function print_user_list()
{
global $single_user, $is_admin, $nonuser_enabled, $login, $is_nonuser_admin, $is_assistant;
if ($single_user == "N" && $is_admin) {
$userlist = get_my_users();
if ($nonuser_enabled == "Y") {
$nonusers = get_nonuser_cals();
$userlist = !empty($nonuser_at_top) && $nonuser_at_top == "Y" ? array_merge($nonusers, $userlist) : array_merge($userlist, $nonusers);
}
$num_users = 0;
$size = 0;
$users = "";
for ($i = 0; $i < count($userlist); $i++) {
$l = $userlist[$i]['cal_login'];
$size++;
$users .= "<option value=\"" . $l . "\"";
if (!empty($id) && $id > 0) {
if (!empty($participants[$l])) {
$users .= " selected=\"selected\"";
}
} else {
if ($l == $login && !$is_assistant && !$is_nonuser_admin) {
$users .= " selected=\"selected\"";
}
}
$users .= ">" . $userlist[$i]['cal_fullname'] . "</option>\n";
}
if ($size > 50) {
$size = 15;
} else {
if ($size > 5) {
$size = 5;
}
}
print "<tr><td style=\"vertical-align:top;\">\n";
print "<label for=\"caluser\">" . translate("Calendar") . "</label></td><td>\n";
print "<select name=\"calUser\" id=\"caluser\" size=\"{$size}\">{$users}\n";
print "</select>\n";
print "</td></tr>\n";
}
}
if ($allow_view_other != 'Y' && !$is_admin) {
$user = "";
}
$can_add = $readonly == "N" || $is_admin == "Y";
if ($public_access == "Y" && $login == "__public__") {
if ($public_access_can_add != "Y") {
$can_add = false;
}
if ($public_access_others != "Y") {
$user = "";
}
// security precaution
}
if ($groups_enabled == "Y" && $user_sees_only_his_groups == "Y" && !$is_admin) {
$valid_user = false;
$userlist = get_my_users();
if ($nonuser_enabled == "Y") {
$nonusers = get_nonuser_cals();
$userlist = array_merge($nonusers, $userlist);
}
for ($i = 0; $i < count($userlist); $i++) {
if ($user == $userlist[$i]['cal_login']) {
$valid_user = true;
}
}
if ($valid_user == false) {
$user = "";
// security precaution
}
}
if (!empty($user)) {
dbi_free_result($res);
} else {
$error = translate("Database error") . ": " . dbi_error();
}
if ($all_users) {
$viewusers = array();
$users = get_my_users();
for ($i = 0; $i < count($users); $i++) {
$viewusers[] = $users[$i]['cal_login'];
}
} else {
// Make sure this user is allowed to see all users in this view
// If this is a global view, it may include users that this user
// is not allowed to see.
if (!empty($user_sees_only_his_groups) && $user_sees_only_his_groups == 'Y') {
$myusers = get_my_users();
if (!empty($nonuser_enabled) && $nonuser_enabled == "Y") {
$myusers = array_merge($myusers, get_nonuser_cals());
}
$userlookup = array();
for ($i = 0; $i < count($myusers); $i++) {
$userlookup[$myusers[$i]['cal_login']] = 1;
}
$newlist = array();
for ($i = 0; $i < count($viewusers); $i++) {
if (!empty($userlookup[$viewusers[$i]])) {
$newlist[] = $viewusers[$i];
}
}
$viewusers = $newlist;
}
if ($login != '__public__') {
if (!$is_nonuser && $readonly == 'N') {
if (!access_is_enabled() || access_can_access_function(ACCESS_ADMIN_HOME) || access_can_access_function(ACCESS_PREFERENCES)) {
$goto_link[] = '<a title="' . $adminStr . '" class="bold" href="adminhome.php' . ($is_nonuser_admin ? '?user='******'') . "\">{$adminStr}" . '</a>';
}
if ($REQUIRE_APPROVALS == 'Y' || $PUBLIC_ACCESS == 'Y') {
$goto_link[] = '<a title="' . $unapprovedStr . '" href="list_unapproved.php' . ($is_nonuser_admin ? '?user='******'user') : '') . "\">{$unapprovedStr}" . '</a>';
}
}
}
if ($login == '__public__' && $PUBLIC_ACCESS_OTHERS != 'Y' || $is_nonuser && !access_is_enabled()) {
// Don't allow them to see other people's calendar.
} else {
if (($ALLOW_VIEW_OTHER == 'Y' || $is_admin) && (!access_is_enabled() || access_can_access_function(ACCESS_ANOTHER_CALENDAR))) {
// Get count of users this user can see. If > 1, then...
$ulist = array_merge(get_my_users(), get_my_nonusers($login, true));
if (count($ulist) > 1) {
$calStr = translate('Another Users Calendar');
$goto_link[] = '<a title="' . $calStr . '" href="select_user.php">' . $calStr . '</a>';
}
}
}
} else {
$goto_link[] = '<a title="' . $myCalStr . '" class="bold" href="' . "{$mycal}\">{$myCalStr}" . '</a>';
$goto_link[] = '<a title="' . $todayStr . '" class="bold" href="' . "{$todayURL}\">{$todayStr}" . '</a>';
if ($readonly == 'N') {
$goto_link[] = '<a title="' . $adminStr . '" class="bold" href="adminhome.php">' . $adminStr . '</a>';
}
}
// Only display some links if we're viewing our own calendar.
if (empty($user) || $user == $login) {
function display_unapproved_events($user)
{
global $is_admin, $is_nonuser, $login, $MENU_ENABLED, $NONUSER_ENABLED, $PUBLIC_ACCESS;
static $retval;
// Don't do this for public access login,
// admin user must approve public events if UAC is not enabled.
if ($user == '__public__' || $is_nonuser) {
return;
}
// Don't run this more than once.
if (!empty($retval[$user])) {
return $retval[$user];
}
$app_user_hash = $app_users = $query_params = array();
$query_params[] = $user;
$ret = '';
$sql = 'SELECT COUNT( weu.cal_id ) FROM webcal_entry_user weu, webcal_entry we
WHERE weu.cal_id = we.cal_id AND weu.cal_status = \'W\'
AND ( weu.cal_login = ?' . ($PUBLIC_ACCESS == 'Y' && $is_admin && !access_is_enabled() ? ' OR weu.cal_login = \'__public__\'' : '');
if (access_is_enabled()) {
$app_user_hash[$login] = 1;
$app_users[] = $login;
$all = $NONUSER_ENABLED == 'Y' ? array_merge(get_my_users(), get_my_nonusers()) : get_my_users();
for ($j = 0, $cnt = count($all); $j < $cnt; $j++) {
$x = $all[$j]['cal_login'];
if (access_user_calendar('approve', $x) && empty($app_user_hash[$x])) {
$app_user_hash[$x] = 1;
$app_users[] = $x;
}
}
for ($i = 0, $cnt = count($app_users); $i < $cnt; $i++) {
$query_params[] = $app_users[$i];
$sql .= ' OR weu.cal_login = ? ';
}
} else {
if ($NONUSER_ENABLED == 'Y') {
$admincals = get_my_nonusers($login);
for ($i = 0, $cnt = count($admincals); $i < $cnt; $i++) {
$query_params[] = $admincals[$i]['cal_login'];
$sql .= ' OR weu.cal_login = ? ';
}
}
}
$rows = dbi_get_cached_rows($sql . ' )', $query_params);
if ($rows) {
$row = $rows[0];
if ($row && $row[0] > 0) {
$ret .= $MENU_ENABLED == 'N' ? '<a class="nav" href="list_unapproved.php' . ($user != $login ? '?user='******'"' : '') . '">' . str_replace('XXX', $row[0], translate('You have XXX unapproved entries')) . "</a><br />\n" : '<!--NOP-->';
}
}
$retval[$user] = $ret;
return $ret;
}
$report_id = getValue('report_id', '-?[0-9]+', true);
$selected = ' selected="selected"';
$show_participants = $single_user == 'Y' || $DISABLE_PARTICIPANTS_FIELD == 'Y' ? false : true;
$updating_public = $is_admin && !empty($public) && $PUBLIC_ACCESS == 'Y';
$report_user = $updating_public ? '__public__' : '';
if (empty($report_id)) {
$adding_report = true;
$include_header = $report_allow_nav = 'Y';
$report_id = -1;
$report_is_global = 'N';
}
// Set date range options.
$ranges = array('0' => translate('Tomorrow'), '1' => translate('Today'), '2' => translate('Yesterday'), '3' => translate('Day before yesterday'), '10' => translate('Next week'), '11' => translate('This week'), '12' => translate('Last week'), '13' => translate('Week before last'), '20' => translate('Next week and week after'), '21' => translate('This week and next week'), '22' => translate('Last week and this week'), '23' => translate('Last two weeks'), '30' => translate('Next month'), '31' => translate('This month'), '32' => translate('Last month'), '33' => translate('Month before last'), '40' => translate('Next year'), '41' => translate('This year'), '42' => translate('Last year'), '43' => translate('Year before last'), '50' => translate('Next 14 days'), '51' => translate('Next 30 days'), '52' => translate('Next 60 days'), '53' => translate('Next 90 days'), '54' => translate('Next 180 days'), '55' => translate('Next 365 days'));
// Get list of users visible to the current user.
if (empty($error) && $show_participants) {
$userlist = get_my_users('', 'view');
if ($NONUSER_ENABLED == 'Y') {
// Restrict NUC list if groups are enabled.
$nonusers = get_my_nonusers($login, true, 'view');
$userlist = $NONUSER_AT_TOP == 'Y' ? array_merge($nonusers, $userlist) : array_merge($userlist, $nonusers);
}
$userlistcnt = count($userlist);
}
// Default values.
$day_template = '<dt><b>${date}</b></dt>
<dd><dl>${events}</dl></dd>';
$event_template = '<dt>${name}</dt>
<dd><b>' . translate('Date') . ':</b> ${date}<br />
<b>' . translate('Time') . ':</b> ${time}<br />
${description}</dd>
';
<?php
if ($is_admin) {
$defIdx = !empty($viewisglobal) && $viewisglobal == 'Y' ? 'Y' : 'N';
echo '<tr><td><label>' . translate('Global') . ":</label></td>\n<td>" . print_radio('is_global', '', '', $defIdx, '</td><td>') . "</td></tr>\n";
}
$defIdx = !empty($all_users) && $all_users == true ? 'Y' : 'N';
echo '<tr><td><label>' . translate('Users') . ":</label></td>\n<td>" . print_radio('viewuserall', array('N' => 'Selected', 'Y' => 'All'), 'usermode_handler', $defIdx, '</td><td>') . "</td></tr>\n";
?>
<tr><td colspan="4">
<div id="viewuserlist">
<select name="users[]" id="viewusers" size="10" multiple="multiple">
<?php
// get list of all users
$users = get_my_users('', 'view');
if ($NONUSER_ENABLED == 'Y') {
$nonusers = get_my_nonusers($user, true, 'view');
$users = $NONUSER_AT_TOP == 'Y' ? array_merge($nonusers, $users) : array_merge($users, $nonusers);
}
for ($i = 0, $cnt = count($users); $i < $cnt; $i++) {
$u = $users[$i]['cal_login'];
echo "<option value=\"{$u}\"";
if (!empty($viewuser[$u])) {
echo $selected;
}
echo '>' . $users[$i]['cal_fullname'] . "</option>\n";
}
?>
</select>
<?php
}
}
// List Unapproved.
if ($login != '__public__' && !$is_nonuser && $readonly == 'N' && ($REQUIRE_APPROVALS == 'Y' || $PUBLIC_ACCESS == 'Y')) {
$unapproved_url = 'list_unapproved.php' . ($is_nonuser_admin ? '?user='******'user') : '');
}
// Another User's Calendar.
if ($login == '__public__' && $PUBLIC_ACCESS_OTHERS != 'Y' || $is_nonuser && !access_is_enabled()) {
// Don't allow them to see other people's calendar.
} else {
if ($ALLOW_VIEW_OTHER == 'Y' || $is_admin) {
// Also, make sure they able to access either day/week/month/year view.
// If not, the only way to view another user's calendar is a custom view.
if (!access_is_enabled() || access_can_access_function(ACCESS_ANOTHER_CALENDAR)) {
// Get count of users this user can see. If > 1, then...
$ulist = array_merge(get_my_users($login, 'view'), get_my_nonusers($login, true, 'view'));
//remove duplicates if any
if (function_exists('array_intersect_key')) {
$ulist = array_intersect_key($ulist, array_unique(array_map('serialize', $ulist)));
}
if (count($ulist) > 1) {
$select_user_url = 'select_user.php';
}
}
}
}
}
// Only display some links if we're viewing our own calendar.
if (empty($user) || $user == $login || !empty($user) && access_is_enabled() && access_user_calendar('view', $user)) {
// Search
if (access_can_access_function(ACCESS_SEARCH, $user)) {
function get_list_of_users($user)
{
global $is_admin, $is_nonuser_admin;
//Let Admins userlist be returnd
if ($user == '__default__') {
$user = '';
}
$u = get_my_users($user, 'view');
if ($is_admin || $is_nonuser_admin) {
// Get public NUCs also.
$nonusers = get_my_nonusers($user, true);
$u = array_merge($nonusers, $u);
}
return $u;
}
}
// If a user is specified, we list just that user.
if (($is_assistant || $is_nonuser_admin || $is_admin || access_is_enabled()) && !empty($user) && $user != $login) {
if (!access_is_enabled() || access_user_calendar('approve', $user)) {
$app_user_hash[$user] = 1;
$app_users[] = $user;
} else {
// Not authorized to approve for specified user.
echo translate('Not authorized');
}
} else {
// First, we list ourself.
$app_user_hash[$login] = 1;
$app_users[] = $login;
if (access_is_enabled()) {
$all = $NONUSER_ENABLED == 'Y' ? array_merge(get_my_users(), $my_non_users) : get_my_users();
for ($j = 0, $cnt = count($all); $j < $cnt; $j++) {
$x = $all[$j]['cal_login'];
if (access_user_calendar('approve', $x) && empty($app_user_hash[$x])) {
$app_user_hash[$x] = 1;
$app_users[] = $x;
}
}
} else {
if ($is_admin && $PUBLIC_ACCESS == 'Y' && (empty($user) || $user != '__public__')) {
$app_users_hash['__public__'] = 1;
$app_users[] = '__public__';
}
$all = $my_non_users;
for ($j = 0, $cnt = count($all); $j < $cnt; $j++) {
$x = $all[$j]['cal_login'];
<a name="tabparticipants"></a>
<div id="tabscontent_participants">' : '
<fieldset>
<legend>' . translate('Participants') . '</legend>') . '
<table>';
// .
// Only ask for participants if we are multi-user.
$show_participants = $DISABLE_PARTICIPANTS_FIELD != 'Y';
if ($is_admin) {
$show_participants = true;
}
if ($login == '__public__' && $PUBLIC_ACCESS_OTHERS != 'Y') {
$show_participants = false;
}
if ($single_user == 'N' && $show_participants) {
$userlist = get_my_users($create_by, 'invite');
if ($NONUSER_ENABLED == 'Y') {
// Include public NUCs.
$nonusers = get_my_nonusers($real_user, false);
$userlist = $NONUSER_AT_TOP == 'Y' ? array_merge($nonusers, $userlist) : array_merge($userlist, $nonusers);
}
$num_users = $size = 0;
$usercnt = count($userlist);
$users = '';
for ($i = 0; $i < $usercnt; $i++) {
$l = $userlist[$i]['cal_login'];
$size++;
$users .= '
<option value="' . $l . '"';
if ($id > 0) {
if (!empty($participants[$l])) {
function get_users_to_approve()
{
global $is_admin, $login, $NONUSER_ENABLED, $PUBLIC_ACCESS, $user;
$app_user_hash = $app_users = $my_non_users = array();
$non_users = get_nonuser_cals();
foreach ($non_users as $nonuser) {
if (user_is_nonuser_admin($login, $nonuser['cal_login'])) {
$my_non_users[]['cal_login'] = $nonuser['cal_login'];
// echo $nonuser['cal_login'] . "<br />";
}
}
// First, we list ourself.
$app_users[] = $login;
$app_user_hash[$login] = 1;
if (access_is_enabled()) {
$all = !empty($NONUSER_ENABLED) && $NONUSER_ENABLED == 'Y' ? array_merge(get_my_users(), $my_non_users) : get_my_users();
for ($j = 0, $cnt = count($all); $j < $cnt; $j++) {
$x = $all[$j]['cal_login'];
if (access_user_calendar('approve', $x)) {
if (empty($app_user_hash[$x])) {
$app_users[] = $x;
$app_user_hash[$x] = 1;
}
}
}
} else {
if ($is_admin && $PUBLIC_ACCESS == 'Y' && (empty($user) || $user != '__public__')) {
$app_users[] = '__public__';
$app_users_hash['__public__'] = 1;
}
$all = $my_non_users;
for ($j = 0, $cnt = count($all); $j < $cnt; $j++) {
$x = $all[$j]['cal_login'];
if (empty($app_user_hash[$x])) {
$app_users[] = $x;
$app_user_hash[$x] = 1;
}
}
}
return $app_users;
}
/**
* Remove any users from the view list who this user is not
* allowed to view.
* @param int $view_id id of the view
* @return the array of valid users
*/
function view_get_user_list($view_id)
{
global $error, $login, $is_admin, $NONUSER_ENABLED, $USER_SEES_ONLY_HIS_GROUPS;
// get users in this view
$res = dbi_execute('SELECT cal_login FROM webcal_view_user WHERE cal_view_id = ?', array($view_id));
$ret = array();
$all_users = false;
if ($res) {
while ($row = dbi_fetch_row($res)) {
$ret[] = $row[0];
if ($row[0] == '__all__') {
$all_users = true;
}
}
dbi_free_result($res);
} else {
$error = db_error();
}
if ($all_users) {
$users = get_my_users('', 'view');
$ret = array();
$usercnt = count($users);
for ($i = 0; $i < $usercnt; $i++) {
$ret[] = $users[$i]['cal_login'];
}
} else {
$myusers = get_my_users('', 'view');
if (!empty($NONUSER_ENABLED) && $NONUSER_ENABLED == 'Y') {
$myusers = array_merge($myusers, get_my_nonusers($login, true, 'view'));
}
// Make sure this user is allowed to see all users in this view
// If this is a global view, it may include users that this user
// is not allowed to see.
if (!empty($USER_SEES_ONLY_HIS_GROUPS) && $USER_SEES_ONLY_HIS_GROUPS == 'Y') {
$userlookup = array();
$myusercnt = count($myusers);
for ($i = 0; $i < $myusercnt; $i++) {
$userlookup[$myusers[$i]['cal_login']] = 1;
}
$newlist = array();
$retcnt = count($ret);
for ($i = 0; $i < $retcnt; $i++) {
if (!empty($userlookup[$ret[$i]])) {
$newlist[] = $ret[$i];
}
}
$ret = $newlist;
}
//Sort user list...
$sortlist = array();
$myusercnt = count($myusers);
$retcnt = count($ret);
for ($i = 0; $i < $myusercnt; $i++) {
for ($j = 0; $j < $retcnt; $j++) {
if ($myusers[$i]['cal_login'] == $ret[$j]) {
$sortlist[] = $ret[$j];
break;
}
}
}
$ret = $sortlist;
}
// If user access control enabled, check against that as well.
if (access_is_enabled() && !$is_admin) {
$newlist = array();
$retcnt = count($ret);
for ($i = 0; $i < $retcnt; $i++) {
if (access_user_calendar('view', $ret[$i])) {
$newlist[] = $ret[$i];
}
}
$ret = $newlist;
}
//echo "<pre>"; print_r ( $ret ); echo "</pre>\n";
return $ret;
}
