Exemple #1
0
function ws_init()
{
    global $admin_can_add_user, $admin_can_delete_user, $site_extras, $user_inc;
    // Load include files.
    define('__WC_BASEDIR', '..');
    // Points to the base WebCalendar directory
    // relative to current working directory.
    define('__WC_INCLUDEDIR', '../includes');
    include_once __WC_INCLUDEDIR . '/translate.php';
    require_once __WC_INCLUDEDIR . '/classes/WebCalendar.class';
    require_once __WC_INCLUDEDIR . '/classes/Event.class';
    require_once __WC_INCLUDEDIR . '/classes/RptEvent.class';
    $WebCalendar =& new WebCalendar(__FILE__);
    include_once __WC_INCLUDEDIR . '/config.php';
    include_once __WC_INCLUDEDIR . '/dbi4php.php';
    include_once __WC_INCLUDEDIR . '/access.php';
    include_once __WC_INCLUDEDIR . '/functions.php';
    $WebCalendar->initializeFirstPhase();
    include_once __WC_INCLUDEDIR . '/' . $user_inc;
    include_once __WC_INCLUDEDIR . '/validate.php';
    include_once __WC_INCLUDEDIR . '/site_extras.php';
    $WebCalendar->initializeSecondPhase();
    load_global_settings();
    load_user_preferences();
    $WebCalendar->setLanguage();
}
Exemple #2
0
preg_match("/\\/(\\w+\\.php)/", $self, $match);
$SCRIPT = $match[1];
// Several files need a no-cache header and some of the same code
$special = array('month.php', 'day.php', 'week.php', 'week_details.php', 'year.php');
$DMW = in_array($SCRIPT, $special);
// Unset some variables that shouldn't be set
unset($user_inc);
include_once 'includes/config.php';
include_once 'includes/php-dbi.php';
include_once 'includes/functions.php';
include_once "includes/{$user_inc}";
include_once 'includes/validate.php';
include_once 'includes/connect.php';
load_global_settings();
if (empty($ovrd)) {
    load_user_preferences();
}
include_once 'includes/translate.php';
// error-check some commonly used form variable names
$id = getValue("id", "[0-9]+", true);
$user = getValue("user", "[A-Za-z0-9_\\.=@,\\-]*", true);
$date = getValue("date", "[0-9]+");
$year = getValue("year", "[0-9]+");
$month = getValue("month", "[0-9]+");
$hour = getValue("hour", "[0-9]+");
$minute = getValue("minute", "[0-9]+");
$cat_id = getValue("cat_id", "[0-9]+");
$friendly = getValue("friendly", "[01]");
if (empty($public_access)) {
    $public_access = 'N';
}
Exemple #3
0
include 'includes/gradient.php';
$WebCalendar->initializeSecondPhase();
load_global_settings();
// Change this to true to show "no such user" or "invalid password" on
// login failures.
$showLoginFailureReason = true;
if (!empty($last_login)) {
    $login = '';
}
if (empty($webcalendar_login)) {
    $webcalendar_login = '';
}
if ($REMEMBER_LAST_LOGIN == 'Y' && empty($login)) {
    $last_login = $login = $webcalendar_login;
}
load_user_preferences('guest');
$WebCalendar->setLanguage();
$cookie_path = str_replace('login.php', '', $PHP_SELF);
//echo "Cookie path: $cookie_path\n";
// Look for action=logout
$logout = false;
$action = getGetValue('action');
if (!empty($action) && $action == 'logout') {
    $logout = true;
    $return_path = '';
    SetCookie('webcalendar_login', '', 0, $cookie_path);
    SetCookie('webcalendar_last_view', '', 0, $cookie_path);
} else {
    if (empty($return_path)) {
        // see if a return path was set
        $return_path = get_last_view(false);
Exemple #4
0
function save_pref($prefs, $src)
{
    global $error, $my_theme, $prad;
    if (!$prad) {
        global $prefuser;
    }
    $pos = $prad ? 6 : 5;
    while (list($key, $value) = each($prefs)) {
        if ($src == 'post') {
            $prefix = substr($key, 0, $pos);
            $setting = substr($key, $pos);
            if (!$prad && $prefix != 'pref_' || $prad && $key == 'currenttab') {
                continue;
            }
            // .
            // Validate key name.
            // If $prad not true, should start with "pref_"
            // else should start with "admin_",
            // and not include any unusual characters that might be an SQL injection attack.
            if (!$prad && !preg_match('/pref_[A-Za-z0-9_]+$/', $key) || $prad && !preg_match('/admin_[A-Za-z0-9_]+$/', $key)) {
                die_miserable_death(str_replace('XXX', $key, translate('Invalid setting name XXX.')));
            }
        } else {
            $prefix = $prad ? 'admin_' : 'pref_';
            $setting = $key;
        }
        if (strlen($setting) > 0 && $prefix == 'pref_' || $prefix == 'admin_') {
            if ($setting == 'THEME' && $value != 'none') {
                $my_theme = strtolower($value);
            }
            if ($prad) {
                $setting = strtoupper($setting);
                $sql = 'DELETE FROM webcal_config WHERE cal_setting = ?';
                if (!dbi_execute($sql, array($setting))) {
                    $error = db_error(false, $sql);
                    break;
                }
                if (strlen($value) > 0) {
                    $sql = 'INSERT INTO webcal_config ( cal_setting, cal_value ) VALUES ( ?, ? )';
                    if (!dbi_execute($sql, array($setting, $value))) {
                        $error = db_error(false, $sql);
                        break;
                    }
                }
            } else {
                dbi_execute('DELETE FROM webcal_user_pref WHERE cal_login = ?
          AND cal_setting = ?', array($prefuser, $setting));
                if (strlen($value) > 0) {
                    $setting = strtoupper($setting);
                    $sql = 'INSERT INTO webcal_user_pref ( cal_login, cal_setting,
            cal_value ) VALUES ( ?, ?, ? )';
                    if (!dbi_execute($sql, array($prefuser, $setting, $value))) {
                        $error = 'Unable to update preference: ' . dbi_error() . '<br /><br /><span class="bold">SQL:</span>' . $sql;
                        break;
                    }
                }
            }
        }
    }
    // Reload preferences so any CSS changes will take effect.
    load_global_settings();
    load_user_preferences();
}
@session_start();
$login = empty($_SESSION['webcal_login']) ? '__public__' : $_SESSION['webcal_login'];
$login = empty($_SESSION['webcal_tmp_login']) ? $login : $_SESSION['webcal_tmp_login'];
// .
// If calling script uses 'guest', we must also.
if (!empty($_GET['login'])) {
    $login = $_GET['login'];
} else {
    if (!empty($_REQUEST['login'])) {
        $login = $_REQUEST['login'];
    }
}
if (substr($login, 0, 10) == '__public__') {
    $login = '******';
}
load_user_preferences($login);
// .
// We will cache CSS as default, but override from admin and pref
// by incrementing the webcalendar_csscache cookie value.
$cookie = isset($_COOKIE['webcalendar_csscache']) ? $_COOKIE['webcalendar_csscache'] : 0;
header('Content-type: text/css');
header('Last-Modified: ' . date('r', mktime(0, 0, 0) + $cookie));
// .
// If we are calling from admin or pref, expire CSS now.
if (empty($_SESSION['webcal_tmp_login'])) {
    header('Expires: ' . date('D, j M Y H:i:s', time() + 86400) . ' UTC');
    header('Cache-Control: Public');
    header('Pragma: Public');
}
if (ini_get('zlib.output_compression') != 1) {
    ob_start('ob_gzhandler');