}
} else {
if (isset($_FILES['ics_file']['tmp_name']) && $_FILES['ics_file']['tmp_name'] != '') {
/**
* If the user has uploaded a .ics file as a calendar, we fake this out
* as if it were a "PUT" request against a collection. This is something
* of a hack. It works though :-)
*/
$ics = trim(file_get_contents($_FILES['ics_file']['tmp_name']));
dbg_error_log('collection-edit', ':Write: Loaded %d bytes from %s', strlen($ics), $_FILES['ics_file']['tmp_name']);
include_once 'check_UTF8.php';
if (!check_string($ics)) {
$ics = force_utf8($ics);
}
if (check_string($ics)) {
$path = $editor->Value('dav_name');
$user_no = $editor->Value('user_no');
$username = $editor->Value('username');
include_once 'caldav-PUT-functions.php';
controlRequestContainer($username, $user_no, $path, false, $publicly_readable == 'on' ? true : false);
import_collection($ics, $user_no, $path, $session->user_no);
$c->messages[] = sprintf(translate('Calendar "%s" was loaded from file.'), $path);
} else {
$c->messages[] = i18n('The file is not UTF-8 encoded, please check the error for more details.');
}
}
}
} else {
if ($id > 0) {
$editor->GetRecord();
}
function principal_editor()
{
global $c, $id, $can_write_principal, $session;
$editor = new Editor(translate('Principal'), 'dav_principal');
$editor->SetLookup('date_format_type', "SELECT 'E', 'European' UNION SELECT 'U', 'US Format' UNION SELECT 'I', 'ISO Format'");
$editor->SetLookup('type_id', 'SELECT principal_type_id, principal_type_desc FROM principal_type ORDER BY principal_type_id');
$editor->SetLookup('locale', 'SELECT \'\', \'' . translate("*** Default Locale ***") . '\' UNION SELECT locale, locale_name_locale FROM supported_locales ORDER BY 1 ASC');
$editor->AddAttribute('locale', 'title', translate("The preferred language for this person."));
$editor->AddAttribute('fullname', 'title', translate("The full name for this person, group or other type of principal."));
$editor->SetWhere('principal_id=' . $id);
$editor->AddField('is_admin', 'EXISTS( SELECT 1 FROM role_member WHERE role_no = 1 AND role_member.user_no = dav_principal.user_no )');
$editor->AddAttribute('is_admin', 'title', translate('An "Administrator" user has full rights to the whole DAViCal System'));
$post_values = false;
if (isset($_POST['xxxxusername'])) {
$_POST['xxxxusername'] = trim(str_replace('/', '', $_POST['xxxxusername']));
if ($_POST['xxxxusername'] == '') {
$c->messages[] = i18n("The username must not be blank, and may not contain a slash");
$can_write_principal = false;
}
}
if (isset($_POST['fullname']) && trim($_POST['fullname']) == '') {
$c->messages[] = i18n("The full name must not be blank.");
$can_write_principal = false;
}
if (isset($_POST['email']) && trim($_POST['email']) == '') {
$c->messages[] = i18n("The email address really should not be blank.");
}
$pwstars = '@@@@@@@@@@';
if ($can_write_principal && $editor->IsSubmit()) {
$editor->WhereNewRecord("principal_id=(SELECT CURRVAL('dav_id_seq'))");
if (!$session->AllowedTo('Admin')) {
unset($_POST['admin_role']);
unset($_POST['user_active']);
}
unset($_POST['password']);
if ($_POST['newpass1'] != '' && $_POST['newpass1'] != $pwstars) {
if ($_POST['newpass1'] == $_POST['newpass2']) {
$_POST['password'] = $_POST['newpass1'];
} else {
$c->messages[] = "Password not updated. The supplied passwords do not match.";
}
}
if (isset($_POST['fullname']) && !isset($_POST['displayname'])) {
$_POST['displayname'] = $_POST['fullname'];
}
if (isset($_POST['default_privileges'])) {
$privilege_bitpos = array_flip($privilege_names);
$priv_names = array_keys($_POST['default_privileges']);
$privs = privilege_to_bits($priv_names);
$_POST['default_privileges'] = sprintf('%024s', decbin($privs));
$editor->Assign('default_privileges', $privs_dec);
}
if ($editor->IsCreate()) {
$c->messages[] = i18n("Creating new Principal record.");
} else {
$c->messages[] = i18n("Updating Principal record.");
}
$editor->Write();
if ($_POST['type_id'] != 3 && $editor->IsCreate()) {
/** We only add the default calendar if it isn't a group, and this is a create action */
require_once 'auth-functions.php';
CreateHomeCollections($editor->Value('username'));
}
if ($session->AllowedTo('Admin')) {
if ($_POST['is_admin'] == 'on') {
$sql = 'INSERT INTO role_member (role_no, user_no) SELECT 1, dav_principal.user_no FROM dav_principal WHERE user_no = :user_no AND NOT EXISTS(SELECT 1 FROM role_member rm WHERE rm.role_no = 1 AND rm.user_no = dav_principal.user_no )';
$editor->Assign('is_admin', 't');
} else {
$sql = 'DELETE FROM role_member WHERE role_no = 1 AND user_no = :user_no';
$editor->Assign('is_admin', 'f');
}
$params[':user_no'] = $editor->Value('user_no');
$qry = new AwlQuery($sql, $params);
$qry->Exec('admin-principal-edit');
}
} else {
if (isset($id) && $id > 0) {
$editor->GetRecord();
if ($editor->IsSubmit()) {
$c->messages[] = i18n('You do not have permission to modify this record.');
}
}
}
if ($editor->Available()) {
$c->page_title = $editor->Title(translate('Principal') . ': ' . $editor->Value('fullname'));
} else {
$c->page_title = $editor->Title(translate('Create New Principal'));
$privs = decbin(privilege_to_bits($c->default_privileges));
$editor->Assign('default_privileges', $privs);
$editor->Assign('user_active', 't');
foreach ($c->template_usr as $k => $v) {
$editor->Assign($k, $v);
}
}
if ($post_values) {
$editor->PostToValues();
if (isset($_POST['default_privileges'])) {
$privilege_bitpos = array_flip($privilege_names);
$priv_names = array_keys($_POST['default_privileges']);
$privs = privilege_to_bits($priv_names);
$_POST['default_privileges'] = sprintf('%024s', decbin($privs));
$editor->Assign('default_privileges', $_POST['default_privileges']);
}
}
$prompt_principal_id = translate('Principal ID');
$value_id = $editor->Available() ? '##principal_id.hidden####principal_id.value##' : translate('New Principal');
$prompt_username = translate('Username');
$prompt_password_1 = translate('Change Password');
$prompt_password_2 = translate('Confirm Password');
$prompt_fullname = translate('Fullname');
$prompt_displayname = translate('Display Name');
$prompt_email = translate('Email Address');
$prompt_date_format = translate('Date Format Style');
$prompt_admin = translate('Administrator');
$prompt_active = translate('Active');
$prompt_locale = translate('Locale');
$prompt_type = translate('Principal Type');
$prompt_privileges = translate('Privileges granted to All Users');
$privs_html = build_privileges_html($editor, 'default_privileges');
$admin_row_entry = '';
$delete_principal_button = '';
if ($session->AllowedTo('Admin')) {
$admin_row_entry = ' <tr> <th class="right">' . $prompt_admin . ':</th><td class="left">##is_admin.checkbox##</td> </tr>';
$admin_row_entry .= ' <tr> <th class="right">' . $prompt_active . ':</th><td class="left">##user_active.checkbox##</td> </tr>';
if (isset($id)) {
$delete_principal_button = '<a href="' . $c->base_url . '/admin.php?action=edit&t=principal&subaction=delete_principal&id=' . $id . '" class="submit">' . translate("Delete Principal") . '</a>';
}
}
$id = $editor->Value('principal_id');
$template = <<<EOTEMPLATE
##form##
<script language="javascript">
function toggle_privileges() {
var argv = toggle_privileges.arguments;
var argc = argv.length;
if ( argc < 2 ) {
return;
}
var match_me = argv[0];
var set_to = -1;
if ( argv[1] == 'all' ) {
var form = document.getElementById(argv[2]);
var fieldcount = form.elements.length;
var matching = '/^' + match_me + '/';
for (var i = 0; i < fieldcount; i++) {
var fieldname = form.elements[i].name;
if ( fieldname.match( match_me ) ) {
if ( set_to == -1 ) {
set_to = ( form.elements[i].checked ? 0 : 1 );
}
form.elements[i].checked = set_to;
}
}
}
else {
for (var i = 1; i < argc; i++) {
var f = document.getElementById( match_me + '_' + argv[i]);
if ( set_to == -1 ) {
set_to = ( f.checked ? 0 : 1 );
}
f.checked = set_to;
}
}
}
</script>
<style>
th.right, label.privilege {
white-space:nowrap;
}
label.privilege {
margin:0.2em 1em 0.2em 0.1em;
padding:0 0.2em;
line-height:1.6em;
font-size:87%;
}
</style>
<table>
<tr> <th class="right">{$prompt_principal_id}:</th><td class="left">
<table width="100%" class="form_inner"><tr>
<td>{$value_id}</td>
<td align="right">{$delete_principal_button}</td>
</tr></table>
</td></tr>
<tr> <th class="right">{$prompt_username}:</th> <td class="left">##xxxxusername.input.50##</td> </tr>
<tr> <th class="right">{$prompt_password_1}:</th> <td class="left">##newpass1.password.{$pwstars}##</td> </tr>
<tr> <th class="right">{$prompt_password_2}:</th> <td class="left">##newpass2.password.{$pwstars}##</td> </tr>
<tr> <th class="right">{$prompt_fullname}:</th> <td class="left">##fullname.input.50##</td> </tr>
<tr> <th class="right">{$prompt_email}:</th> <td class="left">##email.input.50##</td> </tr>
<tr> <th class="right">{$prompt_locale}:</th> <td class="left">##locale.select##</td> </tr>
<tr> <th class="right">{$prompt_date_format}:</th> <td class="left">##date_format_type.select##</td> </tr>
<tr> <th class="right">{$prompt_type}:</th> <td class="left">##type_id.select##</td> </tr>
{$admin_row_entry}
<tr> <th class="right" style="white-space:normal;">{$prompt_privileges}:</th><td class="left">{$privs_html}</td> </tr>
<tr> <th class="right"></th> <td class="left" colspan="2">##submit##</td> </tr>
</table>
</form>
EOTEMPLATE;
$editor->SetTemplate($template);
return $editor;
}
}
} else {
if (isset($_FILES['ics_file']['tmp_name']) && $_FILES['ics_file']['tmp_name'] != '') {
/**
* If the user has uploaded a .ics file as a calendar, we fake this out
* as if it were a "PUT" request against a collection. This is something
* of a hack. It works though :-)
*/
$ics = trim(file_get_contents($_FILES['ics_file']['tmp_name']));
dbg_error_log('collection-edit', ':Write: Loaded %d bytes from %s', strlen($ics), $_FILES['ics_file']['tmp_name']);
include_once 'check_UTF8.php';
if (!check_string($ics)) {
$ics = force_utf8($ics);
}
if (check_string($ics)) {
$path = $editor->Value('dav_name');
$user_no = $editor->Value('user_no');
$username = $editor->Value('username');
param_to_global('mode');
include_once 'caldav-PUT-functions.php';
controlRequestContainer($username, $user_no, $path, false, $publicly_readable == 'on' ? true : false);
import_collection($ics, $user_no, $path, $session->user_no, $mode == 'on');
$c->messages[] = sprintf(translate('Calendar "%s" was loaded from file.'), $path);
} else {
$c->messages[] = i18n('The file is not UTF-8 encoded, please check the error for more details.');
}
}
}
// Uncache anything to do with the collection
$cache = getCacheInstance();
$cache->delete('collection-' . $editor->Value('dav_name'), null);
