALUES ( ?, ?, ?, ? )', array($nid, $nfirstname, $nlastname, $nadmin))) {
$error = db_error();
}
} else {
$error = translate('Calendar ID') . ' ' . translate('word characters only') . '.';
}
}
}
if (empty($error)) {
do_redirect('nonusers.php');
}
print_header();
echo print_error($error) . print_trailer();