Ejemplo n.º 1
0
/**
 * Initialize view variables and check permissions.
 * @param int $view_id id for the view
 */
function view_init($view_id)
{
    global $views, $error, $login;
    global $ALLOW_VIEW_OTHER, $is_admin;
    global $view_name, $view_type, $custom_view;
    //set this to prove we in are inside a custom view page
    $custom_view = true;
    if ((empty($ALLOW_VIEW_OTHER) || $ALLOW_VIEW_OTHER == 'N') && !$is_admin) {
        // not allowed...
        send_to_preferred_view();
    }
    if (empty($view_id)) {
        do_redirect('views.php');
    }
    // Find view name in $views[]
    $view_name = '';
    $view_type = '';
    $viewcnt = count($views);
    for ($i = 0; $i < $viewcnt; $i++) {
        if ($views[$i]['cal_view_id'] == $view_id) {
            $view_name = htmlspecialchars($views[$i]['cal_name']);
            $view_type = $views[$i]['cal_view_type'];
        }
    }
    // If view_name not found, then the specified view id does not
    // belong to current user.
    if (empty($view_name)) {
        $error = print_not_auth(34);
    }
}
Ejemplo n.º 2
0
function redirect_away()
{
    if (array_key_exists('return', $_GET)) {
        do_redirect($_GET['return']);
    } else {
        do_redirect('');
    }
    # index.php
    exit;
}
Ejemplo n.º 3
0
//check if form submitted
if (!isset($_POST['email'])) {
    return false;
}
//variables not set yet
//get variables
$email = set_post('email', '');
if (empty($email) || !email_is_valid($email)) {
    notices_set('Invalid email.', 'error');
    return false;
}
//check if it is valid
$sql = sql_query(" SELECT id FROM `users` WHERE email='{$email}' LIMIT 1 ");
if (sql_count($sql) <= 0) {
    notices_set('Invalid email.', 'error');
    return false;
}
$data = sql_fetch($sql);
//create code
$confirm = confirm_token_create($email);
//delete all tokens for that email
sql_query(" DELETE FROM `password_reset` WHERE user='******'id']}' LIMIT 1 ");
//insert
sql_query(" INSERT INTO `password_reset` (user, token) VALUES('{$data['id']}' , '{$confirm}') \n\t\t\tON DUPLICATE KEY UPDATE token='{$confirm}' ");
//send email
email_send('password_reset', 'Planling Password Reset', array($email => $email), array('{{%LINK%}}' => 'http://' . MAIN_URL . '/password?e=' . $email . '&t=' . $confirm));
//set message
notices_set('Instructions on how to reset your password has been sent to <strong>' . $email . '</strong>.', 'success');
//redirect user
do_redirect();
Ejemplo n.º 4
0
<?php

require 'inc.bootstrap.php';

if ( is_logged_in(false) && isset($_SESSION['series']) ) {
	unset($_SESSION['series']);
}

do_redirect('login');
Ejemplo n.º 5
0
                        // $icon_props = getimagesize ( $file['tmp_name']  );
                        // print_r ($icon_props );
                        $path_parts = pathinfo($_SERVER['SCRIPT_FILENAME']);
                        $fullIcon = $path_parts['dirname'] . '/' . $icon_path . 'cat-' . $id . '.gif';
                        renameIcon($id);
                        $file_result = move_uploaded_file($file['tmp_name'], $fullIcon);
                        // echo "Upload Result:" . $file_result;
                    } else {
                        if ($file['size'] > $icon_max_size) {
                            $error = translate('File size exceeds maximum.');
                        } else {
                            if ($file['type'] != 'image/gif') {
                                $error = translate('File is not a gif image.');
                            }
                        }
                    }
                }
                // Copy icon if local file specified.
                $urlname = getPostvalue('urlname');
                if (!empty($urlname) && file_exists($icon_path . $urlname)) {
                    copy($icon_path . $urlname, $icon_path . 'cat-' . $id . '.gif');
                }
            }
        }
    }
}
if (empty($error)) {
    do_redirect('category.php');
}
print_header();
echo print_error($error) . print_trailer();
Ejemplo n.º 6
0
<?php

include_once 'includes/init.php';
$USERS_PER_TABLE = 6;
if ($allow_view_other == "N" && !$is_admin) {
    // not allowed...
    do_redirect("{$STARTVIEW}.php");
}
// Find view name in $views[]
$view_name = "";
for ($i = 0; $i < count($views); $i++) {
    if ($views[$i]['cal_view_id'] == $id) {
        $view_name = $views[$i]['cal_name'];
    }
}
$INC = array('js/popups.php');
print_header($INC);
// Initialise la date au premier du mois en cours
if ($timeb == 0) {
    $date = substr($date, 0, 6) . "01";
}
set_today($date);
// Week timebar
if ($timeb == 1) {
    $next = mktime(3, 0, 0, $thismonth, $thisday + 7, $thisyear);
} else {
    $next = mktime(3, 0, 0, $thismonth + 1, $thisday, $thisyear);
}
$nextyear = date("Y", $next);
$nextmonth = date("m", $next);
$nextday = date("d", $next);
Ejemplo n.º 7
0
 * event as deleted.
 *
 * Security:
 * Events will only be deleted if they were created by the selected
 * user. Events where the user was a participant (but not did not
 * create) will remain unchanged.
 *
 */
include_once 'includes/init.php';
require_valide_referring_url();
// Set this to true do show the SQL at the bottom of the page
$purgeDebug = false;
$sqlLog = '';
if (!$is_admin) {
    // must be admin...
    do_redirect('index.php');
    exit;
}
$ALL = 0;
$previewStr = translate('Preview');
$allStr = translate('All');
$purgingStr = translate('Purging events for');
$deleteStr = translate('Delete');
$delete = getPostValue('delete');
$do_purge = false;
if (!empty($delete)) {
    $do_purge = true;
}
$purge_all = getPostValue('purge_all');
$purge_deleted = getPostValue('purge_deleted');
$end_year = getPostValue('end_year');
Ejemplo n.º 8
0
        if ($send_user_mail == "Y" && strlen($tempemail) && $send_email != "N") {
            if ($GLOBALS['LANGUAGE'] != $user_language && !empty($user_language) && $user_language != 'none') {
                reset_language($user_language);
            }
            $msg = translate("Hello") . ", " . $tempfullname . ".\n\n" . translate("An appointment has been rejected by") . " " . $login_fullname . ". " . translate("The subject was") . " \"" . $name . " \"\n" . translate("The description is") . " \"" . $description . "\"\n" . translate("Date") . ": " . date_to_str($fmtdate) . "\n" . (empty($hour) && empty($minute) ? "" : translate("Time") . ": " . display_time($hour * 10000 + $minute * 100)) . "\n\n\n";
            if (!empty($server_url)) {
                $url = $server_url . "view_entry.php?id=" . $id;
                $msg .= "\n\n" . $url;
            }
            $from = $email_fallback_from;
            if (strlen($login_email)) {
                $from = $login_email;
            }
            $extra_hdrs = "From: {$from}\r\nX-Mailer: " . translate("Title");
            mail($tempemail, translate($application_name) . " " . translate("Notification") . ": " . $name, html_to_8bits($msg), $extra_hdrs);
            activity_log($id, $login, $partlogin[$i], $LOG_NOTIFICATION, "Event rejected by {$app_user}");
        }
    }
}
if (empty($error)) {
    if ($ret == "list") {
        do_redirect("list_unapproved.php?user={$app_user}");
    } else {
        do_redirect("view_entry.php?id={$id}&amp;user={$app_user}");
    }
    exit;
}
print_header();
echo "<h2>" . translate("Error") . "</h2>\n";
echo "<p>" . $error . "</p>\n";
print_trailer();
Ejemplo n.º 9
0
            if ($event_owner == $login || user_is_assistant($login, $event_owner)) {
                $can_delete = true;
            }
        }
        dbi_free_result($res);
    }
}
if (empty($error) && !$can_delete) {
    $error = print_not_auth(6);
}
if (empty($error) && $can_delete) {
    if (!dbi_execute('DELETE FROM webcal_blob WHERE cal_blob_id = ?', array($blid))) {
        $error = db_error();
    } else {
        if ($event_id > 0) {
            $removeStr = translate('Removed');
            if ($type == 'A') {
                activity_log($event_id, $login, $login, LOG_ATTACHMENT, $removeStr . ': ' . $name);
            } elseif ($type == 'C') {
                activity_log($event_id, $login, $login, LOG_COMMENT, $removeStr);
            }
        }
        if ($event_id > 0) {
            do_redirect('view_entry.php?id=' . $event_id);
        }
        do_redirect(get_preferred_view());
    }
}
// Some kind of error...
print_header();
echo print_error($error) . print_trailer();
function send_to_preferred_view($indate = '', $args = '')
{
    do_redirect(get_preferred_view($indate, $args));
}
Ejemplo n.º 11
0
    if ($res) {
        $row = dbi_fetch_row($res);
        $name = $row[0];
        dbi_free_result($res);
    }
    for ($i = 0; $i < count($partlogin); $i++) {
        // does this user want email for this?
        $send_user_mail = get_pref_setting($partlogin[$i], "EMAIL_EVENT_REJECTED");
        user_load_variables($partlogin[$i], "temp");
        if ($send_user_mail == "Y" && strlen($tempemail) && $send_email != "N") {
            $fmtdate = sprintf("%04d%02d%02d", $year, $month, $day);
            $msg = translate("Hello") . ", " . $tempfullname . ".\n\n" . translate("An appointment has been rejected by") . " " . $login_fullname . ". " . translate("The subject was") . " \"" . $name . " \"\n" . translate("The description is") . " \"" . $description . "\"\n" . translate("Date") . ": " . date_to_str($fmtdate) . "\n" . (empty($hour) && empty($minute) ? "" : translate("Time") . ": " . display_time($hour * 10000 + $minute * 100)) . "\n\n\n";
            if (!empty($server_url)) {
                $url = $server_url . "view_entry.php?id=" . $id;
                $msg .= "\n\n" . $url;
            }
            $from = $email_fallback_from;
            if (strlen($login_email)) {
                $from = $login_email;
            }
            $extra_hdrs = "From: {$from}\nX-Mailer: " . translate("Title");
            mail($tempemail, translate($application_name) . " " . translate("Notification") . ": " . $name, html_to_8bits($msg), $extra_hdrs);
            activity_log($id, $login, $partlogin[$i], $LOG_NOTIFICATION, "Event rejected by {$app_user}");
        }
    }
}
if ($ret == "list") {
    do_redirect("list_unapproved.php");
} else {
    do_redirect("view_entry.php?id={$id}");
}
Ejemplo n.º 12
0
// The source code packaged with this file is Free Software, Copyright (C) 2012 by
// Ricardo Galli <gallir at gallir dot com>.
// It's licensed under the AFFERO GENERAL PUBLIC LICENSE unless stated otherwise.
// You can get copies of the licenses here:
// 		http://www.affero.org/oagpl.html
// AFFERO GENERAL PUBLIC LICENSE is also included in the file called "COPYING".
// Use the alternate server for api, if it exists
//$globals['alternate_db_server'] = 'backend';
include '../config.php';
$db->connect_timeout = 3;
if (!$current_user->user_id) {
    die;
}
if (!empty($_GET['redirect'])) {
    do_redirect($_GET['redirect']);
    exit(0);
}
header('Content-Type: application/json; charset=utf-8');
http_cache(5);
$notifications = new stdClass();
$notifications->posts = (int) Post::get_unread_conversations($current_user->user_id);
$notifications->comments = (int) Comment::get_unread_conversations($current_user->user_id);
$notifications->privates = (int) PrivateMessage::get_unread($current_user->user_id);
$notifications->friends = count(User::get_new_friends($current_user->user_id));
$notifications->total = $notifications->posts + $notifications->privates + $notifications->friends + $notifications->comments;
echo json_encode($notifications);
function do_redirect($type)
{
    global $globals, $current_user;
    $url = '/';
Ejemplo n.º 13
0
    $page = get_preferred_view();
    if (access_can_view_page($page)) {
        send_to_preferred_view();
    } else {
        // User's preferences need to be updated to their preferred view.
        if (access_can_access_function(ACCESS_PREFERENCES)) {
            do_redirect('pref.php');
        }
        // User does not have access to preferences...
        // So, we need to pick another page.
        if (access_can_access_function(ACCESS_WEEK)) {
            do_redirect('week.php');
        } elseif (access_can_access_function(ACCESS_MONTH)) {
            do_redirect('month.php');
        } elseif (access_can_access_function(ACCESS_DAY)) {
            do_redirect('day.php');
        } elseif (access_can_access_function(ACCESS_YEAR)) {
            do_redirect('year.php');
        }
        // At this point, this user cannot view the preferred view in their
        // preferences (and they cannot update their preferences), and they cannot
        // view any of the standard day/week/month/year pages. All that's left is a
        // custom view that is either created by them or a global view.
        if (count($views) > 0) {
            do_redirect($views[0]['url']);
        }
        // No views either?  You gotta be kidding me! ;-)
    }
} else {
    do_redirect('month.php');
}
                } else {
                    $error = translate("Database error") . ": " . dbi_error();
                }
            }
        }
        # update user list
        if ($error == "") {
            dbi_query("DELETE FROM webcal_group_user WHERE cal_group_id = {$id}");
            for ($i = 0; $i < count($users); $i++) {
                dbi_query("INSERT INTO webcal_group_user ( cal_group_id, cal_login ) " . "VALUES ( {$id}, '{$users[$i]}' )");
            }
        }
    }
}
if ($error == "") {
    do_redirect("groups.php");
}
?>
<HTML>
<HEAD>
<TITLE><?php 
etranslate($application_name);
?>
</TITLE>
<?php 
include "includes/styles.php";
?>
</HEAD>
<BODY BGCOLOR="<?php 
echo $BGCOLOR;
?>
Ejemplo n.º 15
0
/**
 * Sends a redirect to the user's preferred view.
 *
 * The user's preferred view is stored in the $STARTVIEW global variable.  This
 * is loaded from the user preferences (or system settings if there are no user
 * prefererences.)
 *
 * @param string $indate Date to pass to preferred view in YYYYMMDD format
 * @param string $args   Arguments to include in the URL (such as "user=joe")
 */
function send_to_preferred_view($indate = "", $args = "")
{
    $url = get_preferred_view($indate, $args);
    do_redirect($url);
}
Ejemplo n.º 16
0
            $redir = "?date={$thisdate}";
        }
        if ($user != "") {
            if ($redir != "") {
                $redir .= "&amp;";
            }
            $redir .= "user={$user}";
        }
        $url = "{$STARTVIEW}.php" . $redir;
    }
}
if (empty($error)) {
    if ($is_assistant || $is_nonuser_admin) {
        $url = $url . (strpos($url, "?") === false ? "?" : "&amp;") . "user={$user}";
    }
    do_redirect($_SESSION['referer']);
    $_SESSION['referer'] = '';
    exit;
}
print_header();
?>

<h2><?php 
etranslate("Error");
?>
</h2>
<blockquote>
<?php 
echo $error;
?>
</blockquote>
Ejemplo n.º 17
0
            }
            if (strlen($value) > 0) {
                $sql = "INSERT INTO webcal_config " . "( cal_setting, cal_value ) VALUES " . "( '{$setting}', '{$value}' )";
                if (!dbi_query($sql)) {
                    $error = translate("Error") . ": " . dbi_error() . "<br /><br /><span style=\"font-weight:bold;\">SQL:</span> {$sql}";
                    break;
                }
            }
        }
    }
}
if (empty($error)) {
    if (empty($ovrd)) {
        do_redirect("admin.php");
    } else {
        do_redirect("admin.php?ovrd={$ovrd}");
    }
}
print_header();
?>

<h2><?php 
etranslate("Error");
?>
</h2>

<?php 
etranslate("The following error occurred");
?>
:
<blockquote>
Ejemplo n.º 18
0
        } else {
            // Check for cookie...
            if (!empty($webcalendar_session)) {
                $encoded_login = $webcalendar_session;
                if (empty($encoded_login)) {
                    // invalid session cookie
                    $session_not_found = true;
                } else {
                    $login_pw = split('\\|', decode_string($encoded_login));
                    $login = $login_pw[0];
                    $cryptpw = $login_pw[1];
                    // make sure we are connected to the database for password check
                    $c = dbi_connect($db_host, $db_login, $db_password, $db_database);
                    if (!$c) {
                        echo "Error connecting to database:<BLOCKQUOTE>" . dbi_error() . "</BLOCKQUOTE>\n";
                        exit;
                    }
                    if (!user_valid_crypt($login, $cryptpw)) {
                        do_debug("User not logged in; redirecting to login page");
                        if (empty($login_return_path)) {
                            do_redirect("login.php");
                        } else {
                            do_redirect("login.php?return_path={$login_return_path}");
                        }
                    }
                    do_debug("Decoded login from cookie: {$login}");
                }
            }
        }
    }
}
Ejemplo n.º 19
0
	}

	exit;
}

// reset one show
else if ( isset($_GET['resetshow']) ) {
	if ( $show = Show::get($_GET['resetshow']) ) {
		// delete seasons/episodes
		$db->delete('seasons', array('series_id' => $_GET['resetshow']));

		// delete tvdb series id
		$db->update('series', array('tvdb_series_id' => 0, 'changed' => time()), array('id' => $_GET['resetshow']));
	}

	return do_redirect('index');
}

// keep db hot
else if ( isset($_GET['keepalive']) ) {
	$db->delete('variables', array('name' => 'keepalive'));
	$db->insert('variables', array('name' => 'keepalive', 'value' => time()));
	exit('OK');
}

// lazy/async load inactive shows
else if ( isset($_GET['inactive']) ) {
	require 'tpl.shows.php';
	exit;
}
    }
    if (empty($error) && !dbi_query("INSERT INTO webcal_report_template " . "( cal_report_id, cal_template_type, cal_template_text ) VALUES ( " . "{$report_id}, 'P', '{$page_template}' )")) {
        $error = translate("Database error") . ": " . dbi_error();
    }
    if (empty($error) && !dbi_query("INSERT INTO webcal_report_template " . "( cal_report_id, cal_template_type, cal_template_text ) VALUES ( " . "{$report_id}, 'D', '{$day_template}' )")) {
        $error = translate("Database error") . ": " . dbi_error();
    }
    if (empty($error) && !dbi_query("INSERT INTO webcal_report_template " . "( cal_report_id, cal_template_type, cal_template_text ) VALUES ( " . "{$report_id}, 'E', '{$event_template}' )")) {
        $error = translate("Database error") . ": " . dbi_error();
    }
}
if (empty($error)) {
    if ($updating_public) {
        do_redirect("report.php?public=1");
    } else {
        do_redirect("report.php");
    }
    exit;
}
print_header();
?>

<h2><?php 
etranslate("Error");
?>
</h2>
<blockquote>
<?php 
echo htmlentities($error);
?>
</blockquote>
Ejemplo n.º 21
0
<?php

/* $Id: assistant_edit.php,v 1.38 2007/07/28 19:21:57 bbannon Exp $ */
include_once 'includes/init.php';
if (empty($login) || $login == '__public__') {
    // Do not allow public access.
    do_redirect(empty($STARTVIEW) ? 'month.php' : "{$STARTVIEW}");
    exit;
}
if ($user != $login) {
    $user = ($is_admin || $is_nonuser_admin) && $user ? $user : $login;
}
print_header($GROUPS_ENABLED == 'Y' ? array('js/assistant_edit.php/true') : '');
ob_start();
echo '
    <form action="assistant_edit_handler.php" method="post" ' . 'name="assistanteditform">' . ($user ? '
      <input type="hidden" name="user" value="' . $user . '" />' : '') . '
      <h2>';
$assistStr = translate('Assistants');
if ($is_nonuser_admin) {
    nonuser_load_variables($user, 'nonuser');
    echo $nonuserfullname . ' ' . $assistStr . '<br />
      -- ' . translate('Admin mode') . ' --';
} else {
    echo translate('Your assistants');
}
echo '</h2>
      ' . display_admin_link() . '
      <table>
        <tr>
          <td class="aligntop"><label for="users">' . $assistStr . ':</label></td>
Ejemplo n.º 22
0
    if ($public_access_can_add != 'Y') {
        // do not allow add
        if (strstr($PHP_SELF, "edit_entry.php") || strstr($PHP_SELF, "edit_entry_handler.php")) {
            $not_auth = true;
        }
    }
}
if (empty($is_admin) || !$is_admin) {
    if (strstr($PHP_SELF, "admin.php") || strstr($PHP_SELF, "admin_handler.php") || strstr($PHP_SELF, "groups.php") || strstr($PHP_SELF, "group_edit.php") || strstr($PHP_SELF, "group_edit_handler.php") || strstr($PHP_SELF, "edit_template.php") || strstr($PHP_SELF, "activity_log.php")) {
        $not_auth = true;
    }
}
// restrict access if calendar is read-only
if ($readonly == "Y") {
    if (strstr($PHP_SELF, "activity_log.php") || strstr($PHP_SELF, "adminhome.php") || strstr($PHP_SELF, "admin.php") || strstr($PHP_SELF, "approve_entry.php") || strstr($PHP_SELF, "category_handler.php") || strstr($PHP_SELF, "category.php") || strstr($PHP_SELF, "del_entry.php") || strstr($PHP_SELF, "edit_report_handler.php") || strstr($PHP_SELF, "edit_report.php") || strstr($PHP_SELF, "edit_template.php") || strstr($PHP_SELF, "edit_user_handler.php") || strstr($PHP_SELF, "edit_user.php") || strstr($PHP_SELF, "group_edit_handler.php") || strstr($PHP_SELF, "groups.php") || strstr($PHP_SELF, "import_handler.php") || strstr($PHP_SELF, "import_handler.php") || strstr($PHP_SELF, "import.php") || strstr($PHP_SELF, "layers.php") || strstr($PHP_SELF, "layer_toggle.php") || strstr($PHP_SELF, "list_unapproved.php") || strstr($PHP_SELF, "pref_handler.php") || strstr($PHP_SELF, "pref.php") || strstr($PHP_SELF, "pref_handler.php") || strstr($PHP_SELF, "purge.php") || strstr($PHP_SELF, "reject_entry.php") || strstr($PHP_SELF, "set_entry_cat.php") || strstr($PHP_SELF, "users.php") || strstr($PHP_SELF, "views_edit_handler.php") || strstr($PHP_SELF, "views.php")) {
        $not_auth = true;
    }
}
// We can't call translate() here because translate.php gets loaded
// after this include file :-(
// So, instead of an error message that may be in the wrong language,
// just redirect to some other page.
if ($not_auth) {
    /*
    echo "<html>\n<head>\n<title>" . translate($application_name) . " " .
      translate("Error") .  "</title>\n</head>\n<body>\n";
    echo "<h2>" . translate ( "Error" ) . "</h2>\n" .
      translate ( "You are not authorized" );
    */
    do_redirect("week.php");
}
Ejemplo n.º 23
0
<?php

include_once $gfplugins . 'webcalendar/www/includes/init.php';
if (empty($login) || $login == "__public__") {
    // do not allow public access
    do_redirect(empty($STARTVIEW) ? "month.php" : "{$STARTVIEW}");
    exit;
}
if ($user != $login) {
    $user = ($is_admin || $is_nonuser_admin) && $user ? $user : $login;
}
if ($groups_enabled == "Y") {
    $INC = array('js/assistant_edit.php');
} else {
    $INC = '';
}
print_header($INC);
?>

<form action="assistant_edit_handler.php" method="post" name="assistanteditform">
<?php 
if ($user) {
    echo "<input type=\"hidden\" name=\"user\" value=\"{$user}\" />\n";
}
if ($is_nonuser_admin) {
    nonuser_load_variables($user, "nonuser");
    echo "<h2>" . $nonuserfullname . " " . translate("Assistants") . "<br />\n-- " . translate("Admin mode") . " --</h2>\n";
} else {
    echo "<h2>" . translate("Your assistants") . "</h2>\n";
}
?>
Ejemplo n.º 24
0
				exit_error("Error", "First activate the $pluginname plugin through the Project's Admin Interface");			
			}
			$userperm = $group->getPermission($user);//we´ll check if the user belongs to the group
			if ( !$userperm->IsMember()) {
				exit_error("Access Denied", "You are not a member of this project");
			}
			//only project admin can access here
			if ( $userperm->isAdmin() ) {
				webcalendar_Project_Header(array('title'=>$pluginname . ' Project Plugin!','pagename'=>"$pluginname",'sectionvals'=>array(group_getname($id))));    
				// DO THE STUFF FOR THE PROJECT ADMINISTRATION PART HERE
				echo "We are in the Project webcalendar plugin <font color=\"#ff0000\">ADMINISTRATION</font> <br>";
				echo "Greetings from planet " . $world; // $world comes from the config file in /etc
			} else {
				exit_error("Access Denied", "You are not a project Admin");
			}
		}
	}	 
*/
include_once $gfplugins . 'webcalendar/www/includes/init.php';
// If not yet logged in, you will be redirected to login.php before
// we get to this point (by connect.php included above)
if (!empty($STARTVIEW)) {
    send_to_preferred_view();
} else {
    do_redirect("month.php");
}
site_project_footer(array());
// Local Variables:
// mode: php
// c-file-style: "bsd"
// End:
Ejemplo n.º 25
0
            $res = dbi_query("SELECT MAX(cal_layerid) FROM webcal_user_layers");
            if ($res) {
                $row = dbi_fetch_row($res);
                $layerid = $row[0] + 1;
            } else {
                $layerid = 1;
            }
            dbi_query("INSERT INTO webcal_user_layers ( " . "cal_layerid, cal_login, cal_layeruser, cal_color, cal_dups ) " . "VALUES ('{$layerid}', '{$layer_user}', '{$layeruser}', " . "'{$layercolor}', '{$dups}')");
        }
    }
}
if ($error == "") {
    if ($updating_public) {
        do_redirect("layers.php?public=1");
    } else {
        do_redirect("layers.php");
    }
    exit;
}
print_header();
?>

<h2><?php 
etranslate("Error");
?>
</h2>
<blockquote>
<?php 
echo $error;
?>
</blockquote>
Ejemplo n.º 26
0
        $time = $row[3];
        dbi_free_result($res);
    }
    if ($time != '-1') {
        $hour = substr($time, 0, 2);
        $minute = substr($time, 2, 2);
    }
    for ($i = 0; $i < count($partlogin); $i++) {
        // does this user want email for this?
        $send_user_mail = get_pref_setting($partlogin[$i], "EMAIL_EVENT_REJECTED");
        user_load_variables($partlogin[$i], "temp");
        if ($send_user_mail == "Y" && strlen($tempemail) && $send_email != "N") {
            $msg = translate("Hello") . ", " . $tempfullname . ".\n\n" . translate("An appointment has been rejected by") . " " . $login_fullname . ". " . translate("The subject was") . " \"" . $name . " \"\n" . translate("The description is") . " \"" . $description . "\"\n" . translate("Date") . ": " . date_to_str($fmtdate) . "\n" . (empty($hour) && empty($minute) ? "" : translate("Time") . ": " . display_time($hour * 10000 + $minute * 100)) . "\n\n\n";
            if (!empty($server_url)) {
                $url = $server_url . "view_entry.php?id=" . $id;
                $msg .= "\n\n" . $url;
            }
            $from = $email_fallback_from;
            if (strlen($login_email)) {
                $from = $login_email;
            }
            $extra_hdrs = "From: {$from}\r\nX-Mailer: " . translate("Title");
            mail($tempemail, translate($application_name) . " " . translate("Notification") . ": " . $name, html_to_8bits($msg), $extra_hdrs);
            activity_log($id, $login, $partlogin[$i], $LOG_NOTIFICATION, "Event rejected by {$app_user}");
        }
    }
}
//if ( $ret == "list" )
do_redirect("list_unapproved.php?user={$app_user}");
//else
//  do_redirect ( "view_entry.php?id=$id&amp;user=$app_user" );
Ejemplo n.º 27
0
include_once 'includes/init.php';
load_user_layers();
$status = getValue('status', '(on|off)', true);
$public = getValue('public');
if ($ALLOW_VIEW_OTHER != 'Y') {
    print_header();
    echo print_not_auth(7) . print_trailer();
    exit;
}
$updating_public = false;
$url = 'layers.php';
if ($is_admin && !empty($public) && $PUBLIC_ACCESS == 'Y') {
    $updating_public = true;
    $layer_user = '******';
    $url .= '?public=1';
} else {
    $layer_user = $login;
}
dbi_execute('DELETE FROM webcal_user_pref WHERE cal_login = ?
  AND cal_setting = \'LAYERS_STATUS\'', array($layer_user));
$sql = 'INSERT INTO webcal_user_pref ( cal_login, cal_setting, cal_value )
  VALUES ( ?, \'LAYERS_STATUS\', ? )';
if (!dbi_execute($sql, array($layer_user, $status == 'off' ? 'N' : 'Y'))) {
    $error = translate('Unable to update preference') . ': ' . dbi_error() . '<br /><br /><span class="bold">SQL:</span> ' . $sql;
    break;
}
if (empty($error)) {
    do_redirect($url);
}
print_header();
echo print_error($error, true) . print_trailer();
Ejemplo n.º 28
0
                    }
                } else {
                    $catowner = "'{$login}'";
                }
                $sql = "INSERT INTO webcal_categories " . "( cat_id, cat_owner, cat_name ) " . "VALUES ( {$id}, {$catowner}, '{$catname}' )";
                if (!dbi_query($sql)) {
                    $error = translate("Database error") . ": " . dbi_error();
                }
            } else {
                $error = translate("Database error") . ": " . dbi_error();
            }
        }
    }
}
if (empty($error)) {
    do_redirect("category.php");
}
print_header();
?>
<h2><?php 
etranslate("Error");
?>
</h2>

<blockquote>
<?php 
echo $error;
?>
</blockquote>

<?php 
Ejemplo n.º 29
0
 * Must have "allow view others" enabled ($allow_view_other) in
 *   System Settings unless the user is an admin user ($is_admin).
 * If the view is not global, the user must be owner of the view.
 * If the view is global, then and user_sees_only_his_groups is
 * enabled, then we remove users not in this user's groups
 * (except for nonuser calendars... which we allow regardless of group).
 */
include_once 'includes/init.php';
$error = "";
$DAYS_PER_TABLE = 7;
if ($allow_view_other == "N" && !$is_admin) {
    // not allowed...
    send_to_preferred_view();
}
if (empty($id)) {
    do_redirect("views.php");
}
// Find view name in $views[]
$view_name = "";
for ($i = 0; $i < count($views); $i++) {
    if ($views[$i]['cal_view_id'] == $id) {
        $view_name = $views[$i]['cal_name'];
    }
}
// If view_name not found, then the specified view id does not
// belong to current user.
if (empty($view_name)) {
    $error = translate("You are not authorized");
}
$INC = array('js/popups.php');
print_header($INC);
Ejemplo n.º 30
0
        if ($nlastname) {
            $sql .= ' cal_lastname = ?,';
            $sql_params[] = $nlastname;
        }
        if ($nfirstname) {
            $sql .= ' cal_firstname = ?,';
            $sql_params[] = $nfirstname;
        }
        $sql_params[] = $nadmin;
        $sql_params[] = $nid;
        if (!dbi_execute($sql . ' cal_admin = ? WHERE cal_login = ?', $sql_params)) {
            $error = db_error();
        }
    } else {
        // Adding
        if (preg_match('/^[\\w]+$/', $nid)) {
            $nid = $NONUSER_PREFIX . $nid;
            if (!dbi_execute('INSERT INTO webcal_nonuser_cals ( cal_login,
        cal_firstname, cal_lastname, cal_admin ) VALUES ( ?, ?, ?, ? )', array($nid, $nfirstname, $nlastname, $nadmin))) {
                $error = db_error();
            }
        } else {
            $error = translate('Calendar ID') . ' ' . translate('word characters only') . '.';
        }
    }
}
if (empty($error)) {
    do_redirect('nonusers.php');
}
print_header();
echo print_error($error) . print_trailer();