function get_title() { if (empty($this->title)) { return __('(No title)'); } return phpc_html_escape($this->title); }
function category_form() { global $phpc_script, $vars, $phpcdb, $phpcid; $form = new Form($phpc_script, __('Category Form')); $form->add_part(new FormFreeQuestion('name', __('Name'), false, 32, true)); if (isset($vars['cid'])) { $form->add_hidden('cid', $vars['cid']); $cid = $vars['cid']; } else { $cid = $phpcid; } $form->add_hidden('action', 'category_submit'); $form->add_hidden('phpcid', $phpcid); $form->add_part(new FormColorPicker('text-color', __('Text Color'))); $form->add_part(new FormColorPicker('bg-color', __('Background Color'))); $group_question = new FormDropDownQuestion('gid', __('Visible to groups')); $group_question->add_option('', __('None')); foreach ($phpcdb->get_groups($cid) as $group) { $group_question->add_option($group['gid'], $group['name']); } $form->add_part($group_question); $form->add_part(new FormSubmitButton(__("Submit Category"))); if (isset($vars['catid'])) { $form->add_hidden('catid', $vars['catid']); $category = $phpcdb->get_category($vars['catid']); $defaults = array('name' => phpc_html_escape($category['name']), 'text-color' => phpc_html_escape(str_replace('#', '', $category['text_color'])), 'bg-color' => phpc_html_escape(str_replace('#', '', $category['bg_color'])), 'gid' => phpc_html_escape($category['gid'])); } else { $defaults = array('text-color' => '000000', 'bg-color' => 'FFFFFF'); } return $form->get_form($defaults); }
function login_form() { global $vars, $phpc_script; $submit_data = tag('td', attributes('colspan="2"'), create_hidden('action', 'login'), create_submit(__('Log in'))); if (!empty($vars['lasturl'])) { $lasturl = phpc_html_escape(rawurlencode($vars['lasturl'])); $submit_data->prepend(create_hidden('lasturl', $lasturl)); } return tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), tag('table', tag('caption', __('Log in')), tag('thead', tag('tr', tag('th', attributes('colspan="2"'), __('You must have cookies enabled to login.')))), tag('tfoot', tag('tr', $submit_data)), tag('tbody', tag('tr', tag('th', __('Username')), tag('td', create_text('username'))), tag('tr', tag('th', __('Password')), tag('td', create_password('password')))))); }
function search_results() { global $vars, $phpcdb, $phpcid, $sort_options, $order_options; $searchstring = $vars['searchstring']; if (!empty($vars['search-from-date']) && strlen($vars['search-from-date']) > 0) { $start = get_timestamp('search-from'); } else { $start = false; } if (!empty($vars['search-to-date']) && strlen($vars['search-to-date']) > 0) { $end = get_timestamp('search-to', 23, 59, 59); } else { $end = false; } // make sure sort is valid $sort = phpc_html_escape($vars['sort']); if (array_search($sort, array_keys($sort_options)) === false) { soft_error(__('Invalid sort option') . ": {$sort}"); } // make sure order is valid $order = phpc_html_escape($vars['order']); if (array_search($order, array_keys($order_options)) === false) { soft_error(__('Invalid order option') . ": {$order}"); } $keywords = explode(" ", $searchstring); $results = $phpcdb->search($phpcid, $keywords, $start, $end, $sort, $order); $tags = array(); foreach ($results as $event) { if (!$event->can_read()) { continue; } $name = $event->get_author(); $subject = $event->get_subject(); $desc = $event->get_desc(); $date = $event->get_date_string(); $time = $event->get_time_string(); $eid = $event->get_eid(); $tags[] = tag('tr', tag('td', tag('strong', create_event_link($subject, 'display_event', $eid))), tag('td', "{$date} {$time}"), tag('td', $desc)); } if (sizeof($tags) == 0) { $html = tag('div', tag('strong', __('No events matched your search criteria.'))); } else { $html = tag('table', attributes('class="phpc-main"'), tag('caption', __('Search Results')), tag('thead', tag('tr', tag('th', __('Subject')), tag('th', __('Date Time')), tag('th', __('Description'))))); foreach ($tags as $tag) { $html->add($tag); } } return $html; }
function category_list() { global $phpc_script, $phpcid, $phpc_cal, $vars; $categories = $phpc_cal->get_categories(); $tbody = tag('tbody'); foreach ($categories as $category) { $name = empty($category['name']) ? __('No Name') : $category['name']; $catid = $category['catid']; $group = empty($category['group_name']) ? __('None') : $category['group_name']; $tbody->add(tag('tr', tag('th', $name), tag('td', phpc_html_escape($category['text_color'])), tag('td', phpc_html_escape($category['bg_color'])), tag('td', phpc_html_escape($group)), tag('td', create_action_link(__('Edit'), 'category_form', array('catid' => $catid)), " ", create_action_link(__('Delete'), 'category_delete', array('catid' => $catid))))); } $create_link = create_action_link(__('Create category'), 'category_form', array('cid' => $phpcid)); $table = tag('table', attributes("class=\"phpc-container\""), tag('caption', __('Calendar Categories')), tag('thead', tag('tr', tag('th', __('Name')), tag('th', __('Text Color')), tag('th', __('Background Color')), tag('th', __('Visible to User Group')), tag('th', __('Actions')))), $tbody, tag('tfoot', tag('tr', tag('td', attributes('colspan="5"'), $create_link)))); return tag('div', attributes('id="phpc-categories"'), $table); }
function group_form() { global $phpc_script, $vars, $phpcdb, $phpcid; $form = new Form($phpc_script, __('Group Form')); $form->add_part(new FormFreeQuestion('name', __('Name'), false, 32, true)); $form->add_hidden('cid', $phpcid); $form->add_hidden('action', 'group_submit'); $form->add_part(new FormSubmitButton(__("Submit Group"))); if (isset($vars['gid'])) { $form->add_hidden('gid', $vars['gid']); $group = $phpcdb->get_group($vars['gid']); $defaults = array('name' => phpc_html_escape($group['name'])); } else { $defaults = array(); } return $form->get_form($defaults); }
function db_error($str, $query = "") { $string = $str . "<pre>" . phpc_html_escape($this->dbh->error) . "</pre>"; if ($query != "") { $string .= "<pre>" . __('SQL query') . ": " . phpc_html_escape($query) . "</pre>"; } throw new Exception($string); }
function parse_desc($text) { // Don't allow tags and make the description HTML-safe $text = phpc_html_escape($text); $text = nl2br($text); // linkify urls $text = autolink($text, 0); // linkify emails $text = autolink_email($text); return $text; }
function display_phpc() { global $phpc_messages, $phpc_redirect, $phpc_script, $phpc_prefix; $navbar = false; try { $content = do_action(); $navbar = navbar(); if (sizeof($phpc_messages) > 0) { $messages = tag('div', attrs('class="phpc-message"')); foreach ($phpc_messages as $message) { $messages->add($message); } // If we're redirecting, the messages might not get // seen, so don't clear them if (empty($phpc_redirect)) { $_SESSION["{$phpc_prefix}messages"] = NULL; } } else { $messages = ''; } return tag('', $navbar, $messages, $content, footer()); } catch (PermissionException $e) { $results = tag(''); // TODO: make navbar show if there is an error in do_action() if ($navbar !== false) { $results->add($navbar); } $msg = __('You do not have permission to do that: ') . $e->getMessage(); $results->add(tag('div', attrs('class="phpc-message ui-state-error"'), $msg)); if (is_user()) { return $results; } else { return message_redirect($msg, "{$phpc_script}?action=login"); } } catch (Exception $e) { $results = tag(''); if ($navbar !== false) { $results->add($navbar); } $results->add(tag('div', attrs('class="phpc-main"'), tag('h2', __('Error')), tag('p', $e->getMessage()), tag('h3', __('Backtrace')), tag('pre', phpc_html_escape($e->getTraceAsString())))); return $results; } }
function get_category() { if (empty($this->category)) { return $this->category; } return phpc_html_escape($this->category); }
* If you want different scripts with different default calendars, you can * copy this script and modify $default_calendar_id to contain the CID of * the calendar you want to be the default */ $default_calendar_id = 1; /* * $phpc_root_path gives the location of the base calendar install. * if you move this file to a new location, modify $phpc_root_path to point * to the location where the support files for the callendar are located. */ $phpc_includes_path = dirname(__FILE__); $phpc_root_path = dirname($phpc_includes_path); $phpc_config_file = "{$phpc_root_path}/config.php"; $phpc_locale_path = "{$phpc_root_path}/locale"; require_once "{$phpc_includes_path}/util.php"; $phpc_script = phpc_html_escape($_SERVER['PHP_SELF']); $phpc_server = $_SERVER['SERVER_NAME']; if (!empty($_SERVER["SERVER_PORT"]) && $_SERVER["SERVER_PORT"] != 80) { $phpc_server .= ":{$_SERVER["SERVER_PORT"]}"; } // Protcol ex. http or https if (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] != 'off' || $_SERVER['SERVER_PORT'] == 443 || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' || isset($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') { $phpc_proto = "https"; } else { $phpc_proto = "http"; } $phpc_home_url = "{$phpc_proto}://{$phpc_server}{$phpc_script}"; $phpc_url = $phpc_home_url . (empty($_SERVER['QUERY_STRING']) ? '' : '?' . $_SERVER['QUERY_STRING']); // Remove this line if you must ini_set('arg_separator.output', '&'); // Buffer the output until the script ends. Remove this if you must, but it may
if (isset($_COOKIE["{$phpc_prefix}lang"])) { $anonymous['language'] = $_COOKIE["{$phpc_prefix}lang"]; } $phpc_user = new PhpcUser($anonymous); } $phpc_user_lang = $phpc_user->get_language(); $phpc_user_tz = $phpc_user->get_timezone(); // setup translation stuff if (!empty($vars['lang'])) { $phpc_lang = $vars['lang']; } elseif (!empty($phpc_user_lang)) { $phpc_lang = $phpc_user_lang; } elseif (!empty($phpc_cal->language)) { $phpc_lang = $phpc_cal->language; } elseif (!empty($_SERVER['HTTP_ACCEPT_LANGUAGE'])) { $phpc_lang = substr(phpc_html_escape($_SERVER['HTTP_ACCEPT_LANGUAGE']), 0, 2); } else { $phpc_lang = 'en'; } if (!preg_match('/^\\w+$/', $phpc_lang, $matches)) { $phpc_lang = 'en'; } $phpc_gettext = new Gettext_PHP($phpc_locale_path, 'messages', $phpc_lang); // Must be included after translation is setup require_once "{$phpc_includes_path}/globals.php"; if (!empty($vars['clearmsg'])) { $_SESSION["{$phpc_prefix}messages"] = NULL; } $phpc_messages = array(); if (!empty($_SESSION["{$phpc_prefix}messages"])) { foreach ($_SESSION["{$phpc_prefix}messages"] as $message) {