$sql .= "FROM rs_data_users WHERE login <> 'anyone' ORDER BY last_name, first_name;";
$users = db_query($database_name, $sql, "no", "no");
$users_list = "";
while ($users_ = fetch_array($users)) {
if (isset($booker_id)) {
$id = $booker_id;
} else {
$id = $_COOKIE["bookings_user_id"];
}
if ($users_["user_id"] == $id) {
$selected = " selected";
} else {
$selected = "";
}
$users_list .= "<option value=\"" . $users_["user_id"] . "\"" . $selected . ">";
$users_list .= unDuplicateName($users_["first_name"], $users_["last_name"]);
$users_list .= "</option>";
}
$book_id = $_REQUEST["book_id"];
$object_id = $_REQUEST["object_id"];
$managers_names = getObjectInfos($object_id, "managers_names");
if ($managers_names != "") {
$managers_names = Translate("managed by", 1) . " " . $managers_names;
} else {
$managers_names = Translate("not managed", 1);
}
?>
<script type="text/javascript"><!--
<?php
$custom_permissions_table = "";
$custom_permissions_script = "";
$n = 0;
$sql = "SELECT rs_data_users.first_name, rs_data_users.last_name, ";
$sql .= "rs_data_permissions.permission_id, rs_data_permissions.permission ";
$sql .= "FROM (rs_data_permissions INNER JOIN rs_data_users ON rs_data_permissions.user_id = rs_data_users.user_id) ";
$sql .= "INNER JOIN rs_param_profiles ON rs_data_users.profile_id = rs_param_profiles.profile_id ";
$sql .= "WHERE rs_data_permissions.object_id = " . $object_id . " ";
$sql .= "ORDER BY rs_data_users.first_name, rs_data_users.last_name;";
$custom_permissions = db_query($database_name, $sql, "no", "no");
while ($custom_permissions_ = fetch_array($custom_permissions)) {
$n++;
$custom_permissions_table .= "<tr>\n";
$custom_permissions_table .= "<td style=\"text-align:left\">";
$custom_permissions_table .= "<a href=\"JavaScript:DeleteCustomPermission(" . $custom_permissions_["permission_id"] . ")\"><img src=\"pictures/delete.gif\" alt=\"" . Translate("Delete", 1) . "\"></a> ";
$custom_permissions_table .= unDuplicateName($custom_permissions_["first_name"], $custom_permissions_["last_name"]);
$custom_permissions_table .= "<input type=\"hidden\" id=\"permission_id_" . $n . "\" name=\"permission_id_" . $n . "\" value=\"" . $custom_permissions_["permission_id"] . "\"></td>\n";
$custom_permissions_table .= "<td><input type=\"radio\" id=\"none_" . $n . "\" name=\"custom_permission_" . $n . "\" value=\"none\">\n";
$custom_permissions_table .= "<td><input type=\"radio\" id=\"view_" . $n . "\" name=\"custom_permission_" . $n . "\" value=\"view\">\n";
$custom_permissions_table .= "<td><input type=\"radio\" id=\"add_" . $n . "\" name=\"custom_permission_" . $n . "\" value=\"add\">\n";
$custom_permissions_table .= "<td><input type=\"radio\" id=\"modify_" . $n . "\" name=\"custom_permission_" . $n . "\" value=\"modify\">\n";
$custom_permissions_table .= "<td><input type=\"radio\" id=\"manage_" . $n . "\" name=\"custom_permission_" . $n . "\" value=\"manage\">\n";
$custom_permissions_table .= "<td> </td>";
$custom_permissions_table .= "</tr>\n";
$custom_permissions_script .= "\$(\"" . $custom_permissions_["permission"] . "_" . $n . "\").checked = true;\n";
}
$custom_permissions_nb = $n;
?>
<script type="text/javascript"><!--
function getObjectInfos($object_id, $info)
{
global $database_name;
switch ($info) {
case "is_managed":
$sql = "SELECT permission_id FROM rs_data_permissions ";
$sql .= "WHERE object_id = " . $object_id . " AND permission = 'manage' AND user_id <> 0 LIMIT 1;";
$temp = db_query($database_name, $sql, "no", "no");
if ($temp_ = fetch_array($temp)) {
return true;
} else {
return false;
}
break;
case "current_user_is_manager":
$sql = "SELECT permission_id FROM rs_data_permissions ";
$sql .= "WHERE object_id = " . $object_id . " AND permission = 'manage' AND user_id = " . $_COOKIE["bookings_user_id"] . " LIMIT 1;";
$temp = db_query($database_name, $sql, "no", "no");
if ($temp_ = fetch_array($temp)) {
return true;
} else {
return false;
}
break;
case "managers_names":
$sql = "SELECT rs_data_users.last_name, rs_data_users.first_name FROM rs_data_users ";
$sql .= "INNER JOIN rs_data_permissions ON rs_data_users.user_id = rs_data_permissions.user_id ";
$sql .= "WHERE rs_data_permissions.object_id = " . $object_id . " ";
$sql .= "AND rs_data_permissions.permission = 'manage' ";
$sql .= "ORDER BY rs_data_users.last_name, rs_data_users.first_name;";
$temp = db_query($database_name, $sql, "no", "no");
$managers_names = "";
while ($temp_ = fetch_array($temp)) {
$managers_names .= unDuplicateName($temp_["first_name"], $temp_["last_name"]) . ", ";
}
if ($managers_names != "") {
$managers_names = substr($managers_names, 0, -2);
}
return $managers_names;
break;
case "managers_emails":
$sql = "SELECT email FROM rs_data_users ";
$sql .= "INNER JOIN rs_data_permissions ON rs_data_users.user_id = rs_data_permissions.user_id ";
$sql .= "WHERE rs_data_permissions.object_id = " . $object_id . " ";
$sql .= "AND rs_data_permissions.permission = 'manage' ";
$sql .= "ORDER BY rs_data_users.last_name, rs_data_users.first_name;";
$temp = db_query($database_name, $sql, "no", "no");
$managers_emails = "";
while ($temp_ = fetch_array($temp)) {
$managers_emails .= $temp_["email"] . ",";
}
if ($managers_emails != "") {
$managers_emails = substr($managers_emails, 0, -1);
}
return $managers_emails;
}
}
$sql .= "FROM rs_data_bookings ";
$sql .= "INNER JOIN rs_data_objects ON rs_data_objects.object_id = rs_data_bookings.object_id ";
$sql .= "LEFT JOIN rs_data_users ON rs_data_bookings.user_id = rs_data_users.user_id ";
$sql .= "WHERE rs_data_bookings.object_id = " . $objects_["object_id"] . " ";
$sql .= "AND ((book_start >= '" . date("Y-m-d", $current_day_start) . "' ";
$sql .= "AND book_start < '" . date("Y-m-d", $current_day_start + 86400) . "') ";
$sql .= "OR (book_end >= '" . date("Y-m-d", $current_day_start) . "' ";
$sql .= "AND book_end < '" . date("Y-m-d", $current_day_start + 86400) . "') ";
$sql .= "OR (book_start <= '" . date("Y-m-d", $current_day_start) . "' ";
$sql .= "AND book_end >= '" . date("Y-m-d", $current_day_start) . "')) ";
$sql .= "ORDER BY book_start ASC;";
$bookings = db_query($database_name, $sql, "no", "no");
$html .= "<td style=\"text-align:left; height:" . $cells_height . "px; width:" . $day_width . "\">\n";
$html .= "<div class=\"object_line\" style=\"background:#" . $free_color . "; left:0px; height:" . $bookline_height . "px; width:" . $day_width . "px\">\n";
while ($bookings_ = fetch_array($bookings)) {
$booking_user_name = unDuplicateName($bookings_["first_name"], $bookings_["last_name"]);
if ($bookings_["validated"]) {
$booking_color = $validated_color;
} else {
$booking_color = $unvalidated_color;
}
$booking_info = $bookings_["misc_info"];
if ($booking_info == "") {
$booking_info = "(" . Translate("No details", 1) . ")";
}
$booking_duration = strtotime($bookings_["book_end"]) - strtotime($bookings_["book_start"]);
if (strtotime($bookings_["book_start"]) <= $current_day_start) {
$booking_start = 0;
} else {
$booking_start = strtotime($bookings_["book_start"]) - $current_day_start;
}