function ws_init()
{
global $admin_can_add_user, $admin_can_delete_user, $site_extras, $user_inc;
// Load include files.
define('__WC_BASEDIR', '..');
// Points to the base WebCalendar directory
// relative to current working directory.
define('__WC_INCLUDEDIR', '../includes');
include_once __WC_INCLUDEDIR . '/translate.php';
require_once __WC_INCLUDEDIR . '/classes/WebCalendar.class';
require_once __WC_INCLUDEDIR . '/classes/Event.class';
require_once __WC_INCLUDEDIR . '/classes/RptEvent.class';
$WebCalendar =& new WebCalendar(__FILE__);
include_once __WC_INCLUDEDIR . '/config.php';
include_once __WC_INCLUDEDIR . '/dbi4php.php';
include_once __WC_INCLUDEDIR . '/access.php';
include_once __WC_INCLUDEDIR . '/functions.php';
$WebCalendar->initializeFirstPhase();
include_once __WC_INCLUDEDIR . '/' . $user_inc;
include_once __WC_INCLUDEDIR . '/validate.php';
include_once __WC_INCLUDEDIR . '/site_extras.php';
$WebCalendar->initializeSecondPhase();
load_global_settings();
load_user_preferences();
$WebCalendar->setLanguage();
}
$self = $PHP_SELF;
}
preg_match("/\\/(\\w+\\.php)/", $self, $match);
$SCRIPT = $match[1];
// Several files need a no-cache header and some of the same code
$special = array('month.php', 'day.php', 'week.php', 'week_details.php', 'year.php');
$DMW = in_array($SCRIPT, $special);
// Unset some variables that shouldn't be set
unset($user_inc);
include_once 'includes/config.php';
include_once 'includes/php-dbi.php';
include_once 'includes/functions.php';
include_once "includes/{$user_inc}";
include_once 'includes/validate.php';
include_once 'includes/connect.php';
load_global_settings();
if (empty($ovrd)) {
load_user_preferences();
}
include_once 'includes/translate.php';
// error-check some commonly used form variable names
$id = getValue("id", "[0-9]+", true);
$user = getValue("user", "[A-Za-z0-9_\\.=@,\\-]*", true);
$date = getValue("date", "[0-9]+");
$year = getValue("year", "[0-9]+");
$month = getValue("month", "[0-9]+");
$hour = getValue("hour", "[0-9]+");
$minute = getValue("minute", "[0-9]+");
$cat_id = getValue("cat_id", "[0-9]+");
$friendly = getValue("friendly", "[01]");
if (empty($public_access)) {
function save_pref($prefs, $src)
{
global $error, $my_theme, $prad;
if (!$prad) {
global $prefuser;
}
$pos = $prad ? 6 : 5;
while (list($key, $value) = each($prefs)) {
if ($src == 'post') {
$prefix = substr($key, 0, $pos);
$setting = substr($key, $pos);
if (!$prad && $prefix != 'pref_' || $prad && $key == 'currenttab') {
continue;
}
// .
// Validate key name.
// If $prad not true, should start with "pref_"
// else should start with "admin_",
// and not include any unusual characters that might be an SQL injection attack.
if (!$prad && !preg_match('/pref_[A-Za-z0-9_]+$/', $key) || $prad && !preg_match('/admin_[A-Za-z0-9_]+$/', $key)) {
die_miserable_death(str_replace('XXX', $key, translate('Invalid setting name XXX.')));
}
} else {
$prefix = $prad ? 'admin_' : 'pref_';
$setting = $key;
}
if (strlen($setting) > 0 && $prefix == 'pref_' || $prefix == 'admin_') {
if ($setting == 'THEME' && $value != 'none') {
$my_theme = strtolower($value);
}
if ($prad) {
$setting = strtoupper($setting);
$sql = 'DELETE FROM webcal_config WHERE cal_setting = ?';
if (!dbi_execute($sql, array($setting))) {
$error = db_error(false, $sql);
break;
}
if (strlen($value) > 0) {
$sql = 'INSERT INTO webcal_config ( cal_setting, cal_value ) VALUES ( ?, ? )';
if (!dbi_execute($sql, array($setting, $value))) {
$error = db_error(false, $sql);
break;
}
}
} else {
dbi_execute('DELETE FROM webcal_user_pref WHERE cal_login = ?
AND cal_setting = ?', array($prefuser, $setting));
if (strlen($value) > 0) {
$setting = strtoupper($setting);
$sql = 'INSERT INTO webcal_user_pref ( cal_login, cal_setting,
cal_value ) VALUES ( ?, ?, ? )';
if (!dbi_execute($sql, array($prefuser, $setting, $value))) {
$error = 'Unable to update preference: ' . dbi_error() . '<br /><br /><span class="bold">SQL:</span>' . $sql;
break;
}
}
}
}
}
// Reload preferences so any CSS changes will take effect.
load_global_settings();
load_user_preferences();
}
