function postcalendar_userapi_eventDetail($args, $admin = false)
{
if (!(bool) PC_ACCESS_READ) {
return _POSTCALENDARNOAUTH;
}
// get the theme globals :: is there a better way to do this?
pnThemeLoad(pnUserGetTheme());
global $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $bgcolor5;
global $textcolor1, $textcolor2;
$popup = pnVarCleanFromInput('popup');
extract($args);
unset($args);
if (!isset($cacheid)) {
$cacheid = null;
}
if (!isset($eid)) {
return false;
}
if (!isset($nopop)) {
$nopop = false;
}
$uid = pnUserGetVar('uid');
//=================================================================
// Find out what Template we're using
//=================================================================
$template_name = _SETTING_TEMPLATE;
if (!isset($template_name)) {
$template_name = 'default';
}
//=================================================================
// Setup Smarty Template Engine
//=================================================================
$tpl = new pcSmarty();
if ($admin) {
$template = $template_name . '/admin/details.html';
$args['cacheid'] = '';
$print = 0;
$Date =& postcalendar_getDate();
$tpl->caching = false;
} else {
$template = $template_name . '/user/details.html';
}
if (!$tpl->is_cached($template, $cacheid)) {
// let's get the DB information
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// get the event's information
$event =& postcalendar_userapi_pcGetEventDetails($eid);
// if the above is false, it's a private event for another user
// we should not diplay this - so we just exit gracefully
if ($event === false) {
return false;
}
//=================================================================
// get event's topic information
//=================================================================
$topics_table = $pntable['topics'];
$topics_column = $pntable['topics_column'];
$topicsql = "SELECT {$topics_column['topictext']},{$topics_column['topicimage']}\n FROM {$topics_table}\n WHERE {$topics_column['topicid']} = {$event['topic']}\n LIMIT 1";
$topic_result = $dbconn->Execute($topicsql);
list($event['topictext'], $event['topicimg']) = $topic_result->fields;
$location = unserialize($event['location']);
$event['location'] = $location['event_location'];
$event['street1'] = $location['event_street1'];
$event['street2'] = $location['event_street2'];
$event['city'] = $location['event_city'];
$event['state'] = $location['event_state'];
$event['postal'] = $location['event_postal'];
$event['date'] = str_replace('-', '', $Date);
//=================================================================
// populate the template
//=================================================================
if (!empty($event['location']) || !empty($event['street1']) || !empty($event['street2']) || !empty($event['city']) || !empty($event['state']) || !empty($event['postal'])) {
$tpl->assign('LOCATION_INFO', true);
} else {
$tpl->assign('LOCATION_INFO', false);
}
if (!empty($event['contname']) || !empty($event['contemail']) || !empty($event['conttel']) || !empty($event['website'])) {
$tpl->assign('CONTACT_INFO', true);
} else {
$tpl->assign('CONTACT_INFO', false);
}
$display_type = substr($event['hometext'], 0, 6);
if ($display_type == ':text:') {
$prepFunction = 'pcVarPrepForDisplay';
$event['hometext'] = substr($event['hometext'], 6);
} elseif ($display_type == ':html:') {
$prepFunction = 'pcVarPrepHTMLDisplay';
$event['hometext'] = substr($event['hometext'], 6);
} else {
$prepFunction = 'pcVarPrepHTMLDisplay';
}
unset($display_type);
// prep the vars for output
$event['title'] =& $prepFunction($event['title']);
$event['hometext'] =& $prepFunction($event['hometext']);
$event['desc'] =& $event['hometext'];
$event['conttel'] =& $prepFunction($event['conttel']);
$event['contname'] =& $prepFunction($event['contname']);
$event['contemail'] =& $prepFunction($event['contemail']);
$event['website'] =& $prepFunction(postcalendar_makeValidURL($event['website']));
$event['fee'] =& $prepFunction($event['fee']);
$event['location'] =& $prepFunction($event['location']);
$event['street1'] =& $prepFunction($event['street1']);
$event['street2'] =& $prepFunction($event['street2']);
$event['city'] =& $prepFunction($event['city']);
$event['state'] =& $prepFunction($event['state']);
$event['postal'] =& $prepFunction($event['postal']);
$tpl->assign_by_ref('A_EVENT', $event);
//=================================================================
// populate the template $ADMIN_OPTIONS
//=================================================================
$target = '';
if (_SETTING_OPEN_NEW_WINDOW) {
$target = 'target="csCalendar"';
}
$admin_edit_url = $admin_delete_url = '';
if (pnSecAuthAction(0, 'PostCalendar::', '::', ACCESS_ADMIN)) {
$admin_edit_url = pnModURL(__POSTCALENDAR__, 'admin', 'submit', array('pc_event_id' => $eid));
$admin_delete_url = pnModURL(__POSTCALENDAR__, 'admin', 'adminevents', array('action' => _ACTION_DELETE, 'pc_event_id' => $eid));
}
$user_edit_url = $user_delete_url = '';
if (pnUserLoggedIn()) {
$logged_in_uname = $_SESSION['authUser'];
} else {
$logged_in_uname = '';
}
$can_edit = false;
if (pnSecAuthAction(0, 'PostCalendar::', '::', ACCESS_ADD) && validateGroupStatus($logged_in_uname, getUsername($event['uname']))) {
$user_edit_url = pnModURL(__POSTCALENDAR__, 'user', 'submit', array('pc_event_id' => $eid));
$user_delete_url = pnModURL(__POSTCALENDAR__, 'user', 'delete', array('pc_event_id' => $eid));
$can_edit = true;
}
$tpl->assign('STYLE', $GLOBALS['style']);
$tpl->assign_by_ref('ADMIN_TARGET', $target);
$tpl->assign_by_ref('ADMIN_EDIT', $admin_edit_url);
$tpl->assign_by_ref('ADMIN_DELETE', $admin_delete_url);
$tpl->assign_by_ref('USER_TARGET', $target);
$tpl->assign_by_ref('USER_EDIT', $user_edit_url);
$tpl->assign_by_ref('USER_DELETE', $user_delete_url);
$tpl->assign_by_ref('USER_CAN_EDIT', $can_edit);
}
//=================================================================
// Parse the template
//=================================================================
if ($popup != 1 && $print != 1) {
$output = "\n\n<!-- START POSTCALENDAR OUTPUT [-: HTTP://POSTCALENDAR.TV :-] -->\n\n";
$output .= $tpl->fetch($template, $cacheid);
$output .= "\n\n<!-- END POSTCALENDAR OUTPUT [-: HTTP://POSTCALENDAR.TV :-] -->\n\n";
} else {
$theme = pnUserGetTheme();
echo "<html><head>";
echo "<LINK REL=\"StyleSheet\" HREF=\"themes/{$theme}/style/styleNN.css\" TYPE=\"text/css\">\n\n\n";
echo "<style type=\"text/css\">\n";
echo "@import url(\"themes/{$theme}/style/style.css\"); ";
echo "</style>\n";
echo "</head><body>\n";
$tpl->display($template, $cacheid);
echo postcalendar_footer();
echo "\n</body></html>";
session_write_close();
exit;
}
return $output;
}
/**
* postcalendar_userapi_pcQueryEvents
* INPUT
* $args = Array of values possibly containing:
* $provider_id = array of provider ID numbers
*
* Returns an array containing the event's information
* @params array(key=>value)
* @params string key eventstatus
* @params int value -1 == hidden ; 0 == queued ; 1 == approved
* @return array $events[][]
*/
function &postcalendar_userapi_pcQueryEvents($args)
{
$end = '0000-00-00';
extract($args);
// echo "<!-- args = "; print_r($args); echo " -->\n"; // debugging
// $pc_username = pnVarCleanFromInput('pc_username');
$pc_username = $_SESSION['pc_username'];
// from Michael Brinson 2006-09-19
if (empty($pc_username) || is_array($pc_username)) {
$pc_username = "******";
}
//echo "DEBUG pc_username: $pc_username \n"; // debugging
$topic = pnVarCleanFromInput('pc_topic');
$category = pnVarCleanFromInput('pc_category');
if (!empty($pc_username) && strtolower($pc_username) != 'anonymous') {
if ($pc_username == '__PC_ALL__' || $pc_username == -1) {
$ruserid = -1;
} else {
$ruserid = getIDfromUser($pc_username);
}
}
if (!isset($eventstatus)) {
$eventstatus = 1;
}
// sanity check on eventstatus
if ((int) $eventstatus < -1 || (int) $eventstatus > 1) {
$eventstatus = 1;
}
if (!isset($start)) {
$start = Date_Calc::dateNow('%Y-%m-%d');
}
list($sy, $sm, $sd) = explode('-', $start);
list($dbconn) = pnDBGetConn();
$pntable = pnDBGetTables();
// link to the events tables
$table = $pntable['postcalendar_events'];
$cattable = $pntable['postcalendar_categories'];
$topictable = $pntable['postcalendar_topics'];
$sql = "SELECT DISTINCT a.pc_eid, a.pc_informant, a.pc_catid, " . "a.pc_title, a.pc_time, a.pc_hometext, a.pc_eventDate, a.pc_duration, " . "a.pc_endDate, a.pc_startTime, a.pc_recurrtype, a.pc_recurrfreq, " . "a.pc_recurrspec, a.pc_topic, a.pc_alldayevent, a.pc_location, " . "a.pc_conttel, a.pc_contname, a.pc_contemail, a.pc_website, a.pc_fee, " . "a.pc_sharing, a.pc_prefcatid, b.pc_catcolor, b.pc_catname, " . "b.pc_catdesc, a.pc_pid, a.pc_apptstatus, a.pc_aid, " . "concat(u.fname,' ',u.lname) as provider_name, " . "concat(pd.lname,', ',pd.fname) as patient_name, " . "concat(u2.fname, ' ', u2.lname) as owner_name, " . "DOB as patient_dob, a.pc_facility, pd.pubpid " . "FROM ( {$table} AS a ) " . "LEFT JOIN {$cattable} AS b ON b.pc_catid = a.pc_catid " . "LEFT JOIN users as u ON a.pc_aid = u.id " . "LEFT JOIN users as u2 ON a.pc_aid = u2.id " . "LEFT JOIN patient_data as pd ON a.pc_pid = pd.pid " . "WHERE a.pc_eventstatus = {$eventstatus} " . "AND ((a.pc_endDate >= '{$start}' AND a.pc_eventDate <= '{$end}') OR " . "(a.pc_endDate = '0000-00-00' AND a.pc_eventDate >= '{$start}' AND " . "a.pc_eventDate <= '{$end}')) ";
//==================================
//FACILITY FILTERING (lemonsoftware)(CHEMED)
if ($_SESSION['pc_facility']) {
$pc_facility = $_SESSION['pc_facility'];
$sql .= " AND a.pc_facility = {$pc_facility} ";
/*
AND u.facility_id = $pc_facility
AND u2.facility_id = $pc_facility "; */
} else {
if ($pc_facility) {
// pc_facility could be provided in the search arguments -- JRM March 2008
$sql .= " AND a.pc_facility = {$pc_facility} ";
/*.
" AND u.facility_id = $pc_facility".
" AND u2.facility_id = $pc_facility "; */
}
}
//EOS FACILITY FILTERING (lemonsoftware)
//==================================
// The above 3 lines replaced these:
// AND (a.pc_endDate >= '$start' OR a.pc_endDate = '0000-00-00')
// AND a.pc_eventDate <= '$end' ";
if (!empty($providerID)) {
$ruserid = $providerID;
}
// eliminate ruserid if we're trying to query by provider_id -- JRM
if (!empty($provider_id)) {
unset($ruserid);
}
if (isset($ruserid)) {
// get all events for the specified username
if ($ruserid == -1) {
$sql .= "AND (a.pc_sharing = '" . SHARING_BUSY . "' ";
$sql .= "OR a.pc_sharing = '" . SHARING_PUBLIC . "') ";
} else {
$sql .= "AND a.pc_aid IN (0, " . $ruserid . ") ";
}
} elseif (!pnUserLoggedIn()) {
// get all events for anonymous users
$sql .= "AND a.pc_sharing = '" . SHARING_GLOBAL . "' ";
} elseif (!empty($provider_id)) {
// get all events for a variety of provider IDs -- JRM
if ($provider_id[0] != "_ALL_") {
/**add all the events from the clinic provider id = 0*/
$sql .= "AND a.pc_aid in (0," . implode(",", $provider_id) . ") ";
}
} else {
// get all events for logged in user plus global events
$sql .= "AND (a.pc_aid IN (0," . $_SESSION['authUserID'] . ") OR a.pc_sharing = '" . SHARING_GLOBAL . "') ";
}
//======================================================================
// START SEARCH FUNCTIONALITY
//======================================================================
if (!empty($s_keywords)) {
$sql .= "AND ({$s_keywords}) ";
}
if (!empty($s_category)) {
$sql .= "AND ({$s_category}) ";
}
if (!empty($s_topic)) {
$sql .= "AND ({$s_topic}) ";
}
if (!empty($category)) {
$sql .= "AND (a.pc_catid = '" . pnVarPrepForStore($category) . "') ";
}
if (!empty($topic)) {
$sql .= "AND (a.pc_topic = '" . pnVarPrepForStore($topic) . "') ";
}
//======================================================================
// Search sort and limitation
//======================================================================
if (empty($sort)) {
$sql .= "GROUP BY a.pc_eid ORDER BY a.pc_time DESC";
} else {
$sql .= "GROUP BY a.pc_eid ORDER BY a.{$sort}";
}
//======================================================================
// END SEARCH FUNCTIONALITY
//======================================================================
//echo "<br>sq: $sql<br />";
// echo "<!-- " . $sql . " -->\n"; // debugging
$result = $dbconn->Execute($sql);
if ($dbconn->ErrorNo() != 0) {
die($dbconn->ErrorMsg());
}
// put the information into an array for easy access
$events = array();
// return an empty array if we don't have any results
if (!isset($result)) {
return $events;
}
for ($i = 0; !$result->EOF; $result->MoveNext()) {
// WHY are we using an array for intermediate storage??? -- Rod
// get the results from the query
if (isset($tmp)) {
unset($tmp);
}
$tmp = array();
list($tmp['eid'], $tmp['uname'], $tmp['catid'], $tmp['title'], $tmp['time'], $tmp['hometext'], $tmp['eventDate'], $tmp['duration'], $tmp['endDate'], $tmp['startTime'], $tmp['recurrtype'], $tmp['recurrfreq'], $tmp['recurrspec'], $tmp['topic'], $tmp['alldayevent'], $tmp['location'], $tmp['conttel'], $tmp['contname'], $tmp['contemail'], $tmp['website'], $tmp['fee'], $tmp['sharing'], $tmp['prefcatid'], $tmp['catcolor'], $tmp['catname'], $tmp['catdesc'], $tmp['pid'], $tmp['apptstatus'], $tmp['aid'], $tmp['provider_name'], $tmp['patient_name'], $tmp['owner_name'], $tmp['patient_dob'], $tmp['facility'], $tmp['pubpid']) = $result->fields;
// grab the name of the topic
$topicname = pcGetTopicName($tmp['topic']);
// get the user id of event's author
$cuserid = @$nuke_users[strtolower($tmp['uname'])];
// check the current event's permissions
// the user does not have permission to view this event
// if any of the following evaluate as false
if (!pnSecAuthAction(0, 'PostCalendar::Event', "{$tmp['title']}::{$tmp['eid']}", ACCESS_OVERVIEW)) {
continue;
} elseif (!pnSecAuthAction(0, 'PostCalendar::Category', "{$tmp['catname']}::{$tmp['catid']}", ACCESS_OVERVIEW)) {
continue;
} elseif (!pnSecAuthAction(0, 'PostCalendar::User', "{$tmp['uname']}::{$cuserid}", ACCESS_OVERVIEW)) {
continue;
} elseif (!pnSecAuthAction(0, 'PostCalendar::Topic', "{$topicname}::{$tmp['topic']}", ACCESS_OVERVIEW)) {
continue;
} elseif ($tmp['sharing'] == SHARING_PRIVATE && $cuserid != $userid) {
continue;
}
// add event to the array if we passed the permissions check
// this is the common information
$events[$i]['intervals'] = $tmp['duration'] / 60 / $GLOBALS['day_calandar_interval'];
//sets the number of rows this event should span
$events[$i]['eid'] = $tmp['eid'];
$events[$i]['uname'] = $tmp['uname'];
$events[$i]['uid'] = $cuserid;
$events[$i]['catid'] = $tmp['catid'];
$events[$i]['time'] = $tmp['time'];
$events[$i]['eventDate'] = $tmp['eventDate'];
$events[$i]['duration'] = $tmp['duration'];
// there has to be a more intelligent way to do this
@(list($events[$i]['duration_hours'], $dmin) = @explode('.', $tmp['duration'] / 60 / 60));
$events[$i]['duration_minutes'] = substr(sprintf('%.2f', '.' . 60 * ($dmin / 100)), 2, 2);
//''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
$events[$i]['endDate'] = $tmp['endDate'];
$events[$i]['startTime'] = $tmp['startTime'];
$events[$i]['recurrtype'] = $tmp['recurrtype'];
$events[$i]['recurrfreq'] = $tmp['recurrfreq'];
$events[$i]['recurrspec'] = $tmp['recurrspec'];
$events[$i]['topic'] = $tmp['topic'];
$events[$i]['alldayevent'] = $tmp['alldayevent'];
$events[$i]['catcolor'] = $tmp['catcolor'];
// Modified 06-2009 by BM to translate the category if applicable
$events[$i]['catname'] = xl_appt_category($tmp['catname']);
$events[$i]['catdesc'] = $tmp['catdesc'];
$events[$i]['pid'] = $tmp['pid'];
$events[$i]['apptstatus'] = $tmp['apptstatus'];
$events[$i]['pubpid'] = $tmp['pubpid'];
$events[$i]['patient_name'] = $tmp['patient_name'];
$events[$i]['provider_name'] = $tmp['provider_name'];
$events[$i]['owner_name'] = $tmp['owner_name'];
$events[$i]['patient_dob'] = $tmp['patient_dob'];
$events[$i]['patient_age'] = getPatientAge($tmp['patient_dob']);
$events[$i]['facility'] = getFacility($tmp['facility']);
$events[$i]['sharing'] = $tmp['sharing'];
$events[$i]['prefcatid'] = $tmp['prefcatid'];
$events[$i]['aid'] = $tmp['aid'];
$events[$i]['topictext'] = $topicname;
$events[$i]['intervals'] = ceil($tmp['duration'] / 60 / $GLOBALS['calendar_interval']);
if ($events[$i]['intervals'] == 0) {
$events[$i]['intervals'] = 1;
}
// is this a public event to be shown as busy?
if ($tmp['sharing'] == SHARING_BUSY && $cuserid != $userid) {
// make it not display any information
$events[$i]['title'] = _USER_BUSY_TITLE;
$events[$i]['hometext'] = _USER_BUSY_MESSAGE;
$events[$i]['desc'] = _USER_BUSY_MESSAGE;
$events[$i]['conttel'] = '';
$events[$i]['contname'] = '';
$events[$i]['contemail'] = '';
$events[$i]['website'] = '';
$events[$i]['fee'] = '';
$events[$i]['location'] = '';
$events[$i]['street1'] = '';
$events[$i]['street2'] = '';
$events[$i]['city'] = '';
$events[$i]['state'] = '';
$events[$i]['postal'] = '';
} else {
$display_type = substr($tmp['hometext'], 0, 6);
if ($display_type == ':text:') {
$prepFunction = 'pcVarPrepForDisplay';
$tmp['hometext'] = substr($tmp['hometext'], 6);
} elseif ($display_type == ':html:') {
$prepFunction = 'pcVarPrepHTMLDisplay';
$tmp['hometext'] = substr($tmp['hometext'], 6);
} else {
$prepFunction = 'pcVarPrepHTMLDisplay';
}
unset($display_type);
$events[$i]['title'] = $prepFunction($tmp['title']);
$events[$i]['hometext'] = $prepFunction($tmp['hometext']);
$events[$i]['desc'] = $events[$i]['hometext'];
$events[$i]['conttel'] = $prepFunction($tmp['conttel']);
$events[$i]['contname'] = $prepFunction($tmp['contname']);
$events[$i]['contemail'] = $prepFunction($tmp['contemail']);
$events[$i]['website'] = $prepFunction(postcalendar_makeValidURL($tmp['website']));
$events[$i]['fee'] = $prepFunction($tmp['fee']);
$loc = unserialize($tmp['location']);
$events[$i]['location'] = $prepFunction($loc['event_location']);
$events[$i]['street1'] = $prepFunction($loc['event_street1']);
$events[$i]['street2'] = $prepFunction($loc['event_street2']);
$events[$i]['city'] = $prepFunction($loc['event_city']);
$events[$i]['state'] = $prepFunction($loc['event_state']);
$events[$i]['postal'] = $prepFunction($loc['event_postal']);
}
$i++;
}
unset($tmp);
$result->Close();
return $events;
}
