function category_delete()
{
global $vars, $phpcdb, $phpcid, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["catid"])) {
return message_redirect(__('No category selected.'), "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
if (is_array($vars["catid"])) {
$ids = $vars["catid"];
} else {
$ids = array($vars["catid"]);
}
$categories = array();
foreach ($ids as $id) {
$categories[] = $phpcdb->get_category($id);
}
foreach ($categories as $category) {
if (empty($category['cid']) && !is_admin() || !$phpcdb->get_calendar($category['cid'])->can_admin()) {
$html->add(tag('p', __("You do not have permission to delete category: ") . $category['catid']));
continue;
}
if ($phpcdb->delete_category($category['catid'])) {
$html->add(tag('p', __("Removed category: ") . $category['catid']));
} else {
$html->add(tag('p', __("Could not remove category: ") . $category['catid']));
}
}
return message_redirect($html, "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
function user_enable()
{
global $vars, $phpcid, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (!is_admin()) {
$html->add(tag('p', __('You must be an admin to enable users.')));
return $html;
}
if (empty($vars["uid"])) {
$html->add(tag('p', __('No user selected.')));
return $html;
}
if (is_array($vars["uid"])) {
$ids = $vars["uid"];
} else {
$ids = array($vars["uid"]);
}
foreach ($ids as $id) {
if ($phpcdb->enable_user($id)) {
$html->add(tag('p', __("Enabled user: {$id}")));
} else {
$html->add(tag('p', __("Could not enable user: {$id}")));
}
}
return message_redirect($html, "{$phpc_script}?action=admin&phpcid={$phpcid}");
}
function occurrence_delete()
{
global $vars, $phpcdb, $phpcid, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["oid"])) {
$message = __('No occurrence selected.');
$html->add(tag('p', $message));
return $html;
}
if (is_array($vars["oid"])) {
$oids = $vars["oid"];
} else {
$oids = array($vars["oid"]);
}
$removed_occurs = array();
$unremoved_occurs = array();
$permission_denied = array();
foreach ($oids as $oid) {
$occur = $phpcdb->get_occurrence_by_oid($oid);
if (!$occur->can_modify()) {
$permission_denied[] = $oid;
} else {
if ($phpcdb->delete_occurrence($oid)) {
$removed_occurs[] = $oid;
// TODO: Verify that the event still has occurences.
$eid = $occur->get_eid();
} else {
$unremoved_occurs[] = $oid;
}
}
}
if (sizeof($removed_occurs) > 0) {
if (sizeof($removed_occurs) == 1) {
$text = __("Removed occurrence");
} else {
$text = __("Removed occurrences");
}
$text .= ': ' . implode(', ', $removed_occurs);
$html->add(tag('p', $text));
}
if (sizeof($unremoved_occurs) > 0) {
if (sizeof($unremoved_occurs) == 1) {
$text = __("Could not remove occurrence");
} else {
$text = __("Could not remove occurrences");
}
$text .= ': ' . implode(', ', $unremoved_occurs);
$html->add(tag('p', $text));
}
if (sizeof($permission_denied) > 0) {
if (sizeof($permission_denied) == 1) {
$text = __("You do not have permission to remove the occurrence.");
} else {
$text = __("You do not have permission to remove occurrences.");
}
$text .= ': ' . implode(', ', $permission_denied);
$html->add(tag('p', $text));
}
return message_redirect($html, "{$phpc_script}?action=display_event&phpcid={$phpcid}&eid={$eid}");
}
/**
* Return a resised image.
*
* @param string $url
* @param string $format
* @param string $alt
* @param array $attributes
* @param bool $secure
*
* @return string
*/
public function make($url, $format = '', $alt = null, $attributes = [], $secure = false)
{
$format = $this->formats->get($format);
$resized = $this->getResized($url, $format);
$attributes = attributes(array_merge(['alt' => $alt, 'src' => asset(str_replace(public_path(), '', $resized), $secure)], $this->getSize($format, $resized), $attributes));
return "<img{$attributes}>";
}
function event_delete()
{
global $config;
if (!is_user() && $config['anon_permission'] < 2) {
soft_error(_('You do not have permission to delete events.'));
}
$del_array = explode('&', $_SERVER['QUERY_STRING']);
$html = tag('div', attributes('class="box"', 'style="width: 50%"'));
$ids = 0;
foreach ($del_array as $del_value) {
list($drop, $id) = explode("=", $del_value);
if (preg_match('/^id$/', $drop) == 0) {
continue;
}
$ids++;
$event = get_event_by_id($id);
if (!check_user($event['uid']) && $config['anon_permission'] < 2) {
$html->add(tag('p', _('You do not have permission to remove item') . ": {$id}"));
continue;
}
if (remove_event($id)) {
$html->add(tag('p', _('Removed item') . ": {$id}"));
} else {
$html->add(tag('p', _('Could not remove item') . ": {$id}"));
}
}
if ($ids == 0) {
$html->add(tag('p', _('No items selected.')));
}
return $html;
}
function calendar_delete()
{
global $vars, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
$id = $vars["cid"];
$calendar = $phpcdb->get_calendar($id);
if (empty($calendar)) {
soft_error(__("Invalid calendar ID."));
}
if (empty($vars["confirm"])) {
$html->add(tag('p', __('Confirm you want to delete calendar:') . $calendar->get_title()));
$html->add(" [ ", create_action_link(__('Confirm'), "calendar_delete", array("cid" => $id, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
if (!$calendar->can_admin()) {
$html->add(tag('p', __("You do not have permission to remove calendar") . ": {$id}"));
return $html;
}
if ($phpcdb->delete_calendar($id)) {
$html->add(tag('p', __("Removed calendar") . ": {$id}"));
} else {
$html->add(tag('p', __("Could not remove calendar") . ": {$id}"));
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function category_submit()
{
global $vars, $phpcdb, $phpc_script, $phpc_cal;
if (empty($vars["text-color"]) || empty($vars["bg-color"])) {
$page = "{$phpc_script}?action=category_form";
if (!empty($vars["cid"])) {
$page .= "&cid={$vars["cid"]}";
}
if (!empty($vars["catid"])) {
$page .= "&catid={$vars["catid"]}";
}
return message_redirect(__("Color not specified."), $page);
}
// The current widget produces hex values without the "#".
// We may in the future want to allow different input, so store the
// values with the "#"
$text_color = '#' . $vars["text-color"];
$bg_color = '#' . $vars["bg-color"];
if (empty($vars['gid']) || strlen($vars['gid']) == 0) {
$gid = 0;
} else {
$gid = $vars['gid'];
}
if (!check_color($text_color) || !check_color($bg_color)) {
soft_error(__("Invalid color."));
}
if (!isset($vars['catid'])) {
$modify = false;
if (!isset($vars['cid'])) {
$cid = null;
if (!is_admin()) {
permission_error(__('You do not have permission to add categories to all calendars.'));
}
} else {
$cid = $vars['cid'];
$calendar = $phpcdb->get_calendar($cid);
if (!$calendar->can_admin()) {
permission_error(__('You do not have permission to add categories to this calendar.'));
}
}
$catid = $phpcdb->create_category($cid, $vars["name"], $text_color, $bg_color, $gid);
} else {
$modify = true;
$catid = $vars['catid'];
$category = $phpcdb->get_category($catid);
if (!(empty($category['cid']) && is_admin() || $phpcdb->get_calendar($category["cid"])->can_admin())) {
soft_error(__("You do not have permission to modify this category."));
}
$phpcdb->modify_category($catid, $vars['name'], $text_color, $bg_color, $gid);
}
$page = "{$phpc_script}?action=cadmin&phpcid=" . $vars['phpcid'];
if ($modify) {
return message_redirect(__("Modified category: ") . $catid, $page);
}
if ($catid > 0) {
return message_redirect(__("Created category: ") . $catid, $page);
}
return tag('div', attributes('class="phpc-error"'), __('Error submitting category.'));
}
function login_form()
{
global $vars, $phpc_script;
$submit_data = tag('td', attributes('colspan="2"'), create_hidden('action', 'login'), create_submit(__('Log in')));
if (!empty($vars['lasturl'])) {
$submit_data->prepend(create_hidden('lasturl', escape_entities(urlencode($vars['lasturl']))));
}
return tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), tag('table', tag('caption', __('Log in')), tag('thead', tag('tr', tag('th', attributes('colspan="2"'), __('You must have cookies enabled to login.')))), tag('tfoot', tag('tr', $submit_data)), tag('tbody', tag('tr', tag('th', __('Username')), tag('td', create_text('username'))), tag('tr', tag('th', __('Password')), tag('td', create_password('password'))))));
}
function search_form()
{
global $day, $month, $year, $phpc_script, $month_names, $sort_options, $order_options;
$day_sequence = create_sequence(1, 31);
$month_sequence = create_sequence(1, 12);
$year_sequence = create_sequence(1970, 2037);
$html_table = tag('table', attributes('class="phpc-main"'), tag('caption', _('Search')), tag('tfoot', tag('tr', tag('td', attributes('colspan="2"'), create_submit(_('Submit'))))), tag('tr', tag('td', _('Phrase') . ': '), tag('td', tag('input', attributes('type="text"', 'name="searchstring"', 'size="32"')), create_hidden('action', 'search'))), tag('tr', tag('td', _('From') . ': '), tag('td', create_select('sday', $day_sequence, $day), create_select('smonth', $month_names, $month), create_select('syear', $year_sequence, $year))), tag('tr', tag('td', _('To') . ': '), tag('td', create_select('eday', $day_sequence, $day), create_select('emonth', $month_names, $month), create_select('eyear', $year_sequence, $year))), tag('tr', tag('td', _('Sort By') . ': '), tag('td', create_select('sort', $sort_options, false))), tag('tr', tag('td', _('Order') . ': '), tag('td', create_select('order', $order_options, false))));
return tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), $html_table);
}
function display_form()
{
global $phpc_script, $phpc_token;
$tbody = tag('tbody');
foreach (get_config_options() as $element) {
$text = $element[1];
$input = create_config_input($element);
$tbody->add(tag('tr', tag('th', $text), tag('td', $input)));
}
return tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), tag('table', attributes("class=\"phpc-container\""), tag('caption', __('Create Calendar')), tag('tfoot', tag('tr', tag('td', attributes('colspan="2"'), create_hidden('phpc_token', $phpc_token), create_hidden('action', 'calendar_form'), create_hidden('submit_form', 'submit_form'), create_submit(__('Submit'))))), $tbody));
}
function config_form()
{
global $phpc_script, $phpc_user_tz, $phpc_user_lang, $phpc_token;
$tz_input = create_multi_select('timezone', get_timezone_list(), $phpc_user_tz);
$languages = array("" => __("Default"));
foreach (get_languages() as $lang) {
$languages[$lang] = $lang;
}
$lang_input = create_select('language', $languages, $phpc_user_lang);
$form = tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), tag('table', attributes("class=\"phpc-container\""), tag('caption', __('Settings')), tag('tfoot', tag('tr', tag('td', attributes('colspan="2"'), create_hidden('phpc_token', $phpc_token), create_hidden('action', 'settings'), create_hidden('phpc_submit', 'settings'), create_submit(__('Submit'))))), tag('tbody', tag('tr', tag('th', __('Timezone')), tag('td', $tz_input)), tag('tr', tag('th', __('Language')), tag('td', $lang_input)))));
return tag('div', attrs('id="phpc-config"'), $form);
}
function field_submit()
{
global $vars, $phpcdb, $phpc_script, $phpc_cal;
$form_page = "{$phpc_script}?action=field_form";
if (!empty($vars["cid"])) {
$form_page .= "&cid={$vars["cid"]}";
}
if (!empty($vars["fid"])) {
$form_page .= "&fid={$vars["fid"]}";
}
if (empty($vars["name"])) {
return input_error(__("Name not specified."), $form_page);
}
$required = !empty($vars['name']) && $vars['required'] == '1';
if (empty($vars['format'])) {
$format = false;
} else {
$format = $vars['format'];
}
if (!isset($vars['fid'])) {
$modify = false;
if (!isset($vars['cid'])) {
$cid = null;
if (!is_admin()) {
permission_error(__('You do not have permission to add fields to all calendars.'));
}
} else {
$cid = $vars['cid'];
$calendar = $phpcdb->get_calendar($cid);
if (!$calendar->can_admin()) {
permission_error(__('You do not have permission to add fields to this calendar.'));
}
}
$fid = $phpcdb->create_field($cid, $vars["name"], $required, $format);
} else {
$modify = true;
$fid = $vars['fid'];
$field = $phpcdb->get_field($fid);
if (!(empty($field['cid']) && is_admin() || $phpcdb->get_calendar($field["cid"])->can_admin())) {
permission_error(__("You do not have permission to modify this field."));
}
$phpcdb->modify_field($fid, $vars['name'], $required, $format);
}
$page = "{$phpc_script}?action=cadmin&phpcid={$vars['phpcid']}#phpc-fields";
if ($modify) {
return message_redirect(__("Modified field: ") . $fid, $page);
}
if ($fid > 0) {
return message_redirect(__("Created field: ") . $fid, $page);
}
return tag('div', attributes('class="phpc-error"'), __('Error submitting field.'));
}
function display_form()
{
global $phpc_script, $phpc_token, $phpcdb;
$groups = array();
foreach ($phpcdb->get_groups() as $group) {
$groups[$group['gid']] = $group['name'];
}
$size = sizeof($groups);
if ($size > 6) {
$size = 6;
}
return tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), tag('table', attributes("class=\"phpc-container\""), tag('caption', __('Create User')), tag('tfoot', tag('tr', tag('td', attributes('colspan="2"'), create_hidden('phpc_token', $phpc_token), create_hidden('action', 'user_create'), create_hidden('submit_form', 'submit_form'), create_submit(__('Submit'))))), tag('tbody', tag('tr', tag('th', __('User Name')), tag('td', create_text('user_name'))), tag('tr', tag('th', __('Password')), tag('td', create_password('password1'))), tag('tr', tag('th', __('Confirm Password')), tag('td', create_password('password2'))), tag('tr', tag('th', __('Make Admin')), tag('td', create_checkbox('make_admin', '1', false, __('Admin')))), tag('tr', tag('th', __('Groups')), tag('td', create_select('groups[]', $groups, false, attrs('multiple', "size=\"{$size}\"")))))));
}
function default_calendar()
{
global $vars, $phpcdb, $phpc_script, $phpc_user;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
if ($phpc_user->is_admin()) {
$phpcdb->set_config('default_cid', $vars['cid']);
$html->add(tag('p', __('Default calendar set to: ') . $vars['cid']));
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function search_results()
{
global $vars, $phpcdb, $phpcid, $sort_options, $order_options;
$searchstring = $vars['searchstring'];
if (!empty($vars['search-from-date']) && strlen($vars['search-from-date']) > 0) {
$start = get_timestamp('search-from');
} else {
$start = false;
}
if (!empty($vars['search-to-date']) && strlen($vars['search-to-date']) > 0) {
$end = get_timestamp('search-to');
} else {
$end = false;
}
// make sure sort is valid
$sort = htmlentities($vars['sort']);
if (array_search($sort, array_keys($sort_options)) === false) {
soft_error(__('Invalid sort option') . ": {$sort}");
}
// make sure order is valid
$order = htmlentities($vars['order']);
if (array_search($order, array_keys($order_options)) === false) {
soft_error(__('Invalid order option') . ": {$order}");
}
$keywords = explode(" ", $searchstring);
$results = $phpcdb->search($phpcid, $keywords, $start, $end, $sort, $order);
$tags = array();
foreach ($results as $event) {
if (!$event->can_read()) {
continue;
}
$name = $event->get_author();
$subject = $event->get_subject();
$desc = $event->get_desc();
$date = $event->get_date_string();
$time = $event->get_time_string();
$eid = $event->get_eid();
$tags[] = tag('tr', tag('td', tag('strong', create_event_link($subject, 'display_event', $eid))), tag('td', "{$date} {$time}"), tag('td', $desc));
}
if (sizeof($tags) == 0) {
$html = tag('div', tag('strong', __('No events matched your search criteria.')));
} else {
$html = tag('table', attributes('class="phpc-main"'), tag('caption', __('Search Results')), tag('thead', tag('tr', tag('th', __('Subject')), tag('th', __('Date Time')), tag('th', __('Description')))));
foreach ($tags as $tag) {
$html->add($tag);
}
}
return $html;
}
function user_list()
{
global $phpc_script, $phpcdb;
$tbody = tag('tbody');
$tbody->add(tag('tr', tag('th', __("Username")), tag('th', __("Groups")), tag('th', __("Edit Groups")), tag('th', __("Action"))));
foreach ($phpcdb->get_users() as $user) {
$group_list = array();
foreach ($user->get_groups() as $group) {
$group_list[] = $group['name'];
}
$groups = implode(', ', $group_list);
$tbody->add(tag('tr', tag('th', $user->username), tag('td', $groups), tag('td', create_action_link(__("Edit Groups"), "user_groups", array("uid" => $user->uid))), tag('td', create_action_link(__("Delete"), "user_delete", array("uid" => $user->uid)))));
}
$create_link = create_action_link(__('Create User'), 'user_create');
return tag('div', attributes('id="phpc-admin-users"'), tag('table', attributes('class="phpc-container"'), tag('caption', __('User List')), $tbody, tag('tfoot', tag('tr', tag('td', attributes('colspan="3"'), $create_link)))));
}
function display_form()
{
global $phpc_script, $phpc_token, $phpcdb, $vars, $phpc_cal;
$groups = array();
foreach ($phpc_cal->get_groups() as $group) {
$groups[$group['gid']] = $group['name'];
}
$size = sizeof($groups);
if ($size > 6) {
$size = 6;
}
$user = $phpcdb->get_user($vars["uid"]);
$user_groups = array();
foreach ($user->get_groups() as $group) {
$user_groups[] = $group['gid'];
}
return tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), tag('div', attributes("class=\"phpc-container\""), tag('h2', __('Edit User Groups')), tag('div', create_select('groups[]', $groups, $user_groups, attrs('multiple', "size=\"{$size}\""))), tag('div', create_hidden('phpc_token', $phpc_token), create_hidden('uid', $vars['uid']), create_hidden('action', 'user_groups'), create_hidden('submit_form', 'submit_form'), create_submit(__('Submit')))));
}
function display_day()
{
global $phpcid, $phpc_cal, $phpc_user, $phpc_script, $phpcdb, $day, $month, $year;
$monthname = month_name($month);
$results = $phpcdb->get_occurrences_by_date($phpcid, $year, $month, $day);
$today_epoch = mktime(0, 0, 0, $month, $day, $year);
$have_events = false;
$html_table = tag('table', attributes('class="phpc-main"'), tag('caption', "{$day} {$monthname} {$year}"), tag('thead', tag('tr', tag('th', __('Title')), tag('th', __('Time')), tag('th', __('Description')))));
if ($phpc_cal->can_modify()) {
$html_table->add(tag('tfoot', tag('tr', tag('td', attributes('colspan="4"'), create_hidden('action', 'event_delete'), create_hidden('day', $day), create_hidden('month', $month), create_hidden('year', $year), create_submit(__('Delete Selected'))))));
}
$html_body = tag('tbody');
while ($row = $results->fetch_assoc()) {
$event = new PhpcOccurrence($row);
if (!$event->can_read()) {
continue;
}
$have_events = true;
$eid = $event->get_eid();
$oid = $event->get_oid();
$html_subject = tag('td');
if ($event->can_modify()) {
$html_subject->add(create_checkbox('eid[]', $eid));
}
$html_subject->add(create_occurrence_link(tag('strong', $event->get_subject()), 'display_event', $oid));
if ($event->can_modify()) {
$html_subject->add(" (");
$html_subject->add(create_event_link(__('Modify'), 'event_form', $eid));
$html_subject->add(')');
}
$html_body->add(tag('tr', $html_subject, tag('td', $event->get_time_span_string()), tag('td', $event->get_desc())));
}
$html_table->add($html_body);
if ($phpc_cal->can_modify()) {
$output = tag('form', attributes("action=\"{$phpc_script}\""), $html_table);
} else {
$output = $html_table;
}
if (!$have_events) {
$output = tag('h2', __('No events on this day.'));
}
return tag('', create_day_menu(), $output);
}
function form_tag($action, $content, $method = 'post', $options = array())
{
?>
<form action="<?php
echo $action;
?>
" method="<?php
echo $method;
?>
" accept-charset="utf-8"<?php
echo attributes($options);
?>
>
<?php
$content();
?>
</form>
<?php
}
function login_form()
{
global $vars, $phpc_script, $day, $year, $month;
$lastaction = empty($vars['lastaction']) ? '' : $vars['lastaction'];
$submit_data = tag('td', attributes('colspan="2"'), create_hidden('action', 'login'), create_submit(_('Log in')));
if (!empty($vars['lastaction'])) {
$submit_data->prepend(create_hidden('lastaction', $vars['lastaction']));
}
if (!empty($vars['day'])) {
$submit_data->prepend(create_hidden('day', $day));
}
if (!empty($vars['month'])) {
$submit_data->prepend(create_hidden('month', $month));
}
if (!empty($vars['year'])) {
$submit_data->prepend(create_hidden('year', $year));
}
return tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), tag('table', attributes('class="phpc-main"'), tag('caption', _('Log in')), tag('thead', tag('tr', tag('th', attributes('colspan="2"'), _('You must have cookies enabled to login.')))), tag('tfoot', tag('tr', $submit_data)), tag('tbody', tag('tr', tag('th', _('Username') . ':'), tag('td', create_text('username'))), tag('tr', tag('th', _('Password') . ':'), tag('td', create_password('password'))))));
}
function group_delete()
{
global $vars, $phpcdb, $phpcid, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["gid"])) {
return message_redirect(__('No group selected.'), "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
if (is_array($vars["gid"])) {
$ids = $vars["gid"];
} else {
$ids = array($vars["gid"]);
}
$groups = array();
foreach ($ids as $id) {
$groups[] = $phpcdb->get_group($id);
}
if (empty($vars["confirm"])) {
$list = tag('ul');
foreach ($groups as $group) {
$list->add(tag('li', "{$id}: " . $group['name']));
}
$html->add(tag('p', __('Confirm you want to delete:')));
$html->add($list);
$html->add(" [ ", create_action_link(__('Confirm'), "group_delete", array("gid" => $ids, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
foreach ($groups as $group) {
if (empty($group['cid']) && !is_admin() || !$phpcdb->get_calendar($group['cid'])->can_admin()) {
$html->add(tag('p', __("You do not have permission to delete group: ") . $group['gid']));
continue;
}
if ($phpcdb->delete_group($group['gid'])) {
$html->add(tag('p', __("Removed group: ") . $group['gid']));
} else {
$html->add(tag('p', __("Could not remove group: ") . $group['gid']));
}
}
return message_redirect($html, "{$phpc_script}?action=cadmin&phpcid={$phpcid}");
}
public static function getExternalConditions($select, $parentModel, $childName, $attributes)
{
$parentModelName = get_class($parentModel);
$parentTableName = $parentModel->getTableName();
$childName = array_key_exists('source', $attributes) ? attributes('source') : $childName;
$childModelName = Inflector::classify($childName);
$childTableName = Bbx_Model::load($childModelName)->getTableName();
$refColumn = Inflector::singularize($childTableName) . '_id';
if (!array_key_exists($childTableName, $select->getPart('from'))) {
$select->from($childTableName, array());
}
if (!array_key_exists($parentTableName, $select->getPart('from'))) {
$select->from($parentTableName, array());
}
$select->where("`" . $parentTableName . "`.`" . $refColumn . "` = `" . $childTableName . "`.`id`");
try {
$parentModel->getRowData();
$select->where("`" . $parentTableName . "`.`id` = " . $parentModel->id);
} catch (Exception $e) {
}
return $select;
}
function calendar_delete()
{
global $vars, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
if (is_array($vars["cid"])) {
$ids = $vars["cid"];
} else {
$ids = array($vars["cid"]);
}
if (empty($vars["confirm"])) {
$list = tag('ul');
foreach ($ids as $id) {
$calendar = $phpcdb->get_calendar($id);
$list->add(tag('li', "{$id}: " . $calendar->get_title()));
}
$html->add(tag('p', __('Confirm you want to delete:')));
$html->add($list);
$html->add(" [ ", create_action_link(__('Confirm'), "calendar_delete", array("cid" => $ids, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
foreach ($ids as $id) {
$calendar = $phpcdb->get_calendar($id);
if (!$calendar->can_admin()) {
$html->add(tag('p', __("You do not have permission to remove calendar") . ": {$id}"));
continue;
}
if ($phpcdb->delete_calendar($id)) {
$html->add(tag('p', __("Removed calendar") . ": {$id}"));
} else {
$html->add(tag('p', __("Could not remove calendar") . ": {$id}"));
}
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function user_delete()
{
global $vars, $phpcid, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (!is_admin()) {
$html->add(tag('p', __('You must be an admin to delete users.')));
return $html;
}
if (empty($vars["uid"])) {
$html->add(tag('p', __('No user selected.')));
return $html;
}
if (is_array($vars["uid"])) {
$ids = $vars["uid"];
} else {
$ids = array($vars["uid"]);
}
if (empty($vars["confirm"])) {
$list = tag('ul');
foreach ($ids as $id) {
$user = $phpcdb->get_user($id);
$list->add(tag('li', "{$id}: " . $user->get_username()));
}
$html->add(tag('p', __('Confirm you want to delete:')));
$html->add($list);
$html->add(" [ ", create_action_link(__('Confirm'), "user_delete", array("uid" => $ids, "confirm" => "1")), " ] ");
$html->add(" [ ", create_action_link(__('Deny'), "display_month"), " ] ");
return $html;
}
foreach ($ids as $id) {
if ($phpcdb->delete_user($id)) {
$html->add(tag('p', __("Removed user: {$id}")));
} else {
$html->add(tag('p', __("Could not remove user: {$id}")));
}
}
return message_redirect($html, "{$phpc_script}?action=admin&phpcid={$phpcid}");
}
public static function getExternalConditions($select, $parentModel, $childName, $attributes)
{
$parentModelName = get_class($parentModel);
$parentTableName = $parentModel->getTableName();
$childName = array_key_exists('source', $attributes) ? attributes('source') : $childName;
$childModelName = Inflector::classify($childName);
$childModel = Bbx_Model::load($childModelName);
$childTableName = $childModel->getTableName();
$childColumns = $childModel->columns();
$throughName = $attributes['through'];
$throughModelName = Inflector::classify($throughName);
$throughModel = Bbx_Model::load($throughModelName);
$throughTableName = $throughModel->getTableName();
$throughColumns = $throughModel->columns();
if (!array_key_exists($childTableName, $select->getPart('from'))) {
$select->from($childTableName, array());
}
if (array_key_exists('as', $attributes)) {
$refColumn = $attributes['as'] . '_id';
$polyType = $attributes['as'] . '_type';
} else {
$refColumn = Inflector::singularize($parentTableName) . '_id';
}
$childKey = Inflector::singularize($childTableName) . '_id';
$throughKey = Inflector::singularize($throughTableName) . '_id';
$select->from($throughTableName, array())->where("`" . $throughTableName . "`.`" . $refColumn . "` = " . $parentModel->id);
if (in_array($childKey, $throughColumns)) {
$select->where("`" . $throughTableName . "`.`" . $childKey . "` = `" . $childTableName . "`.id");
} else {
if (in_array($throughKey, $childColumns)) {
$select->where("`" . $childTableName . "`.`" . $throughKey . "` = `" . $throughTableName . "`.id");
}
}
if (array_key_exists('as', $attributes)) {
$select->where("`" . $throughTableName . "`.`" . $polyType . "` = '" . Inflector::singularize($parentTableName) . "'");
}
return $select;
}
function config_form()
{
global $phpc_script, $phpc_user_tz, $phpc_user_lang, $phpc_token, $phpcdb, $phpc_user;
$tz_input = create_multi_select('timezone', get_timezone_list(), $phpc_user_tz);
$languages = array("" => __("Default"));
foreach (get_languages() as $lang) {
$languages[$lang] = $lang;
}
$lang_input = create_select('language', $languages, $phpc_user_lang);
$calendars = array("" => __("None"));
foreach ($phpcdb->get_calendars() as $calendar) {
$calendars[$calendar->get_cid()] = $calendar->get_title();
}
$default_input = create_select('default_cid', $calendars, $phpc_user->get_default_cid());
$table = tag('table', attrs('class="phpc-form"'));
if (is_user()) {
$table->add(tag('tr', tag('th', __('Default Calendar')), tag('td', $default_input)));
}
$table->add(tag('tr', tag('th', __('Timezone')), tag('td', $tz_input)));
$table->add(tag('tr', tag('th', __('Language')), tag('td', $lang_input)));
$form = tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), tag('div', attrs('class="phpc-sub-title"'), __('Settings')), $table, create_hidden('phpc_token', $phpc_token), create_hidden('action', 'user_settings_submit'), create_submit(__('Submit')));
return tag('div', attrs('id="phpc-config"'), $form);
}
function calendar_delete()
{
global $vars, $phpcdb, $phpc_script;
$html = tag('div', attributes('class="phpc-container"'));
if (empty($vars["cid"])) {
$html->add(tag('p', __('No calendar selected.')));
return $html;
}
$id = $vars["cid"];
$calendar = $phpcdb->get_calendar($id);
if (empty($calendar)) {
soft_error(__("Calendar does not exist") . ": {$id}");
}
if (!$calendar->can_admin()) {
soft_error(__("You do not have permission to remove calendar") . ": {$id}");
}
if ($phpcdb->delete_calendar($id)) {
$html->add(tag('p', __("Removed calendar") . ": {$id}"));
} else {
$html->add(tag('p', __("Could not remove calendar") . ": {$id}"));
}
return message_redirect($html, "{$phpc_script}?action=admin");
}
function user_list()
{
global $phpc_script, $phpcid, $phpcdb, $vars;
$users = $phpcdb->get_users_with_permissions($phpcid);
$tbody = tag('tbody');
foreach ($users as $user) {
$phpc_user = new PhpcUser($user);
$group_list = array();
foreach ($phpc_user->get_groups() as $group) {
if ($group['cid'] == $phpcid) {
$group_list[] = $group['name'];
}
}
$groups = implode(', ', $group_list);
$tbody->add(tag('tr', tag('td', $user['username'], create_hidden('uid[]', $user['uid'])), tag('td', create_checkbox("read{$user['uid']}", "1", !empty($user['read']), __('Read'))), tag('td', create_checkbox("write{$user['uid']}", "1", !empty($user['write']), __('Write'))), tag('td', create_checkbox("readonly{$user['uid']}", "1", !empty($user['readonly']), __('Read-only'))), tag('td', create_checkbox("modify{$user['uid']}", "1", !empty($user['modify']), __('Modify'))), tag('td', create_checkbox("admin{$user['uid']}", "1", !empty($user['calendar_admin']), __('Admin'))), tag('td', $groups), tag('td', create_action_link(__("Edit Groups"), "user_groups", array("uid" => $user["uid"])))));
}
$hidden_div = tag('div', create_hidden('action', 'user_permissions_submit'));
if (isset($vars['phpcid'])) {
$hidden_div->add(create_hidden('phpcid', $vars['phpcid']));
}
$form = tag('form', attributes("action=\"{$phpc_script}\"", 'method="post"'), $hidden_div, tag('div', attrs('class="phpc-sub-title"'), __('User Permissions')), tag('table', attributes("class=\"phpc-container\""), tag('thead', tag('tr', attrs('class="ui-widget-header"'), tag('th', __('User Name')), tag('th', __('Read')), tag('th', __('Write')), tag('th', __('Can Create Read-Only')), tag('th', __('Modify')), tag('th', __('Admin')), tag('th', __('Groups')), tag('th', __('Edit Groups')))), $tbody), create_submit(__('Submit')));
return tag('div', attrs('id="phpc-users"'), $form);
}
function group_submit()
{
global $vars, $phpcdb, $phpc_script, $phpc_cal;
if (!isset($vars['gid'])) {
$modify = false;
if (!isset($vars['cid'])) {
$cid = null;
if (!is_admin()) {
permission_error(__('You do not have permission to add a global group.'));
}
} else {
$cid = $vars['cid'];
$calendar = $phpcdb->get_calendar($cid);
if (!$calendar->can_admin()) {
permission_error(__('You do not have permission to add a group to this calendar.'));
}
}
$gid = $phpcdb->create_group($cid, $vars["name"]);
} else {
$modify = true;
$gid = $vars['gid'];
$group = $phpcdb->get_group($gid);
if (!(empty($group['cid']) && is_admin() || $phpcdb->get_calendar($group["cid"])->can_admin())) {
soft_error(__("You do not have permission to modify this group."));
}
$phpcdb->modify_group($gid, $vars['name']);
}
$page = "{$phpc_script}?action=cadmin&phpcid=" . $vars['cid'];
if ($modify) {
return message_redirect(__("Modified group: ") . $gid, $page);
}
if ($gid > 0) {
return message_redirect(__("Created group: ") . $gid, $page);
}
return tag('div', attributes('class="phpc-error"'), __('Error submitting group.'));
}
function display_event_by_eid($eid)
{
global $phpcdb, $year, $month, $day;
$event = new PhpcEvent($phpcdb->get_event_by_eid($eid));
if (!$event->can_read()) {
return tag('p', __("You do not have permission to read this event."));
}
$event_header = tag('div', attributes('class="phpc-event-header"'), tag('div', __('by') . ' ', tag('cite', $event->get_author())));
$event_header->add(tag('div', __('Created at: '), $event->get_ctime_string()));
if (!empty($event->mtime)) {
$event_header->add(tag('div', __('Last modified at: '), $event->get_mtime_string()));
}
$category = $event->get_category();
if (!empty($category)) {
$event_header->add(tag('div', __('Category') . ': ' . $category));
}
// Add modify/delete links if this user has access to this event.
if ($event->can_modify()) {
$event_header->add(tag('div', attrs('class="phpc-bar ui-widget-content"'), create_event_link(__('Modify'), 'event_form', $eid), "\n", create_event_link(__('Add Occurrence'), 'occur_form', $eid), "\n", create_event_link(__('Delete'), 'event_delete', $eid)));
}
$desc_tag = tag('div', attributes('class="phpc-desc"'), tag('h3', __("Description")), tag('p', $event->get_desc()));
$occurrences_tag = tag('ul');
$occurrences = $phpcdb->get_occurrences_by_eid($eid);
$set_date = false;
foreach ($occurrences as $occurrence) {
if (!$set_date) {
$year = $occurrence->get_start_year();
$month = $occurrence->get_start_month();
$day = $occurrence->get_start_day();
}
$oid = $occurrence->get_oid();
$occ_tag = tag('li', attrs('class="ui-widget-content"'), create_occurrence_link($occurrence->get_date_string() . ' ' . __('at') . ' ' . $occurrence->get_time_span_string(), 'display_event', $oid));
if ($event->can_modify()) {
$occ_tag->add(" ", create_occurrence_link(__('Edit'), 'occur_form', $oid), " ", create_occurrence_link(__('Remove'), 'occurrence_delete', $oid));
}
$occurrences_tag->add($occ_tag);
}
return tag('div', attributes('class="phpc-main phpc-event"'), tag('h2', $event->get_subject()), $event_header, $desc_tag, tag('div', attributes('class="phpc-occ"'), tag('h3', __('Occurrences')), $occurrences_tag));
}