function save_config($config)
{
if (!($fp = fopen($config->root_path . 'OBMConfig.tpl', 'r'))) {
exit("Failed to open config template");
}
$config_data = fread($fp, filesize($config->root_path . 'OBMConfig.tpl'));
if (strlen($config_data) == 0) {
exit("Failed to read from config template");
}
fclose($fp);
$config_data = str_replace('%title%', smartstrip($config->title), $config_data);
$config_data = str_replace('%slash%', $config->slash, $config_data);
$config_data = str_replace('%host%', $config->host, $config_data);
$config_data = str_replace('%full_url%', $config->full_url, $config_data);
$config_data = str_replace('%root_path%', smartstrip($config->root_path), $config_data);
$config_data = str_replace('%language%', $config->language, $config_data);
$first_weekday = isset($config->first_weekday) && $config->first_weekday != '' ? $config->first_weekday : '0';
$config_data = str_replace('%first_weekday%', $first_weekday, $config_data);
$config_data = str_replace('%tmpdir%', $config->tmpdir, $config_data);
$config_data = str_replace('%theme%', $config->theme, $config_data);
$allow_themes = $config->allow_themes === true ? 'true' : 'false';
$config_data = str_replace('%allow_themes%', $allow_themes, $config_data);
$allow_password_change = $config->allow_password_change === true ? 'true' : 'false';
$config_data = str_replace('%allow_password_change%', $allow_password_change, $config_data);
$config_data = str_replace('%mailer%', $config->mailer, $config_data);
$config_data = str_replace('%smtp_server%', $config->smtp_server, $config_data);
$config_data = str_replace('%smtp_port%', $config->smtp_port, $config_data);
$config_data = str_replace('%max_attachment_size%', $config->max_attachment_size, $config_data);
$config_data = str_replace('%file_storage_path%', $config->file_storage_path, $config_data);
$config_data = str_replace('%email_connectstring_options%', $config->email_connectstring_options, $config_data);
if (!is_string($config->create_mode)) {
$config->create_mode = decoct((string) $config->create_mode);
}
if (strlen($config->create_mode) == 3) {
$config->create_mode = '0' . $config->create_mode;
}
$config_data = str_replace('%create_mode%', $config->create_mode, $config_data);
$config_data = str_replace('%max_file_size%', $config->max_file_size, $config_data);
$config_data = str_replace('%webmaster_email%', $config->webmaster_email, $config_data);
$config_data = str_replace('%db_type%', $config->db_type, $config_data);
$config_data = str_replace('%db_host%', $config->db_host, $config_data);
$config_data = str_replace('%db_name%', $config->db_name, $config_data);
$config_data = str_replace('%db_user%', $config->db_user, $config_data);
$config_data = str_replace('%db_pass%', $config->db_pass, $config_data);
$login_image = str_replace($config->host, '', $config->login_image);
$config_data = str_replace('%login_image%', $login_image, $config_data);
$config_data = str_replace('%composer_width%', $config->composer_width, $config_data);
$config_data = str_replace('%composer_height%', $config->composer_height, $config_data);
$config_data = str_replace('%refresh_rate%', $config->refresh_rate, $config_data);
$config_data = str_replace('%max_users%', $config->max_users, $config_data);
$config_data = str_replace('%mime_types_file%', $config->mime_types_file, $config_data);
$config_data = str_replace('%auth_sources%', $config->auth_sources, $config_data);
if (!($fp = fopen($config->root_path . 'OBMConfig.php', 'w+'))) {
exit("Failed to open config file");
} elseif (!fwrite($fp, $config_data)) {
exit("Failed to write to config file");
} else {
return fclose($fp);
}
}
}
}
}
break;
}
if ($catagory_id > 0) {
$catagory = $notes->get_catagory($catagory_id);
$tabtable = new tabtable('catagory_tab', $catagory['name'], '400', '100', '120', '', true);
} else {
$tabtable = new tabtable('catagory_tab', $no_new_catagory, '400', '100', '120', '', true);
$catagory = false;
}
if ($catagory && $task != 'save_catagory') {
$name = $catagory['name'];
} else {
$name = isset($_REQUEST['name']) ? smartstrip($_REQUEST['name']) : '';
}
$page_title = $lang_modules['notes'];
require $GO_THEME->theme_path . "header.inc";
echo '<form method="post" action="' . $_SERVER['PHP_SELF'] . '" name="catagories_form">';
echo '<input type="hidden" name="close" value="false" />';
echo '<input type="hidden" name="catagory_id" value="' . $catagory_id . '" />';
echo '<input type="hidden" name="task" value="" />';
echo '<input type="hidden" name="return_to" value="' . $return_to . '" />';
$tabtable->print_head();
if (isset($feedback)) {
echo $feedback;
}
?>
<table border="0" cellspacing="0" cellpadding="4">
<tr>
<td>URL:</td>
<td><input type="text" class="textbox" size="50" name="URL" maxlength="200" value="<?php
if (isset($_REQUEST['bURL'])) {
echo $_REQUEST['bURL'];
}
?>
" /></td>
</tr>
<tr>
<td><?php
echo $strName;
?>
:</td>
<td><input type="text" class="textbox" size="50" name="name" maxlength="50" value="<?php
if (isset($_REQUEST['bname'])) {
echo smartstrip($_REQUEST['bname']);
}
?>
" /></td>
</tr>
<tr>
<td colspan="2">
<?php
$checkbox = new checkbox('new_window', 'true', $bm_new_window, $check);
?>
</td>
</tr>
<tr>
<td colspan="2" align="center" height="20" valign="bottom">
<?php
}
}
if ($_POST['close'] == 'true') {
header('Location: ' . $return_to);
exit;
}
}
}
if ($view_id > 0) {
$view = $cal->get_view($view_id);
$title = $view['name'];
$has_write_permission = $GO_SECURITY->has_permission($GO_SECURITY->user_id, $view['acl_write']);
} else {
$view['start_hour'] = isset($_POST['view_start_hour']) ? $_POST['view_start_hour'] : '07';
$view['end_hour'] = isset($_POST['view_end_hour']) ? $_POST['view_end_hour'] : '20';
$view['name'] = isset($_POST['name']) ? smartstrip($_POST['name']) : '';
$title = $cal_new_view;
$has_write_permission = true;
}
$tabtable = new tabtable('view', $title, '100%', '400', '120', '', true);
if ($view_id > 0) {
$tabtable->add_tab('view', $strProperties);
$tabtable->add_tab('read_permissions', $strReadRights);
$tabtable->add_tab('write_permissions', $strWriteRights);
}
if ($tabtable->get_active_tab_id() == 'holidays') {
$datepicker = new date_picker();
$GO_HEADER['head'] = $datepicker->get_header();
}
require $GO_THEME->theme_path . 'header.inc';
echo '<form name="event" method="post" action="' . $_SERVER['PHP_SELF'] . '" enctype="multipart/form-data">';
$sent = $account["sent"];
$sent = $account["draft"];
$auto_check = $account['auto_check'] == '1' ? true : false;
$use_ssl = $account['use_ssl'] == '1' ? true : false;
$novalidate_cert = $account['novalidate_cert'] == '1' ? true : false;
} else {
$page_title = $ml_new_account;
$name = isset($_REQUEST['name']) ? smartstrip($_REQUEST['name']) : $_SESSION['GO_SESSION']['name'];
$mail_address = isset($_REQUEST['mail_address']) ? smartstrip($_REQUEST['mail_address']) : $_SESSION['GO_SESSION']['email'];
$host = isset($_REQUEST['host']) ? smartstrip($_REQUEST['host']) : $GO_CONFIG->smtp_server;
$type = isset($_REQUEST['type']) ? smartstrip($_REQUEST['type']) : 'pop3';
$port = isset($_REQUEST['port']) ? smartstrip($_REQUEST['port']) : '110';
$user = isset($_REQUEST['user']) ? smartstrip($_REQUEST['user']) : substr($mail_address, 0, strpos($mail_address, '@'));
$pass = isset($_REQUEST['pass']) ? smartstrip($_REQUEST['pass']) : '';
$signature = isset($_REQUEST['signature']) ? smartstrip($_REQUEST['signature']) : '';
$mbroot = isset($_REQUEST['mbroot']) ? smartstrip($_REQUEST['mbroot']) : '';
$spam = $mbroot . "Spam";
$trash = $mbroot . "Trash";
$sent = $mbroot . "Sent items";
$draft = $mbroot . $ml_draft_items;
$auto_check = isset($_REQUEST['auto_check']) ? true : false;
$use_ssl = isset($_REQUEST['use_ssl']) ? true : false;
$novalidate_cert = isset($_REQUEST['novalidate_cert']) ? true : false;
}
require $GO_THEME->theme_path . "header.inc";
echo '<form method="POST" action="' . $_SERVER['PHP_SELF'] . '" name="email_client">';
echo '<input type="hidden" name="task" value="" />';
echo '<input type="hidden" name="close" value="false" />';
echo '<input type="hidden" name="return_to" value="' . $return_to . '" />';
echo '<input type="hidden" name="link_back" value="' . $link_back . '" />';
if (isset($_REQUEST['account_id'])) {
$mailbox = isset($_REQUEST['mailbox']) ? $_REQUEST['mailbox'] : "INBOX";
$uid = isset($_REQUEST['uid']) ? $_REQUEST['uid'] : 0;
$max_rows = isset($_REQUEST['max_rows']) ? $_REQUEST['max_rows'] : $_SESSION['GO_SESSION']['max_rows_list'];
$first_row = isset($_REQUEST['first_row']) ? $_REQUEST['first_row'] : 0;
$table_tabindex = isset($_REQUEST['table_tabindex']) ? $_REQUEST['table_tabindex'] : null;
$return_to = isset($_REQUEST['return_to']) && $_REQUEST['return_to'] != '' ? $_REQUEST['return_to'] : null;
$link_back = isset($_REQUEST['link_back']) && $_REQUEST['link_back'] != '' ? $_REQUEST['link_back'] : $_SERVER['REQUEST_URI'];
$task = isset($_REQUEST['task']) && $_REQUEST['task'] != '' ? $_REQUEST['task'] : '';
$print = isset($_REQUEST['print']) ? true : false;
$part = isset($_REQUEST['part']) ? $_REQUEST['part'] : '';
$query = isset($_REQUEST['query']) ? $_REQUEST['query'] : '';
$account = $email->get_account($account_id);
if ($account && $mail->open($account['host'], $account['type'], $account['port'], $account['username'], $GO_CRYPTO->decrypt($account['password']), $mailbox, 0, $account['use_ssl'], $account['novalidate_cert'])) {
if ($task == 'move_mail') {
$messages = array($uid);
$move_to_mailbox = smartstrip($_REQUEST['move_to_mailbox']);
if ($mail->move($move_to_mailbox, $messages) && $mail->reopen($move_to_mailbox)) {
header('Location: ' . $GO_MODULES->url . 'index.php?account_id=' . $account_id . '&mailbox=' . $mailbox);
exit;
}
}
//sort messages for determination of previous and next message
if ($query != '') {
$mail->search($em_settings['sort_field'], $em_settings['sort_order'], base64_decode($query));
} else {
$mail->sort($em_settings['sort_field'], $em_settings['sort_order']);
}
$content = $mail->get_message($uid, 'html', $part);
$subject = !empty($content["subject"]) ? $content["subject"] : $ml_no_subject;
} else {
require $GO_THEME->theme_path . 'header.inc';
$cms_site = new cms_site($_REQUEST['site_id']);
}
$email_to = $GO_CONFIG->webmaster_email;
if (isset($cms_site) && $cms_site) {
echo $cms_site->generate_header();
if ($site_owner = $GO_USERS->get_user($cms_site['user_id'])) {
$email_to = $site_owner['email'];
}
} else {
require $GO_THEME->theme_path . "header.inc";
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$name_from = smartstrip(trim($_POST['name_from']));
$email_from = smartstrip(trim($_POST['email_from']));
$subject = smartstrip(trim($_POST['subject']));
$mail_body = smartstrip(trim($_POST['mail_body']));
if ($name_from == '' || $email_from == '' || $subject == '' || $mail_body == '') {
$feedback = '<p class="Error">' . $error_missing_field . '</p>';
} elseif (!validate_email($email_from)) {
$feedback = '<p class="Error">' . $error_email . '</p>';
} else {
if (!sendmail($email_to, $email_from, $name_from, $subject, $mail_body)) {
$feedback = '<p class="Error">' . $cms_sendmail_error . '</p>';
} else {
echo $cms_sendmail_success;
require $GO_THEME->theme_path . "footer.inc";
exit;
}
}
}
?>
$dropbox->add_value('department', $strDepartment);
$dropbox->add_value('function', $strFunction);
$dropbox->add_value('address', $strAddress);
$dropbox->add_value('city', $strCity);
$dropbox->add_value('zip', $strZip);
$dropbox->add_value('state', $strState);
$dropbox->add_value('country', $strCountry);
$dropbox->add_value('work_address', $strWorkAddress);
$dropbox->add_value('work_cip', $strWorkZip);
$dropbox->add_value('work_city', $strWorkCity);
$dropbox->add_value('work_state', $strWorkState);
$dropbox->add_value('work_country', $strWorkCountry);
$dropbox->print_dropbox('search_field', $search_field);
echo '</td><td><input type="text" name="query" size="31" maxlength="255" class="textbox" value="';
if (isset($_REQUEST['query'])) {
echo smartstrip($_REQUEST['query']);
}
echo '"></td></tr>';
echo '<tr><td colspan="2">';
echo '<table><tr><td>';
$button = new button($cmdSearch, 'javascript:add_users()');
echo '</td><td>';
$button = new button($cmdShowAll, "javascript:document.group.query.value='';add_users()");
echo '</td><td>';
$button = new button($cmdCancel, 'javascript:return_to_group()');
echo '</td></tr></table>';
echo '</td></tr></table>';
if (isset($_REQUEST['query'])) {
echo '<table border="0" cellpadding="3" cellspacing="0"><tr><td>';
if ($_REQUEST['query'] != '') {
$GO_USERS->search('%' . smart_addslashes($_REQUEST['query']) . '%', smart_addslashes($search_field), $GO_SECURITY->user_id);
echo '<input type="hidden" name="new_sort_order" value="' . $em_settings['sort_order'] . '" />';
echo '<table border="0"><tr>';
echo '<td class="ModuleIcons">';
echo '<a href="javascript:confirm_delete()"><img src="' . $GO_THEME->images['delete_big'] . '" border="0" height="32" width="32" /><br />' . $ml_delete . '</a></td>';
echo '<td class="ModuleIcons">';
echo '<a href="index.php?account_id=' . $account_id . '&mailbox=' . $mailbox . '"><img src="' . $GO_THEME->images['close'] . '" border="0" height="32" width="32" /><br />' . $cmdClose . '</a></td>';
echo '</tr></table>';
$tabtable = new tabtable('search_tab', $ml_search . ' - ' . $account['email'], '100%', '');
$tabtable->print_head();
$subject = isset($_POST['subject']) ? smartstrip(trim($_POST['subject'])) : '';
$from = isset($_POST['from']) ? smartstrip(trim($_POST['from'])) : '';
$to = isset($_POST['to']) ? smartstrip(trim($_POST['to'])) : '';
$cc = isset($_POST['cc']) ? smartstrip(trim($_POST['cc'])) : '';
$body = isset($_POST['body']) ? smartstrip(trim($_POST['body'])) : '';
$before = isset($_POST['before']) ? smartstrip(trim($_POST['before'])) : '';
$since = isset($_POST['since']) ? smartstrip(trim($_POST['since'])) : '';
$before = isset($_POST['before']) ? $_POST['before'] : '';
$since = isset($_POST['since']) ? $_POST['since'] : '';
$flagged = isset($_POST['flagged']) ? $_POST['flagged'] : '';
$answered = isset($_POST['answered']) ? $_POST['answered'] : '';
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
//build query
if ($subject != '') {
$query = 'SUBJECT "' . $subject . '" ';
}
if ($from != '') {
$query .= 'FROM "' . $from . '" ';
}
if ($to != '') {
$query .= 'TO "' . $to . '" ';
}
This program is free software; you can redistribute it and/or modify it
under the terms of the GNU General Public License as published by the
Free Software Foundation; either version 2 of the License, or (at your
option) any later version.
*/
require "../../Group-Office.php";
//load file management class
$GO_SECURITY->authenticate();
$GO_MODULES->authenticate('filesystem');
require $GO_CONFIG->class_path . 'filetypes.class.inc';
require_once $GO_CONFIG->class_path . 'filesystem.class.inc';
require_once 'group_folders.inc';
$fs = new filesystem();
$filetypes = new filetypes();
$path = smartstrip($_REQUEST['path']);
$group_folders = get_group_folders($GO_SECURITY->user_id, 0);
if (is_group_folder($group_folders, $path) || $fs->has_read_permission($GO_SECURITY->user_id, $path) || $fs->has_write_permission($GO_SECURITY->user_id, $path)) {
$filename = basename($path);
$extension = get_extension($filename);
$type = $filetypes->get_type($extension);
$browser = detect_browser();
header('Content-Type: ' . $type['mime']);
header('Content-Length: ' . filesize($path));
header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
if ($browser['name'] == 'MSIE') {
header('Content-Type: application/octet-stream');
header('Content-Disposition: attachment; filename="' . $filename . '"');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
} else {
$description = $project['description'];
if (isset($active_tab)) {
$tabtable->set_active_tab($active_tab);
}
} else {
$name = isset($_GET['name']) ? smartstrip($_GET['name']) : '';
$contact_id = isset($_GET['contact_id']) ? $_GET['contact_id'] : '0';
$comments = isset($_GET['comments']) ? smartstrip($_GET['comments']) : '';
$start_date = isset($_GET['start_date']) ? $_GET['start_date'] : date($_SESSION['GO_SESSION']['date_format'], get_time());
$end_date = isset($_GET['end_date']) ? $_GET['end_date'] : date($_SESSION['GO_SESSION']['date_format'], get_time());
$status = isset($_GET['status']) ? $_GET['status'] : '-3';
$responsible_user_id = isset($_GET['responsible_user_id']) ? $_GET['responsible_user_id'] : $GO_SECURITY->user_id;
$fee_id = isset($_GET['fee_id']) ? $_GET['fee_id'] : 0;
$probability = isset($_GET['probability']) ? $_GET['probability'] : 0;
$budget = isset($_GET['budget']) ? $_GET['budget'] : 0;
$description = isset($_GET['description']) ? smartstrip($_GET['description']) : '';
}
$datepicker = new date_picker();
$GO_HEADER['head'] = $datepicker->get_header();
$page_title = $lang_modules['projects'];
require $GO_THEME->theme_path . "header.inc";
echo '<form method="get" action="' . $_SERVER['PHP_SELF'] . '" name="projects_form">';
echo '<input type="hidden" name="close" value="false" />';
echo '<input type="hidden" name="project_id" value="' . $project_id . '" />';
echo '<input type="hidden" name="task" value="" />';
echo '<input type="hidden" name="return_to" value="' . $return_to . '" />';
$tabtable->print_head();
switch ($tabtable->get_active_tab_id()) {
case 'read_permissions':
print_acl($project['acl_read'] . '&project_acl=1');
echo '<br />';
</td>
</tr>
<tr>
<td> </td>
</tr>
<tr>
<td>
<?php
echo $em_new_folder;
?>
:
</td>
<td>
<?php
$name = isset($_POST['name']) ? htmlspecialchars(smartstrip($_POST['name'])) : '';
?>
<input type="text" class="textbox" name="name" value="<?php
echo $name;
?>
" maxlength="100" size="30" />
</td>
<?php
$delimiter = isset($delimiter) ? $delimiter : '/';
echo '<input type="hidden" name="delimiter" value="' . $delimiter . '" />';
echo '<td>' . $ml_inside . '</td>';
echo '<td>';
$parent_folder_name = isset($parent_folder_name) ? $parent_folder_name : '';
$dropbox = new dropbox();
$dropbox->add_value($account['mbroot'], $ml_root_mailbox);
for ($i = 0; $i < $mcount; $i++) {
$company['name'] = isset($_REQUEST['name']) ? smartstrip($_REQUEST['name']) : '';
$company['shortname'] = isset($_REQUEST['shortname']) ? smartstrip($_REQUEST['shortname']) : '';
$company['engname'] = isset($_REQUEST['engname']) ? smartstrip($_REQUEST['engname']) : '';
$company['relation_date'] = isset($_REQUEST['relation_date']) ? smartstrip($_REQUEST['relation_date']) : '0';
$company['parent_id'] = isset($_REQUEST['parent_id']) ? smartstrip($_REQUEST['parent_id']) : '0';
$company['address'] = isset($_REQUEST['address']) ? smartstrip($_REQUEST['address']) : '';
$company['zip'] = isset($_REQUEST['zip']) ? smartstrip($_REQUEST['zip']) : '';
$company['city'] = isset($_REQUEST['city']) ? smartstrip($_REQUEST['city']) : '';
$company['state'] = isset($_REQUEST['state']) ? smartstrip($_REQUEST['state']) : '';
$company['email'] = isset($_REQUEST['email']) ? smartstrip($_REQUEST['email']) : '';
$company['country'] = isset($_REQUEST['country']) ? smartstrip($_REQUEST['country']) : '';
$company['phone'] = isset($_REQUEST['phone']) ? smartstrip($_REQUEST['phone']) : '';
$company['fax'] = isset($_REQUEST['fax']) ? smartstrip($_REQUEST['fax']) : '';
$company['homepage'] = isset($_REQUEST['homepage']) ? smartstrip($_REQUEST['homepage']) : 'http://';
$company['bank_no'] = isset($_REQUEST['bank_no']) ? smartstrip($_REQUEST['bank_no']) : '';
$company['vat_no'] = isset($_REQUEST['vat_no']) ? smartstrip($_REQUEST['vat_no']) : '';
$company['acl_write'] = 0;
}
$addressbook_id = isset($old_subscribed_addressbook_id) && $old_subscribed_addressbook_id > 0 ? $subscribed_addressbook_id : $company['addressbook_id'];
$subscribed_addressbook_id = $addressbook_id;
$cp = new addressbook();
$parent_dropbox = new dropbox();
$company['parent_id'] = 0;
if ($company_id) {
$cp->get_company($company_id);
$company['parent_id'] = $cp->f('parent');
}
$count = $cp->get_companies($addressbook_id);
$parent_dropbox->add_value(0, $strNone);
if ($count) {
while ($cp->next_record()) {
// The field that is interesting is the id of the original message.
$msgid = $msg->long_id;
} else {
// Ok, we are generating a new message, so there is no message id
// of an old message and we set the id to 0.
$msgid = 0;
}
// Next step is to find out who we are to generate the correct
// from address...
$sender = $_SESSION['GO_SESSION']["name"] . " <" . $_SESSION['GO_SESSION']["email"] . ">";
// Now we have all information we need to post the new message. So
// we can do it.
// TODO add some checks if subject and body is valid.
// TODO $retval should include the message id of the new message so
// we can display the correct thread if we just started a new one.
$retval = $nntp->postMessage($_POST['newsgroup'], $sender, $msgid, smartstrip($_POST['news_subj']), smartstrip($_POST['news_body']));
// If the message was posted successfully we can inform the user
// about this.
// TODO also inform the user if sending failed
if ($retval) {
// TODO replace hardcoded message with variable in language-file
echo "<h1>Nachricht erfolgreich gesendet.</h1>\n";
}
}
// We do not break here because we like to see the thread to which the
// posted message belongs. For the user this is an additional check if
// the message was posted correctly...
// Display only one thread of a specific newsgroup.
// We do not break here because we like to see the thread to which the
// posted message belongs. For the user this is an additional check if
// the message was posted correctly...
if (isset($_POST['folders'])) {
for ($i = 0; $i < count($_POST['folders']); $i++) {
$folder = smartstrip($_POST['folders'][$i]);
if (!$fs->delete($folder)) {
$popup_feedback .= access_denied_box(basename($folder));
}
}
}
require 'listview.inc';
break;
case 'access_denied':
require $GO_CONFIG->root_path . 'error_docs/403.inc';
break;
case 'new_folder':
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$name = smartstrip($_POST['name']);
if ($name == '') {
$feedback = '<p class="Error">' . $error_missing_field . '</p>';
require 'new_folder.inc';
} elseif ($name[0] == '.') {
$feedback = '<p class="Error">' . $name_width_dot_at_begin . '</p>';
require 'new_folder.inc';
} elseif (!validate_input($name)) {
$feedback = '<p class="Error">' . $invalid_chars . ': " & ? / \\</p>';
require 'new_folder.inc';
} elseif ($fs->chroot_file_exists($path . '/' . $name)) {
$feedback = '<p class="Error">' . $fbFolderExists . '</p>';
require 'new_folder.inc';
} elseif (!@$fs->chroot_mkdir($path . '/' . $name, $GO_CONFIG->create_mode)) {
$feedback = '<p class="Error">' . $strSaveError . '</p>';
require 'new_folder.inc';
$button = new button($cmdClose, "javascript:document.location='" . $return_to . "';");
break;
default:
if ($site_id > 0) {
$name = $site['name'];
$domain = $site['domain'];
$description = $site['description'];
$keywords = $site['keywords'];
$template_id = $site['template_id'];
$secure_check = $site['acl_read'] > 0 ? true : false;
$display_type = $site['display_type'];
} else {
$name = isset($_POST['name']) ? smartstrip($_POST['name']) : '';
$domain = isset($_POST['domain']) ? smartstrip($_POST['domain']) : '';
$description = isset($_POST['description']) ? smartstrip($_POST['description']) : '';
$keywords = isset($_POST['keywords']) ? smartstrip($_POST['keywords']) : '';
$secure_check = isset($_POST['secure']) ? true : false;
$template_id = isset($_POST['template_id']) ? $_POST['template_id'] : '';
$display_type = isset($_POST['display_type']) ? $_POST['display_type'] : NORMAL_DISPLAY;
}
if ($cms->get_authorized_templates($GO_SECURITY->user_id) == 0) {
echo '<br />';
echo $cms_no_themes;
echo '<br /><br />';
$button = new button($cmdOk, "javascript:document.location='" . $GO_MODULES->url . "index.php?tabindex=1';");
} else {
?>
<input type="hidden" name="task" />
<br />
<table border="0" cellpadding="4" cellspacing="0">
<?php
$event['repeat_end_date'] = isset($_POST['repeat_end_date']) ? $_POST['repeat_end_date'] : $requested_date;
$event['repeat_type'] = isset($_POST['repeat_type']) ? $_POST['repeat_type'] : REPEAT_NONE;
$event['all_day_event'] = isset($_POST['all_day_event']) ? $_POST['all_day_event'] : '0';
$event['repeat_forever'] = isset($_POST['repeat_forever']) ? $_POST['repeat_forever'] : '0';
$event['repeat_every'] = isset($_POST['repeat_every']) ? $_POST['repeat_every'] : '0';
$event['month_time'] = isset($_POST['month_time']) ? $_POST['month_time'] : '0';
$event['sun'] = isset($_POST['repeat_days_0']) ? true : false;
$event['mon'] = isset($_POST['repeat_days_1']) ? true : false;
$event['tue'] = isset($_POST['repeat_days_2']) ? true : false;
$event['wed'] = isset($_POST['repeat_days_3']) ? true : false;
$event['thu'] = isset($_POST['repeat_days_4']) ? true : false;
$event['fri'] = isset($_POST['repeat_days_5']) ? true : false;
$event['sat'] = isset($_POST['repeat_days_6']) ? true : false;
$event['reminder'] = isset($_POST['reminder']) ? $_POST['reminder'] : '0';
$event['background'] = isset($_POST['background']) ? $_POST['background'] : 'FFFFCC';
$event['location'] = isset($_POST['location']) ? smartstrip($_POST['location']) : '';
$event['permissions'] = isset($_POST['permissions']) ? $_POST['permissions'] : 'everybody_read';
}
$datepicker = new date_picker();
$GO_HEADER['head'] = $datepicker->get_header();
require $GO_THEME->theme_path . 'header.inc';
if ($ab_module) {
$ab->enable_contact_selector();
}
echo '<form name="event_form" method="post" action="' . $_SERVER['PHP_SELF'] . '">';
echo '<input type="hidden" name="calendar_id" value="' . $calendar_id . '" />';
echo '<input type="hidden" name="event_id" value="' . $event_id . '" />';
echo '<input type="hidden" name="task" value="" />';
echo '<input type="hidden" name="close" value="false" />';
echo '<input type="hidden" name="emptyform" value="false" />';
echo '<input type="hidden" name="return_to" value="' . $return_to . '" />';
$_SESSION['copy_folders'] = isset($_POST['folders']) ? $_POST['folders'] : array();
$_SESSION['cut_folders'] = array();
$_SESSION['cut_files'] = array();
$task = '';
break;
case 'paste':
while ($file = smartstrip(array_shift($_SESSION['cut_files']))) {
$cms->move_file($file, $folder_id);
}
while ($file = smartstrip(array_shift($_SESSION['copy_files']))) {
$cms->copy_file($file, $folder_id);
}
while ($folder = smartstrip(array_shift($_SESSION['cut_folders']))) {
$cms->move_folder($folder, $folder_id);
}
while ($folder = smartstrip(array_shift($_SESSION['copy_folders']))) {
$cms->copy_folder($folder, $folder_id);
}
break;
}
//set the page title for the header file
$page_title = $lang_modules['cms'];
//require the header file. This will draw the logo's and the menu
require $GO_THEME->theme_path . "header.inc";
echo '<form name="cms" method="post" action="' . $_SERVER['PHP_SELF'] . '" enctype="multipart/form-data">';
echo '<input type="hidden" name="site_id" value="' . $site_id . '" />';
switch ($task) {
case 'upload':
require 'upload.inc';
break;
case 'add_folder':
echo '<table border="0" cellpadding="2" cellspacing="0">';
if (isset($feedback)) {
echo '<tr><td colspan="2" class="Error">' . $feedback . '</td></tr>';
}
echo '<tr><td>' . $strName . ': </td>' . '<td><input type="text" class="textbox" maxlength="50" name="name" style="width: 300px;" value="' . htmlspecialchars($todo['name']) . '" /></td></tr>' . '<tr><td>';
$ab_module = $GO_MODULES->get_module('addressbook');
if (!$ab_module || !($GO_SECURITY->has_permission($GO_SECURITY->user_id, $ab_module['acl_read']) || $GO_SECURITY->has_permission($GO_SECURITY->user_id, $ab_module['acl_write']))) {
$ab_module = false;
} else {
require_once $ab_module['path'] . 'classes/addressbook.class.inc';
}
if ($todo['res_user_id'] > 0 && ($user = $GO_USERS->get_user($todo['res_user_id']))) {
$middle_name = $user['middle_name'] == '' ? '' : $user['middle_name'] . ' ';
$user_name = htmlspecialchars($user['last_name'] . ' ' . $middle_name . $user['first_name']);
} else {
$user_name = isset($_REQUEST['user_name']) ? htmlspecialchars(smartstrip($_REQUEST['user_name'])) : '';
}
$select = new select('user', 'todo_form', 'res_user_id', $todo['res_user_id']);
echo '<tr><td>';
$select->print_link($cal_responsible);
echo ':</td><td>';
$select->print_field();
echo '</td></tr>';
if ($ab_module) {
$select = new select('contact', 'todo_form', 'contact_id', $todo['contact_id']);
echo '<tr><td>';
$select->print_link($sc_client);
echo ':</td><td>';
$select->print_field();
echo '</td></tr>';
} else {
if (!$fs->has_read_permission($GO_SECURITY->user_id, $path)) {
header('Location: ' . $GO_CONFIG->host . 'error_docs/401.php');
exit;
}
$attachments_size = 0;
if (isset($_SESSION['attach_array'])) {
for ($i = 1; $i <= sizeof($_SESSION['attach_array']); $i++) {
$attachments_size += $_SESSION['attach_array'][$i]->file_size;
}
}
if (isset($_REQUEST['files'])) {
for ($i = 0; $i < count($_REQUEST['files']); $i++) {
$attachments_size += filesize(smartstrip($_REQUEST['files'][$i]));
}
if ($attachments_size < $GO_CONFIG->max_attachment_size) {
while ($file = smartstrip(array_shift($_REQUEST['files']))) {
$tmp_file = $GO_CONFIG->tmpdir . md5(uniqid(time()));
if (copy($file, $tmp_file)) {
$filename = basename($file);
$extension = get_extension($filename);
if (!($type = $filetypes->get_type($extension))) {
$type = $filetypes->add_type($extension);
}
$email->register_attachment($tmp_file, $filename, filesize($file), $type['mime'], 'attachment');
}
}
} else {
$task = 'too_big';
}
} else {
if (isset($path) && !is_dir($path)) {
$project_id = $note['project_id'];
$user_id = $note['user_id'];
$file_path = $note['file_path'];
$content = $note['content'];
$catagory_id = $note['catagory_id'];
$due_date = $note['due_date'] > 0 ? date($_SESSION['GO_SESSION']['date_format'], $note['due_date']) : '';
$responsible_user_id = $note['res_user_id'];
$ctime = date($_SESSION['GO_SESSION']['date_format'] . ' ' . $_SESSION['GO_SESSION']['time_format'], $note['ctime'] + $_SESSION['GO_SESSION']['timezone'] * 3600);
$mtime = date($_SESSION['GO_SESSION']['date_format'] . ' ' . $_SESSION['GO_SESSION']['time_format'], $note['mtime'] + $_SESSION['GO_SESSION']['timezone'] * 3600);
} else {
$name = isset($_REQUEST['name']) ? smartstrip($_REQUEST['name']) : '';
$catagory_id = isset($_REQUEST['catagory_id']) ? $_REQUEST['catagory_id'] : '0';
$contact_id = isset($_REQUEST['contact_id']) ? $_REQUEST['contact_id'] : '0';
$project_id = isset($_REQUEST['project_id']) ? $_REQUEST['project_id'] : '0';
$file_path = isset($_REQUEST['file_path']) ? smartstrip($_REQUEST['file_path']) : '';
$content = isset($_REQUEST['content']) ? smartstrip($_REQUEST['content']) : '';
$user_id = isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : $GO_SECURITY->user_id;
$responsible_user_id = isset($_REQUEST['responsible_user_id']) ? $_REQUEST['responsible_user_id'] : $GO_SECURITY->user_id;
$due_date = isset($_REQUEST['due_date']) ? $_REQUEST['due_date'] : '';
$ctime = date($_SESSION['GO_SESSION']['date_format'], get_time());
$mtime = date($_SESSION['GO_SESSION']['date_format'], get_time());
}
if ($note) {
$write_permissions = $GO_SECURITY->has_permission($GO_SECURITY->user_id, $note['acl_write']);
$read_permissions = $GO_SECURITY->has_permission($GO_SECURITY->user_id, $note['acl_read']);
} else {
$write_permissions = true;
$read_permissions = true;
}
if (!$write_permissions && !$read_permissions) {
header('Location: ' . $GO_CONFIG->host . 'error_docs/403.php');
exit;
}
if ($tp_plugin) {
$template_count = $tp->get_subscribed_templates($GO_SECURITY->user_id, EMAIL_TEMPLATE);
}
if ($_SERVER['REQUEST_METHOD'] != "POST" && $tp_plugin && $template_id == 0 && $template_count > 0) {
require $GO_THEME->theme_path . "header.inc";
echo '<form name="sendform" method="post" action="' . $_SERVER['PHP_SELF'] . '">';
if ($uid > 0) {
echo '<input type="hidden" name="account_id" value="' . $_REQUEST['account_id'] . '" />';
echo '<input type="hidden" name="uid" value="' . $uid . '" />';
echo '<input type="hidden" name="mailbox" value="' . $_REQUEST['mailbox'] . '" />';
echo '<input type="hidden" name="action" value="' . $_REQUEST['action'] . '" />';
}
echo '<input type="hidden" name="mail_subject" value="' . $mail_subject . '" />';
echo '<input type="hidden" name="mail_body" value="' . smartstrip($mail_body, true) . '" />';
echo '<input type="hidden" name="mail_to" value="' . $mail_to . '" />';
echo '<input type="hidden" name="mail_cc" value="' . $mail_cc . '" />';
echo '<input type="hidden" name="mail_bcc" value="' . $mail_bcc . '" />';
echo '<input type="hidden" name="mail_from" value="' . $mail_from . '" />';
echo '<input type="hidden" name="contact_id" value="' . $contact_id . '" />';
echo '<input type="hidden" name="template_id" />';
echo '<input type="hidden" name="mailing_group_id" value="' . $mailing_group_id . '" />';
echo '<input type="hidden" name="sendaction" value="load_template" />';
//get the addressbook language file
echo '<table border="0" width="100%"><tr><td align="center">';
require $GO_LANGUAGE->get_language_file('addressbook');
$tabtable = new tabtable('templates_tab', $ab_templates, '600', '400');
$tabtable->print_head();
echo '<table border="0" cellpadding="10" cellspacing="0"><tr><td>';
echo $ab_select_template;
$vnconv->set_to("ascii");
$browser = detect_browser();
header("Content-type: text/x-csv");
header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
if ($browser['name'] == 'MSIE') {
header("Content-Disposition: inline; filename=\"" . $vnconv->vnconv($addressbook['name']) . "-" . $_POST['export_type'] . ".csv\"");
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
} else {
header('Pragma: no-cache');
header("Content-Disposition: attachment; filename=\"" . $vnconv->vnconv($addressbook['name']) . ".csv\"");
}
$vnconv->set_to($_POST['encoding'] == "none" || $_POST['encoding'] == "utf16" ? '' : $_POST['encoding']);
$utf16 = $_POST['encoding'] == 'utf16';
$quote = smartstrip($_POST['quote']);
$crlf = smartstrip($_POST['crlf']);
$crlf = str_replace('\\r', "\r", $crlf);
$crlf = str_replace('\\n', "\n", $crlf);
$crlf = str_replace('\\t', "\t", $crlf);
switch ($_POST['seperator']) {
case 'comma':
$seperator = ',';
break;
case 'semicolon':
$seperator = ';';
break;
case 'colon':
$seperator = ':';
break;
case 'tab':
$seperator = "\t";
}
}
if ($filename == '') {
$filename = basename($_SESSION['email_tmp_file']);
} else {
$filename = smartstrip($filename);
}
if (isset($task) && $task == 'GO_HANDLER') {
require $GO_CONFIG->class_path . 'filesystem.class.inc';
$fs = new filesystem();
if (file_exists(smartstrip($_REQUEST['path']) . '/' . $filename)) {
$feedback = '<p class="Error">' . $fbNameExists . '</p>';
} elseif (!$fs->has_write_permission($GO_SECURITY->user_id, smartstrip($_REQUEST['path']))) {
$feedback = '<p class="Error">' . $strAccessDenied . ': ' . smartstrip($_REQUEST['path']) . '</p>';
} else {
$new_path = smartstrip($_REQUEST['path']) . '/' . $filename;
if ($fs->move($_SESSION['email_tmp_file'], $new_path)) {
$old_umask = umask(00);
chmod($new_path, $GO_CONFIG->create_mode);
umask($old_umask);
unset($_SESSION['tmp_account_id']);
unset($_SESSION['email_tmp_file']);
echo "<script type=\"text/javascript\" language=\"javascript\">\n";
echo "window.close()\n";
echo "</script>\n";
} else {
$feedback = '<p class="Error">' . $strSaveError . '</p>';
}
}
}
if (isset($_REQUEST['account_id'])) {
$val->validate_input();
$val->name = "newpass1";
$val->match1 = $_POST['newpass1'];
$val->match2 = $_POST['newpass2'];
$val->validate_input();
if ($val->validated == true) {
if (!$GO_USERS->check_password(smartstrip($_POST['currentpassword']))) {
$feedback = "<p class=\"Error\">" . $security_wrong_password . "</p>";
} else {
if ($_POST['newpass1'] != "") {
if ($GO_USERS->update_password($GO_SECURITY->user_id, smartstrip($_POST['newpass1']), smartstrip($_POST['currentpassword']))) {
$email_module = $GO_MODULES->get_module('email');
if ($email_module) {
require_once $email_module['class_path'] . 'email.class.inc';
$email = new email();
$email->re_encrypt_email($GO_SECURITY->user_id, smartstrip($_POST['currentpassword']), smartstrip($_POST['newpass1']));
}
$feedback = "<p class=\"Success\">" . $security_password_update . "</p>";
if ($_POST['close'] == 'true') {
header('Location: ' . $return_to);
exit;
}
} else {
$feedback = "<p class=\"Error\">" . $strSaveError . "</p>";
}
}
}
}
break;
}
$profile = $GO_USERS->get_user($GO_SECURITY->user_id);
$contact['sex'] = isset($_REQUEST['sex']) ? smartstrip($_REQUEST['sex']) : 'M';
$birthday = isset($_REQUEST['birthday']) ? smartstrip($_REQUEST['birthday']) : '';
$contact['email'] = isset($_REQUEST['email']) ? smartstrip($_REQUEST['email']) : '';
$contact['work_phone'] = isset($_REQUEST['work_phone']) ? smartstrip($_REQUEST['work_phone']) : '';
$contact['home_phone'] = isset($_REQUEST['home_phone']) ? smartstrip($_REQUEST['home_phone']) : '';
$contact['fax'] = isset($_REQUEST['fax']) ? smartstrip($_REQUEST['fax']) : '';
$contact['cellular'] = isset($_REQUEST['cellular']) ? smartstrip($_REQUEST['cellular']) : '';
$contact['country'] = isset($_REQUEST['country']) ? smartstrip($_REQUEST['country']) : '';
$contact['state'] = isset($_REQUEST['state']) ? smartstrip($_REQUEST['state']) : '';
$contact['city'] = isset($_REQUEST['city']) ? smartstrip($_REQUEST['city']) : '';
$contact['zip'] = isset($_REQUEST['zip']) ? smartstrip($_REQUEST['zip']) : '';
$contact['address'] = isset($_REQUEST['address']) ? smartstrip($_REQUEST['address']) : '';
$contact['department'] = isset($_REQUEST['department']) ? smartstrip($_REQUEST['department']) : '';
$contact['function'] = isset($_REQUEST['function']) ? smartstrip($_REQUEST['function']) : '';
$contact['comment'] = isset($_REQUEST['comment']) ? smartstrip($_REQUEST['comment']) : '';
$contact['color'] = isset($_REQUEST['color']) ? smartstrip($_REQUEST['color']) : '000000';
$contact['source_id'] = isset($_REQUEST['source_id']) ? $_REQUEST['source_id'] : '';
$contact['group_id'] = isset($_REQUEST['group_id']) ? $_REQUEST['group_id'] : '';
$contact['company_name'] = isset($_REQUEST['company_name']) ? $_REQUEST['company_name'] : '';
if ($company_id && ($company = $ab->get_company($company_id))) {
$contact['company_name'] = $company['name'];
$contact['company_id'] = $company_id;
} else {
$contact['company_id'] = isset($contact['company_id']) ? $contact['company_id'] : 0;
}
}
if ($task == 'update') {
$contact = $GO_USERS->get_user($contact['source_id']);
$contact["source_id"] = $_POST['source_id'];
$contact['comment'] = $_POST['comment'];
$contact['group_id'] = $_POST['group_id'];
option) any later version.
*/
require "../../Group-Office.php";
$GO_SECURITY->authenticate();
$GO_MODULES->authenticate('email');
require $GO_CONFIG->class_path . "imap.class.inc";
require $GO_MODULES->class_path . "email.class.inc";
require $GO_CONFIG->class_path . 'filetypes.class.inc';
$filetypes = new filetypes();
$mail = new imap();
$email = new email();
$account = $email->get_account($_REQUEST['account_id']);
if ($mail->open($account['host'], $account['type'], $account['port'], $account['username'], $GO_CRYPTO->decrypt($account['password']), $_REQUEST['mailbox'], 0, $account['use_ssl'], $account['novalidate_cert'])) {
$file = $mail->view_part($_REQUEST['uid'], $_REQUEST['part'], $_REQUEST['transfer'], $_REQUEST['mime']);
$mail->close();
$filename = smartstrip($_REQUEST['filename']);
$extension = get_extension($filename);
$type = $filetypes->get_type($extension);
$browser = detect_browser();
//header('Content-Length: '.strlen($file));
header('Expires: ' . gmdate('D, d M Y H:i:s') . ' GMT');
if ($browser['name'] == 'MSIE') {
header('Content-Type: application/download');
header('Content-Disposition: attachment; filename="' . $filename . '"');
header('Cache-Control: must-revalidate, post-check=0, pre-check=0');
header('Pragma: public');
} else {
header('Content-Type: ' . $type['mime']);
header('Pragma: no-cache');
header('Content-Disposition: attachment; filename="' . $filename . '"');
}
require "../../Group-Office.php";
$GO_SECURITY->authenticate();
$GO_MODULES->authenticate('email');
require $GO_CONFIG->class_path . "imap.class.inc";
require $GO_MODULES->class_path . "email.class.inc";
require $GO_LANGUAGE->get_language_file('email');
$mail = new imap();
$email = new email();
$em_settings = $email->get_settings($GO_SECURITY->user_id);
$account_id = isset($_REQUEST['account_id']) ? $_REQUEST['account_id'] : 0;
$task = isset($_REQUEST['task']) ? $_REQUEST['task'] : '';
$uid = isset($_REQUEST['uid']) ? $_REQUEST['uid'] : 0;
$max_rows = isset($_REQUEST['max_rows']) ? $_REQUEST['max_rows'] : $_SESSION['GO_SESSION']['max_rows_list'];
$first_row = isset($_REQUEST['first_row']) ? $_REQUEST['first_row'] : 0;
$table_tabindex = isset($_REQUEST['table_tabindex']) ? $_REQUEST['table_tabindex'] : null;
$mailbox = isset($_REQUEST['mailbox']) ? smartstrip($_REQUEST['mailbox']) : 'INBOX';
$link_back = $GO_MODULES->url . 'index.php?account_id=' . $account_id . '&mailbox=' . $mailbox . '&first_row=' . $first_row;
if (!($account = $email->get_account($account_id))) {
$account = $email->get_account(0);
}
if ($account && $account["user_id"] != $GO_SECURITY->user_id) {
header('Location: ' . $GO_CONFIG->host . 'error_docs/403.php');
exit;
}
$disable_accounts = $GO_CONFIG->get_setting('em_disable_accounts') == 'true' ? true : false;
$page_title = $lang_modules['email'];
$GO_HEADER['head'] = '<script type="text/javascript" src="' . $GO_MODULES->url . 'email.js"></script>';
require $GO_THEME->theme_path . "header.inc";
?>
<table border="0" cellspacing="0" cellpadding="0">
<tr>
$state = smart_addslashes($_POST["state"]); $city = smart_addslashes($_POST["city"]); $zip = smart_addslashes($_POST["zip"]); $address = smart_addslashes($_POST["address"]); $department = smart_addslashes($_POST["department"]); $function = smart_addslashes($_POST["function"]); $company = smart_addslashes($_POST["company"]); $work_country = smart_addslashes($_POST["work_country"]); $work_state = smart_addslashes($_POST["work_state"]); $work_city = smart_addslashes($_POST["work_city"]); $work_zip = smart_addslashes($_POST["work_zip"]); $work_address = smart_addslashes($_POST["work_address"]); $work_fax = smart_addslashes($_POST["work_fax"]); $homepage = smart_addslashes($_POST["homepage"]); $pass1 = smartstrip($_POST["pass1"]); $pass2 = smartstrip($_POST["pass2"]); $username = smart_addslashes($_POST['username']); $val->error_required = $error_required; $val->error_min_length = $error_min_length; $val->error_max_length = $error_max_length; $val->error_expression = $error_email; $val->name = "first_name"; $val->input = $first_name; $val->max_length = 50; $val->required = true; $val->validate_input(); $val->name = "last_name"; $val->input = $last_name; $val->max_length = 50; $val->required = true; $val->validate_input();
}
}
}
} else {
$feedback = "<p class=\"Error\">" . $error_missing_field . "</p>";
}
break;
}
if ($calendar_id > 0) {
$calendar = $cal->get_calendar($calendar_id);
$title = $calendar['name'];
$has_write_permission = $GO_SECURITY->has_permission($GO_SECURITY->user_id, $calendar['acl_write']);
} else {
$calendar['start_hour'] = isset($_POST['calendar_start_hour']) ? $_POST['calendar_start_hour'] : '07';
$calendar['end_hour'] = isset($_POST['calendar_end_hour']) ? $_POST['calendar_end_hour'] : '20';
$calendar['name'] = isset($_POST['name']) ? smartstrip($_POST['name']) : '';
$title = $sc_new_calendar;
$has_write_permission = true;
}
$tabtable = new tabtable('calendar', $title, '100%', '400', '120', '', true);
if ($calendar_id > 0) {
$tabtable->add_tab('calendar', $strProperties);
$tabtable->add_tab('holidays', $sc_holidays);
if ($has_write_permission) {
$tabtable->add_tab('import', $cal_import);
}
$tabtable->add_tab('read_permissions', $strReadRights);
$tabtable->add_tab('write_permissions', $strWriteRights);
}
if ($tabtable->get_active_tab_id() == 'holidays') {
$datepicker = new date_picker();
