function print_user_list()
{
global $is_admin, $is_assistant, $is_nonuser_admin, $login, $NONUSER_AT_TOP, $NONUSER_ENABLED, $single_user;
if ($single_user == 'N' && $is_admin) {
$userlist = user_get_users();
if ($NONUSER_ENABLED == 'Y') {
$nonusers = get_nonuser_cals();
$userlist = !empty($NONUSER_AT_TOP) && $NONUSER_AT_TOP == 'Y' ? array_merge($nonusers, $userlist) : array_merge($userlist, $nonusers);
}
$num_users = $size = 0;
$users = '';
for ($i = 0, $cnt = count($userlist); $i < $cnt; $i++) {
$l = $userlist[$i]['cal_login'];
$size++;
$users .= '
<option value="' . $l . '"' . ($l == $login && !$is_assistant && !$is_nonuser_admin ? ' selected="selected"' : '') . '>' . $userlist[$i]['cal_fullname'] . '</option>';
}
if ($size > 50) {
$size = 15;
} elseif ($size > 5) {
$size = 5;
}
echo '
<tr>
<td class="aligntop"><label for="caluser">' . translate('Calendar') . ':</label></td>
<td>
<select name="calUser" id="caluser" size="' . $size . '">' . $users . '
</select>
</td>
</tr>';
}
}
function print_user_list()
{
global $single_user, $is_admin, $nonuser_enabled, $login, $is_nonuser_admin, $is_assistant;
if ($single_user == "N" && $is_admin) {
$userlist = get_my_users();
if ($nonuser_enabled == "Y") {
$nonusers = get_nonuser_cals();
$userlist = !empty($nonuser_at_top) && $nonuser_at_top == "Y" ? array_merge($nonusers, $userlist) : array_merge($userlist, $nonusers);
}
$num_users = 0;
$size = 0;
$users = "";
for ($i = 0; $i < count($userlist); $i++) {
$l = $userlist[$i]['cal_login'];
$size++;
$users .= "<option value=\"" . $l . "\"";
if (!empty($id) && $id > 0) {
if (!empty($participants[$l])) {
$users .= " selected=\"selected\"";
}
} else {
if ($l == $login && !$is_assistant && !$is_nonuser_admin) {
$users .= " selected=\"selected\"";
}
}
$users .= ">" . $userlist[$i]['cal_fullname'] . "</option>\n";
}
if ($size > 50) {
$size = 15;
} else {
if ($size > 5) {
$size = 5;
}
}
print "<tr><td style=\"vertical-align:top;\">\n";
print "<label for=\"caluser\">" . translate("Calendar") . "</label></td><td>\n";
print "<select name=\"calUser\" id=\"caluser\" size=\"{$size}\">{$users}\n";
print "</select>\n";
print "</td></tr>\n";
}
}
}
$can_add = $readonly == "N" || $is_admin == "Y";
if ($public_access == "Y" && $login == "__public__") {
if ($public_access_can_add != "Y") {
$can_add = false;
}
if ($public_access_others != "Y") {
$user = "";
}
// security precaution
}
if ($groups_enabled == "Y" && $user_sees_only_his_groups == "Y" && !$is_admin) {
$valid_user = false;
$userlist = get_my_users();
if ($nonuser_enabled == "Y") {
$nonusers = get_nonuser_cals();
$userlist = array_merge($nonusers, $userlist);
}
for ($i = 0; $i < count($userlist); $i++) {
if ($user == $userlist[$i]['cal_login']) {
$valid_user = true;
}
}
if ($valid_user == false) {
$user = "";
// security precaution
}
}
if (!empty($user)) {
$u_url = "user={$user}&";
user_load_variables($user, "user_");
$error = translate("Database error") . ": " . dbi_error();
}
if ($all_users) {
$viewusers = array();
$users = get_my_users();
for ($i = 0; $i < count($users); $i++) {
$viewusers[] = $users[$i]['cal_login'];
}
} else {
// Make sure this user is allowed to see all users in this view
// If this is a global view, it may include users that this user
// is not allowed to see.
if (!empty($user_sees_only_his_groups) && $user_sees_only_his_groups == 'Y') {
$myusers = get_my_users();
if (!empty($nonuser_enabled) && $nonuser_enabled == "Y") {
$myusers = array_merge($myusers, get_nonuser_cals());
}
$userlookup = array();
for ($i = 0; $i < count($myusers); $i++) {
$userlookup[$myusers[$i]['cal_login']] = 1;
}
$newlist = array();
for ($i = 0; $i < count($viewusers); $i++) {
if (!empty($userlookup[$viewusers[$i]])) {
$newlist[] = $viewusers[$i];
}
}
$viewusers = $newlist;
}
}
if (count($viewusers) == 0) {
$login_url .= '?return_path=' . $login_return_path;
$logout_url .= $login_url . '&action=logout';
}
// Should we use another application's login/logout pages?
if (substr($GLOBALS['user_inc'], 0, 9) == 'user-app-') {
global $app_login_page, $app_logout_page;
$logout_url = $app_logout_page;
$login_url = 'login-app.php' . ($login_return_path != '' && $app_login_page['return'] != '' ? '?return_path=' . $login_return_path : '');
}
if ($readonly != 'Y') {
$tret .= '<br /><span class="prefix">' . $currentUserStr . ':</span> ' . (strlen($login) && $login != '__public__' ? $fullname . ' (<a title="' . $logoutStr . '" href="' . $logout_url . '">' . $logoutStr : $publicStr . ' (<a title="' . $loginStr . '" href="' . $login_url . '">' . $loginStr) . "</a>)\n";
}
}
// Manage Calendar links.
if (!empty($NONUSER_ENABLED) && $NONUSER_ENABLED == 'Y') {
$admincals = get_nonuser_cals($login);
}
// Make sure they have access to either month/week/day view. If they do not,
// then we cannot create a URL that shows just the boss' events. So, we
// would not include any of the "manage calendar of" links.
$have_boss_url = true;
if (!access_can_access_function(ACCESS_MONTH) && !access_can_access_function(ACCESS_WEEK) && !access_can_access_function(ACCESS_DAY)) {
$have_boss_url = false;
}
if ($have_boss_url && ($has_boss || !empty($admincals[0]) || $is_admin && $PUBLIC_ACCESS)) {
$grouplist = user_get_boss_list($login);
if (!empty($admincals[0])) {
$grouplist = array_merge($admincals, $grouplist);
}
if ($is_admin && $PUBLIC_ACCESS == 'Y') {
$public = array('cal_login' => '__public__', 'cal_fullname' => $publicStr);
</table>
</form>
<?php
}
if (!empty($PUBLIC_ACCESS) && $PUBLIC_ACCESS == 'Y') {
?>
<br /><br />
<a class="nav" href="index.php">
<?php
etranslate('Access public calendar');
?>
</a><br />
<?php
}
$nulist = get_nonuser_cals();
for ($i = 0, $cnt = count($nulist); $i < $cnt; $i++) {
if ($nulist[$i]['cal_is_public'] == 'Y') {
?>
<a class="nav" href="nulogin.php?login=<?php
echo $nulist[$i]['cal_login'] . '">' . translate('Access') . ' ' . $nulist[$i]['cal_fullname'] . ' ' . translate('calendar');
?>
</a><br /><?php
}
}
if ($DEMO_MODE == 'Y') {
// This is used on the sourceforge demo page
echo 'Demo login: user = "******", password = "******"<br />';
}
?>
<br /><br />
function display_unapproved_events($user)
{
global $public_access, $is_admin, $nonuser_enabled, $login;
// Don't do this for public access login, admin user must approve public
// events
if ($user == "__public__") {
return;
}
$sql = "SELECT COUNT(webcal_entry_user.cal_id) " . "FROM webcal_entry_user, webcal_entry " . "WHERE webcal_entry_user.cal_id = webcal_entry.cal_id " . "AND webcal_entry_user.cal_status = 'W' " . "AND ( webcal_entry.cal_ext_for_id IS NULL " . "OR webcal_entry.cal_ext_for_id = 0 ) " . "AND ( webcal_entry_user.cal_login = '******'";
if ($public_access == "Y" && $is_admin) {
$sql .= " OR webcal_entry_user.cal_login = '******'";
}
if ($nonuser_enabled == 'Y') {
$admincals = get_nonuser_cals($login);
for ($i = 0; $i < count($admincals); $i++) {
$sql .= " OR webcal_entry_user.cal_login = '******'cal_login'] . "'";
}
}
$sql .= " )";
//print "SQL: $sql<br />\n";
$res = dbi_query($sql);
if ($res) {
if ($row = dbi_fetch_row($res)) {
if ($row[0] > 0) {
$str = translate("You have XXX unapproved events");
}
$str = str_replace("XXX", $row[0], $str);
echo "<a class=\"nav\" href=\"list_unapproved.php";
if ($user != $login) {
echo "?user={$user}\"";
}
echo "\">" . $str . "</a><br />\n";
}
dbi_free_result($res);
}
}
function get_my_nonusers($user = '', $add_public = false, $reason = 'invite')
{
global $GROUPS_ENABLED, $is_admin, $is_nonuser, $is_nonuser_admin, $login, $my_nonuser_array, $my_user_array, $PUBLIC_ACCESS, $PUBLIC_ACCESS_FULLNAME, $USER_SEES_ONLY_HIS_GROUPS, $USER_SORT_ORDER;
$this_user = empty($user) ? $login : $user;
// Return the global variable (cached).
if (!empty($my_nonuser_array[$this_user . $add_public]) && is_array($my_nonuser_array)) {
return $my_nonuser_array[$this_user . $add_public];
}
$u = get_nonuser_cals();
if ($GROUPS_ENABLED == 'Y' && $USER_SEES_ONLY_HIS_GROUPS == 'Y' && !$is_admin) {
// Get current user's groups.
$rows = dbi_get_cached_rows('SELECT cal_group_id FROM webcal_group_user
WHERE cal_login = ?', array($this_user));
$groups = $ret = $u_byname = array();
if ($rows) {
for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) {
$row = $rows[$i];
$groups[] = $row[0];
}
}
$groupcnt = count($groups);
// Nonuser (public) can only see themself (unless access control is on).
if ($is_nonuser && !access_is_enabled()) {
return array($this_user);
}
for ($i = 0, $cnt = count($u); $i < $cnt; $i++) {
$u_byname[$u[$i]['cal_login']] = $u[$i];
}
if ($groupcnt == 0) {
// Eek. User is in no groups... Return only themselves.
if (isset($u_byname[$this_user])) {
$ret[] = $u_byname[$this_user];
}
$my_nonuser_array[$this_user . $add_public] = $ret;
return $ret;
}
// Get other members of current users' groups.
$sql = 'SELECT DISTINCT( wnc.cal_login ), cal_lastname, cal_firstname,
cal_is_public FROM webcal_group_user wgu, webcal_nonuser_cals wnc WHERE ' . ($add_public ? 'wnc.cal_is_public = \'Y\' OR ' : '') . ' cal_admin = ? OR ( wgu.cal_login = wnc.cal_login AND cal_group_id ';
if ($groupcnt == 1) {
$sql .= '= ? )';
} else {
// Build count ( $groups ) placeholders separated with commas.
$placeholders = '';
for ($p_i = 0; $p_i < $groupcnt; $p_i++) {
$placeholders .= $p_i == 0 ? '?' : ', ?';
}
$sql .= "IN ( {$placeholders} ) )";
}
// Add $this_user to beginning of query params.
array_unshift($groups, $this_user);
$rows = dbi_get_cached_rows($sql . ' ORDER BY ' . (empty($USER_SORT_ORDER) ? '' : "{$USER_SORT_ORDER}"), $groups);
if ($rows) {
for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) {
$row = $rows[$i];
if (isset($u_byname[$row[0]])) {
$ret[] = $u_byname[$row[0]];
}
}
}
} else {
// Groups not enabled... return all nonusers.
$ret = $u;
}
// We add Public Access if $add_public= true.
// Admin already sees all users.
if (!$is_admin && $add_public && $PUBLIC_ACCESS == 'Y') {
$pa = user_get_users(true);
array_unshift($ret, $pa[0]);
}
// If user access control enabled,
// remove any nonusers that this user does not have required access.
if (access_is_enabled()) {
$newlist = array();
for ($i = 0, $cnt = count($ret); $i < $cnt; $i++) {
$can_list = access_user_calendar($reason, $ret[$i]['cal_login'], $this_user);
if ($can_list == 'Y' || $can_list > 0) {
$newlist[] = $ret[$i];
}
}
$ret = $newlist;
}
$my_nonuser_array[$this_user . $add_public] = $ret;
return $ret;
}
if (!$is_admin) {
echo "<h2>" . translate("Error") . "</h2>\n" . translate("You are not authorized") . ".\n";
echo "</body>\n</html>";
exit;
}
if (!$NONUSER_PREFIX) {
echo "<h2>" . translate("Error") . "</h2>\n" . translate("NONUSER_PREFIX not set") . ".\n";
echo "</body>\n</html>";
exit;
}
$add = getValue("add");
?>
<a name="tabnonusers"></a>
<div id="tabscontent_nonusers">
<?php
if (empty($error)) {
echo "<a title=\"" . translate("Add New NonUser Calendar") . "\" href=\"edit_nonusers.php?add=1\" target=\"nonusersiframe\" onclick=\"javascript:show('nonusersiframe');\">" . translate("Add New NonUser Calendar") . "</a><br />\n";
// Displaying NonUser Calendars
$userlist = get_nonuser_cals();
if (!empty($userlist)) {
echo "<ul>";
for ($i = 0; $i < count($userlist); $i++) {
echo "<li><a title=\"" . $userlist[$i]['cal_fullname'] . "\" href=\"edit_nonusers.php?nid=" . $userlist[$i]["cal_login"] . "\" target=\"nonusersiframe\" onclick=\"javascript:show('nonusersiframe');\">" . $userlist[$i]['cal_fullname'] . "</a></li>\n";
}
echo "</ul>";
}
}
echo "<iframe name=\"nonusersiframe\" id=\"nonusersiframe\" style=\"width:90%;border-width:0px; height:250px;\"></iframe>";
?>
</div>
<img src="images/help.gif" alt="{$helpStr}" class="help"
onclick="window.open( 'help_layers.php','cal_help','dependent,menubar,scrollbars,height=400,width=400,innerHeight=420,outerWidth=420' );" />
</h2>
<form action="edit_layer_handler.php" method="post"
onsubmit="return valid_form( this );" name="prefform">{$hiddenStr}
<table cellspacing="2" cellpadding="3">
EOT;
if ($single_user == 'N') {
$otherlist = $userlist = get_my_users('', 'view');
if ($NONUSER_ENABLED == 'Y') {
// Restrict NUC list if groups are enabled.
$nonusers = get_my_nonusers($login, true, 'view');
$userlist = $NONUSER_AT_TOP == 'Y' ? array_merge($nonusers, $userlist) : array_merge($userlist, $nonusers);
}
if ($REMOTES_ENABLED == 'Y') {
$remotes = get_nonuser_cals($login, true);
$userlist = $NONUSER_AT_TOP == 'Y' ? array_merge($remotes, $userlist) : array_merge($userlist, $remotes);
}
$num_users = $osize = $size = 0;
$others = $users = '';
for ($i = 0, $cnt = count($userlist); $i < $cnt; $i++) {
if ($userlist[$i]['cal_login'] != $layer_user) {
$size++;
$users .= '
<option value="' . $userlist[$i]['cal_login'] . '"' . (!empty($layers[$id]['cal_layeruser']) && $layers[$id]['cal_layeruser'] == $userlist[$i]['cal_login'] ? ' selected="selected"' : '') . '>' . $userlist[$i]['cal_fullname'] . '</option>';
}
}
for ($i = 0, $cnt = count($otherlist); $i < $cnt; $i++) {
if ($otherlist[$i]['cal_login'] != $layer_user) {
$osize++;
$others .= '
$newRemoteStr = translate('Add New Remote Calendar');
$targetStr = 'target="remotesiframe" onclick="showFrame( \'remotesiframe\' );">';
if (!$NONUSER_PREFIX) {
echo print_error_header() . translate('NONUSER_PREFIX not set') . '
</body>
</html>';
exit;
}
$add = getValue('add');
echo '
<a name="tabnonusers"></a>
<div id="tabscontent_remotes">';
if (empty($error)) {
echo '
<a title="' . $newRemoteStr . '" href="edit_remotes.php?add=1"' . $targetStr . $newRemoteStr . '</a><br />';
// Displaying Remote Calendars
$userlist = get_nonuser_cals($login, true);
if (!empty($userlist)) {
echo '
<ul>';
for ($i = 0, $cnt = count($userlist); $i < $cnt; $i++) {
echo '
<li><a title="' . $userlist[$i]['cal_fullname'] . '" href="edit_remotes.php?nid=' . $userlist[$i]['cal_login'] . '"' . $targetStr . $userlist[$i]['cal_fullname'] . '</a></li>';
}
echo '
</ul>';
}
}
echo '
<iframe name="remotesiframe" id="remotesiframe" style="width: 90%; ' . 'border: 0; height: 250px;"></iframe>
</div>';
function get_users_to_approve()
{
global $is_admin, $login, $NONUSER_ENABLED, $PUBLIC_ACCESS, $user;
$app_user_hash = $app_users = $my_non_users = array();
$non_users = get_nonuser_cals();
foreach ($non_users as $nonuser) {
if (user_is_nonuser_admin($login, $nonuser['cal_login'])) {
$my_non_users[]['cal_login'] = $nonuser['cal_login'];
// echo $nonuser['cal_login'] . "<br />";
}
}
// First, we list ourself.
$app_users[] = $login;
$app_user_hash[$login] = 1;
if (access_is_enabled()) {
$all = !empty($NONUSER_ENABLED) && $NONUSER_ENABLED == 'Y' ? array_merge(get_my_users(), $my_non_users) : get_my_users();
for ($j = 0, $cnt = count($all); $j < $cnt; $j++) {
$x = $all[$j]['cal_login'];
if (access_user_calendar('approve', $x)) {
if (empty($app_user_hash[$x])) {
$app_users[] = $x;
$app_user_hash[$x] = 1;
}
}
}
} else {
if ($is_admin && $PUBLIC_ACCESS == 'Y' && (empty($user) || $user != '__public__')) {
$app_users[] = '__public__';
$app_users_hash['__public__'] = 1;
}
$all = $my_non_users;
for ($j = 0, $cnt = count($all); $j < $cnt; $j++) {
$x = $all[$j]['cal_login'];
if (empty($app_user_hash[$x])) {
$app_users[] = $x;
$app_user_hash[$x] = 1;
}
}
}
return $app_users;
}
