function ws_init()
{
global $admin_can_add_user, $admin_can_delete_user, $site_extras, $user_inc;
// Load include files.
define('__WC_BASEDIR', '..');
// Points to the base WebCalendar directory
// relative to current working directory.
define('__WC_INCLUDEDIR', '../includes');
include_once __WC_INCLUDEDIR . '/translate.php';
require_once __WC_INCLUDEDIR . '/classes/WebCalendar.class';
require_once __WC_INCLUDEDIR . '/classes/Event.class';
require_once __WC_INCLUDEDIR . '/classes/RptEvent.class';
$WebCalendar =& new WebCalendar(__FILE__);
include_once __WC_INCLUDEDIR . '/config.php';
include_once __WC_INCLUDEDIR . '/dbi4php.php';
include_once __WC_INCLUDEDIR . '/access.php';
include_once __WC_INCLUDEDIR . '/functions.php';
$WebCalendar->initializeFirstPhase();
include_once __WC_INCLUDEDIR . '/' . $user_inc;
include_once __WC_INCLUDEDIR . '/validate.php';
include_once __WC_INCLUDEDIR . '/site_extras.php';
$WebCalendar->initializeSecondPhase();
load_global_settings();
load_user_preferences();
$WebCalendar->setLanguage();
}
preg_match("/\\/(\\w+\\.php)/", $self, $match);
$SCRIPT = $match[1];
// Several files need a no-cache header and some of the same code
$special = array('month.php', 'day.php', 'week.php', 'week_details.php', 'year.php');
$DMW = in_array($SCRIPT, $special);
// Unset some variables that shouldn't be set
unset($user_inc);
include_once 'includes/config.php';
include_once 'includes/php-dbi.php';
include_once 'includes/functions.php';
include_once "includes/{$user_inc}";
include_once 'includes/validate.php';
include_once 'includes/connect.php';
load_global_settings();
if (empty($ovrd)) {
load_user_preferences();
}
include_once 'includes/translate.php';
// error-check some commonly used form variable names
$id = getValue("id", "[0-9]+", true);
$user = getValue("user", "[A-Za-z0-9_\\.=@,\\-]*", true);
$date = getValue("date", "[0-9]+");
$year = getValue("year", "[0-9]+");
$month = getValue("month", "[0-9]+");
$hour = getValue("hour", "[0-9]+");
$minute = getValue("minute", "[0-9]+");
$cat_id = getValue("cat_id", "[0-9]+");
$friendly = getValue("friendly", "[01]");
if (empty($public_access)) {
$public_access = 'N';
}
include 'includes/gradient.php';
$WebCalendar->initializeSecondPhase();
load_global_settings();
// Change this to true to show "no such user" or "invalid password" on
// login failures.
$showLoginFailureReason = true;
if (!empty($last_login)) {
$login = '';
}
if (empty($webcalendar_login)) {
$webcalendar_login = '';
}
if ($REMEMBER_LAST_LOGIN == 'Y' && empty($login)) {
$last_login = $login = $webcalendar_login;
}
load_user_preferences('guest');
$WebCalendar->setLanguage();
$cookie_path = str_replace('login.php', '', $PHP_SELF);
//echo "Cookie path: $cookie_path\n";
// Look for action=logout
$logout = false;
$action = getGetValue('action');
if (!empty($action) && $action == 'logout') {
$logout = true;
$return_path = '';
SetCookie('webcalendar_login', '', 0, $cookie_path);
SetCookie('webcalendar_last_view', '', 0, $cookie_path);
} else {
if (empty($return_path)) {
// see if a return path was set
$return_path = get_last_view(false);
function save_pref($prefs, $src)
{
global $error, $my_theme, $prad;
if (!$prad) {
global $prefuser;
}
$pos = $prad ? 6 : 5;
while (list($key, $value) = each($prefs)) {
if ($src == 'post') {
$prefix = substr($key, 0, $pos);
$setting = substr($key, $pos);
if (!$prad && $prefix != 'pref_' || $prad && $key == 'currenttab') {
continue;
}
// .
// Validate key name.
// If $prad not true, should start with "pref_"
// else should start with "admin_",
// and not include any unusual characters that might be an SQL injection attack.
if (!$prad && !preg_match('/pref_[A-Za-z0-9_]+$/', $key) || $prad && !preg_match('/admin_[A-Za-z0-9_]+$/', $key)) {
die_miserable_death(str_replace('XXX', $key, translate('Invalid setting name XXX.')));
}
} else {
$prefix = $prad ? 'admin_' : 'pref_';
$setting = $key;
}
if (strlen($setting) > 0 && $prefix == 'pref_' || $prefix == 'admin_') {
if ($setting == 'THEME' && $value != 'none') {
$my_theme = strtolower($value);
}
if ($prad) {
$setting = strtoupper($setting);
$sql = 'DELETE FROM webcal_config WHERE cal_setting = ?';
if (!dbi_execute($sql, array($setting))) {
$error = db_error(false, $sql);
break;
}
if (strlen($value) > 0) {
$sql = 'INSERT INTO webcal_config ( cal_setting, cal_value ) VALUES ( ?, ? )';
if (!dbi_execute($sql, array($setting, $value))) {
$error = db_error(false, $sql);
break;
}
}
} else {
dbi_execute('DELETE FROM webcal_user_pref WHERE cal_login = ?
AND cal_setting = ?', array($prefuser, $setting));
if (strlen($value) > 0) {
$setting = strtoupper($setting);
$sql = 'INSERT INTO webcal_user_pref ( cal_login, cal_setting,
cal_value ) VALUES ( ?, ?, ? )';
if (!dbi_execute($sql, array($prefuser, $setting, $value))) {
$error = 'Unable to update preference: ' . dbi_error() . '<br /><br /><span class="bold">SQL:</span>' . $sql;
break;
}
}
}
}
}
// Reload preferences so any CSS changes will take effect.
load_global_settings();
load_user_preferences();
}
@session_start();
$login = empty($_SESSION['webcal_login']) ? '__public__' : $_SESSION['webcal_login'];
$login = empty($_SESSION['webcal_tmp_login']) ? $login : $_SESSION['webcal_tmp_login'];
// .
// If calling script uses 'guest', we must also.
if (!empty($_GET['login'])) {
$login = $_GET['login'];
} else {
if (!empty($_REQUEST['login'])) {
$login = $_REQUEST['login'];
}
}
if (substr($login, 0, 10) == '__public__') {
$login = '******';
}
load_user_preferences($login);
// .
// We will cache CSS as default, but override from admin and pref
// by incrementing the webcalendar_csscache cookie value.
$cookie = isset($_COOKIE['webcalendar_csscache']) ? $_COOKIE['webcalendar_csscache'] : 0;
header('Content-type: text/css');
header('Last-Modified: ' . date('r', mktime(0, 0, 0) + $cookie));
// .
// If we are calling from admin or pref, expire CSS now.
if (empty($_SESSION['webcal_tmp_login'])) {
header('Expires: ' . date('D, j M Y H:i:s', time() + 86400) . ' UTC');
header('Cache-Control: Public');
header('Pragma: Public');
}
if (ini_get('zlib.output_compression') != 1) {
ob_start('ob_gzhandler');
