function search() { global $error; global $obj_smarty; global $obj_db; $arr_return = array(); $arr_submit = array(array('sq', 'string', true, ''), array('cal_id', 'string', true, '')); $frm_submitted = validate_var($arr_submit); if (!empty($frm_submitted)) { if (isset($_SESSION['calendar-uid']) && $_SESSION['calendar-uid']['uid']) { $user_id = $_SESSION['calendar-uid']['uid']; } else { $user_id = 0; } $arr_calendars = array(); if (!empty($frm_submitted['cal_id'])) { $arr_calendars = Calendar::getCalendars($frm_submitted['cal_id']); } $arr_days = array(1 => 'Monday', 2 => 'Tuesday', 3 => 'Wednesday', 4 => 'Thursday', 5 => 'Friday', 6 => 'Saturday', 7 => 'Sunday'); $arr_events = array(); if (!empty($arr_calendars)) { foreach ($arr_calendars as $calendar) { $str_query = 'SELECT e.*, re.rep_interval, re.weekdays, event_id as id, concat_ws(" ",date_start,time_start) as start,concat_ws(" ",date_end,time_end) as end FROM events e' . ' LEFT JOIN `repeating_events` re ON(re.rep_event_id = e.repeating_event_id) WHERE title LIKE "%' . $frm_submitted['sq'] . '%" ' . ($user_id > 0 && $calendar['share_type'] != "public" && ALLOW_ACCESS_BY !== 'free' && !Calendar::UserInGroup($calendar, $user_id) ? ' AND user_id = ' . $user_id : ''); $str_query .= ' AND calendar_id = ' . $calendar['calendar_id']; $str_query .= ' ORDER BY date_start'; $obj_result = mysqli_query($obj_db, $str_query); while ($arr_line = mysqli_fetch_array($obj_result, MYSQLI_ASSOC)) { $arr_events[] = $arr_line; } } } foreach ($arr_events as $event) { $arr_weekdays = explode(',', $event['weekdays']); $str_weekdays = ''; foreach ($arr_weekdays as $day) { if (!empty($day)) { $str_weekdays .= $arr_days[$day] . ', '; } } $event['weekdays'] = $str_weekdays; $arr_return[] = $event; } $str_events = ''; // $_SESSION['employee-work-schedule-sq'] = $frm_submitted['sq']; } else { $arr_return = array(); $frm_submitted['sq'] = ''; } $obj_smarty->assign('results', $arr_return); $obj_smarty->assign('q', $frm_submitted['sq']); if (isset($frm_submitted['cal_id'])) { $obj_smarty->assign('cal_id', $frm_submitted['cal_id']); } $obj_smarty->display(FULLCAL_DIR . '/view/search_results.html'); }
public static function canDelete($event_user = 0, $cal_id = 0) { $arr_calendar = array(); if ($cal_id > 0) { $arr_calendar = Calendar::getCalendar($cal_id); } if (User::isLoggedIn()) { $arr_user = User::getUser(); if (defined('ADMIN_HAS_FULL_CONTROL') && ADMIN_HAS_FULL_CONTROL && (User::isAdmin() || User::isSuperAdmin())) { return true; } } if (!empty($arr_calendar)) { if (User::isLoggedIn()) { if ($_SESSION['calendar-uid']['uid'] == $event_user) { return true; } } if ($arr_calendar['share_type'] == 'private_group' && $arr_calendar['can_delete'] && Calendar::UserInGroup($arr_calendar, $arr_user['user_id'])) { return true; } if ($arr_calendar['share_type'] == 'public' && $arr_calendar['can_delete']) { return true; } if (!$arr_calendar['can_delete']) { return false; } } // if(isset($_SESSION['calendar-uid']['uid']) && $_SESSION['calendar-uid']['uid'] > 0) { // $bln_users_can_delete_items_from_others = Settings::getAdminSetting('users_can_delete_items_from_others', $_SESSION['calendar-uid']['uid']); // } else { // $bln_users_can_delete_items_from_others = USERS_CAN_DELETE_ITEMS_FROM_OTHERS; // } //if($bln_users_can_delete_items_from_others || (isset($_SESSION['calendar-uid']) && $event_user == $_SESSION['calendar-uid']['uid'])) { if (isset($_SESSION['calendar-uid']) && $event_user == $_SESSION['calendar-uid']['uid']) { return true; } else { return false; } return false; }
/** * * @param type $int_cal_id * @return type */ public static function getPermissions($int_cal_id) { $arr_cal = Calendar::getCalendar($int_cal_id); $can_view = (bool) $arr_cal['can_view']; // can view detail $can_add = (bool) $arr_cal['can_add']; $can_edit = (bool) $arr_cal['can_edit']; $can_delete = (bool) $arr_cal['can_delete']; $can_change_color = (bool) $arr_cal['can_change_color']; $can_see_dditems = $can_add && !ONLY_ADMIN_CAN_SEE_DRAG_DROP_ITEMS; // only_owner , only_loggedin_users of everyone /* * IF LOGGED IN */ if (User::isLoggedIn()) { $arr_user = User::getUser(); if (ONLY_ADMIN_CAN_SEE_DRAG_DROP_ITEMS) { if (User::isAdmin() || User::isSuperAdmin()) { $can_see_dditems = true; } else { $can_see_dditems = false; } } else { if (Calendar::isOwner($arr_cal['calendar_id']) || $arr_cal['can_dd_drag'] == 'everyone' || $arr_cal['can_dd_drag'] == 'only_loggedin_users') { $can_see_dditems = true; } else { if ($arr_cal['can_dd_drag'] == 'only_owner' && !Calendar::isOwner($arr_cal['calendar_id'])) { $can_see_dditems = false; } } } // if admin with fullcontrol OR calendar owner (creator) if (ADMIN_HAS_FULL_CONTROL && (User::isAdmin() || User::isSuperAdmin()) || Calendar::isOwner($arr_cal['calendar_id'])) { $can_view = false; // not neccesary because admin can edit $can_add = true; $can_edit = true; $can_delete = true; $can_see_dditems = true; } else { if ($arr_cal['share_type'] == 'private_group' && !Calendar::UserInGroup($arr_cal, $arr_user['user_id'])) { // if share_type is private_group and user is not in that group (admingroup) $can_add = false; $can_edit = false; $can_delete = false; $can_see_dditems = false; } } } else { /* * IF NOT LOGGED IN */ if (ONLY_ADMIN_CAN_SEE_DRAG_DROP_ITEMS) { $can_see_dditems = false; } else { if ($arr_cal['can_dd_drag'] == 'everyone') { $can_see_dditems = true; } else { $can_see_dditems = false; } } // if public if ($arr_cal['share_type'] == 'public') { // use the defaults from the calendar } // if access allowed by IP and IP mathces with IP in config.php if (ALLOW_ACCESS_BY == 'ip' && User::ipAllowed()) { // use the defaults from the calendar } } return array('can_view' => $can_view, 'can_add' => $can_add, 'can_edit' => $can_edit, 'can_delete' => $can_delete, 'can_change_color' => $can_change_color, 'can_see_dditems' => $can_see_dditems); }