public static function is_owner($uid, $calID)
{
$db = CalendarPluginDB::get();
$p = $db->prepare_statement("SELECT c.calendarID,c.name FROM\n calendars AS c LEFT JOIN permissions AS p\n ON c.calendarID=p.calendarID WHERE\n p.uid=? AND p.classID = 4 and c.calendarID=?");
$results = $db->exec_statement($p, array($uid, $calID));
if ($db->num_rows($results) > 0) {
return True;
}
return False;
}
private function writeICal($id, $filename)
{
global $FANNIE_OP_DB;
$dbc = CalendarPluginDB::get();
$cal = new CalendarsModel($dbc);
$cal->calendarID($id);
$cal->load();
$query = '
SELECT m.eventID,
m.eventDate,
m.eventText,
m.uid,
u.real_name,
u.name
FROM monthview_events AS m
LEFT JOIN ' . $FANNIE_OP_DB . $dbc->sep() . 'Users AS u ON m.uid=u.uid
WHERE m.calendarID = ?';
if (FormLib::get('export') != 1) {
$query .= ' AND m.eventDate >= ' . $dbc->curdate();
}
$query .= ' ORDER BY eventDate DESC';
$prep = $dbc->prepare($query);
$res = $dbc->execute($prep, array($id));
$fp = fopen($filename, 'w');
fwrite($fp, "BEGIN:VCALENDAR\r\n");
fwrite($fp, "VERSION:2.0\r\n");
fwrite($fp, "PRODID:-//FannieCalendarPlugin//NONSGML v1.0//EN\r\n");
fwrite($fp, "X-WR-CALNAME:" . $cal->name() . "\r\n");
fwrite($fp, "CALSCALE:GREGORIAN\r\n");
$now = gmdate('Ymd') . 'T' . gmdate('His') . 'Z';
while ($row = $dbc->fetch_row($res)) {
$times = $this->getTime($row['eventText']);
$date_stem = date('Y-m-d', strtotime($row['eventDate']));
fwrite($fp, "BEGIN:VEVENT\r\n");
fwrite($fp, "UID:" . sha1($row['eventID']) . '@' . $_SERVER['HTTP_HOST'] . "\r\n");
if ($times && strtotime($date_stem . ' ' . $times['start'] . ':00') && strtotime($date_stem . ' ' . $times['end'] . ':00')) {
$startTime = strtotime($date_stem . ' ' . $times['start'] . ':00');
$endTime = strtotime($date_stem . ' ' . $times['end'] . ':00');
fwrite($fp, "DTSTART:" . gmdate('Ymd\\THis\\Z', $startTime) . "\r\n");
fwrite($fp, "DTEND:" . gmdate('Ymd\\THis\\Z', $endTime) . "\r\n");
} else {
fwrite($fp, "DTSTART;VALUE=DATE:" . date('Ymd', strtotime($row['eventDate'])) . "\r\n");
}
fwrite($fp, "DTSTAMP:" . $now . "\r\n");
$row['eventText'] = $this->br2nl($row['eventText']);
fwrite($fp, "DESCRIPTION:" . $this->escapeString($row['eventText']) . "\r\n");
$summary = explode("\n", $row['eventText'], 2);
fwrite($fp, "SUMMARY:" . $this->escapeString($summary[0]) . "\r\n");
fwrite($fp, "ORGANIZER;CN=" . $row['real_name'] . ":" . $row['name'] . '@' . $_SERVER['HTTP_HOST'] . "\r\n");
fwrite($fp, "LAST-MODIFIED:" . $now . "\r\n");
fwrite($fp, "END:VEVENT\r\n");
}
fwrite($fp, "END:VCALENDAR\r\n");
}
public function get_view()
{
$dbc = CalendarPluginDB::get();
$calendars = new CalendarsModel($dbc);
$ret = '<form method="get" action="' . $_SERVER['PHP_SELF'] . '">
<input type="hidden" name="_method" value="delete" />
<div class="form-group">
<label>Delete Calendar</label>
<select name="id" class="form-control">
<option value="0">Choose one...</option>';
$ret .= $calendars->toOptions();
$ret .= '</select>
</div>
<div class="form-group">
<button type="submit" class="btn btn-danger">Delete</button>
</div>
</form>';
return $ret;
}
public function get_id_leave_id_handler()
{
$dbc = CalendarPluginDB::get();
$model = new AttendeesModel($dbc);
$model->eventID($this->id);
$model->uid($this->leave_id);
$model->delete();
header('Location: CalendarAttendedEventPage.php?id=' . $this->id);
return false;
}
public function run($args = array())
{
global $FANNIE_URL;
$data = array();
$action = FormLib::get_form_value('action');
if ($action !== '') {
$data[] = $action;
switch ($action) {
case 'save_or_add_event':
$calID = FormLib::get('id', 0);
$text = FormLib::get('text');
$text = str_replace('<br>', "\n", $text);
$text = htmlspecialchars($text);
$text = str_replace("\n", '<br>', $text);
$db = CalendarPluginDB::get();
$event = new MonthviewEventsModel($db);
$eventID = FormLib::get('eventID', false);
if ($eventID !== false) {
$event->eventID($eventID);
$event->eventText($text);
if (!empty($text)) {
$event->save();
} else {
$event->delete();
}
} else {
$date = FormLib::get('datestr');
$uid = FormLib::get('uid');
$event->eventDate($date);
$event->calendarID($calID);
$event->uid($uid);
$event->eventText($text);
if (!empty($text)) {
$eventID = $event->save();
$data = array();
echo $eventID;
}
}
$calendar = new CalendarsModel($db);
$calendar->calendarID($calID);
$calendar->modified(1);
$calendar->save();
break;
case 'monthview_save':
$date = FormLib::get_form_value('date');
$id = FormLib::get_form_value('id', 0);
$text = FormLib::get_form_value('text');
$uid = FormLib::get_form_value('uid', 0);
$db = CalendarPluginDB::get();
$chkP = $db->prepare_statement("SELECT calendarID FROM monthview_events \n WHERE eventDate=? and uid=? and calendarID=?");
$rowCheck = $db->exec_statement($chkP, array($date, $uid, $id));
if ($db->num_rows($rowCheck) <= 0 && $text != "") {
$insP = $db->prepare_statement("INSERT INTO monthview_events \n (calendarID, eventDate, eventText, uid) VALUES (?,?,?,?)");
$db->exec_statement($insP, array($id, $date, $text, $uid));
} else {
if ($text == "") {
$delP = $db->prepare_statement("DELETE FROM monthview_events WHERE\n calendarID=? AND eventDate=?\n AND uid=?");
$db->exec_statement($delP, array($id, $date, $uid));
} else {
$upP = $db->prepare_statement("UPDATE monthview_events SET\n eventText=?\n WHERE calendarID=? AND eventDate=?\n AND uid=?");
$db->exec_statement($upP, array($text, $id, $date, $uid));
}
}
$calendar = new CalendarsModel($db);
$calendar->calendarID($id);
$calendar->modified(1);
$calendar->save();
break;
case 'createCalendar':
$name = FormLib::get_form_value('name');
$uid = FormLib::get_form_value('uid', 0);
$db = CalendarPluginDB::get();
$p = $db->prepare_statement("INSERT INTO calendars (name) VALUES (?)");
$db->exec_statement($p, array($name));
$id = $db->insert_id();
$p = $db->prepare_statement("INSERT INTO permissions (calendarID,uid,classID)\n VALUES (?,?,4)");
$db->exec_statement($p, array($id, $uid));
$data[] = "<p class=\"index\"><a href=\"?calID={$id}&view=month\">{$name}</a></p>";
break;
case 'createSubscription':
$db = CalendarPluginDB::get();
$name = FormLib::get('name');
$url = FormLib::get('url');
$uid = FormLib::get_form_value('uid', 0);
$subscription = new CalendarSubscriptionsModel($db);
$subscription->url($url);
$subscriptionID = $subscription->save();
$calendar = new CalendarsModel($db);
$calendar->name($name);
$calendar->calendarSubscriptionID($subscriptionID);
$calendarID = $calendar->save();
$permissions = new PermissionsModel($db);
$permissions->calendarID($calendarID);
$permissions->uid($uid);
$permissions->classID(4);
$permissions->save();
$data[] = 'Subscribed';
break;
case 'savePrefs':
$calID = FormLib::get_form_value('calID');
$name = str_replace("'", "''", $_GET['name']);
$name = FormLib::get_form_value('name');
$viewers = FormLib::get_form_value('viewers', array());
$writers = FormLib::get_form_value('writers', array());
$db = CalendarPluginDB::get();
$calendar = new CalendarsModel($db);
$calendar->calendarID($calID);
$calendar->load();
$calendar->name($name);
$calendar->save();
$p = $db->prepare_statement("DELETE FROM permissions WHERE calendarID=? and classID < 4");
$db->exec_statement($p, array($calID));
$insP = $db->prepare_statement("INSERT INTO permissions (calendarID,uid,classID) VALUES (?,?,?)");
if ($viewers != "") {
foreach (explode(",", $viewers) as $v) {
$db->exec_statement($insP, array($calID, $v, 1));
}
}
if ($writers != "") {
foreach (explode(",", $writers) as $w) {
$db->exec_statement($insP, array($calID, $w, 2));
}
}
if (FormLib::get('url')) {
$url = FormLib::get('url');
$sub = new CalendarSubscriptionsModel($db);
$sub->calendarSubscriptionID($calendar->calendarSubscriptionID());
$sub->url($url);
$sub->save();
}
break;
case 'weekview_save':
$timestamp = FormLib::get_form_value('ts');
$date = date('Y-m-d H:i:00', $timestamp);
$calID = FormLib::get_form_value('id', 0);
$text = trim(FormLib::get_form_value('text'));
$eID = FormLib::get('eventID', false);
$uid = FannieAuth::getUID(FannieAuth::checkLogin());
$pat = '/#(\\d+)/';
$rep = '<a href="' . $FANNIE_URL . 'modules/plugins2.0/PIKiller/PIMemberPage.php?id=${1}" onclick="noBubble(event);">#${1}</a>';
$text = preg_replace($pat, $rep, $text);
$db = CalendarPluginDB::get();
$model = new MonthviewEventsModel($db);
if ($eID) {
$model->eventID($eID);
}
if (empty($text) && $eID) {
// delete empty event
// no eID implies event doesn't exist
// just opened/closed w/o content
$model->delete();
} else {
if (!empty($text)) {
$model->uid($uid);
$model->eventDate($date);
$model->eventText($text);
$model->calendarID($calID);
$newID = $model->save();
if (!$eID) {
$data[] = $newID;
}
}
}
break;
}
}
return $data;
}
public static function prefsView($calID, $uid)
{
global $FANNIE_OP_DB;
if (!CalendarPluginPermissions::is_owner($uid, $calID)) {
return "<h2>Either something goofed up or you aren't allowed to change\n settings for this calendar</h2>";
}
$db = CalendarPluginDB::get();
$calendar = new CalendarsModel($db);
$calendar->calendarID($calID);
$calendar->load();
$name = $calendar->name();
$ret = "<body>";
$ret .= "<p>Name: <input type=text size=15 id=prefName value=\"{$name}\" />";
if ($calendar->calendarSubscriptionID()) {
$sub = new CalendarSubscriptionsModel($db);
$sub->calendarSubscriptionID($calendar->calendarSubscriptionID());
$sub->load();
$ret .= '</p><p>URL: <input type="text" size="50" id="sub-url" value="' . $sub->url() . '" />';
}
$ret .= "</p><hr />";
$userP = $db->prepare_statement("SELECT uid,real_name,name FROM " . $FANNIE_OP_DB . $db->sep() . "Users \n WHERE uid<>? order by name,real_name");
$userR = $db->exec_statement($userP, array($uid));
$userOpts = array();
while ($userW = $db->fetch_row($userR)) {
$name = $userW['real_name'];
if ($name == '') {
$name = $userW['name'];
} else {
if ($name == 'Array') {
$name = $userW['name'];
}
}
$userOpts[$userW['uid']] = "<option value=\"{$userW['uid']}\">{$name}</option>";
}
$ret .= "<p>Users who can view this calendar (<i>left</i>):";
$ret .= "<table><tr>";
$viewP = $db->prepare_statement("SELECT p.uid,u.real_name,u.name FROM permissions as p\n LEFT JOIN " . $FANNIE_OP_DB . $db->sep() . "Users as u on p.uid=u.uid\n WHERE p.calendarID=?\n AND p.classID = 1");
$viewR = $db->exec_statement($viewP, array($calID));
$ret .= "<td><select id=prefViewers multiple size=10 style=\"min-width:50px\">";
while ($viewW = $db->fetch_row($viewR)) {
$name = $userW['real_name'];
if ($viewW[0] == -1) {
$name = "Everyone";
} elseif ($name == '') {
$name = $userW['name'];
} else {
if ($name == 'Array') {
$name = $userW['name'];
}
}
$ret .= "<option value={$viewW['0']}>{$name}</option>";
}
$ret .= "</select></td>";
$ret .= "<td><input type=submit value=\"<<\" onclick=\"select_add('prefViewers2','prefViewers');\" /><p />";
$ret .= "<input type=submit value=\">>\" onclick=\"select_remove('prefViewers');\" /></td>";
$ret .= "<td><select id=prefViewers2 multiple size=10>";
$ret .= "<option value=-1>Everyone</option>";
foreach ($userOpts as $k => $v) {
$ret .= $v;
}
$ret .= "</select></td>";
$ret .= "</tr></table>";
$ret .= "</p><hr />";
$ret .= "<p>Users who can write on this calendar (<i>left</i>):";
$ret .= "<table><tr>";
$viewP = $db->prepare_statement("SELECT p.uid,u.real_name,u.name FROM permissions as p\n LEFT JOIN " . $FANNIE_OP_DB . $db->sep() . "Users as u on p.uid=u.uid\n WHERE p.calendarID=?\n AND p.classID = 2");
$viewR = $db->exec_statement($viewP, array($calID));
$ret .= "<td><select id=prefWriters multiple size=10 style=\"min-width:50px\">";
while ($viewW = $db->fetch_row($viewR)) {
$name = $userW['real_name'];
if ($viewW[0] == -1) {
$name = "Everyone";
} elseif ($name == '') {
$name = $userW['name'];
} else {
if ($name == 'Array') {
$name = $userW['name'];
}
}
$ret .= "<option value={$viewW['0']}>{$name}</option>";
}
$ret .= "</select></td>";
$ret .= "<td><input type=submit value=\"<<\" onclick=\"select_add('prefWriters2','prefWriters');\" /><p />";
$ret .= "<input type=submit value=\">>\" onclick=\"select_remove('prefWriters');\" /></td>";
$ret .= "<td><select id=prefWriters2 multiple size=10>";
$ret .= "<option value=-1>Everyone</option>";
foreach ($userOpts as $k => $v) {
$ret .= $v;
}
$ret .= "</select></td>";
$ret .= "</tr></table>";
$ret .= "</p><hr />";
$ret .= "<input type=submit value=\"Save Settings\" onclick=\"savePrefs({$calID});return false;\" /> ";
$ret .= "<input type=submit value=\"Back to Calendar\" onclick=\"top.location='?view=month&calID={$calID}';\" /> ";
return $ret;
}
public function run()
{
$dbc = CalendarPluginDB::get();
/**
Use prepare statements instead of models
for efficiency. Could be issuing a large number
of queries with many subscriptions
*/
$uidP = $dbc->prepare('
SELECT eventID
FROM monthview_events
WHERE calendarID=?
AND subscriptionUID=?');
$insertP = $dbc->prepare('
INSERT INTO monthview_events
(calendarID, eventDate, eventText, uid, subscriptionUID)
VALUES
(?, ?, ?, 0, ?)');
$updateP = $dbc->prepare('
UPDATE monthview_events
SET eventDate=?,
eventText=?
WHERE eventID=?');
$calendarsQ = '
SELECT c.calendarID,
s.url
FROM calendars AS c
INNER JOIN CalendarSubscriptions AS s
ON c.calendarSubscriptionID=s.calendarSubscriptionID';
$calendarsR = $dbc->query($calendarsQ);
$our_tz = new DateTimeZone(date_default_timezone_get());
/**
For each subscribed calendar:
* Download the feed URL to temporary storage
* Parse the feed data and extract VEvents
* Loop through the events and add/update them
* Delete any events in the calendar that
a) do not match one of the event unique IDs
b) fall within the same timespan as the
parsed events
These two conditions *probably* indicate
the event was deleted in the source calendar
*/
while ($calendarsW = $dbc->fetchRow($calendarsR)) {
$calendarID = $calendarsW['calendarID'];
$file = $this->downloadFeed($calendarsW['url']);
if ($file === false) {
// error downloading feed
continue;
}
$fp = fopen($file, 'r');
$document = Sabre\VObject\Reader::read($fp, Sabre\VObject\Reader::OPTION_FORGIVING);
$events = $document->getBaseComponents('VEvent');
$subscribedIDs = array();
$earliest = new DateTime('today');
$latest = new DateTime('today');
foreach ($events as $event) {
if (!isset($event->DTSTART) || !isset($event->UID)) {
// malformed event
continue;
}
$summary = false;
if (isset($event->SUMMARY)) {
$summary = $event->SUMMARY->getValue();
}
$description = false;
if (isset($event->DESCRIPTION)) {
$description = $event->DESCRIPTION->getValue();
}
if (!$summary && !$description) {
// event has no useful content
continue;
}
$uniqueID = $event->UID;
$start = $event->DTSTART->getDateTime();
$start->setTimezone($our_tz);
$hours = false;
if ($event->DTEND) {
$end = $event->DTEND->getDateTime();
$end->setTimezone($our_tz);
if ($start->format('Y-m-d') == $end->format('Y-m-d')) {
$t1 = $start->format('H:ia');
$t2 = $end->format('H:ia');
if ($t1 != $t2) {
$hours = $t1 . ' - ' . $t2;
}
}
}
$eventText = '';
if ($hours) {
$eventText .= $hours . "\n";
}
if ($summary) {
$eventText .= $summary . "\n";
}
if ($description) {
$eventText .= $description . "\n";
}
$uidR = $dbc->execute($uidP, array($calendarID, $uniqueID));
if ($dbc->numRows($uidR) == 0) {
$dbc->execute($insertP, array($calendarID, $start->format('Y-m-d'), nl2br($eventText), $uniqueID));
} else {
$uidW = $dbc->fetchRow($uidR);
$dbc->execute($updateP, array($start->format('Y-m-d'), nl2br($eventText), $uidW['eventID']));
}
$subscribedIDs[] = $uniqueID;
if ($start < $earliest) {
$earliest = $start;
}
if ($start > $latest) {
$latest = $start;
}
}
if (count($subscribedIDs) > 0) {
$cleanQ = '
DELETE FROM monthview_events
WHERE calendarID=?
AND eventDate BETWEEN ? AND ?
AND subscriptionUID NOT IN (';
$cleanArgs = array($calendarID, $earliest->format('Y-m-d'), $latest->format('Y-m-d'));
foreach ($subscribedIDs as $sID) {
$cleanQ .= '?,';
$cleanArgs[] = $sID;
}
$cleanQ = substr($cleanQ, 0, strlen($cleanQ) - 1);
$cleanQ .= ')';
$cleanP = $dbc->prepare($cleanQ);
$cleanR = $dbc->execute($cleanP, $cleanArgs);
}
fclose($fp);
unlink($file);
}
}
