function password_submit()
{
global $vars, $phpcdb, $phpc_user;
if (!is_user()) {
return tag('div', __('You must be logged in.'));
}
verify_token();
if (!$phpc_user->is_password_editable()) {
soft_error(__('You do not have permission to change your password.'));
}
if (!isset($vars['old_password'])) {
return tag('div', __('You must specify your old password.'));
} else {
$old_password = $vars['old_password'];
}
if ($phpc_user->password != md5($old_password)) {
return tag('div', __('The password you entered did not match your old password.'));
}
if (empty($vars['password1'])) {
return tag('div', __('You must specify a password'));
}
if (empty($vars['password2']) || $vars['password1'] != $vars['password2']) {
return tag('div', __('Your passwords did not match'));
}
$passwd = md5($vars['password1']);
$phpcdb->set_password($phpc_user->get_uid(), $passwd);
return tag('div', __('Password updated.'));
}
function process_form()
{
global $vars, $phpcdb, $phpc_script;
verify_token();
$cid = $phpcdb->create_calendar();
foreach (get_config_options() as $item) {
$name = $item[0];
$type = $item[2];
if ($type == PHPC_CHECK) {
if (isset($vars[$name])) {
$value = "1";
} else {
$value = "0";
}
} else {
if (isset($vars[$name])) {
$value = $vars[$name];
} else {
soft_error(__("{$name} was not set."));
}
}
$phpcdb->create_config($cid, $name, $value);
}
message(__('Calendar created.'));
}
function display_week()
{
global $vars;
$heading_html = tag('tr');
$heading_html->add(tag('th', __p('Week', 'W')));
for ($i = 0; $i < 7; $i++) {
$d = ($i + day_of_week_start()) % 7;
$heading_html->add(tag('th', day_name($d)));
}
if (!isset($vars['week']) || !isset($vars['year'])) {
soft_error(__('Invalid date.'));
}
$week_of_year = intval($vars['week']);
$year = intval($vars['year']);
$day_of_year = 1 + ($week_of_year - 1) * 7 - day_of_week(1, 1, $year);
$from_stamp = mktime(0, 0, 0, 1, $day_of_year, $year);
$start_month = date("n", $from_stamp);
$start_year = date("Y", $from_stamp);
$last_day = $day_of_year + 6;
$to_stamp = mktime(23, 59, 59, 1, $last_day, $year);
$end_month = date("n", $to_stamp);
$end_year = date("Y", $to_stamp);
$heading = month_name($start_month) . " {$start_year}";
if ($end_month != $start_month) {
$heading .= " - " . month_name($end_month) . " {$end_year}";
}
return tag('', tag("div", attributes('id="phpc-summary-view"'), tag("div", attributes('id="phpc-summary-head"'), tag("div", attributes('id="phpc-summary-title"'), ''), tag("div", attributes('id="phpc-summary-author"'), ''), tag("div", attributes('id="phpc-summary-category"'), ''), tag("div", attributes('id="phpc-summary-time"'), '')), tag("div", attributes('id="phpc-summary-body"'), '')), tag('table', attributes('class="phpc-main phpc-calendar"'), tag('caption', $heading), tag('colgroup', tag('col', attributes('class="phpc-week"')), tag('col', attributes('class="phpc-day"')), tag('col', attributes('class="phpc-day"')), tag('col', attributes('class="phpc-day"')), tag('col', attributes('class="phpc-day"')), tag('col', attributes('class="phpc-day"')), tag('col', attributes('class="phpc-day"')), tag('col', attributes('class="phpc-day"'))), tag('thead', $heading_html), create_week($week_of_year, $from_stamp, $to_stamp, $year)));
}
function options_form()
{
global $config, $phpc_script, $config_form;
$tbody = tag('tbody');
foreach ($config_form as $element) {
$name = $element[0];
$text = $element[1];
$type = $element[2];
switch ($type) {
case CHECK:
$input = create_checkbox($name, '1', $config[$name]);
break;
case TEXT:
$input = create_text($name, $config[$name]);
break;
case DROPDOWN:
$sequence = create_sequence(0, count($element[3]) - 1);
$input = create_select($name, $element[3], $config[$name], $sequence);
break;
default:
soft_error(_('Unsupported config type') . ": {$type}");
}
$tbody->add(tag('tr', tag('th', $text . ':'), tag('td', $input)));
}
return tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), tag('table', attributes('class="phpc-main"'), tag('caption', _('Options')), tag('tfoot', tag('tr', tag('td', attributes('colspan="2"'), create_hidden('action', 'options_submit'), create_submit(_('Submit'))))), $tbody));
}
function user_settings_submit()
{
global $phpcid, $vars, $phpcdb, $phpc_user_tz, $phpc_user_lang, $phpc_prefix, $phpc_user, $phpc_script;
verify_token();
// If we have a timezone, make sure it's valid
if (!empty($vars["timezone"]) && !in_array($vars['timezone'], timezone_identifiers_list())) {
soft_error(__("Invalid timezone."));
}
// Expire 20 years in the future, give or take.
$expiration_time = time() + 20 * 365 * 24 * 60 * 60;
// One hour in the past
$past_time = time() - 3600;
if (!empty($vars["timezone"])) {
setcookie("{$phpc_prefix}tz", $vars['timezone'], $expiration_time);
} else {
setcookie("{$phpc_prefix}tz", '', $past_time);
}
if (!empty($vars["language"])) {
setcookie("{$phpc_prefix}lang", $vars['language'], $expiration_time);
} else {
setcookie("{$phpc_prefix}lang", '', $past_time);
}
if (is_user()) {
$uid = $phpc_user->get_uid();
$phpcdb->set_user_default_cid($uid, $vars['default_cid']);
$phpcdb->set_timezone($uid, $vars['timezone']);
$phpcdb->set_language($uid, $vars['language']);
$phpc_user_tz = $vars["timezone"];
$phpc_user_lang = $vars["language"];
}
return message_redirect(__('Settings updated.'), "{$phpc_script}?action=user_settings&phpcid={$phpcid}");
}
function calendar_delete()
{
global $vars, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
$id = $vars["cid"];
$calendar = $phpcdb->get_calendar($id);
if (empty($calendar)) {
soft_error(__("Invalid calendar ID."));
}
if (empty($vars["confirm"])) {
$html->add(tag('p', __('Confirm you want to delete calendar:') . $calendar->get_title()));
$html->add(" [ ", create_action_link(__('Confirm'), "calendar_delete", array("cid" => $id, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
if (!$calendar->can_admin()) {
$html->add(tag('p', __("You do not have permission to remove calendar") . ": {$id}"));
return $html;
}
if ($phpcdb->delete_calendar($id)) {
$html->add(tag('p', __("Removed calendar") . ": {$id}"));
} else {
$html->add(tag('p', __("Could not remove calendar") . ": {$id}"));
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function process_form()
{
global $phpcid, $vars, $phpcdb, $phpc_script, $phpc_cal;
verify_token();
$user = $phpcdb->get_user($vars["uid"]);
// Remove existing groups for this calendar
foreach ($user->get_groups() as $group) {
if ($group["cid"] == $phpcid) {
$phpcdb->user_remove_group($vars["uid"], $group["gid"]);
}
}
$valid_groups = array();
foreach ($phpc_cal->get_groups() as $group) {
$valid_groups[] = $group["gid"];
}
if (!empty($vars["groups"])) {
foreach ($vars["groups"] as $gid) {
if (!in_array($gid, $valid_groups)) {
soft_error("Invalid gid");
}
$phpcdb->user_add_group($vars["uid"], $gid);
}
}
return message(__('Groups updated.'));
}
function event_delete()
{
global $config;
if (!is_user() && $config['anon_permission'] < 2) {
soft_error(_('You do not have permission to delete events.'));
}
$del_array = explode('&', $_SERVER['QUERY_STRING']);
$html = tag('div', attributes('class="box"', 'style="width: 50%"'));
$ids = 0;
foreach ($del_array as $del_value) {
list($drop, $id) = explode("=", $del_value);
if (preg_match('/^id$/', $drop) == 0) {
continue;
}
$ids++;
$event = get_event_by_id($id);
if (!check_user($event['uid']) && $config['anon_permission'] < 2) {
$html->add(tag('p', _('You do not have permission to remove item') . ": {$id}"));
continue;
}
if (remove_event($id)) {
$html->add(tag('p', _('Removed item') . ": {$id}"));
} else {
$html->add(tag('p', _('Could not remove item') . ": {$id}"));
}
}
if ($ids == 0) {
$html->add(tag('p', _('No items selected.')));
}
return $html;
}
function translate()
{
global $phpc_locale_path;
if (!is_admin()) {
permission_error(__('Need to be admin'));
exit;
}
$handle = opendir($phpc_locale_path);
if (!$handle) {
return soft_error("Error reading locale directory.");
}
$output_tag = tag('div', tag('h2', __('Translate')));
while (($filename = readdir($handle)) !== false) {
$pathname = "{$phpc_locale_path}/{$filename}";
if (strncmp($filename, ".", 1) == 0 || !is_dir($pathname)) {
continue;
}
$msgs_path = "{$pathname}/LC_MESSAGES";
$hash = parse_po_file("{$msgs_path}/messages.po");
if ($hash === FALSE) {
print nl2br("Error reading '{$msgs_path}/messages.po', aborted.\n");
} else {
$out = "{$msgs_path}/messages.mo";
write_mo_file($hash, $out);
}
$output_tag->add(tag('div', sprintf(__('Translated "%s"'), $filename)));
}
closedir($handle);
return $output_tag;
}
function category_submit()
{
global $vars, $phpcdb, $phpc_script, $phpc_cal;
if (empty($vars["text-color"]) || empty($vars["bg-color"])) {
$page = "{$phpc_script}?action=category_form";
if (!empty($vars["cid"])) {
$page .= "&cid={$vars["cid"]}";
}
if (!empty($vars["catid"])) {
$page .= "&catid={$vars["catid"]}";
}
return message_redirect(__("Color not specified."), $page);
}
// The current widget produces hex values without the "#".
// We may in the future want to allow different input, so store the
// values with the "#"
$text_color = '#' . $vars["text-color"];
$bg_color = '#' . $vars["bg-color"];
if (empty($vars['gid']) || strlen($vars['gid']) == 0) {
$gid = 0;
} else {
$gid = $vars['gid'];
}
if (!check_color($text_color) || !check_color($bg_color)) {
soft_error(__("Invalid color."));
}
if (!isset($vars['catid'])) {
$modify = false;
if (!isset($vars['cid'])) {
$cid = null;
if (!is_admin()) {
permission_error(__('You do not have permission to add categories to all calendars.'));
}
} else {
$cid = $vars['cid'];
$calendar = $phpcdb->get_calendar($cid);
if (!$calendar->can_admin()) {
permission_error(__('You do not have permission to add categories to this calendar.'));
}
}
$catid = $phpcdb->create_category($cid, $vars["name"], $text_color, $bg_color, $gid);
} else {
$modify = true;
$catid = $vars['catid'];
$category = $phpcdb->get_category($catid);
if (!(empty($category['cid']) && is_admin() || $phpcdb->get_calendar($category["cid"])->can_admin())) {
soft_error(__("You do not have permission to modify this category."));
}
$phpcdb->modify_category($catid, $vars['name'], $text_color, $bg_color, $gid);
}
$page = "{$phpc_script}?action=cadmin&phpcid=" . $vars['phpcid'];
if ($modify) {
return message_redirect(__("Modified category: ") . $catid, $page);
}
if ($catid > 0) {
return message_redirect(__("Created category: ") . $catid, $page);
}
return tag('div', attributes('class="phpc-error"'), __('Error submitting category.'));
}
function search_results()
{
global $vars, $phpcdb, $phpcid, $sort_options, $order_options;
$searchstring = $vars['searchstring'];
if (!empty($vars['search-from-date']) && strlen($vars['search-from-date']) > 0) {
$start = get_timestamp('search-from');
} else {
$start = false;
}
if (!empty($vars['search-to-date']) && strlen($vars['search-to-date']) > 0) {
$end = get_timestamp('search-to');
} else {
$end = false;
}
// make sure sort is valid
$sort = htmlentities($vars['sort']);
if (array_search($sort, array_keys($sort_options)) === false) {
soft_error(__('Invalid sort option') . ": {$sort}");
}
// make sure order is valid
$order = htmlentities($vars['order']);
if (array_search($order, array_keys($order_options)) === false) {
soft_error(__('Invalid order option') . ": {$order}");
}
$keywords = explode(" ", $searchstring);
$results = $phpcdb->search($phpcid, $keywords, $start, $end, $sort, $order);
$tags = array();
foreach ($results as $event) {
if (!$event->can_read()) {
continue;
}
$name = $event->get_author();
$subject = $event->get_subject();
$desc = $event->get_desc();
$date = $event->get_date_string();
$time = $event->get_time_string();
$eid = $event->get_eid();
$tags[] = tag('tr', tag('td', tag('strong', create_event_link($subject, 'display_event', $eid))), tag('td', "{$date} {$time}"), tag('td', $desc));
}
if (sizeof($tags) == 0) {
$html = tag('div', tag('strong', __('No events matched your search criteria.')));
} else {
$html = tag('table', attributes('class="phpc-main"'), tag('caption', __('Search Results')), tag('thead', tag('tr', tag('th', __('Subject')), tag('th', __('Date Time')), tag('th', __('Description')))));
foreach ($tags as $tag) {
$html->add($tag);
}
}
return $html;
}
function display_event()
{
global $vars;
if (!empty($vars['contentType']) && $vars['contentType'] == 'json') {
return display_event_json();
}
if (isset($vars['oid'])) {
return display_event_by_oid($vars['oid']);
}
if (isset($vars['eid'])) {
return display_event_by_eid($vars['eid']);
}
// If we get here, we did something wrong
soft_error(__("Invalid arguments."));
}
function display()
{
global $vars, $day, $month, $year;
if (isset($vars['id'])) {
return display_id($vars['id']);
}
if (isset($vars['day'])) {
return display_day($day, $month, $year);
}
if (isset($vars['month'])) {
return display_month($month, $year);
}
if (isset($vars['year'])) {
soft_error('year view not yet implemented');
}
return display_month($month, $year);
}
function search_results()
{
global $vars, $db, $calendar_name, $sort_options, $order_options;
$searchstring = $vars['searchstring'];
$start = "{$vars['syear']}-{$vars['smonth']}-{$vars['sday']}";
$end = "{$vars['eyear']}-{$vars['emonth']}-{$vars['eday']}";
// make sure sort is valid
$sort = $vars['sort'];
if (array_search($sort, array_keys($sort_options)) === false) {
soft_error(_('Invalid sort option') . ": {$sort}");
}
// make sure order is valid
$order = $vars['order'];
if (array_search($order, array_keys($order_options)) === false) {
soft_error(_('Invalid order option') . ": {$order}");
}
$keywords = explode(" ", $searchstring);
$words = array();
foreach ($keywords as $keyword) {
$words[] = "(subject LIKE '%{$keyword}%' " . "OR description LIKE '%{$keyword}%')\n";
}
$where = implode(' AND ', $words);
$query = 'SELECT * FROM ' . SQL_PREFIX . "events " . "WHERE ({$where}) " . "AND calendar = '{$calendar_name}' " . "AND enddate >= DATE '{$start}' " . "AND startdate <= DATE '{$end}' " . "ORDER BY {$sort} {$order}";
$result = $db->Execute($query) or db_error(_('Encountered an error while searching.'), $query);
$tags = array();
while ($row = $result->FetchRow()) {
$name = stripslashes($row['uid']);
$subject = stripslashes($row['subject']);
$desc = nl2br(stripslashes($row['description']));
$desc = parse_desc($desc);
$tags[] = tag('tr', tag('td', attributes('class="phpc-list"'), tag('strong', create_id_link($subject, 'display', $row['id']))), tag('td', attributes('class="phpc-list"'), $row['startdate'] . ' ' . formatted_time_string($row['starttime'], $row['eventtype'])), tag('td', attributes('class="phpc-list"'), $desc));
}
if (sizeof($tags) == 0) {
$html = tag('div', tag('strong', _('No events matched your search criteria.')));
} else {
$html = tag('table', attributes('class="phpc-main"'), tag('caption', _('Search Results')), tag('thead', tag('tr', tag('th', _('Subject')), tag('th', _('Date Time')), tag('th', _('Description')))));
foreach ($tags as $tag) {
$html->add($tag);
}
}
return $html;
}
function __construct($event)
{
parent::__construct($event);
$this->oid = $event['oid'];
if (!empty($event['start_ts'])) {
$start_ts = $event['start_ts'];
$this->start_year = date('Y', $start_ts);
$this->start_month = date('n', $start_ts);
$this->start_day = date('j', $start_ts);
$this->start_hour = date('H', $start_ts);
$this->start_minute = date('i', $start_ts);
}
if (!empty($event['start_date'])) {
if (preg_match('/^(\\d{4})(\\d{2})(\\d{2})$/', $event['start_date'], $start_matches) < 1) {
soft_error(__('DB returned an invalid date.') . "({$event['start_date']})");
}
$this->start_year = $start_matches[1];
$this->start_month = $start_matches[2];
$this->start_day = $start_matches[3];
}
if (!empty($event['end_ts'])) {
$end_ts = $event['end_ts'];
$this->end_year = date('Y', $end_ts);
$this->end_month = date('n', $end_ts);
$this->end_day = date('j', $end_ts);
$this->end_hour = date('H', $end_ts);
$this->end_minute = date('i', $end_ts);
}
if (!empty($event['end_date'])) {
if (preg_match('/^(\\d{4})(\\d{2})(\\d{2})$/', $event['end_date'], $end_matches) < 1) {
soft_error(__('DB returned an invalid date.') . "({$event['start_date']})");
}
$this->end_year = $end_matches[1];
$this->end_month = $end_matches[2];
$this->end_day = $end_matches[3];
}
$this->time_type = $event['time_type'];
if (!empty($event['end_ts'])) {
$this->duration = $event['end_ts'] - $event['start_ts'];
}
}
function display_week()
{
global $vars, $phpc_home_url, $phpcid, $phpc_year, $phpc_month, $phpc_day;
if (!isset($vars['week'])) {
$week_of_year = week_of_year($phpc_month, $phpc_day, $phpc_year);
} else {
if (!is_numeric($vars['week'])) {
soft_error(__('Invalid date.'));
}
$week_of_year = $vars['week'];
}
$day_of_year = 1 + ($week_of_year - 1) * 7 - day_of_week(1, 1, $phpc_year);
$from_stamp = mktime(0, 0, 0, 1, $day_of_year, $phpc_year);
$start_day = date("j", $from_stamp);
$start_month = date("n", $from_stamp);
$start_year = date("Y", $from_stamp);
$last_day = $day_of_year + 6;
$to_stamp = mktime(23, 59, 59, 1, $last_day, $phpc_year);
$end_day = date("j", $to_stamp);
$end_month = date("n", $to_stamp);
$end_year = date("Y", $to_stamp);
$title = month_name($start_month) . " {$start_year}";
if ($end_month != $start_month) {
$title .= " - " . month_name($end_month) . " {$end_year}";
}
$prev_week = $week_of_year - 1;
$prev_year = $phpc_year;
if ($prev_week < 1) {
$prev_year--;
$prev_week = week_of_year($start_month, $start_day - 7, $start_year);
}
$next_week = $week_of_year + 1;
$next_year = $phpc_year;
if ($next_week > weeks_in_year($phpc_year)) {
$next_week = week_of_year($end_month, $end_day + 1, $end_year);
$next_year++;
}
$heading = tag('', tag('a', attrs('class="phpc-icon-link"', "href=\"{$phpc_home_url}?action=display_week&phpcid={$phpcid}&week={$prev_week}&year={$prev_year}\""), tag('span', attrs('class="fa fa-chevron-left"'), '')), $title, tag('a', attrs('class="phpc-icon-link"', "href=\"{$phpc_home_url}?action=display_week&phpcid={$phpcid}&week={$next_week}&year={$next_year}\""), tag('span', attrs('class="fa fa-chevron-right"'), '')));
return create_display_table($heading, create_week($from_stamp, $phpc_year, get_events($from_stamp, $to_stamp)));
}
function calendar_delete()
{
global $vars, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
$id = $vars["cid"];
$calendar = $phpcdb->get_calendar($id);
if (empty($calendar)) {
soft_error(__("Calendar does not exist") . ": {$id}");
}
if (!$calendar->can_admin()) {
soft_error(__("You do not have permission to remove calendar") . ": {$id}");
}
if ($phpcdb->delete_calendar($id)) {
$html->add(tag('p', __("Removed calendar") . ": {$id}"));
} else {
$html->add(tag('p', __("Could not remove calendar") . ": {$id}"));
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function cadmin_submit()
{
global $phpcid, $phpc_cal, $vars, $phpcdb, $phpc_script;
if (!$phpc_cal->can_admin()) {
return tag('div', __('Permission denied'));
}
foreach (get_config_options() as $item) {
if ($item[2] == PHPC_CHECK) {
if (isset($vars[$item[0]])) {
$value = "1";
} else {
$value = "0";
}
} else {
if (isset($vars[$item[0]])) {
$value = $vars[$item[0]];
} else {
soft_error($item[0] . __(" was not set."));
}
}
$phpcdb->update_config($phpcid, $item[0], $value);
}
return message_redirect(__('Updated options'), "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
function group_submit()
{
global $vars, $phpcdb, $phpc_script, $phpc_cal;
if (!isset($vars['gid'])) {
$modify = false;
if (!isset($vars['cid'])) {
$cid = null;
if (!is_admin()) {
permission_error(__('You do not have permission to add a global group.'));
}
} else {
$cid = $vars['cid'];
$calendar = $phpcdb->get_calendar($cid);
if (!$calendar->can_admin()) {
permission_error(__('You do not have permission to add a group to this calendar.'));
}
}
$gid = $phpcdb->create_group($cid, $vars["name"]);
} else {
$modify = true;
$gid = $vars['gid'];
$group = $phpcdb->get_group($gid);
if (!(empty($group['cid']) && is_admin() || $phpcdb->get_calendar($group["cid"])->can_admin())) {
soft_error(__("You do not have permission to modify this group."));
}
$phpcdb->modify_group($gid, $vars['name']);
}
$page = "{$phpc_script}?action=cadmin&phpcid=" . $vars['cid'];
if ($modify) {
return message_redirect(__("Modified group: ") . $gid, $page);
}
if ($gid > 0) {
return message_redirect(__("Created group: ") . $gid, $page);
}
return tag('div', attributes('class="phpc-error"'), __('Error submitting group.'));
}
soft_error('No password found in your config file');
}
if (defined('SQL_DATABASE')) {
$sql_database = SQL_DATABASE;
echo "<p>Your SQL database name is: {$sql_database}</p>";
} else {
soft_error('No database found in your config file');
}
if (defined('SQL_PREFIX')) {
$sql_prefix = SQL_PREFIX;
echo "<p>Your SQL table prefix is: {$sql_prefix}</p>";
} else {
soft_error('No table prefix found in your config file');
}
if (defined('SQL_TYPE')) {
$sql_type = SQL_TYPE;
} elseif (isset($dbms)) {
$sql_type = $dbms;
} else {
soft_error('No database type found in your config file');
}
echo "<p>Your database type is: {$sql_type}</p>";
// connect to the database
$db = NewADOConnection($sql_type);
$ok = $db->Connect($sql_host, $sql_user, $sql_passwd, $sql_database);
if (!$ok) {
soft_error('Could not connect to the database');
}
$query = "ALTER TABLE " . SQL_PREFIX . "users\n\tADD admin tinyint(1) AFTER password;";
$db->Execute($query) or db_error("Error in alter", $query);
echo "<p>Database updated</p>";
function create_event($cid, $uid, $subject, $description, $readonly, $catid = false)
{
$fmt_readonly = asbool($readonly);
if (!$catid) {
$catid = 'NULL';
} else {
$catid = "'{$catid}'";
}
$query = "INSERT INTO `" . SQL_PREFIX . "events`\n" . "(`cid`, `owner`, `subject`, `description`, " . "`readonly`, `catid`)\n" . "VALUES ('{$cid}', '{$uid}', '{$subject}', '{$description}', " . "{$fmt_readonly}, {$catid})";
$this->dbh->query($query) or $this->db_error(__('Error creating event.'), $query);
$eid = $this->dbh->insert_id;
if ($eid <= 0) {
soft_error("Bad eid creating event.");
}
return $eid;
}
function display_event()
{
global $vars, $phpcdb, $phpc_year, $phpc_month, $phpc_day, $phpc_cal;
if (!empty($vars['content']) && $vars['content'] == 'json') {
return display_event_json();
}
if (isset($vars['oid'])) {
$entry = $phpcdb->get_event_by_oid($vars['oid']);
if (!$entry) {
return tag('p', __('There is no event for that OID.'));
}
$event = new PhpcEvent($entry);
} elseif (isset($vars['eid'])) {
$entry = $phpcdb->get_event_by_eid($vars['eid']);
if (!$entry) {
return tag('p', __('There is no event with that EID.'));
}
$event = new PhpcEvent($entry);
}
if (!isset($event)) {
soft_error(__("Invalid arguments."));
}
if (!$event->can_read()) {
return tag('p', __("You do not have permission to read this event."));
}
$event_header = tag('div', attributes('class="phpc-event-header"'), tag('div', __('created by') . ' ', tag('cite', $event->get_author()), ' ' . __('on') . ' ' . $event->get_ctime_string()));
if (!empty($event->mtime)) {
$event_header->add(tag('div', __('Last modified on '), $event->get_mtime_string()));
}
$category = $event->get_category();
if (!empty($category)) {
$event_header->add(tag('div', __('Category') . ': ' . $category));
}
// Add modify/delete links if this user has access to this event.
$event_menu = '';
if ($event->can_modify()) {
$event_menu = tag('div', attrs('class="phpc-bar ui-widget-content"'), create_event_link(__('Modify'), 'event_form', $event->get_eid()), "\n", create_event_link(__('Delete'), 'event_delete', $event->get_eid(), attrs('class="phpc-confirm"')));
}
$desc_tag = tag('div', attributes('class="phpc-desc"'), tag('h3', __("Description")), tag('p', $event->get_desc()));
$occurrences_tag = tag('ul');
$occurrences = $phpcdb->get_occurrences_by_eid($event->get_eid());
$set_date = false;
foreach ($occurrences as $occurrence) {
if (!$set_date) {
$phpc_year = $occurrence->get_start_year();
$phpc_month = $occurrence->get_start_month();
$phpc_day = $occurrence->get_start_day();
}
$oid = $occurrence->get_oid();
$occ_tag = tag('li', attrs('class="ui-widget-content"'), $occurrence->get_date_string() . ' ' . __('at') . ' ' . $occurrence->get_time_span_string());
if ($event->can_modify()) {
$occ_tag->add(" ", create_occurrence_link(__('Edit'), 'occur_form', $oid), " ", create_occurrence_link(__('Remove'), 'occurrence_delete', $oid, attrs('class="phpc-confirm-occ"')));
}
$occurrences_tag->add($occ_tag);
}
// Add occurrence link if this user has access to this event.
$occurrences_menu = '';
if ($event->can_modify()) {
$occurrences_menu = tag('div', attrs('class="phpc-bar ui-widget-content"'), create_event_link(__('Add Occurrence'), 'occur_form', $event->get_eid()));
}
foreach ($event->get_fields() as $field) {
$def = $phpc_cal->get_field($field['fid']);
$event_header->add(tag('div', $def['name'] . ": " . $field['value']));
}
$dialog = tag('div', attrs('id="phpc-dialog"', 'title="' . __("Confirmation required") . '"'), __("Permanently delete this event?"));
$dialog2 = tag('div', attrs('id="phpc-dialog-occ"', 'title="' . __("Confirmation required") . '"'), __("Permanently delete this occurrence?"));
return tag('div', attributes('class="phpc-main phpc-event"'), $dialog, $dialog2, $event_menu, tag('h2', $event->get_subject()), $event_header, $desc_tag, tag('div', attrs('class="phpc-occ"'), tag('h3', __('Occurrences')), $occurrences_menu, $occurrences_tag));
}
function create_tables()
{
global $db;
$dict = NewDataDictionary($db);
$flds = "\n" . "id I NOTNULL PRIMARY,\n" . "uid I,\n" . "startdate D,\n" . "enddate D,\n" . "starttime T,\n" . "duration I,\n" . "eventtype I,\n" . "subject C(255),\n" . "description B,\n" . "calendar C(32)\n";
$sqlarray = $dict->CreateTableSQL(SQL_PREFIX . 'events', $flds) or soft_error("Problem creating table SQL");
echo "<pre>";
print_r($sqlarray);
echo "</pre>";
$result = $dict->ExecuteSQLArray($sqlarray) or soft_error("Problem executing SQL for table.");
if ($result == 1) {
db_error("Error creating table " . SQL_PREFIX . "events:");
}
$flds = "\n" . "calendar C(32) NOTNULL DEFAULT '0',\n" . "uid I NOTNULL PRIMARY,\n" . "username C(32) NOTNULL,\n" . "password C(32) NOTNULL default '',\n" . "admin I1 NOTNULL DEFAULT 0\n";
$sqlarray = $dict->CreateTableSQL(SQL_PREFIX . 'users', $flds);
echo "<pre>";
print_r($sqlarray);
echo "</pre>";
$result = $dict->ExecuteSQLArray($sqlarray) or soft_error("Error creating table " . SQL_PREFIX . "users");
if ($result == 1) {
db_error("Error creating table " . SQL_PREFIX . "users");
}
$flds = "\n" . "calendar C(32) NOTNULL PRIMARY,\n" . "hours_24 I1 NOTNULL DEFAULT 0,\n" . "start_monday I1 NOTNULL DEFAULT 0,\n" . "translate I1 NOTNULL DEFAULT 0,\n" . "anon_permission I1 NOTNULL DEFAULT 0,\n" . "subject_max I2 NOTNULL DEFAULT 32,\n" . "contact_name C(255) NOTNULL DEFAULT '',\n" . "contact_email C(255) NOTNULL DEFAULT '',\n" . "calendar_title C(255) NOTNULL DEFAULT '',\n" . "url C(200) NOTNULL DEFAULT ''\n";
$sqlarray = $dict->CreateTableSQL(SQL_PREFIX . 'calendars', $flds);
echo "<pre>";
print_r($sqlarray);
echo "</pre>";
$result = $dict->ExecuteSQLArray($sqlarray) or soft_error("Error creating table " . SQL_PREFIX . "calendars");
if ($result == 1) {
db_error("Error creating table " . SQL_PREFIX . "calendars");
}
}
function process_form()
{
global $vars, $phpcdb, $phpc_cal, $phpcid, $phpc_script;
if (!isset($vars['eid']) && !isset($vars['oid'])) {
soft_error(__("Cannot create occurrence."));
}
$start_ts = get_timestamp("start");
$end_ts = get_timestamp("end");
switch ($vars["time-type"]) {
case 'normal':
$time_type = 0;
break;
case 'full':
$time_type = 1;
break;
case 'tba':
$time_type = 2;
break;
default:
soft_error(__("Unrecognized Time Type."));
}
$duration = $end_ts - $start_ts;
if ($duration < 0) {
soft_error(__("An event cannot have an end earlier than its start."));
}
verify_token();
if (!$phpc_cal->can_write()) {
permission_error(__('You do not have permission to write to this calendar.'));
}
if (!isset($vars['oid'])) {
$modify = false;
if (!isset($vars["eid"])) {
soft_error(__("EID not set."));
}
$oid = $phpcdb->create_occurrence($vars["eid"], $time_type, $start_ts, $end_ts);
} else {
$modify = true;
$oid = $vars["oid"];
$phpcdb->modify_occurrence($oid, $time_type, $start_ts, $end_ts);
}
if ($oid != 0) {
if ($modify) {
$message = __("Modified occurence: ");
} else {
$message = __("Created occurence: ");
}
return message_redirect(tag('', $message, create_event_link($oid, 'display_event', $oid)), "{$phpc_script}?action=display_event&phpcid={$phpcid}&oid={$oid}");
} else {
return message_redirect(__('Error submitting occurrence.'), "{$phpc_script}?action=display_month&phpcid={$phpcid}");
}
}
function menu_item_append(&$html, $name, $action, $year = false, $month = false, $day = false, $lastaction = false)
{
if (!is_object($html)) {
soft_error('Html is not a valid Html class.');
}
$html->add(create_date_link($name, $action, $year, $month, $day, false, $lastaction));
$html->add("\n");
}
function process_form()
{
global $vars, $phpcdb, $phpc_cal, $phpcid, $phpc_script, $phpc_user;
// When modifying events, this is the value of the checkbox that
// determines if the date should change
$modify_occur = !isset($vars['eid']) || !empty($vars['phpc-modify']);
if ($modify_occur) {
$start_ts = get_timestamp("start");
$end_ts = get_timestamp("end");
switch ($vars["time-type"]) {
case 'normal':
$time_type = 0;
break;
case 'full':
$time_type = 1;
break;
case 'tba':
$time_type = 2;
break;
default:
soft_error(__("Unrecognized Time Type."));
}
$duration = $end_ts - $start_ts;
if ($duration < 0) {
message(__("An event cannot have an end earlier than its start."));
return display_form();
}
}
verify_token();
if (0) {
permission_error(__('You do not have permission to write to this calendar.'));
}
if ($phpc_cal->can_create_readonly() && !empty($vars['readonly'])) {
$readonly = true;
} else {
$readonly = false;
}
$catid = empty($vars['catid']) ? false : $vars['catid'];
if (!isset($vars['eid'])) {
$modify = false;
$eid = $phpcdb->create_event($phpcid, $phpc_user->get_uid(), $vars["subject"], $vars["description"], $readonly, $catid);
} else {
$modify = true;
$eid = $vars['eid'];
$phpcdb->modify_event($eid, $vars['subject'], $vars['description'], $readonly, $catid);
if ($modify_occur) {
$phpcdb->delete_occurrences($eid);
}
}
if ($modify_occur) {
$oid = $phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences = 1;
switch ($vars["repeats"]) {
case "never":
break;
case 'daily':
if (!isset($vars["every-day"])) {
soft_error(__("Required field \"every-day\" is not set."));
}
$ndays = $vars["every-day"];
if ($ndays < 1) {
soft_error(__("every-day must be greater than 1"));
}
$daily_until = get_timestamp("daily-until");
while ($occurrences <= 730) {
$start_ts = add_days($start_ts, $ndays);
$end_ts = add_days($end_ts, $ndays);
if (days_between($start_ts, $daily_until) < 0) {
break;
}
$phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences++;
}
break;
case 'weekly':
if (!isset($vars["every-week"])) {
soft_error(__("Required field \"every-week\" is not set."));
}
if ($vars["every-week"] < 1) {
soft_error(__("every-week must be greater than 1"));
}
$ndays = $vars["every-week"] * 7;
$weekly_until = get_timestamp("weekly-until");
while ($occurrences <= 730) {
$start_ts = add_days($start_ts, $ndays);
$end_ts = add_days($end_ts, $ndays);
if (days_between($start_ts, $weekly_until) < 0) {
break;
}
$phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences++;
}
break;
case 'monthly':
if (!isset($vars["every-month"])) {
soft_error(__("Required field \"every-month\" is not set."));
}
if ($vars["every-month"] < 1) {
soft_error(__("every-month must be greater than 1"));
}
$nmonths = $vars["every-month"];
$monthly_until = get_timestamp("monthly-until");
while ($occurrences <= 730) {
$start_ts = add_months($start_ts, $nmonths);
$end_ts = add_months($end_ts, $nmonths);
if (days_between($start_ts, $monthly_until) < 0) {
break;
}
$phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences++;
}
break;
case 'yearly':
if (!isset($vars["every-year"])) {
soft_error(__("Required field \"every-year\" is not set."));
}
if ($vars["every-year"] < 1) {
soft_error(__("every-month must be greater than 1"));
}
$nyears = $vars["every-year"];
$yearly_until = get_timestamp("yearly-until");
while ($occurrences <= 730) {
$start_ts = add_years($start_ts, $nyears);
$end_ts = add_years($end_ts, $nyears);
if (days_between($start_ts, $yearly_until) < 0) {
break;
}
$phpcdb->create_occurrence($eid, $time_type, $start_ts, $end_ts);
$occurrences++;
}
break;
default:
soft_error(__("Invalid event type."));
}
}
if ($eid != 0) {
if ($modify) {
$message = __("Modified event: ");
} else {
$message = __("Created event: ");
}
/* before
return message_redirect(tag($eid, $message,
create_event_link('', 'display_event',
$eid)), */
return message_redirect(tag('', $message, create_event_link('', 'display_event', '')), "{$phpc_script}?action=display_event&phpcid={$phpcid}&oid={$oid}");
/* <-- before last paremeter was &eid=$eid instead of &oid=$oid */
} else {
return message_redirect(__('Error submitting event.'), "{$phpc_script}?action=display_month&phpcid={$phpcid}");
}
}
function create_config_input($element, $default = false)
{
$name = $element[0];
$text = $element[1];
$type = $element[2];
$value = false;
if (isset($element[3])) {
$value = $element[3];
}
switch ($type) {
case PHPC_CHECK:
if ($default == false) {
$default = $value;
}
$input = create_checkbox($name, '1', $default, $text);
break;
case PHPC_TEXT:
if ($default == false) {
$default = $value;
}
$input = create_text($name, $default);
break;
case PHPC_DROPDOWN:
$input = create_select($name, $value, $default);
break;
case PHPC_MULTI_DROPDOWN:
$input = create_multi_select($name, $value, $default);
break;
default:
soft_error(__('Unsupported config type') . ": {$type}");
}
return $input;
}
function connect_db($hostname, $username, $passwd, $database = false)
{
$dbh = new mysqli($hostname, $username, $passwd);
if (mysqli_connect_errno()) {
soft_error("Database connect failed (" . mysqli_connect_errno() . "): " . mysqli_connect_error());
}
if ($database) {
$dbh->select_db($database);
}
$dbh->query("SET NAMES 'utf8'");
return $dbh;
}
function format_short_date_string($year, $month, $day, $date_format)
{
switch ($date_format) {
case 0:
// Month Day Year
return "{$month}/{$day}/{$year}";
case 1:
// Year Month Day
return "{$year}-{$month}-{$day}";
case 2:
// Day Month Year
return "{$day}-{$month}-{$year}";
default:
soft_error("Invalid date_format");
}
}
function event_submit()
{
global $calendar_name, $day, $month, $year, $db, $vars, $config, $phpc_script;
/* Validate input */
if (isset($vars['id'])) {
$id = $vars['id'];
$modify = 1;
} else {
$modify = 0;
}
if (isset($vars['description'])) {
$description = $vars['description'];
} else {
$description = '';
}
if (isset($vars['subject'])) {
$subject = $vars['subject'];
} else {
$subject = '';
}
if (empty($vars['day'])) {
soft_error(_('No day was given.'));
}
if (empty($vars['month'])) {
soft_error(_('No month was given.'));
}
if (empty($vars['year'])) {
soft_error(_('No year was given'));
}
if (isset($vars['hour'])) {
$hour = $vars['hour'];
} else {
soft_error(_('No hour was given.'));
}
if (!$config['hours_24']) {
if (array_key_exists('pm', $vars) && $vars['pm']) {
if ($hour < 12) {
$hour += 12;
}
} elseif ($hour == 12) {
$hour = 0;
}
}
if (array_key_exists('minute', $vars)) {
$minute = $vars['minute'];
} else {
soft_error(_('No minute was given.'));
}
if (isset($vars['durationmin'])) {
$duration_min = $vars['durationmin'];
} else {
soft_error(_('No duration minute was given.'));
}
if (isset($vars['durationhour'])) {
$duration_hour = $vars['durationhour'];
} else {
soft_error(_('No duration hour was given.'));
}
if (isset($vars['typeofevent'])) {
$typeofevent = $vars['typeofevent'];
} else {
soft_error(_('No type of event was given.'));
}
if (isset($vars['multiday']) && $vars['multiday'] == '1') {
if (isset($vars['endday'])) {
$end_day = $vars['endday'];
} else {
soft_error(_('No end day was given'));
}
if (isset($vars['endmonth'])) {
$end_month = $vars['endmonth'];
} else {
soft_error(_('No end month was given'));
}
if (isset($vars['endyear'])) {
$end_year = $vars['endyear'];
} else {
soft_error(_('No end year was given'));
}
} else {
$end_day = $day;
$end_month = $month;
$end_year = $year;
}
if (strlen($subject) > $config['subject_max']) {
soft_error(_('Your subject was too long') . ". {$config['subject_max']} " . _('characters max') . ".");
}
$startstamp = mktime($hour, $minute, 0, $month, $day, $year);
$endstamp = mktime(0, 0, 0, $end_month, $end_day, $end_year);
if ($endstamp < mktime(0, 0, 0, $month, $day, $year)) {
soft_error(_('The start of the event cannot be after the end of the event.'));
}
$startdate = $db->DBDate($startstamp);
$starttime = $db->DBDate(date("Y-m-d H:i:s", $startstamp));
$enddate = $db->DBDate($endstamp);
$duration = $duration_hour * 60 + $duration_min;
$table = SQL_PREFIX . 'events';
if ($modify) {
$event = get_event_by_id($id);
if (!check_user($event['uid']) && $config['anon_permission'] < 2) {
soft_error(_('You do not have permission to modify this event.'));
}
$query = "UPDATE {$table}\n" . "SET startdate={$startdate},\n" . "enddate={$enddate},\n" . "starttime={$starttime},\n" . "duration='{$duration}',\n" . "subject='{$subject}',\n" . "description='{$description}',\n" . "eventtype='{$typeofevent}'\n" . "WHERE id='{$id}'";
} else {
if (!is_user() && $config['anon_permission'] < 1) {
soft_error(_('You do not have permission to post.'));
}
$id = $db->GenID(SQL_PREFIX . 'sequence');
$query = "INSERT INTO {$table}\n" . "(id, uid, startdate, enddate, starttime, duration," . " subject, description, eventtype, calendar)\n" . "VALUES ({$id}, '{$_SESSION["uid{$calendar_name}"]}', " . "{$startdate}, {$enddate}, {$starttime}, '{$duration}', " . "'{$subject}', '{$description}', '{$typeofevent}', " . "'{$calendar_name}')";
}
$result = $db->Execute($query);
if (!$result) {
db_error(_('Error processing event'), $query);
}
$affected = $db->Affected_Rows($result);
if ($affected < 1) {
return tag('div', _('No changes were made.'));
}
session_write_close();
redirect("{$phpc_script}?action=display&id={$id}");
return tag('div', attributes('class="box"'), _('Date updated') . ": {$affected}");
}