function pend_requests($args, $html = true) { $nuri = $_SERVER['REQUEST_URI']; if (preg_match('/\\?/', $_SERVER['REQUEST_URI'])) { foreach ($args as $key => $arg) { if (isset($_GET[$key])) { if ($_GET[$key] == $arg) { continue; } else { $nuri = edit_requests($key, $arg, $nuri); continue; } } if ($html) { $nuri .= "&{$key}={$arg}"; } else { $nuri .= "&{$key}={$arg}"; } } } else { $done = false; foreach ($args as $key => $arg) { if (!$done) { $nuri .= "?{$key}={$arg}"; $done = true; continue; } $nuri .= "&{$key}={$arg}"; } } return $nuri; }
function __construct() { global $db; global $pref; // Start session session_start(); // If groups manager form has been submitted change stuff if (isset($_POST['edit_stuff']) && $_POST['edit_stuff'] == 'true') { // Should we create a new group? if (isset($_POST['newgroup']) && $_POST['newgroup'] != '') { // Put together rights $rights = array(); if (isset($_POST['admin'])) { $rights[] = 'admin'; } if (isset($_POST['canedit'])) { $rights[] = 'canedit'; } // Format rights correctly $rights = implode(',', $rights); $this->newGroup($_POST['newgroup'], $rights); } elseif (isset($_POST['delgroup']) && $_POST['delgroup'] == 'yes') { $this->rmGroup($_POST['group']); } elseif (isset($_POST['group'])) { // Put together rights $rights = array(); if (isset($_POST['admin'])) { $rights[] = 'admin'; } if (isset($_POST['canedit'])) { $rights[] = 'canedit'; } $rights = implode(',', $rights); $this->saveGroup($_POST['group'], $rights); } } // If users manager form has been submitted change stuff if (isset($_POST['edit_stuff']) && $_POST['edit_stuff'] == 'true') { // Maybe we should add a user if (isset($_POST['newusername'])) { // Make sure a valid username and password were provided $grep = "|^[a-zA-Z0-9\\_\\.\\-]+\$|"; if (!preg_match($grep, $_POST['newusername'])) { define('ERROR_MSG', 'Not a valid username. Username can only contain letters, number, dashes, and underscores.'); } elseif (!preg_match($grep, $_POST['newpassword'])) { define('ERROR_MSG', 'Not a valid password. Passwords can only contain letters, number, dashes, and underscores.'); } else { // Make sure passwords match if ($_POST['newpassword'] != $_POST['passconfirm']) { define('ERROR_MSG', 'Password and password confirmation do not match.'); } elseif (!isset($_POST['membergroups'])) { define('ERROR_MSG', 'Error: User is not a member of any group(s).'); } else { if (!isset($_POST['useremail']) || $_POST['useremail'] == '') { $email = ''; if (!defined('ERROR_MSG')) { define('ERROR_MSG', 'Warning: You did not supply an email address.'); } } else { $email = $db->escape_sql($_POST['useremail']); } $groups = implode(',', $_POST['membergroups']); $this->newUser($_POST['newusername'], $groups, $_POST['newpassword'], $email, ''); } } } elseif (isset($_POST['deluser'])) { $this->rmUser($_POST['editusername']); } elseif (isset($_POST['editusername'])) { // Make sure a valid username and password were provided $grep = "|^[a-zA-Z0-9\\_\\.\\-]+\$|"; if (!preg_match($grep, $_POST['editusername'])) { define('ERROR_MSG', 'Not a valid username. Username can only contain letters, number, dashes, and underscores.'); } elseif (!preg_match($grep, $_POST['editpassword'])) { define('ERROR_MSG', 'Not a valid password. Passwords can only contain letters, number, dashes, and underscores.'); } else { // Make sure passwords match if ($_POST['editpassword'] != $_POST['passconfirm']) { define('ERROR_MSG', 'Password and password confirmation do not match.'); } elseif (!isset($_POST['membergroups'])) { define('ERROR_MSG', 'Error: User is not a member of any group(s).'); } else { $groups = implode(',', $_POST['membergroups']); $this->editUser($_POST['editusername'], $groups, $_POST['editpassword'], $_POST['useremail'], ''); } } } } // Define groups array $groups = $db->fetch_rows_array("SELECT * FROM groups", array('name', 'rights')); // If there are no groups than create a default group and user if (count($groups) == 0) { // Make a default group $rights = $db->escape_sql('admin,canedit'); $this->newGroup('admin', $rights); // Make a default admin user $this->newUser('admin', 'admin', 'admin', 'admin@localhost', ''); // Reload groups array $groups = $db->fetch_rows_array("SELECT * FROM groups", array('name', 'rights')); } // "Fix" groups array foreach ($groups as $group) { $this->groups[$group['name']] = explode(',', $group['rights']); } // Define users array $users = $db->fetch_rows_array("SELECT * FROM users", array('user', 'password', 'groups', 'email', 'settings')); // "Fix" array foreach ($users as $user) { $this->users[$user['user']] = array('password' => $user['password'], 'groups' => explode(',', $user['groups']), 'email' => $user['email']); } if (isset($_GET['logout']) && $_GET['logout'] == 'true') { $this->logout(); $_SERVER['REQUEST_URI'] = edit_requests('logout', NULL, $_SERVER['REQUEST_URI'], true); } if (isset($_POST['login'])) { $this->login(); } // Check whether or not the user is logged if (isset($_SESSION['status']) && $_SESSION['status'] == 'in') { $this->status = 'in'; } }
<input type="hidden" name="rmevent" value="true" /> <input type="hidden" name="form_event" id="form_event" value="true"> </form> </div> </div> '; } if ($sidebar) { // Shall we load an event instead of create a new one? if (isset($_GET['event'])) { $event = $events->loadEvent(); } else { $event = false; } echo '<div class="side_panel">'; echo '<span class="iconsl"><a href="' . str_replace('&', '&', edit_requests('sidebar', 'false')) . '" title="Close"><img src="images/close.png" alt="-"></a></span>'; // If there is a message available display it echo '<span style="font-weight: bold; color: red;">' . $events->message . '</span><br>'; // Start form echo '<form method="post" action="' . str_replace('&', '&', $_SERVER['REQUEST_URI']) . '" name="sidebar" id="sidebar">'; echo '<label for="summary">Summary: </label> <span><input type="text" size="17" name="summary" id="summary"'; if ($event) { echo ' value="' . $event['summary'] . '"'; } echo '></span>'; echo '<label for="all-day">All Day: </label> <span><input type="checkbox" name="all-day" id="all-day" value="true" onclick="alldaytoggle()"'; if ($event['all-day']) { echo ' checked="checked"'; }
<img src="images/gray_color.png" alt="Gray" /><input type="radio" name="newcatcolor" value="gray" /> <img src="images/green_color.png" alt="Green" /><input type="radio" name="newcatcolor" value="green" /> <img src="images/lime_color.png" alt="Lime" /><input type="radio" name="newcatcolor" value="lime" /> <img src="images/maroon_color.png" alt="Maroon" /><input type="radio" name="newcatcolor" value="maroon" /> <img src="images/navy_color.png" alt="Navy" /><input type="radio" name="newcatcolor" value="navy" /> <img src="images/olive_color.png" alt="Olive" /><input type="radio" name="newcatcolor" value="olive" /> <img src="images/orange_color.png" alt="Orange" /><input type="radio" name="newcatcolor" value="orange" /> <img src="images/purple_color.png" alt="Purple" /><input type="radio" name="newcatcolor" value="purple" /> <img src="images/silver_color.png" alt="Silver" /><input type="radio" name="newcatcolor" value="silver" /> <img src="images/teal_color.png" alt="Teal" /><input type="radio" name="newcatcolor" value="teal" /> <img src="images/white_color.png" alt="White" /><input type="radio" name="newcatcolor" value="white" /> <img src="images/yellow_color.png" alt="Yellow" /><input type="radio" name="newcatcolor" value="yellow" /> </p>'; echo '<p>Delete Category: <select name="delcat"> '; $cats = acal_get_categories(); foreach ($cats as $cat) { echo '<option value="' . $cat['category'] . '">' . $cat['category'] . '</option>'; } echo ' </select> <input type="checkbox" name="realdel" value="true" /> </p>'; echo '<input type="hidden" name="change_cats" value="true" />'; break; } // End form echo '<p><input type="submit" value="' . Save . '"> <input type="button" name="' . edit_requests('layer', NULL, $_SERVER['REQUEST_URI'], true) . '" onclick="window.location.href = this.name" value="Cancel" /></p>'; echo '</form>'; echo '</div></div>'; } // End protection