<?php param_to_global('id', 'int', 'old_id', 'principal_id'); $privilege_names = array('read', 'write-properties', 'write-content', 'unlock', 'read-acl', 'read-current-user-privilege-set', 'bind', 'unbind', 'write-acl', 'read-free-busy', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy'); $privilege_xlate = array('all' => translate('All privileges'), 'read' => translate('Read'), 'write-properties' => translate('Write Metadata'), 'write-content' => translate('Write Data'), 'unlock' => translate('Override a Lock'), 'read-acl' => translate('Read Access Controls'), 'read-current-user-privilege-set' => translate('Read Current User\'s Access'), 'bind' => translate('Create Events/Collections'), 'unbind' => translate('Delete Events/Collections'), 'write-acl' => translate('Write Access Controls'), 'read-free-busy' => translate('Read Free/Busy Information'), 'schedule-deliver-invite' => translate('Scheduling: Deliver an Invitation'), 'schedule-deliver-reply' => translate('Scheduling: Deliver a Reply'), 'schedule-query-freebusy' => translate('Scheduling: Query free/busy'), 'schedule-send-invite' => translate('Scheduling: Send an Invitation'), 'schedule-send-reply' => translate('Scheduling: Send a Reply'), 'schedule-send-freebusy' => translate('Scheduling: Send free/busy'), 'write' => translate('Write'), 'schedule-deliver' => translate('Scheduling: Delivery'), 'schedule-send' => translate('Scheduling: Sending')); $can_write_principal = $session->AllowedTo('Admin') || $session->principal_id == $id; if (!$can_write_principal && $id > 0) { $target_principal = new Principal('principal_id', $id); $can_write_principal = $session->HavePrivilegeTo('DAV::write', $target_principal->dav_name()); } $delete_collection_confirmation_required = null; $delete_principal_confirmation_required = null; $delete_ticket_confirmation_required = null; $delete_bind_in_confirmation_required = null; $delete_binding_confirmation_required = null; function handle_subaction($subaction) { global $session, $c, $id, $editor; global $delete_collection_confirmation_required; global $delete_principal_confirmation_required; global $delete_ticket_confirmation_required; global $delete_bind_in_confirmation_required; global $delete_binding_confirmation_required; dbg_error_log('admin-principal-edit', ':handle_action: Action %s', $subaction); switch ($subaction) { case 'delete_collection': dbg_error_log('admin-principal-edit', ':handle_action: Deleting collection %s for principal %d', $_GET['dav_name'], $id); if ($session->AllowedTo('Admin') || $id > 0 && $session->principal_id == $id) { if ($session->CheckConfirmationHash('GET', 'confirm')) { dbg_error_log('admin-principal-edit', ':handle_action: Allowed to delete collection %s for principal %d', $_GET['dav_name'], $id); $qry = new AwlQuery('DELETE FROM collection WHERE dav_name=?;', $_GET['dav_name']);
send_dav_header(); // Avoid polluting global namespace $allowed = implode(', ', array_keys($request->supported_methods)); // header( 'Allow: '.$allowed); if (!($request->IsPrincipal() || isset($request->collection) || $request->method == 'PUT' || $request->method == 'MKCALENDAR' || $request->method == 'MKCOL')) { if (preg_match('#^/principals/users(/.*/)$#', $request->path, $matches)) { // Although this doesn't work with the iPhone, perhaps it will with iCal... /** @todo integrate handling this URL into CalDAVRequest.php */ $redirect_url = ConstructURL('/caldav.php' . $matches[1]); dbg_error_log('LOG WARNING', 'Redirecting %s for "%s" to "%s"', $request->method, $request->path, $redirect_url); header('Location: ' . $redirect_url); @ob_flush(); exit(0); } } param_to_global('add_member', '.*'); $add_member = isset($add_member); switch ($request->method) { case 'OPTIONS': include_once 'caldav-OPTIONS.php'; break; case 'REPORT': include_once 'caldav-REPORT.php'; break; case 'PROPFIND': include 'caldav-PROPFIND.php'; break; case 'GET': include 'caldav-GET.php'; break; case 'HEAD':
} $this->username = $principal->username(); $this->principal_id = $principal->principal_id(); $this->email = $principal->email(); $this->dav_name = $principal->dav_name(); $this->principal = $principal; $this->logged_in = true; } function AllowedTo($do_something) { return $this->logged_in; } } $session = new FakeSession(); $dest = new DAVResource($target); $session = new FakeSession($dest->user_no()); if ($mode == 'append' && !$dest->Exists()) { printf("The target '%s' does not exist.\n", $target); exit(1); } if (!$dest->IsCollection()) { printf("The target '%s' is not a collection.\n", $target); exit(1); } $user_no = $dest->user_no(); $username = $session->username; param_to_global('mode'); include_once 'caldav-PUT-functions.php'; controlRequestContainer($session->username, $dest->user_no(), $target, false, $dest->IsPublic() ? true : false); import_collection($ics, $dest->user_no(), $target, $session->user_no, $mode == 'append'); printf(translate("Calendar '%s' was loaded from file.\n"), $target);
<?php // +100 ini_set('display_errors', 'On'); // +100 error_reporting(E_ALL); require_once './always.php'; require_once 'classEditor.php'; require_once 'classBrowser.php'; include "DAViCalSession.php"; $session->LoginRequired(); require_once 'AwlQuery.php'; param_to_global('action', '{(edit|browse)}', 'action'); param_to_global('component', '{[a-z0-9-_]+}', 't'); param_to_global('id', '{[a-z0-9-_]+}', 'id'); $c->stylesheets[] = 'css/' . $action . '.css'; if ($c->enable_row_linking) { $c->scripts[] = 'js/browse.js'; } require_once 'interactive-page.php'; $page_elements = array(); $code_file = sprintf('ui/%s-%s.php', $component, $action); if (!@(include_once $code_file)) { $c->messages[] = sprintf('No page found to %s %s%s%s', $action, $action == 'browse' ? '' : 'a ', $component, $action == 'browse' ? 's' : ''); include 'page-header.php'; include 'page-footer.php'; @ob_flush(); exit(0); } include 'page-header.php'; /** * Page elements could be an array of viewers, browsers or something else * that supports the Render() method... or a non-object which we assume is
<?php param_to_global('principal_type', 'int', 'type'); param_to_global('principal_active', '([tf])', 'active'); $browser = new Browser(translate('Calendar Principals')); if (isset($principal_type)) { switch ($principal_type) { case 1: $browser->Title(translate('User Calendar Principals')); break; case 2: $browser->Title(translate('Resource Calendar Principals')); break; case 3: $browser->Title(translate('Group Principals')); break; } } $browser->AddColumn('principal_id', translate('ID'), 'right', '##principal_link##'); $browser->AddColumn('username', translate('Name')); $rowurl = $c->base_url . '/admin.php?action=edit&t=principal&id='; $browser->AddHidden('principal_link', "'<a href=\"{$rowurl}' || principal_id || '\">' || principal_id || '</a>'"); $browser->AddColumn('displayname', translate('Display Name')); $browser->AddColumn('email', translate('EMail')); $browser->AddColumn('member_of', translate('Is Member of'), '', '', 'is_member_of_list(principal_id)'); if (!isset($principal_type) || $principal_type == 3) { $browser->AddColumn('members', translate('Has Members'), '', '', 'has_members_list(principal_id)'); } $browser->SetOrdering('username', 'A'); $browser->SetJoins("dav_principal "); if (isset($principal_active) && $principal_active == 'f') {
<?php // Editor component for company records $editor = new Editor(translate('Collection'), 'collection'); param_to_global('id', 'int', 'old_id', 'collection_id'); param_to_global('user_no', 'int'); param_to_global('principal_id', 'int'); param_to_global('collection_name', '{^.+$}'); if (isset($user_no)) { $usr = getUserByID($user_no); } if (isset($principal_id)) { $usr = getPrincipalByID($principal_id); } $editor->SetLookup('timezone', 'SELECT \'\', \'*** Unknown ***\' UNION SELECT tz_id, tz_locn FROM time_zone WHERE tz_id = tz_locn AND length(tz_spec) > 100 ORDER BY 1'); $editor->SetLookup('schedule_transp', 'SELECT \'opaque\', \'Opaque\' UNION SELECT \'transp\', \'Transparent\''); $editor->AddAttribute('timezone', 'id', 'fld_timezone'); $editor->AddAttribute('schedule_transp', 'id', 'fld_schedule_transp'); $editor->AddAttribute('is_calendar', 'id', 'fld_is_calendar'); $editor->AddAttribute('is_addressbook', 'id', 'fld_is_addressbook'); $editor->AddAttribute('is_calendar', 'onclick', 'toggle_enabled(\'fld_is_calendar\',\'=fld_timezone\',\'=fld_schedule_transp\',\'!fld_is_addressbook\',\'=fld_ics_file\');'); $editor->AddAttribute('is_addressbook', 'onclick', 'toggle_enabled(\'fld_is_addressbook\',\'!fld_is_calendar\');'); $editor->AddField('use_default_privs', 'default_privileges IS NULL'); $editor->AddAttribute('use_default_privs', 'id', 'fld_use_default_privs'); $editor->AddAttribute('use_default_privs', 'onclick', 'toggle_visible(\'fld_use_default_privs\',\'!privileges_settings\');'); $editor->AddField('ics_file', "''"); $editor->AddAttribute('ics_file', 'title', translate('Upload a .ics calendar in iCalendar format to initialise or replace this calendar.')); $editor->AddAttribute('ics_file', 'id', 'fld_ics_file'); $editor->SetWhere('collection_id=' . $id); $privilege_names = array('read', 'write-properties', 'write-content', 'unlock', 'read-acl', 'read-current-user-privilege-set', 'bind', 'unbind', 'write-acl', 'read-free-busy', 'schedule-deliver-invite', 'schedule-deliver-reply', 'schedule-query-freebusy', 'schedule-send-invite', 'schedule-send-reply', 'schedule-send-freebusy'); $params = array(':session_principal' => $session->principal_id, ':scan_depth' => $c->permission_scan_depth);
<?php /** * DAViCal Timezone Service handler * * @package davical * @subpackage tzservice * @author Andrew McMillan <*****@*****.**> * @copyright Morphoss Ltd * @license http://gnu.org/copyleft/gpl.html GNU GPL v3 or later */ require "./always.php"; require "PublicSession.php"; $session = new PublicSession(); param_to_global('action', '{[a-z_-]+}'); param_to_global('format', '{[a-z]+/[a-zA-Z0-9.+_-]+}'); param_to_global('changedsince', '{.*}', 'changesince'); param_to_global('start'); param_to_global('end'); param_to_global('lang'); $returnall = isset($_GET['returnall']); param_to_global('tzid'); require_once 'CalDAVRequest.php'; $request = new CalDAVRequest(); $code_file = sprintf('tz/%s.php', $action); if (!@(include_once $code_file)) { $request->PreconditionFailed(400, "supported-action", 'The action "' . $action . '" is not understood.', 'urn:ietf:params:xml:ns:timezone-service'); } $request->DoResponse(500, translate("The application failed to understand that request."));
<?php param_to_global('external_active', '([tf])', 'active'); $browser = new Browser(translate('External Calendars')); $browser->AddColumn('collection_id', translate('ID'), 'right', '##collection_link##'); $rowurl = $c->base_url . '/admin.php?action=edit&t=collection&id='; $browser->AddHidden('collection_link', "'<a href=\"{$rowurl}' || collection_id || '\">' || collection_id || '</a>'"); $browser->AddColumn('dav_displayname', translate('Display Name')); $browser->AddColumn('refs', translate('References'), 'right', '', '(select count(*) from dav_binding where bound_source_id=collection_id )'); $browser->SetOrdering('dav_displayname', 'A'); $browser->SetJoins("collection "); $browser->SetWhere("parent_container='/.external/'"); $c->page_title = $browser->Title(); if ($c->enable_row_linking) { $browser->RowFormat('<tr onMouseover="LinkHref(this,1);" title="' . htmlspecialchars(translate('Click to display user details')) . '" class="r%d">', '</tr>', '#even'); } else { $browser->RowFormat('<tr class="r%d">', '</tr>', '#even'); } $page_elements[] = $browser; $externalqry = new AwlQuery("SELECT count(*) as count from collection where parent_container='/.external/' and collection_id not in ( select bound_source_id from dav_binding where external_url is not null)"); $externalqry->Exec('external-bind-url'); $external = $externalqry->Fetch(); if ($external->count > 0) { $link = '<a href="' . $c->base_url . '/admin.php?action=edit&t=external&subaction=clean" class="submit">' . translate("Remove dangling external calendars") . '(' . $external->count . ')</a>'; $c->stylesheets[] = 'css/edit.css'; $page_elements[] = $link; }
if (isset($c->public_freebusy_url) && $c->public_freebusy_url) { require_once "PublicSession.php"; $session = new PublicSession(); } else { require_once "HTTPAuthSession.php"; $session = new HTTPAuthSession(); } /** * Submission parameters recommended by calconnect, plus some generous alternatives */ param_to_global('fb_start', '#^[a-z0-9/:.,+-]+$#i', 'start', 'from'); param_to_global('fb_end', '#^[a-z0-9/:.,+-]+$#i', 'end', 'until', 'finish', 'to'); param_to_global('fb_period', '#^[+-]?P?(\\d+[WD]?)(T(\\d+H)?(\\d+M)?(\\d+S)?)?+$#', 'period'); param_to_global('fb_format', '#^\\S+/\\S+$#', 'format'); param_to_global('fb_user', '#^.*$#', 'user', 'userid', 'user_no', 'email'); param_to_global('fb_token', '#^[a-z0-9+/-]+$#i', 'token'); if (isset($fb_period)) { $fb_period = strtoupper($fb_period); } if (!isset($fb_start) || $fb_start == '') { $fb_start = date('Y-m-d\\TH:i:s', time() - 86400); } // no recommended default. -1 day if (!isset($fb_period) && !isset($fb_end) || $fb_period == '' && $fb_end == '') { $fb_period = 'P44D'; } // 44 days - 2 days more than recommended default /** * If fb_user (user, userid, user_no or email parameter) then we adjust * the path of the request to suit. */