$user_firstname = getGetValue('firstname');
$user_lastname = getGetValue('lastname');
$user_login = getGetValue('username');
$user_password = getGetValue('password');
// This error should not happen in a properly written client,
// so no need to translate it.
if (empty($error) && empty($user_login)) {
$error = 'Username cannot be blank.';
}
// Check for invalid characters in the login.
if (empty($error) && addslashes($user_login) != $user_login) {
$error = translate('Invalid characters in login');
}
// Check to see if username exists...
if (empty($error)) {
if (user_load_variables($user_login, 'old_')) {
// username does already exist...
if ($add) {
$error = str_replace('XXX', ws_escape_xml($user_login), translate('Username XXX already exists.'));
}
} else {
// username does not already exist...
if (!$add || $delete) {
$error = str_replace('XXX', ws_escape_xml($user_login), translate('Username XXX does not exist.'));
}
}
}
// If adding a user, make sure a password was provided
if (empty($error) && $add && empty($user_password)) {
$error = translate('You have not entered a password.');
}
}
// Make sure they specified a username
if (empty($user)) {
echo "<?xml version=\"1.0\" encoding=\"utf8\"?>\n<!DOCTYPE html\n PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n \"DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n\n <head>\n<title>" . translate("Error") . "</title>\n</head>\n" . "<body>\n<h2>" . translate("Error") . "</h2>\n" . "No user specified.\n</body>\n</html>";
}
// Load user preferences (to get the USER_PUBLISH_ENABLED and
// DISPLAY_UNAPPROVED setting for this user).
$login = $user;
load_user_preferences();
if (empty($USER_PUBLISH_ENABLED) || $USER_PUBLISH_ENABLED != 'Y') {
header("Content-Type: text/plain");
etranslate("You are not authorized");
exit;
}
// Load user name, etc.
user_load_variables($user, "publish_");
function get_events_for_publish()
{
global $user;
global $DISPLAY_UNAPPROVED;
// We exporting repeating events only with the pilot-datebook CSV format
$sql = "SELECT webcal_entry.cal_id, webcal_entry.cal_name " . ", webcal_entry.cal_priority, webcal_entry.cal_date " . ", webcal_entry.cal_time " . ", webcal_entry_user.cal_status, webcal_entry.cal_create_by " . ", webcal_entry.cal_access, webcal_entry.cal_duration " . ", webcal_entry.cal_description " . ", webcal_entry_user.cal_category " . "FROM webcal_entry, webcal_entry_user ";
$sql .= "WHERE webcal_entry.cal_id = webcal_entry_user.cal_id AND " . "webcal_entry_user.cal_login = '******'";
// Include unapproved events if the user has asked to do so in
// their preferences.
if ($DISPLAY_UNAPPROVED == "N" || $user == "__public__") {
$sql .= " AND webcal_entry_user.cal_status = 'A'";
} else {
$sql .= " AND webcal_entry_user.cal_status IN ('W','A')";
}
$sql .= " ORDER BY webcal_entry.cal_date";
<?php
for ($date = $wkstart, $h = 0; date("Ymd", $date) <= date("Ymd", $wkend); $date += 24 * 3600, $h++) {
$wday = strftime("%w", $date);
$weekday = weekday_short_name($wday);
if (date("Ymd", $date) == date("Ymd", $today)) {
echo "<th class=\"today\" style=\"width:{$tdw}%;\">";
} else {
echo "<th style=\"width:{$tdw}%;\">";
}
echo $weekday . " " . round(date("d", $date)) . "</th>\n";
}
echo "</tr>\n";
for ($i = 0; $i < count($viewusers); $i++) {
echo "\n<tr>\n";
$user = $viewusers[$i];
user_load_variables($user, "temp");
echo "<th class=\"row\" style=\"width:{$tdw}%;\">{$tempfullname}</th>";
for ($date = $wkstart, $h = 0; date("Ymd", $date) <= date("Ymd", $wkend); $date += 24 * 3600, $h++) {
$wday = strftime("%w", $date);
if ($wday == 0 || $wday == 6) {
echo "<td class=\"weekend\" style=\"width:{$tdw}%;\">";
} else {
echo "<td style=\"width:{$tdw}%;\">";
}
$events = $e_save[$i];
$repeated_events = $re_save[$i];
if (empty($add_link_in_views) || $add_link_in_views != "N") {
echo html_for_add_icon(date("Ymd", $date), "", "", $user);
}
print_date_entries(date("Ymd", $date), $user, true);
echo "</td>";
}
$cookie_path = str_replace("login.php", "", $PHP_SELF);
//echo "Cookie path: $cookie_path\n";
$out = "<login>\n";
if ($single_user == "Y") {
// No login for single-user mode
$out .= "<error>No login required for single-user mode</error>\n";
} else {
if ($use_http_auth) {
// There is no login page when using HTTP authorization
$out .= "<error>No login required for HTTP authentication</error>\n";
} else {
if (!empty($login) && !empty($password)) {
$login = trim($login);
if (user_valid_login($login, $password)) {
user_load_variables($login, "");
// set login to expire in 365 days
srand((double) microtime() * 1000000);
$salt = chr(rand(ord('A'), ord('z'))) . chr(rand(ord('A'), ord('z')));
$encoded_login = encode_string($login . "|" . crypt($password, $salt));
//SetCookie ( "webcalendar_session", $encoded_login, 0, $cookie_path );
$out .= " <cookieName>webcalendar_session</cookieName>\n";
$out .= " <cookieValue>{$encoded_login}</cookieValue>\n";
if ($is_admin) {
$out .= " <admin>1</admin>\n";
}
} else {
$out .= " <error>Invalid login</error>\n";
}
}
}
function build_event_popup($divname, $user, $description, $time)
{
global $login, $popup_fullnames, $popuptemp_fullname;
$ret = "<DIV ID=\"" . $divname . "\" STYLE=\"position: absolute; z-index: 20; visibility: hidden; top: 0px; left: 0px;\">\n" . "<TABLE BORDER=\"0\" WIDTH=\"30%\" CELLPADDING=\"0\" CELLSPACING=\"1\"><TR><TD BGCOLOR=\"" . $GLOBALS["POPUP_FG"] . "\">\n" . "<TABLE BORDER=\"0\" WIDTH=\"100%\" CELLPADDING=\"0\" CELLSPACING=\"1\"><TR><TD BGCOLOR=\"" . $GLOBALS["POPUP_BG"] . "\" CLASS=\"popup\">\n" . "<FONT COLOR=\"" . $GLOBALS["POPUP_FG"] . "\">";
if (empty($popup_fullnames)) {
$popup_fullnames = array();
}
if ($user != $login) {
if (empty($popup_fullnames[$user])) {
user_load_variables($user, "popuptemp_");
$popup_fullnames[$user] = $popuptemp_fullname;
}
$ret .= "<B>" . translate("User") . ":</B> {$popup_fullnames[$user]}<BR>";
}
if (strlen($time)) {
$ret .= "<B>" . translate("Time") . ":</B> {$time}<BR>";
}
$ret .= "<B>" . translate("Description") . ":</B>\n";
$ret .= nl2br(htmlspecialchars($description));
$ret .= "</FONT></TD></TR></TABLE>\n" . "</TD></TR></TABLE>\n" . "</DIV>\n";
return $ret;
}
" href="edit_layer.php<?php
if ($updating_public) {
echo "?public=1";
}
?>
"><?php
etranslate("Add layer");
?>
</a><br /><br />
<?php
$layer_count = 1;
if ($layers) {
foreach ($layers as $layer) {
$layeruser = $layer['cal_layeruser'];
user_load_variables($layeruser, "layer");
?>
<span style="font-weight:bold;"><?php
etranslate("Layer");
?>
<?php
echo $layer_count;
?>
</span>
(<a title="<?php
etranslate("Edit layer");
?>
" href="edit_layer.php?id=<?php
echo $layer['cal_layerid'] . $u_url;
?>
"><?php
$nouser = translate('No user specified');
// Make sure they specified a username.
if (empty($user)) {
echo send_doctype($errorStr);
echo <<<EOT
</head>
<body>
<h2>{$errorStr}</h2>
{$nouser}.
</body>
</html>
EOT;
exit;
}
// Load user preferences (to get the USER_PUBLISH_ENABLED and
// DISPLAY_UNAPPROVED setting for this user).
$login = $user;
load_user_preferences();
if (empty($USER_PUBLISH_ENABLED) || $USER_PUBLISH_ENABLED != 'Y') {
header('Content-Type: text/plain');
echo print_not_auth(25);
exit;
}
// Load user name, etc.
user_load_variables($user, 'publish_');
// header ( 'Content-Type: text/plain' );
header('Content-Type: text/calendar');
header('Content-Disposition: attachment; filename="' . $user . '.ics"');
$use_all_dates = true;
$type = 'publish';
export_ical();
} else {
// Check UAC.
$can_email = 'Y';
if (access_is_enabled()) {
$can_email = access_user_calendar('email', $participants[$i], $login);
}
// Don't send mail if we are editing a non-user calendar and we are the admin.
if (!$is_nonuser_admin && $can_email == 'Y') {
// Only send mail if their email address is filled in.
$do_send = get_pref_setting($participants[$i], $newevent ? 'EMAIL_EVENT_ADDED' : 'EMAIL_EVENT_UPDATED');
$htmlmail = get_pref_setting($participants[$i], 'EMAIL_HTML');
$t_format = get_pref_setting($participants[$i], 'TIME_FORMAT');
$user_TIMEZONE = get_pref_setting($participants[$i], 'TIMEZONE');
set_env('TZ', $user_TIMEZONE);
$user_language = get_pref_setting($participants[$i], 'LANGUAGE');
user_load_variables($participants[$i], 'temp');
if (boss_must_be_notified($login, $participants[$i]) && !empty($tempemail) && $do_send == 'Y' && $send_user_mail && $SEND_EMAIL != 'N') {
// We send to creator if they want it.
if ($send_own != 'Y' && $participants[$i] == $login) {
continue;
}
reset_language(empty($user_language) || $user_language == 'none' ? $LANGUAGE : $user_language);
$fmtdate = $timetype == 'T' ? date('Ymd', $eventstart) : gmdate('Ymd', $eventstart);
$msg = str_replace('XXX', $tempfullname, $helloStr) . "\n\n" . str_replace('XXX', $login_fullname, $newevent || empty($old_status[$participants[$i]]) ? $newAppStr : $updAppStr) . "\n" . str_replace('XXX', $name, $subjStr) . "\n\n" . str_replace('XXX', $description, $descStr) . "\n" . str_replace('XXX', date_to_str($fmtdate), $dateStr) . "\n" . ($timetype != 'T' ? '' : str_replace('XXX', display_time('', 2, $eventstart, $t_format), $timeStr) . "\n") . $extra_email_data . str_replace('XXX', generate_application_name(), $REQUIRE_APPROVALS == 'Y' ? translate('Please look on XXX to accept or reject this appointment.') : translate('Please look on XXX to view this appointment.'));
// Add URL to event, if we can figure it out.
if (!empty($SERVER_URL)) {
// DON'T change & to & here. Email will handle it.
$url = $SERVER_URL . 'view_entry.php?id=' . $id . '&em=1';
if ($htmlmail == 'Y') {
$url = activate_urls($url);
}
$WebCalendar->setLanguage();
if (empty($PUBLISH_ENABLED) || $PUBLISH_ENABLED != 'Y') {
header('Content-Type: text/plain');
// Mozilla Calendar does not bother showing errors, so they won't see this
// error message anyhow... Not sure about Apple iCal or other clients.
etranslate('Publishing Disabled (Admin)');
exit;
}
if (empty($USER_PUBLISH_RW_ENABLED) || $USER_PUBLISH_RW_ENABLED != 'Y') {
header('Content-Type: text/plain');
etranslate('Publishing Disabled (User)');
exit;
}
$prodid = 'Unnamed iCal client';
// Load user name, etc.
user_load_variables($login, 'publish_');
function dump_globals()
{
foreach ($GLOBALS as $K => $V) {
do_debug("GLOBALS[{$K}] => " . (strlen($V) < 70 ? $V : '(too long)'));
}
foreach ($GLOBALS['HTTP_POST_VARS'] as $K => $V) {
do_debug("GLOBALS[{$_POST[$K]}] => " . (strlen($V) < 70 ? $V : '(too long)'));
}
}
switch ($_SERVER['REQUEST_METHOD']) {
case 'PUT':
// do_debug ( "Importing updated remote calendar" );
$calUser = $login;
$overwrite = true;
$type = 'icalclient';
function TimeMatrix($date, $participants)
{
global $CELLBG, $TODAYCELLBG, $THFG, $THBG, $TABLEBG;
global $user_fullname, $nowYmd, $repeated_events, $events;
global $thismonth, $thisday, $thisyear;
$increment = 15;
$interval = 4;
$cell_pix = 6;
$participant_pix = '170';
//$interval = (int)(60 / $increment);
$first_hour = $GLOBALS["WORK_DAY_START_HOUR"];
$last_hour = $GLOBALS["WORK_DAY_END_HOUR"];
$hours = $last_hour - $first_hour;
$cols = $hours * $interval + 1;
$total_pix = (int) ($cell_pix * $interval * $hours + $participant_pix);
?>
<br />
<table class="matrixd" style="width:<?php
echo $total_pix;
?>
px;" cellspacing="0" cellpadding="0">
<tr><td class="matrix" colspan="<?php
echo $cols;
?>
">
<img src="pix.gif" alt="spacer" />
</td></tr>
<tr><th style="width:<?php
echo $participant_pix;
?>
px;">
<?php
etranslate("Participants");
?>
</th>
<?php
$str = '';
$MouseOut = "onmouseout=\"window.status=''; this.style.backgroundColor='" . $CELLBG . "';\"";
$CC = 1;
for ($i = $first_hour; $i < $last_hour; $i++) {
for ($j = 0; $j < $interval; $j++) {
$str .= ' <td style="width:' . $cell_pix . 'px;" id="C' . $CC . '" class="dailymatrix" ';
switch ($j) {
case 0:
if ($interval == 4) {
$k = $i <= 9 ? '0' : substr($i, 0, 1);
}
$str .= 'onmousedown="schedule_event(' . $i . ',' . $increment * $j . ");\" onmouseover=\"window.status='Schedule a " . $i . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $i . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">";
$str .= $k . "</td>\n";
break;
case 1:
if ($interval == 4) {
$k = $i <= 9 ? substr($i, 0, 1) : substr($i, 1, 2);
}
$str .= 'onmousedown="schedule_event(' . $i . ',' . $increment * $j . ");\" onmouseover=\"window.status='Schedule a " . $i . ':' . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $i . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">";
$str .= $k . "</td>\n";
break;
default:
$str .= 'onmousedown="schedule_event(' . $i . ',' . $increment * $j . ");\" onmouseover=\"window.status='Schedule a " . $i . ':' . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $i . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">";
$str .= " </td>\n";
break;
}
$CC++;
}
}
echo $str . "</tr>\n<tr><td class=\"matrix\" colspan=\"{$cols}\">\n<img src=\"pix.gif\" alt=\"spacer\" />\n</td></tr>\n";
// Display each participant
for ($i = 0; $i < count($participants); $i++) {
user_load_variables($participants[$i], "user_");
/* Pre-Load the repeated events for quckier access */
$repeated_events = read_repeated_events($participants[$i], "", $nowYmd);
/* Pre-load the non-repeating events for quicker access */
$events = read_events($participants[$i], $nowYmd, $nowYmd);
// get all the repeating events for this date and store in array $rep
$rep = get_repeating_entries($participants[$i], $nowYmd);
// get all the non-repeating events for this date and store in $ev
$ev = get_entries($participants[$i], $nowYmd);
// combine into a single array for easy processing
$ALL = array_merge($rep, $ev);
$all_events = array();
// exchange space for to keep from breaking
$user_nospace = preg_replace('/\\s/', ' ', $user_fullname);
foreach ($ALL as $E) {
$E['cal_time'] = sprintf("%06d", $E['cal_time']);
$Tmp['START'] = mktime(substr($E['cal_time'], 0, 2), substr($E['cal_time'], 2, 2), 0, $thismonth, $thisday, $thisyear);
$Tmp['END'] = $Tmp['START'] + $E['cal_duration'] * 60;
$Tmp['ID'] = $E['cal_id'];
$all_events[] = $Tmp;
}
echo "<tr>\n<th class=\"row\" style=\"width:{$participant_pix}px;\">" . $user_nospace . "</th>\n";
$col = 1;
for ($j = $first_hour; $j < $last_hour; $j++) {
for ($k = 0; $k < $interval; $k++) {
$border = $k == '0' ? ' border-left: 1px solid #000000;' : "";
$RC = $CELLBG;
$TIME = mktime(sprintf("%02d", $j), $increment * $k, 0, $thismonth, $thisday, $thisyear);
$space = " ";
foreach ($all_events as $ET) {
if ($TIME >= $ET['START'] && $TIME < $ET['END']) {
$space = "<a class=\"matrix\" href=\"view_entry.php?id={$ET['ID']}\"><img src=\"pix.gif\" alt=\"spacer\" /></a>";
}
}
echo "\t<td class=\"matrixappts\" style=\"width:{$cell_pix}px;{$border}\">{$space}</td>\n";
$col++;
}
}
echo "</tr><tr>\n<td class=\"matrix\" colspan=\"{$cols}\"><img src=\"pix.gif\" alt=\"spacer\" /></td></tr>\n";
}
// End foreach participant
echo "</table>\n";
}
function event_to_text($event, $date)
{
global $ALLOW_HTML_DESCRIPTION, $event_template, $login, $report_id, $user;
$allDayStr = translate('All day event');
$confStr = translate('This event is confidential.');
// translate ( 'Private' )
$privStr = translate('(Private)');
$end_time_str = $start_time_str = $time_str = '';
$tempAllDay = $event->isAllDay();
$tempDurStr = $event->getDuration();
if ($tempAllDay) {
$time_str = $allDayStr;
} else {
if ($event->isUntimed()) {
$time_str = translate('Untimed event');
} else {
$start_time_str = $time_str = display_time($event->getDateTime());
$time_short = getShortTime($time_str);
if ($tempDurStr > 0) {
if ($tempAllDay) {
$time_str = $allDayStr;
} else {
$tempEDT = $event->getEndDateTime();
$end_time_str = display_time($tempEDT);
$time_str .= ' - ' . display_time($tempEDT);
}
}
}
}
$name = $event->getName();
$tempAcc = $event->getAccess();
$tempDesc = $event->getDescription();
$tempExtForID = $event->getExtForID();
$tempLog = $event->getLogin();
if ($tempExtForID != '') {
$id = $tempExtForID;
// translate ( 'cont.' )
$name .= ' ' . translate('(cont.)');
} else {
$id = $event->getID();
}
if ($tempAcc == 'R') {
if ($login != $user && strlen($user) || $login != $tempLog && strlen($tempLog)) {
$description_str = $confStr;
$name_str = $privStr;
}
} else {
$name_str = htmlspecialchars($name);
if (!empty($ALLOW_HTML_DESCRIPTION) && $ALLOW_HTML_DESCRIPTION == 'Y') {
$str = str_replace('&', '&', $tempDesc);
//fix any broken special characters
$str = preg_replace("/&(#[0-9]+|[a-z]+);/i", "&\$1;", $str);
$description_str = str_replace('&amp;', '&', $str);
if (strstr($description_str, '<') && strstr($description_str, '>')) {
// Found some HTML.
} else {
// No HTML found. Add line breaks.
$description_str = nl2br($description_str);
}
} else {
$description_str = nl2br(activate_urls(htmlspecialchars($tempDesc)));
}
}
$date_full_str = date_to_str($date);
$date_str = date_to_str($date, '', false);
$duration_str = $tempDurStr > 0 ? $tempDurStr . ' ' . translate('minutes') : '';
$temp = $event->getPriority();
$pri_str = $temp > 6 ? translate('Low') : ($temp < 4 ? translate('High') : translate('Medium'));
$temp = $event->getStatus();
if ($temp == 'A') {
$status_str = translate('Approved');
} elseif ($temp == 'D') {
$status_str = translate('Deleted');
} elseif ($temp == 'R') {
$status_str = translate('Rejected');
} elseif ($temp == 'W') {
$status_str = translate('Waiting for approval');
} else {
$status_str = translate('Unknown');
}
$location = $event->getLocation();
$url = $event->getUrl();
$href_str = 'view_entry.php?id=' . $id;
// Get user's fullname.
user_load_variables($tempLog, 'report_');
$fullname = $GLOBALS['report_fullname'];
// Replace all variables in the event template.
$text = str_replace(array('${date}', '${dateYmd}', '${description}', '${duration}', '${endtime}', '${fulldate}', '${fullname}', '${href}', '${id}', '${location}', '${name}', '${priority}', '${report_id}', '${starttime}', '${time}', '${url}', '${user}'), array($date_str, $date, $description_str, $duration_str, $end_time_str, $date_full_str, $fullname, $href_str, $id, $location, $name_str, $pri_str, $report_id, $start_time_str, $time_str, $url, $tempLog), $event_template);
$text = replace_site_extras_in_template($text, format_site_extras(get_site_extra_fields($id), EXTRA_DISPLAY_REPORT));
return $text;
}
$fmtdate = $row[1];
$time = sprintf("%06d", $row[2]);
dbi_free_result($res);
}
$eventstart = date_to_epoch($fmtdate . $time);
$TIME_FORMAT = 24;
for ($i = 0, $cnt = count($partlogin); $i < $cnt; $i++) {
// Log the deletion.
activity_log($id, $login, $partlogin[$i], $log_delete, '');
// Check UAC.
$can_email = access_is_enabled() ? access_user_calendar('email', $partlogin[$i], $login) : false;
// Don't email the logged in user.
if ($can_email && $partlogin[$i] != $login) {
set_env('TZ', get_pref_setting($partlogin[$i], 'TIMEZONE'));
$user_language = get_pref_setting($partlogin[$i], 'LANGUAGE');
user_load_variables($partlogin[$i], 'temp');
if (!$is_nonuser_admin && $partlogin[$i] != $login && get_pref_setting($partlogin[$i], 'EMAIL_EVENT_DELETED') == 'Y' && boss_must_be_notified($login, $partlogin[$i]) && !empty($tempemail) && $SEND_EMAIL != 'N') {
reset_language(empty($user_language) || $user_language == 'none' ? $LANGUAGE : $user_language);
// Use WebCalMailer class.
$mail->WC_Send($login_fullname, $tempemail, $tempfullname, $name, str_replace('XXX', $tempfullname, translate('Hello, XXX.')) . ".\n\n" . str_replace('XXX', $login_fullname, translate('XXX has canceled an appointment.')) . "\n" . str_replace('XXX', $name, translate('Subject XXX')) . "\"\n" . str_replace('XXX', date_to_str($thisdate), translate('Date XXX')) . "\n" . (!empty($eventtime) && $eventtime != '-1' ? str_replace('XXX', display_time('', 2, $eventstart, get_pref_setting($partlogin[$i], 'TIME_FORMAT')), translate('Time XXX')) : '') . "\n\n", get_pref_setting($partlogin[$i], 'EMAIL_HTML'), $login_email);
}
}
}
// Instead of deleting from the database...
// mark it as deleted by setting the status for each participant to "D"
// (instead of "A"/Accepted, "W"/Waiting-on-approval or "R"/Rejected).
if ($override_repeat) {
dbi_execute('INSERT INTO webcal_entry_repeats_not
( cal_id, cal_date, cal_exdate ) VALUES ( ?, ?, ? )', array($id, $date, 1));
// Should we log this to the activity log???
} else {
function list_unapproved($user)
{
global $eventinfo, $key, $login, $NONUSER_ENABLED, $noret, $temp_fullname;
user_load_variables($user, 'temp_');
$rssLink = '<a href="rss_unapproved.php?user='******'"><img src="images/rss.png" width="14" height="14" alt="RSS 2.0 - ' . htmlspecialchars($temp_fullname) . '" border="0"/></a>';
$count = 0;
$ret = '';
$sql = 'SELECT we.cal_id, we.cal_name, we.cal_description, weu.cal_login,
we.cal_priority, we.cal_date, we.cal_time, we.cal_duration,
weu.cal_status, we.cal_type
FROM webcal_entry we, webcal_entry_user weu
WHERE we.cal_id = weu.cal_id AND weu.cal_login = ? AND weu.cal_status = \'W\'
ORDER BY weu.cal_login, we.cal_date';
$rows = dbi_get_cached_rows($sql, array($user));
if ($rows) {
$allDayStr = translate('All day event');
$appConStr = translate('Approve/Confirm');
$appSelStr = translate('Approve Selected');
$checkAllStr = translate('Check All');
$deleteStr = translate('Delete');
$emailStr = translate('Emails Will Not Be Sent');
$rejectSelStr = translate('Reject Selected');
$rejectStr = translate('Reject');
$uncheckAllStr = translate('Uncheck All');
$viewStr = translate('View this entry');
for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) {
$row = $rows[$i];
$key++;
$id = $row[0];
$name = $row[1];
$description = $row[2];
$cal_user = $row[3];
$pri = $row[4];
$date = $row[5];
$time = sprintf("%06d", $row[6]);
$duration = $row[7];
$status = $row[8];
$type = $row[9];
$view_link = 'view_entry';
$entryID = 'entry' . $type . $id;
$linkid = "pop{$id}-{$key}";
$timestr = '';
if ($time > 0 || $time == 0 && $duration != 1440) {
$eventstart = date_to_epoch($date . $time);
$eventstop = $eventstart + $duration;
$eventdate = date_to_str(date('Ymd', $eventstart));
$timestr = display_time('', 0, $eventstart) . ($duration > 0 ? ' - ' . display_time('', 0, $eventstop) : '');
} else {
// Don't shift date if All Day or Untimed.
$eventdate = date_to_str($date);
// If All Day display in popup.
if ($time == 0 && $duration == 1440) {
$timestr = $allDayStr;
}
}
$ret .= ($count == 0 ? '
<tr>
<td colspan="5"><h3>' . $temp_fullname . ' ' . $rssLink . '</h3></td>
</tr>' : '') . '
<tr ' . ($count % 2 == 0 ? '' : 'class="odd"') . '>
<td width="5%" align="right"><input type="checkbox" name="' . $entryID . '" value="' . $user . '"/></td>
<td><a title="' . $viewStr . '" class="entry" id="' . $linkid . '" href="' . $view_link . '.php?id=' . $id . '&user='******'">' . htmlspecialchars($name) . '</a> (' . $eventdate . '):</td>' . '
<td align="center"><input type="image" src="images/check.gif" title="' . $appConStr . '" onclick="return do_confirm( \'approve\', \'' . $cal_user . '\', \'' . $entryID . '\' );" /></td>' . '
<td align="center"><input type="image" src="images/rejected.gif" title="' . $rejectStr . '" onclick="return do_confirm( \'reject\', \'' . $cal_user . '\', \'' . $entryID . '\' );" /></td>' . (!access_is_enabled() || access_user_calendar('edit', $user) ? '
<td align="center"><input type="image" src="images/delete.png" title="' . $deleteStr . '" onclick="return do_confirm( \'delete\', \'' . $cal_user . '\', \'' . $entryID . '\' );\\" /></td>' : '') . '
</tr>';
$eventinfo .= build_entry_popup('eventinfo-' . $linkid, $cal_user, $description, $timestr, site_extras_for_popup($id));
$count++;
}
if ($count > 1) {
$ret .= '
<tr>
<td colspan="5" nowrap="nowrap">
<img src="images/select.gif" border="0" alt="" />
<label><a title="' . $checkAllStr . '" onclick="check_all( \'' . $user . '\' );">' . $checkAllStr . '</a> / <a title="' . $uncheckAllStr . '" onclick="uncheck_all( \'' . $user . '\' );">' . $uncheckAllStr . '</a></label>
<input type="image" src="images/check.gif" title="' . $appSelStr . '" onclick="return do_confirm( \'approveSelected\', \'' . $cal_user . '\' );" />
<input type="image" src="images/rejected.gif" title="' . $rejectSelStr . '" onclick="return do_confirm( \'rejectSelected\', \'' . $cal_user . '\' );" /> ( ' . $emailStr . ' )
</td>
</tr>';
}
}
if ($count == 0) {
$noret .= '
<tr>
<td colspan="5" class="nounapproved">' . str_replace('XXX', $temp_fullname, translate('No unapproved entries for XXX.')) . ' ' . $rssLink . '</td>
</tr>';
}
return $ret;
}
<?php
$newgroup = true;
$groupname = "";
$groupowner = "";
$groupupdated = "";
if (empty($id)) {
$groupname = translate("Unnamed Group");
} else {
$newgroup = false;
// get group by id
$res = dbi_query("SELECT cal_owner, cal_name, cal_last_update, cal_owner " . "FROM webcal_group WHERE cal_group_id = {$id}");
if ($res) {
if ($row = dbi_fetch_row($res)) {
$groupname = $row[1];
$groupupdated = $row[2];
user_load_variables($row[3], "temp");
$groupowner = $tempfullname;
}
dbi_fetch_row($res);
}
}
if ($newgroup) {
$v = array();
echo "<h2>" . translate("Add Group") . "</h2>\n";
echo "<input type=\"hidden\" name=\"add\" value=\"1\" />\n";
} else {
echo "<h2>" . translate("Edit Group") . "</h2>\n";
echo "<input type=\"hidden\" name=\"id\" value=\"{$id}\" />";
}
?>
function list_unapproved($user)
{
global $temp_fullname, $key, $login;
//echo "Listing events for $user <br>";
$sql = "SELECT webcal_entry.cal_id, webcal_entry.cal_name, " . "webcal_entry.cal_description, " . "webcal_entry.cal_priority, webcal_entry.cal_date, " . "webcal_entry.cal_time, webcal_entry.cal_duration, " . "webcal_entry_user.cal_status " . "FROM webcal_entry, webcal_entry_user " . "WHERE webcal_entry.cal_id = webcal_entry_user.cal_id " . "AND ( webcal_entry.cal_ext_for_id IS NULL " . "OR webcal_entry.cal_ext_for_id = 0 ) AND " . "webcal_entry_user.cal_login = '******' AND " . "webcal_entry_user.cal_status = 'W' " . "ORDER BY webcal_entry.cal_date";
$res = dbi_query($sql);
$count = 0;
$eventinfo = "";
if ($res) {
while ($row = dbi_fetch_row($res)) {
if ($count == 0) {
echo "<ul>\n";
}
$key++;
$id = $row[0];
$name = $row[1];
$description = $row[2];
$pri = $row[3];
$date = $row[4];
$time = $row[5];
$duration = $row[6];
$status = $row[7];
$divname = "eventinfo-{$id}-{$key}";
echo "<li><a title=\"" . translate("View this entry") . "\" class=\"entry\" href=\"view_entry.php?id={$id}&user={$user}";
echo "\" onmouseover=\"window.status='" . translate("View this entry") . "'; show(event, '{$divname}'); return true;\" onmouseout=\"hide('{$divname}'); return true;\">";
$timestr = "";
if ($time > 0) {
$timestr = display_time($time);
if ($duration > 0) {
// calc end time
$h = (int) ($time / 10000);
$m = $time / 100 % 100;
$m += $duration;
$d = $duration;
while ($m >= 60) {
$h++;
$m -= 60;
}
$end_time = sprintf("%02d%02d00", $h, $m);
$timestr .= " - " . display_time($end_time);
}
}
echo htmlspecialchars($name);
echo "</a>";
echo " (" . date_to_str($date) . ")\n";
//approve
echo ": <a title=\"" . translate("Approve/Confirm") . "\" href=\"approve_entry.php?id={$id}&ret=list&user={$user}";
if ($user == "__public__") {
echo "&public=1";
}
echo "\" class=\"nav\" onclick=\"return confirm('" . translate("Approve this entry?") . "');\">" . translate("Approve/Confirm") . "</a>, ";
//reject
echo "<a title=\"" . translate("Reject") . "\" href=\"reject_entry.php?id={$id}&ret=list&user={$user}";
if ($user == "__public__") {
echo "&public=1";
}
echo "\" class=\"nav\" onclick=\"return confirm('" . translate("Reject this entry?") . "');\">" . translate("Reject") . "</a>";
//delete
echo ", <a title=\"" . translate("Delete") . "\" href=\"del_entry.php?id={$id}&ret=list";
if ($user != $login) {
echo "&user={$user}";
}
echo "\" class=\"nav\" onclick=\"return confirm('" . translate("Are you sure you want to delete this entry?") . "');\">" . translate("Delete") . "</a>";
echo "\n</li>\n";
$eventinfo .= build_event_popup($divname, $user, $description, $timestr, site_extras_for_popup($id));
$count++;
}
dbi_free_result($res);
if ($count > 0) {
echo "</ul>\n";
}
}
if ($count == 0) {
user_load_variables($user, "temp_");
echo "<span class=\"nounapproved\">" . translate("No unapproved events for") . " " . $temp_fullname . ".</span>\n";
} else {
if (!empty($eventinfo)) {
echo $eventinfo;
}
}
}
/**
* Draws a daily outlook style availability grid showing events that are
* approved and awaiting approval.
*
* @param string $date Date to show the grid for
* @param array $participants Which users should be included in the grid
* @param string $popup Not used
*/
function daily_matrix($date, $participants, $popup = '')
{
global $CELLBG, $TODAYCELLBG, $THFG, $THBG, $TABLEBG;
global $user_fullname, $repeated_events, $events;
global $WORK_DAY_START_HOUR, $WORK_DAY_END_HOUR, $TZ_OFFSET, $ignore_offset;
$increment = 15;
$interval = 4;
$participant_pct = '20%';
//use percentage
$first_hour = $WORK_DAY_START_HOUR;
$last_hour = $WORK_DAY_END_HOUR;
$hours = $last_hour - $first_hour;
$cols = $hours * $interval + 1;
$total_pct = '80%';
$cell_pct = 80 / ($hours * $interval);
$master = array();
// Build a master array containing all events for $participants
for ($i = 0; $i < count($participants); $i++) {
/* Pre-Load the repeated events for quckier access */
$repeated_events = read_repeated_events($participants[$i], "", $date);
/* Pre-load the non-repeating events for quicker access */
$events = read_events($participants[$i], $date, $date);
// get all the repeating events for this date and store in array $rep
$rep = get_repeating_entries($participants[$i], $date);
// get all the non-repeating events for this date and store in $ev
$ev = get_entries($participants[$i], $date);
// combine into a single array for easy processing
$ALL = array_merge($rep, $ev);
foreach ($ALL as $E) {
if ($E['cal_time'] == 0) {
$E['cal_time'] = $first_hour . "0000";
$E['cal_duration'] = 60 * ($last_hour - $first_hour);
} else {
$E['cal_time'] = sprintf("%06d", $E['cal_time']);
}
$hour = substr($E['cal_time'], 0, 2);
$mins = substr($E['cal_time'], 2, 2);
// Timezone Offset
if (!$ignore_offset) {
$hour += $TZ_OFFSET;
}
while ($hour < 0) {
$hour += 24;
}
while ($hour > 23) {
$hour -= 24;
}
// Make sure hour is 2 digits
$hour = sprintf("%02d", $hour);
// convert cal_time to slot
if ($mins < 15) {
$slot = $hour . '';
} elseif ($mins >= 15 && $mins < 30) {
$slot = $hour . '.25';
} elseif ($mins >= 30 && $mins < 45) {
$slot = $hour . '.5';
} elseif ($mins >= 45) {
$slot = $hour . '.75';
}
// convert cal_duration to bars
$bars = $E['cal_duration'] / $increment;
// never replace 'A' with 'W'
for ($q = 0; $bars > $q; $q++) {
$slot = sprintf("%02.2f", $slot);
if (strlen($slot) == 4) {
$slot = '0' . $slot;
}
// add leading zeros
$slot = $slot . '';
// convert to a string
if (empty($master['_all_'][$slot]) || $master['_all_'][$slot]['stat'] != 'A') {
$master['_all_'][$slot]['stat'] = $E['cal_status'];
}
if (empty($master[$participants[$i]][$slot]) || $master[$participants[$i]][$slot]['stat'] != 'A') {
$master[$participants[$i]][$slot]['stat'] = $E['cal_status'];
$master[$participants[$i]][$slot]['ID'] = $E['cal_id'];
}
$slot = $slot + '0.25';
}
}
}
?>
<br />
<table align="center" class="matrixd" style="width:<?php
echo $total_pct;
?>
;" cellspacing="0" cellpadding="0">
<tr><td class="matrix" colspan="<?php
echo $cols;
?>
"></td></tr>
<tr><th style="width:<?php
echo $participant_pct;
?>
;">
<?php
etranslate("Participants");
?>
</th>
<?php
$str = '';
$MouseOut = "onmouseout=\"window.status=''; this.style.backgroundColor='" . $THBG . "';\"";
$CC = 1;
for ($i = $first_hour; $i < $last_hour; $i++) {
$hour = $i;
if ($GLOBALS["TIME_FORMAT"] == "12") {
$hour %= 12;
if ($hour == 0) {
$hour = 12;
}
}
for ($j = 0; $j < $interval; $j++) {
$str .= ' <td id="C' . $CC . '" class="dailymatrix" ';
$MouseDown = 'onmousedown="schedule_event(' . $i . ',' . sprintf("%02d", $increment * $j) . ');"';
switch ($j) {
case 1:
if ($interval == 4) {
$k = $hour <= 9 ? '0' : substr($hour, 0, 1);
}
$str .= 'style="width:' . $cell_pct . '%; text-align:right;" ' . $MouseDown . " onmouseover=\"window.status='Schedule a " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">";
$str .= $k . "</td>\n";
break;
case 2:
if ($interval == 4) {
$k = $hour <= 9 ? substr($hour, 0, 1) : substr($hour, 1, 2);
}
$str .= 'style="width:' . $cell_pct . '%; text-align:left;" ' . $MouseDown . " onmouseover=\"window.status='Schedule a " . $hour . ':' . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">";
$str .= $k . "</td>\n";
break;
default:
$str .= 'style="width:' . $cell_pct . '%;" ' . $MouseDown . " onmouseover=\"window.status='Schedule a " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">";
$str .= " </td>\n";
break;
}
$CC++;
}
}
echo $str . "</tr>\n<tr><td class=\"matrix\" colspan=\"{$cols}\"></td></tr>\n";
// Add user _all_ to beginning of $participants array
array_unshift($participants, '_all_');
// Javascript for cells
$MouseOver = "onmouseover=\"this.style.backgroundColor='#CCFFCC';\"";
$MouseOut = "onmouseout=\"this.style.backgroundColor='" . $CELLBG . "';\"";
// Display each participant
for ($i = 0; $i < count($participants); $i++) {
if ($participants[$i] != '_all_') {
// Load full name of user
user_load_variables($participants[$i], "user_");
// exchange space for to keep from breaking
$user_nospace = preg_replace('/\\s/', ' ', $user_fullname);
} else {
$user_nospace = translate("All Attendees");
$user_nospace = preg_replace('/\\s/', ' ', $user_nospace);
}
echo "<tr>\n<th class=\"row\" style=\"width:{$participant_pct};\">" . $user_nospace . "</th>\n";
$col = 1;
$viewMsg = translate("View this entry");
// check each timebar
for ($j = $first_hour; $j < $last_hour; $j++) {
for ($k = 0; $k < $interval; $k++) {
$border = $k == '0' ? ' border-left: 1px solid #000000;' : "";
$MouseDown = 'onmousedown="schedule_event(' . $j . ',' . sprintf("%02d", $increment * $k) . ');"';
$RC = $CELLBG;
//$space = '';
$space = " ";
$r = sprintf("%02d", $j) . '.' . sprintf("%02d", 25 * $k) . '';
if (empty($master[$participants[$i]][$r])) {
// ignore this..
} else {
if (empty($master[$participants[$i]][$r]['ID'])) {
// This is the first line for 'all' users. No event here.
$space = "<span class=\"matrix\"><img src=\"pix.gif\" alt=\"\" style=\"height: 8px\" /></span>";
} else {
if ($master[$participants[$i]][$r]['stat'] == "A") {
$space = "<a class=\"matrix\" href=\"view_entry.php?id={$master[$participants[$i]][$r]['ID']}\"><img src=\"pix.gif\" title=\"{$viewMsg}\" alt=\"{$viewMsg}\" /></a>";
} else {
if ($master[$participants[$i]][$r]['stat'] == "W") {
$space = "<a class=\"matrix\" href=\"view_entry.php?id={$master[$participants[$i]][$r]['ID']}\"><img src=\"pixb.gif\" title=\"{$viewMsg}\" alt=\"{$viewMsg}\" /></a>";
}
}
}
}
echo "<td class=\"matrixappts\" style=\"width:{$cell_pct}%;{$border}\" ";
if ($space == " ") {
echo "{$MouseDown} {$MouseOver} {$MouseOut}";
}
echo ">{$space}</td>\n";
$col++;
}
}
echo "</tr><tr>\n<td class=\"matrix\" colspan=\"{$cols}\">" . "<img src=\"pix.gif\" alt=\"-\" /></td></tr>\n";
}
// End foreach participant
echo "</table><br />\n";
$busy = translate("Busy");
$tentative = translate("Tentative");
echo "<table align=\"center\"><tr><td class=\"matrixlegend\" >\n";
echo "<img src=\"pix.gif\" title=\"{$busy}\" alt=\"{$busy}\" /> {$busy} \n";
echo "<img src=\"pixb.gif\" title=\"{$tentative}\" alt=\"{$tentative}\" /> {$tentative}\n";
echo "</td></tr></table>\n";
}
function get_default_function_access($page_id, $user)
{
global $user_is_admin;
user_load_variables($user, 'user_');
switch ($page_id) {
case ACCESS_ACTIVITY_LOG:
case ACCESS_SECURITY_AUDIT:
case ACCESS_ADMIN_HOME:
case ACCESS_SYSTEM_SETTINGS:
case ACCESS_USER_MANAGEMENT:
return !empty($user_is_admin) && $user_is_admin == 'Y' ? 'Y' : 'N';
break;
default:
return 'Y';
break;
}
}
$events = read_events(!empty($user) && strlen($user) ? $user : $login, $startdate, $enddate, $cat_id);
$boldDays = true;
$catSelectStr = print_category_menu('year', $thisyear, $cat_id);
}
// Disable $DISPLAY_ALL_DAYS_IN_MONTH.
$DISPLAY_ALL_DAYS_IN_MONTH = 'N';
//Enable empty weekend days to be visible
$SHOW_EMPTY_WEEKENDS = true;
// Include unapproved events?
$get_unapproved = $DISPLAY_UNAPPROVED == 'Y';
$nextStr = translate('Next');
$prevStr = translate('Previous');
$userStr = empty($user) ? '' : '&user='******'N') {
if (!empty($user)) {
user_load_variables($user, 'user_');
$fullnameStr = $user_fullname;
} else {
$fullnameStr = $fullname;
}
}
$asstModeStr = $is_assistant ? ' <span class="asstmode">-- ' . translate('Assistant mode') . ' --</span>' : '';
if (empty($friendly)) {
$unapprovedStr = display_unapproved_events($is_assistant || $is_nonuser_admin ? $user : $login);
$printerStr = generate_printer_friendly('year.php');
} else {
$unapprovedStr = $printerStr = '';
}
$yr_rows = 3;
/* TODO: Move $yr_rows = 3 to webcal_config as default.
* Add to webcal_user_prefs for each user.
} else {
if ($use_http_auth) {
// There is no login page when using HTTP authorization
do_redirect('index.php');
} else {
if (!empty($login) && !empty($password) && !$logout) {
if (get_magic_quotes_gpc()) {
$password = stripslashes($password);
$login = stripslashes($login);
}
$login = trim($login);
if ($login != addslashes($login)) {
die_miserable_death('Illegal characters in login ' . '<tt>' . htmlentities($login) . '</tt>');
}
if (user_valid_login($login, $password)) {
user_load_variables($login, '');
$encoded_login = encode_string($login . '|' . crypt($password));
// set login to expire in 365 days
if (!empty($remember) && $remember == 'yes') {
SetCookie('webcalendar_session', $encoded_login, time() + 24 * 3600 * 365, $cookie_path);
} else {
SetCookie('webcalendar_session', $encoded_login, 0, $cookie_path);
}
// The cookie "webcalendar_login" is provided as a convenience to
// other apps that may wish to find out what the last calendar
// login was, so they can use week_ssi.php as a server-side include.
// As such, it's not a security risk to have it un-encoded since it
// is not used to allow logins within this app. It is used to
// load user preferences on the login page (before anyone has
// logged in) if $REMEMBER_LAST_LOGIN is set to "Y" (in admin.php).
if (!empty($remember) && $remember == 'yes') {
function build_entry_popup($popupid, $user, $description = '', $time, $site_extras = '', $location = '', $name = '', $id = '', $reminder = '')
{
global $ALLOW_HTML_DESCRIPTION, $DISABLE_POPUPS, $login, $PARTICIPANTS_IN_POPUP, $popup_fullnames, $popuptemp_fullname, $PUBLIC_ACCESS_VIEW_PART, $SUMMARY_LENGTH, $tempfullname;
if (!empty($DISABLE_POPUPS) && $DISABLE_POPUPS == 'Y') {
return;
}
// Restrict info if time only set.
$details = true;
if (function_exists('access_is_enabled') && access_is_enabled() && $user != $login) {
$time_only = access_user_calendar('time', $user);
$details = $time_only == 'N' ? 1 : 0;
}
$ret = '<dl id="' . $popupid . '" class="popup">' . "\n";
if (empty($popup_fullnames)) {
$popup_fullnames = array();
}
$partList = array();
if ($details && $id != '' && !empty($PARTICIPANTS_IN_POPUP) && $PARTICIPANTS_IN_POPUP == 'Y' && !($PUBLIC_ACCESS_VIEW_PART == 'N' && $login == '__public__')) {
$rows = dbi_get_cached_rows('SELECT cal_login, cal_status
FROM webcal_entry_user WHERE cal_id = ? AND cal_status IN ( \'A\',\'W\' )', array($id));
if ($rows) {
for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) {
$row = $rows[$i];
$participants[] = $row;
}
}
for ($i = 0, $cnt = count($participants); $i < $cnt; $i++) {
user_load_variables($participants[$i][0], 'temp');
$partList[] = $tempfullname . ' ' . ($participants[$i][1] == 'W' ? '(?)' : '');
}
$rows = dbi_get_cached_rows('SELECT cal_fullname FROM webcal_entry_ext_user
WHERE cal_id = ? ORDER by cal_fullname', array($id));
if ($rows) {
$extStr = translate('External User');
for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) {
$row = $rows[$i];
$partList[] = $row[0] . ' (' . $extStr . ')';
}
}
}
if ($user != $login) {
if (empty($popup_fullnames[$user])) {
user_load_variables($user, 'popuptemp_');
$popup_fullnames[$user] = $popuptemp_fullname;
}
$ret .= '<dt>' . translate('User') . ":</dt>\n<dd>{$popup_fullnames[$user]}</dd>\n";
}
$ret .= ($SUMMARY_LENGTH < 80 && strlen($name) && $details ? '<dt>' . htmlspecialchars(substr($name, 0, 40)) . "</dt>\n" : '') . (strlen($time) ? '<dt>' . translate('Time') . ":</dt>\n<dd>{$time}</dd>\n" : '') . (!empty($location) && $details ? '<dt>' . translate('Location') . ":</dt>\n<dd> {$location}</dd>\n" : '') . (!empty($reminder) && $details ? '<dt>' . translate('Send Reminder') . ":</dt>\n<dd> {$reminder}</dd>\n" : '');
if (!empty($partList) && $details) {
$ret .= '<dt>' . translate('Participants') . ":</dt>\n";
foreach ($partList as $parts) {
$ret .= "<dd> {$parts}</dd>\n";
}
}
if (!empty($description) && $details) {
$ret .= '<dt>' . translate('Description') . ":</dt>\n<dd>";
if (!empty($ALLOW_HTML_DESCRIPTION) && $ALLOW_HTML_DESCRIPTION == 'Y') {
// Replace &s and decode special characters.
$str = unhtmlentities(str_replace('&amp;', '&', str_replace('&', '&', $description)));
// If there is no HTML found, then go ahead and replace
// the line breaks ("\n") with the HTML break ("<br />").
$ret .= strstr($str, '<') && strstr($str, '>') ? $str : nl2br($str);
} else {
// HTML not allowed in description, escape everything.
$ret .= nl2br(htmlspecialchars($description));
}
$ret .= "</dd>\n";
}
//if $description
return $ret . (empty($site_extras) ? '' : $site_extras) . "</dl>\n";
}
/* $Id: group_edit.php,v 1.31 2007/07/28 19:21:57 bbannon Exp $ */
include_once 'includes/init.php';
$groupname = $groupowner = $groupupdated = '';
$newgroup = true;
if (empty($id)) {
$groupname = translate('Unnamed Group');
} else {
$newgroup = false;
// Get group by id.
$res = dbi_execute('SELECT cal_owner, cal_name, cal_last_update, cal_owner
FROM webcal_group WHERE cal_group_id = ?', array($id));
if ($res) {
if ($row = dbi_fetch_row($res)) {
$groupname = $row[1];
$groupupdated = $row[2];
user_load_variables($row[3], 'temp');
$groupowner = $tempfullname;
}
dbi_fetch_row($res);
}
}
print_header('', '', '', true);
ob_start();
echo '
<form action="group_edit_handler.php" method="post">
<h2>';
if ($newgroup) {
$v = array();
echo translate('Add Group') . '</h2>
<input type="hidden" name="add" value="1';
} else {
function nonuser_load_variables($login, $prefix)
{
global $error, $nuloadtmp_email;
$ret = false;
$res = dbi_query("SELECT cal_login, cal_lastname, cal_firstname, " . "cal_admin FROM webcal_nonuser_cals WHERE cal_login = '******'");
if ($res) {
while ($row = dbi_fetch_row($res)) {
if (strlen($row[1]) || strlen($row[2])) {
$fullname = "{$row['2']} {$row['1']}";
} else {
$fullname = $row[0];
}
// We need the email address for the admin
user_load_variables($row[3], 'nuloadtmp_');
$GLOBALS[$prefix . "login"] = $row[0];
$GLOBALS[$prefix . "firstname"] = $row[2];
$GLOBALS[$prefix . "lastname"] = $row[1];
$GLOBALS[$prefix . "fullname"] = $fullname;
$GLOBALS[$prefix . "admin"] = $row[3];
$GLOBALS[$prefix . "email"] = $nuloadtmp_email;
$ret = true;
}
dbi_free_result($res);
}
return $ret;
}
}
// Get event name
$sql = "SELECT cal_name FROM webcal_entry WHERE cal_id = {$id}";
$res = dbi_query($sql);
if ($res) {
$row = dbi_fetch_row($res);
$name = $row[0];
dbi_free_result($res);
}
// TODO: switch transation language based on user so each user
// gets message in their selected language.
for ($i = 0; $i < count($partlogin); $i++) {
// Log the deletion
activity_log($id, $login, $partlogin[$i], $LOG_DELETE, "");
$do_send = get_pref_setting($partlogin[$i], "EMAIL_EVENT_DELETED");
user_load_variables($partlogin[$i], "temp");
if ($partlogin[$i] != $login && $do_send == "Y" && strlen($tempemail) && $send_email != "N") {
$msg = translate("Hello") . ", " . $tempfullname . ".\n\n" . translate("An appointment has been canceled for you by") . " " . $login_fullname . ". " . translate("The subject was") . " \"" . $name . "\"\n\n";
if (strlen($login_email)) {
$extra_hdrs = "From: {$login_email}\nX-Mailer: " . translate($application_name);
} else {
$extra_hdrs = "From: {$email_fallback_from}\nX-Mailer: " . translate($application_name);
}
mail($tempemail, translate($application_name) . " " . translate("Notification") . ": " . $name, html_to_8bits($msg), $extra_hdrs);
}
}
// Instead of deleting from the database... mark it as deleted
// by setting the status for each participant to "D" (instead
// of "A"/Accepted, "W"/Waiting-on-approval or "R"/Rejected)
if ($override_repeat) {
dbi_query("INSERT INTO webcal_entry_repeats_not ( cal_id, cal_date ) " . "VALUES ( {$id}, {$date} )");
if (!dbi_query($sql)) {
$error = translate("Database error") . ": " . dbi_error();
break;
} else {
// Don't send mail if we are editing a non-user calendar
// and we are the admin
if (!$is_nonuser_admin) {
$from = $user_email;
if (empty($from) && !empty($email_fallback_from)) {
$from = $email_fallback_from;
}
// only send mail if their email address is filled in
$do_send = get_pref_setting($participants[$i], $newevent ? "EMAIL_EVENT_ADDED" : "EMAIL_EVENT_UPDATED");
$user_TZ = get_pref_setting($participants[$i], "TZ_OFFSET");
$user_language = get_pref_setting($participants[$i], "LANGUAGE");
user_load_variables($participants[$i], "temp");
if ($participants[$i] != $login && boss_must_be_notified($login, $participants[$i]) && strlen($tempemail) && $do_send == "Y" && $send_user_mail && $send_email != "N") {
// Want date/time in user's timezone
$user_hour = $hour + $user_TZ;
if ($user_hour < 0) {
$user_hour += 24;
// adjust date
$user_date = mktime(3, 0, 0, $month, $day, $year);
$user_date -= $ONE_DAY;
$user_month = date("m", $date);
$user_day = date("d", $date);
$user_year = date("Y", $date);
} elseif ($user_hour >= 24) {
$user_hour -= 24;
// adjust date
$user_date = mktime(3, 0, 0, $month, $day, $year);
// Since print_date_entries is rather stupid, we can swap the event data
// around for users by changing what $events points to.
// .
$tdw = 12;
// Column width percent.
echo '
<table class="main">
<tr>
<th class="empty"> </th>';
$body = $header = '';
$todayYmd = date('Ymd', $today);
for ($i = 0; $i < $viewusercnt; $i++) {
$events = $e_save[$i];
$repeated_events = $re_save[$i];
$user = $viewusers[$i];
user_load_variables($user, 'temp');
$body .= '
<tr>
<th class="row" style="width:' . $tdw . '%;">' . $tempfullname . '</th>';
for ($date = $wkstart; $date < $wkend; $date += 86400) {
$is_weekend = is_weekend($date);
if ($is_weekend && $DISPLAY_WEEKENDS == 'N') {
continue;
}
$dateYmd = date('Ymd', $date);
$entryStr = print_date_entries($dateYmd, $user, true);
$class = ($dateYmd == $todayYmd ? ' class="today"' : (!empty($entryStr) && $entryStr != ' ' ? ' class="hasevents"' : ($is_weekend ? ' class="weekend"' : ''))) . ' style="width:' . $tdw . '%;">';
// .
// Build header row.
if ($i == 0) {
$header .= '
send_http_login();
}
} else {
if (!empty($login)) {
// they are already logged in ($login is set in validate.php)
if (strstr($PHP_SELF, "login.php")) {
// ignore since login.php will redirect to index.php
} else {
if ($login == "__public__") {
$is_admin = false;
$lastname = "";
$firstname = "";
$fullname = "Public Access";
$user_email = "";
} else {
user_load_variables($login, "login_");
if (!empty($login_login)) {
$is_admin = $login_is_admin == "Y" ? true : false;
$lastname = $login_lastname;
$firstname = $login_firstname;
$fullname = $login_fullname;
$user_email = $login_email;
} else {
// Invalid login
if ($use_http_auth) {
send_http_login();
} else {
// This shouldn't happen since login should be validated in validate.php
// If it does happen, it means we received an invalid login cookie.
//echo "Error getting user info for login \"$login\".";
do_redirect($login_url . "&error=Invalid+session+found.");
function list_unapproved($user)
{
global $temp_fullname, $key, $login;
//echo "Listing events for $user <BR>";
echo "<UL>\n";
$sql = "SELECT webcal_entry.cal_id, webcal_entry.cal_name, " . "webcal_entry.cal_description, " . "webcal_entry.cal_priority, webcal_entry.cal_date, " . "webcal_entry.cal_time, webcal_entry.cal_duration, " . "webcal_entry_user.cal_status " . "FROM webcal_entry, webcal_entry_user " . "WHERE webcal_entry.cal_id = webcal_entry_user.cal_id " . "AND ( webcal_entry.cal_ext_for_id IS NULL " . "OR webcal_entry.cal_ext_for_id = 0 ) AND " . "webcal_entry_user.cal_login = '******' AND " . "webcal_entry_user.cal_status = 'W' " . "ORDER BY webcal_entry.cal_date";
$res = dbi_query($sql);
$count = 0;
$eventinfo = "";
if ($res) {
while ($row = dbi_fetch_row($res)) {
$key++;
$id = $row[0];
$name = $row[1];
$description = $row[2];
$pri = $row[3];
$date = $row[4];
$time = $row[5];
$duration = $row[6];
$status = $row[7];
$divname = "eventinfo-{$id}-{$key}";
echo "<LI><A CLASS=\"entry\" HREF=\"view_entry.php?id={$id}";
echo "\" onMouseOver=\"window.status='" . translate("View this entry") . "'; show(event, '{$divname}'); return true;\" onMouseOut=\"hide('{$divname}'); return true;\">";
$timestr = "";
if ($time > 0) {
$timestr = display_time($time);
if ($duration > 0) {
// calc end time
$h = (int) ($time / 10000);
$m = $time / 100 % 100;
$m += $duration;
$d = $duration;
while ($m >= 60) {
$h++;
$m -= 60;
}
$end_time = sprintf("%02d%02d00", $h, $m);
$timestr .= " - " . display_time($end_time);
}
}
echo htmlspecialchars($name);
echo "</A>";
echo " (" . date_to_str($date) . ")\n";
echo ": <A HREF=\"approve_entry.php?id={$id}&ret=list";
if ($user == "__public__") {
echo "&public=1";
}
echo "\" CLASS=\"navlinks\" onClick=\"return confirm('" . translate("Approve this entry?") . "');\">" . translate("Approve/Confirm") . "</A>, ";
echo "<A HREF=\"reject_entry.php?id={$id}&ret=list";
if ($user == "__public__") {
echo "&public=1";
}
echo "\" CLASS=\"navlinks\" onClick=\"return confirm('" . translate("Reject this entry?") . "');\">" . translate("Reject") . "</A>";
$eventinfo .= build_event_popup($divname, $user, $description, $timestr, $time);
$count++;
}
dbi_free_result($res);
}
echo "</UL><P>\n";
if ($count == 0) {
user_load_variables($user, "temp_");
echo translate("No unapproved events for") . " " . $temp_fullname . ".";
} else {
echo $eventinfo;
}
}
echo $ext_users[$i] . " (" . translate("External User") . ")<br />\n";
}
}
}
}
for ($i = 0; $i < $num_wait; $i++) {
user_load_variables($waiting[$i], "temp");
if (strlen($tempemail)) {
echo "<br /><a href=\"mailto:" . $tempemail . "?subject={$subject}\">" . $tempfullname . "</a> (?)\n";
$allmails[] = $tempemail;
} else {
echo "<br />" . $tempfullname . " (?)\n";
}
}
for ($i = 0; $i < $num_rej; $i++) {
user_load_variables($rejected[$i], "temp");
if (strlen($tempemail)) {
echo "<br /><strike><a href=\"mailto:" . $tempemail . "?subject={$subject}\">" . $tempfullname . "</a></strike> (" . translate("Rejected") . ")\n";
} else {
echo "<br /><strike>{$tempfullname}</strike> (" . translate("Rejected") . ")\n";
}
}
?>
</td></tr>
<?php
}
// end participants
?>
</table>
$nonusers = get_nonuser_cals();
$userlist = array_merge($nonusers, $userlist);
}
for ($i = 0; $i < count($userlist); $i++) {
if ($user == $userlist[$i]['cal_login']) {
$valid_user = true;
}
}
if ($valid_user == false) {
$user = "";
// security precaution
}
}
if (!empty($user)) {
$u_url = "user={$user}&";
user_load_variables($user, "user_");
if ($user == "__public__") {
$user_fullname = translate($PUBLIC_ACCESS_FULLNAME);
}
} else {
$u_url = "";
$user_fullname = $fullname;
if ($login == "__public__") {
$user_fullname = translate($PUBLIC_ACCESS_FULLNAME);
}
}
set_today($date);
if ($categories_enabled == "Y") {
if (!empty($cat_id)) {
$cat_id = $cat_id;
} elseif (!empty($CATEGORY_VIEW)) {
cal_create_by FROM webcal_entry WHERE cal_id = ?', array($id));
if ($res) {
$row = dbi_fetch_row($res);
$name = $row[0];
$description = $row[1];
$fmtdate = $row[2];
$time = sprintf("%06d", $row[3]);
$creator = $row[4];
dbi_free_result($res);
}
$eventstart = date_to_epoch($fmtdate . $time);
// TODO figure out if creator wants approved comment email.
// Check UAC.
$send_user_mail = access_is_enabled() ? access_user_calendar('email', $creator, $login) : 'Y';
$htmlmail = get_pref_setting($creator, 'EMAIL_HTML');
user_load_variables($creator, 'temp');
$user_TIMEZONE = get_pref_setting($creator, 'TIMEZONE');
set_env('TZ', $user_TIMEZONE);
$user_language = get_pref_setting($creator, 'LANGUAGE');
if ($send_user_mail == 'Y' && strlen($tempemail) && $SEND_EMAIL != 'N') {
reset_language(empty($user_language) || $user_language == 'none' ? $LANGUAGE : $user_language);
// translate ( 'Hello' )
$msg = str_replace('XXX', $tempfullname, translate('Hello, XXX.')) . "\n\n" . str_replace('XXX', $login_fullname, translate('XXX has approved an appointment and added comments.')) . "\n\n" . str_replace('XXX', $name, translate('Subject XXX')) . "\n" . str_replace('XXX', $description, translate('Description XXX')) . "\n" . str_replace('XXX', date_to_str($fmtdate), translate('Date XXX')) . ' ' . (empty($hour) && empty($minute) ? '' : str_replace('XXX', display_time('', 2, $eventstart, get_pref_setting($creator, 'TIME_FORMAT')), translate('Time XXX'))) . "\n";
if (!empty($SERVER_URL)) {
// DON'T change & to & here. email will handle it
$url = $SERVER_URL . 'view_entry.php?id=' . $id . '&em=1';
if ($htmlmail == 'Y') {
$url = activate_urls($url);
}
$msg .= "\n" . $url;
}
