public function allowSchedulePost()
{
if (!Current_User::allow('calendar')) {
return false;
}
if ($this->calendar->schedule->public) {
return Current_User::authorized('calendar', 'edit_public');
} else {
// private schedule
if ($this->calendar->schedule->id) {
// previously created schedule
if ($this->calendar->schedule->user_id == Current_User::getId()) {
return true;
} else {
return Current_User::authorized('calendar', 'edit_private');
}
} else {
// new schedule
if (PHPWS_Settings::get('calendar', 'personal_schedules')) {
return true;
} else {
return false;
}
}
}
}
/**
* Wiki for phpWebSite
*
* See docs/CREDITS for copyright information
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*
* @package Wiki
* @author Greg Meiste <*****@*****.**>
*/
function wiki_install(&$content)
{
PHPWS_Core::initModClass('wiki', 'WikiManager.php');
PHPWS_Core::initModClass('wiki', 'WikiPage.php');
PHPWS_Core::initModClass('version', 'Version.php');
// Adding pages that ship with the module
if (file_exists(PHPWS_SOURCE_DIR . 'mod/wiki/boost/frontpage.txt')) {
$frontpage = new WikiPage('FrontPage');
$frontpage->setPagetext(implode('', file(PHPWS_SOURCE_DIR . 'mod/wiki/boost/frontpage.txt')));
$frontpage->setOwnerId(Current_User::getId());
$frontpage->setEditorId(Current_User::getId());
$frontpage->setCreated(mktime());
$frontpage->setUpdated(mktime());
$frontpage->setComment('Provided by Wiki install');
$frontpage->save();
$version1 = new Version('wiki_pages');
$version1->setSource($frontpage);
$version1->setApproved(1);
$version1->save();
}
if (file_exists(PHPWS_SOURCE_DIR . 'mod/wiki/boost/samplepage.txt')) {
$samplepage = new WikiPage('SamplePage');
$samplepage->setPagetext(implode('', file(PHPWS_SOURCE_DIR . 'mod/wiki/boost/samplepage.txt')));
$samplepage->setOwnerId(Current_User::getId());
$samplepage->setEditorId(Current_User::getId());
$samplepage->setCreated(mktime());
$samplepage->setUpdated(mktime());
$samplepage->setComment('Provided by Wiki install');
$samplepage->allow_edit = 0;
$samplepage->save();
$version2 = new Version('wiki_pages');
$version2->setSource($samplepage);
$version2->setApproved(1);
$version2->save();
}
if (file_exists(PHPWS_SOURCE_DIR . 'mod/wiki/boost/sandbox.txt')) {
$sandbox = new WikiPage('WikiSandBox');
$sandbox->setPagetext(implode('', file(PHPWS_SOURCE_DIR . 'mod/wiki/boost/sandbox.txt')));
$sandbox->setOwnerId(Current_User::getId());
$sandbox->setEditorId(Current_User::getId());
$sandbox->setCreated(mktime());
$sandbox->setUpdated(mktime());
$sandbox->setComment('Provided by Wiki install');
$sandbox->save();
$version3 = new Version('wiki_pages');
$version3->setSource($sandbox);
$version3->setApproved(1);
$version3->save();
}
// Adding first interwiki link
PHPWS_Core::initModClass('wiki', 'InterWiki.php');
$interwiki = new InterWiki();
$interwiki->setLabel('Wikipedia');
$interwiki->setUrl('http://en.wikipedia.org/wiki/%s');
$interwiki->save(FALSE);
return TRUE;
}
public function stamp()
{
$now = time();
if (!$this->id) {
$this->added_on =& $now;
$this->added_by = Current_User::getId();
}
$this->updated_on =& $now;
$this->updated_by = Current_User::getId();
}
public function post(\Request $request)
{
$factory = new Factory();
$view = new \View\JsonView(array('success' => true));
$response = new \Response($view);
if (!$request->isVar('command')) {
throw new \Exception('Bad command');
}
switch ($request->getVar('command')) {
case 'createNewAccount':
$factory->postNewStudent(\Current_User::getId());
\PHPWS_Core::reroute('tailgate/');
break;
}
return $response;
}
public static function getCurrentStudent()
{
return self::getByUserId(\Current_User::getId());
}
public function view()
{
\Layout::addStyle('properties', 'view.css');
$tpl = $this->getBaseTpl();
$tpl['BEDROOMS'] = $this->share_bedroom ? 'Yes' : 'No';
$tpl['BATHROOMS'] = $this->share_bathroom ? 'Yes' : 'No';
$tpl['SMOKING'] = $this->getSmoking();
if ($this->pets_allowed) {
$tpl['PETS_ALLOWED'] = 'Yes';
} else {
$tpl['PETS_ALLOWED'] = 'No';
}
$tpl['DESCRIPTION'] = $this->getDescription();
$tpl['TV_TYPE'] = $this->getTvType();
$tpl['GENDER'] = $this->getGender();
javascriptMod('properties', 'contact');
if (\Current_User::isLogged()) {
if (\Current_User::getId() == $this->id) {
$purge = $this->getTimeout();
$tpl['EMAIL'] = '<a href="index.php?module=properties&rop=edit">Update my request</a> |
<a href="index.php?module=properties&rop=timeout">Update my cut-off date (' . $purge . ')</a>';
} else {
$tpl['EMAIL'] = sprintf('<a style="cursor : pointer" class="message" id="%s">Contact this renter</a>', $this->id);
}
} else {
$tpl['EMAIL'] = sprintf('<a href="%s">Login to contact this renter</a>', Base::loginLink());
}
return \PHPWS_Template::process($tpl, 'properties', 'roommate_view.tpl');
}
function view()
{
$tags = array();
$tags['MENU'] = $this->menu();
$tags['PAGETEXT'] = $this->getPagetext();
$tags['MESSAGE'] = sprintf(dgettext('wiki', 'Revision as of %s'), $this->getUpdated());
if (PHPWS_Settings::get('wiki', 'show_modified_info')) {
$editor = $this->getEditor();
if (Current_User::isLogged() && Current_User::getId() != $this->getEditorId()) {
PHPWS_Core::initModClass('notes', 'My_Page.php');
PHPWS_Core::initModClass('notes', 'Note_Item.php');
$editor = str_replace(dgettext('wiki', 'Send note'), $editor, Note_Item::sendLink($this->getEditorId()));
}
$tags['UPDATED_INFO'] = sprintf(dgettext('wiki', 'Last modified %1$s by %2$s'), $this->getUpdated(), $editor);
}
if (PHPWS_Settings::get('wiki', 'add_to_title')) {
Layout::addPageTitle($this->getTitle());
}
return PHPWS_Template::process($tags, 'wiki', 'view.tpl');
}
public function loadCurrentStaff()
{
PHPWS_Core::initModClass('checkin', 'Staff.php');
if (empty($this->current_staff)) {
$db = new PHPWS_DB('checkin_staff');
$db->addWhere('user_id', Current_User::getId());
$db->addColumn('id');
$id = $db->select('one');
$staff = new Checkin_Staff($id);
if ($staff->id) {
$this->current_staff =& $staff;
}
}
}
function doMove()
{
if (!Current_User::authorized('wiki', 'edit_page') && !(PHPWS_Settings::get('wiki', 'allow_page_edit') && Current_User::isLogged()) || !$this->allow_edit) {
Current_User::disallow(dgettext('wiki', 'User attempted to execute a wiki page move.'));
return;
}
if (strlen($_POST['newpage']) == 0) {
WikiManager::sendMessage(dgettext('wiki', 'Please supply a new page title'), array('page_op' => 'move', 'page' => $this->getTitle(FALSE)));
}
$db = new PHPWS_DB('wiki_pages');
$db->addWhere('title', $_POST['newpage']);
$result = $db->select();
if ($result != NULL) {
WikiManager::sendMessage(dgettext('wiki', 'Page with that name already exists!'), array('page_op' => 'move', 'page' => $this->getTitle(FALSE)));
}
$this->setTitle($_POST['newpage']);
$db->reset();
$db->saveObject($this);
$db2 = new PHPWS_DB('wiki_pages_version');
$db2->addWhere('title', $_POST['page']);
$db2->addValue('title', $this->getTitle(FALSE));
$db2->update();
$db3 = new PHPWS_DB('phpws_key');
$db3->addWhere('item_id', $this->getId());
$db3->addWhere('module', 'wiki');
$db3->addValue('title', $this->getTitle());
$db3->addValue('url', (MOD_REWRITE_ENABLED ? 'wiki/' : 'index.php?module=wiki&page=') . $this->getTitle(FALSE));
$db3->update();
// Create redirect page
$redirect = new WikiPage($_POST['page']);
$redirect->setPagetext(sprintf(dgettext('wiki', 'This page has moved to %s. Please modify links to point to the new location.'), $this->getTitle(FALSE)));
$redirect->setOwnerId(Current_User::getId());
$redirect->setEditorId(Current_User::getId());
$redirect->setCreated(mktime());
$redirect->setUpdated(mktime());
$redirect->setComment(sprintf(dgettext('wiki', 'Moved page to %s.'), $this->getTitle(FALSE)));
$redirect->save();
PHPWS_Core::initModClass('version', 'Version.php');
$version = new Version('wiki_pages');
$version->setSource($redirect);
$version->setApproved(1);
$version->save();
WikiManager::sendMessage(dgettext('wiki', 'Wiki Page Moved!'), array('page' => $this->getTitle(FALSE)), FALSE);
}
private function options()
{
$opt[] = \PHPWS_Text::moduleLink('Create/Edit request', 'properties', array('rop' => 'edit'));
$opt[] = javascript('confirm', array('question' => 'Are you sure you want to clear your roommate request?', 'address' => \PHPWS_Text::linkAddress('properties', array('rop' => 'clear')), 'link' => 'Clear my request', 'title' => 'Clear my request'));
$opt[] = \PHPWS_Text::moduleLink('Extend my deadline', 'properties', array('rop' => 'timeout'));
$db = new \PHPWS_DB('prop_messages');
$db->addWhere('to_user_id', \Current_User::getId());
$db->addOrder('date_sent desc');
$db->addWhere('hidden', 0);
$db->addColumn('id');
$messages = $db->select('col');
if (\PHPWS_Error::isError($messages)) {
\PHPWS_Error::log($messages);
} else {
$opt[] = \PHPWS_Text::moduleLink('Messages (' . count($messages) . ')', 'properties', array('rop' => 'read_messages'));
}
return implode(' | ', $opt);
}
/**
* Sets up the queuer and the timestamp
*/
public function stamp()
{
$this->queued_on = time();
$this->queued_by = Current_User::getId();
}
public function getListAction()
{
$link['action'] = 'admin';
$link['blog_id'] = $this->id;
if (Current_User::allow('blog', 'edit_blog') && Current_User::getId() == $this->author_id || Current_User::allow('blog', 'edit_blog', $this->id, 'entry')) {
$link['command'] = 'edit';
$icon = Icon::show('edit', dgettext('blog', 'Edit blog entry'));
$list[] = PHPWS_Text::secureLink($icon, 'blog', $link);
}
if (Current_User::allow('blog', 'delete_blog')) {
$link['command'] = 'delete';
$confirm_vars['QUESTION'] = dgettext('blog', 'Are you sure you want to permanently delete this blog entry?');
$confirm_vars['ADDRESS'] = PHPWS_Text::linkAddress('blog', $link, true);
$confirm_vars['LINK'] = '<i class="fa fa-trash-o" title="' . dgettext('blog', 'Delete blog entry') . '"></i>';
$list[] = Layout::getJavascript('confirm', $confirm_vars);
}
if (Current_User::isUnrestricted('blog')) {
if ($this->sticky) {
$link['command'] = 'unsticky';
$icon = Icon::show('flag', dgettext('blog', 'Remove from front page'));
$list[] = PHPWS_Text::secureLink($icon, 'blog', $link);
} else {
$link['command'] = 'sticky';
$icon = Icon::show('flag-alt', dgettext('blog', 'Force to front page'));
$list[] = PHPWS_Text::secureLink($icon, 'blog', $link);
}
}
if (isset($list)) {
$response = implode(' ', $list);
} else {
$response = dgettext('blog', 'No action');
}
return $response;
}
/**
* Adds limits to a db select query to only pull items the user
* has permissions to view
*
* Note that BEFORE this is called, the developer should check whether
* the user has ANY rights to edit items in the first place.
* In other words, if Current_User::allow('module', 'edit_permission') == false
* then they shouldn't even use this function. If it is used anyway, a forced negative
* will be added (i.e. where 1 = 0);
* If you wish to add other qualifications, use the $db->addWhere() group 'key_id'
* in your module code.
*
* @modified Eloi George
* @param object db : Database object to modify
* @param string module : Calling module
* @param string edit_permission : Name of the editing permission
* @param string source_table : (optional) Name of the main table being searched
* @param string key_id_column : (optional) Usually "key_id". Only use this if you allow edits where "key_id=0"
* @param string owner_id_column : (optional) Only use this if you allow edits on content created by the user
*/
public static function restrictEdit($db, $module, $edit_permission = null, $source_table = null, $key_id_column = null, $owner_id_column = null)
{
if (Current_User::isDeity()) {
return;
}
// if the user doesn't have rights for the module or subpermissions,
// then we just stymie the whole query
if (!Current_User::allow($module, $edit_permission)) {
$db->setQWhere('1=0');
return;
}
// If the current user has unrestricted rights to edit the item
// linked to this key, no further restrictions are necessary
if (Current_User::isUnrestricted($module)) {
return;
} else {
$db->setDistinct(1);
if (empty($source_table)) {
$source_table = $db->tables[0];
}
if (!empty($key_id_column)) {
$db->addWhere($source_table . '.' . $key_id_column, 0, null, 'or', 'key_1');
}
if (!empty($owner_id_column)) {
$db->addWhere($source_table . '.' . $owner_id_column, Current_User::getId(), null, 'or', 'key_1');
}
$groups = Current_User::getGroups();
if (!empty($groups)) {
$db->addJoin('left', $source_table, 'phpws_key_edit', 'key_id', 'key_id');
$db->addWhere('phpws_key_edit.group_id', $groups, 'in', 'or', 'key_1');
}
return;
}
}
function convertImage($image)
{
PHPWS_Core::initModClass('wiki', 'WikiImage.php');
$newimage = new WikiImage();
$newimage->setOwnerId(Current_User::getId());
$newimage->setCreated($image['created']);
$newimage->setFilename($image['filename']);
$newimage->setSize($image['size']);
$newimage->setType($image['type']);
$newimage->setSummary($image['summary']);
$db = new PHPWS_DB('wiki_images');
$result = $db->saveObject($newimage);
if (PEAR::isError($result)) {
PHPWS_Error::log($result);
return FALSE;
}
if (OLD_WIKI_IMAGES . $image['filename'] != PHPWS_HOME_DIR . 'images/wiki/' . $newimage->getFilename()) {
if (!@copy(OLD_WIKI_IMAGES . $image['filename'], PHPWS_HOME_DIR . 'images/wiki/' . $newimage->getFilename())) {
return FALSE;
}
}
return TRUE;
}
/**
* Save
*
* @author Greg Meiste <*****@*****.**>
*/
function save($do_post = TRUE)
{
if ($do_post) {
if (empty($_POST['label'])) {
return dgettext('wiki', 'Please provide a site name.');
}
if (empty($_POST['url'])) {
return dgettext('wiki', 'Please provide a URL.');
}
$this->setLabel($_POST['label']);
$this->setUrl($_POST['url']);
}
$this->setOwnerId(Current_User::getId());
$this->setEditorId(Current_User::getId());
$this->setCreated(mktime());
$this->setUpdated(mktime());
$db = new PHPWS_DB('wiki_interwiki');
$result = $db->saveObject($this);
if (PEAR::isError($result)) {
PHPWS_Error::log($result);
return dgettext('wiki', 'Error saving link.');
}
return dgettext('wiki', 'Link Saved!');
}
public function checkPermissions($authorized = false)
{
if ($this->public) {
if ($authorized) {
return Current_User::authorized('calendar', 'edit_public', $this->id, 'schedule');
} else {
return Current_User::allow('calendar', 'edit_public', $this->id, 'schedule');
}
} else {
if ($authorized) {
if (Current_User::getAuthKey() == $_REQUEST['authkey'] && $this->user_id == Current_User::getId()) {
return true;
} else {
return Current_User::authorized('calendar', 'edit_private', $this->id, 'schedule');
}
} else {
if ($this->user_id == Current_User::getId()) {
return true;
} else {
return Current_User::allow('calendar', 'edit_private', $this->id, 'schedule');
}
}
}
}
public function getUserTpl()
{
// Don't let a deity change their deity status
// Don't let non-deities change status
if (Current_User::isDeity() && !Current_User::isUser($this->id)) {
if ($this->isDeity()) {
$dvars['QUESTION'] = dgettext('users', 'Are you sure you want to remove deity status?');
$dvars['ADDRESS'] = PHPWS_Text::linkAddress('users', array('action' => 'admin', 'command' => 'mortalize_user', 'user_id' => $this->id), 1);
$dvars['LINK'] = sprintf('<i class="fa fa-cloud" title="%s"></i>', dgettext('users', 'Deity'));
$links[] = javascript('confirm', $dvars);
} else {
$dvars['QUESTION'] = dgettext('users', 'Are you sure you want to deify this user?');
$dvars['ADDRESS'] = PHPWS_Text::linkAddress('users', array('action' => 'admin', 'command' => 'deify_user', 'user_id' => $this->id), 1);
$dvars['LINK'] = sprintf('<i class="fa fa-male" title="%s"></i>', dgettext('users', 'Mortal'));
$links[] = javascript('confirm', $dvars);
}
}
$linkVar['action'] = 'admin';
$linkVar['user_id'] = $this->id;
if ($this->isActive()) {
if (!$this->deity) {
$linkVar['command'] = 'deactivateUser';
$template['ACTIVE'] = PHPWS_Text::secureLink(dgettext('users', 'Yes'), 'users', $linkVar, null, dgettext('users', 'Deactivate this user'));
} else {
$template['ACTIVE'] = dgettext('users', 'Yes');
}
} else {
if (!$this->deity) {
$linkVar['command'] = 'activateUser';
$template['ACTIVE'] = PHPWS_Text::secureLink(dgettext('users', 'No'), 'users', $linkVar, null, dgettext('users', 'Activate this user'));
} else {
$template['ACTIVE'] = dgettext('users', 'No');
}
}
$logged = $this->getLastLogged('%Y/%m/%d %H:%M');
if (empty($logged)) {
$template['LAST_LOGGED'] = dgettext('users', 'Never');
} else {
$template['LAST_LOGGED'] = $logged;
}
$template['EMAIL'] = $this->getEmail(true, true);
$jsvar['QUESTION'] = sprintf(dgettext('users', 'Are you certain you want to delete the user "%s" permanently?'), $this->getUsername());
$link = new PHPWS_Link(null, 'users', array('action' => 'admin', 'command' => 'deleteUser', 'user_id' => $this->id), true);
$link->setSalted();
$jsvar['ADDRESS'] = $link->getAddress();
$jsvar['LINK'] = '<i class="fa fa-trash-o" title="' . dgettext('users', 'Delete user') . '"></i>';
$linkVar['command'] = 'editUser';
$links[] = PHPWS_Text::secureLink('<i class="fa fa-edit"></i>', 'users', $linkVar);
$linkVar['command'] = 'setUserPermissions';
$links[] = PHPWS_Text::secureLink('<i class="fa fa-key" title="' . dgettext('users', 'Permissions') . '"></i>', 'users', $linkVar);
if (!$this->isDeity() && $this->id != Current_User::getId()) {
$links[] = Layout::getJavascript('confirm', $jsvar);
}
$template['ACTIONS'] = implode(' ', $links);
if ($this->deity && !Current_User::isDeity()) {
unset($template['ACTIONS']);
}
return $template;
}
/**
* Save
*
* @author Greg Meiste <*****@*****.**>
*/
function save()
{
if (empty($_POST['summary'])) {
return dgettext('wiki', 'You need to supply a summary.');
}
PHPWS_Core::initModClass('filecabinet', 'Image.php');
$this->setSummary($_POST['summary']);
$this->setOwnerId(Current_User::getId());
$this->setCreated(mktime());
$image = new PHPWS_Image();
$image->setDirectory('images/wiki/');
if (!$image->importPost('filename')) {
if (isset($image->_errors) && sizeof($image->_errors)) {
foreach ($image->_errors as $oError) {
$imageErrors[] = $oError->getMessage();
}
return implode(' ', $imageErrors);
}
return dgettext('wiki', 'Please specify a valid file to upload.');
} else {
$image->setFilename(str_replace(' ', '_', $image->file_name));
if (is_file(PHPWS_HOME_DIR . 'images/wiki/' . $image->file_name)) {
$image->setFilename($this->created . '_' . $image->file_name);
}
if (PHPWS_Error::logIfError($image->write())) {
return dgettext('wiki', 'There was a problem saving your image.');
}
$this->setFilename($image->file_name);
$this->setSize($image->getSize());
$this->setType($image->file_type);
}
$db = new PHPWS_DB('wiki_images');
if (PHPWS_Error::logIfError($db->saveObject($this))) {
@unlink(PHPWS_HOME_DIR . 'images/wiki/' . $this->getFilename());
return dgettext('wiki', 'There was a problem saving your image.');
}
return dgettext('wiki', 'Image Saved!');
}
public static function getSystemDepartments()
{
$user_id = \Current_User::getId();
$permission_db = \Database::getDB();
$permissions_tbl = $permission_db->addTable('systems_permission');
$permissions_tbl->addField('departments');
$permissions_tbl->addField('user_id');
$permissions_tbl->addFieldConditional('user_id', $user_id);
$permission_result = $permission_db->select();
$db = \Database::getDB();
$tbl = $db->addTable('systems_department');
$tbl->addField('id');
$tbl->addField('display_name');
$tbl->addFieldConditional('active', '1');
$tbl->addFieldConditional('id', '1', '!=');
$tbl->addOrderBy('display_name');
if (!empty($permission_result)) {
$dep = $permission_result[0]['departments'];
$deps = explode(':', $dep);
$cond = NULL;
foreach ($deps as $val) {
$tmp_cond = new \Database\Conditional($db, 'id', $val, '=');
if (empty($cond)) {
$cond = $tmp_cond;
} else {
$cond = new \Database\Conditional($db, $cond, $tmp_cond, 'OR');
}
}
$db->addConditional($cond);
}
$result = $db->select();
if (empty($result)) {
return 0;
}
//should be exception
return $result;
}
/**
* Returns a list of schedules according to the user's permissions
*/
public function getScheduleList($mode = 'object')
{
$db = new PHPWS_DB('calendar_schedule');
Key::restrictView($db);
$user_id = Current_User::getId();
if ($user_id) {
// this should always be true, adding just to create another where group
$db->addWhere('id', 0, '>', 'and', 'user_cal0');
$db->addWhere('user_id', $user_id, '=', 'and', 'user_cal1');
$db->addWhere('public', 0, '=', 'and', 'user_cal1');
$db->addWhere('public', 1, '=', 'or', 'user_cal2');
$db->setGroupConj('user_cal1', 'and');
$db->setGroupConj('user_cal2', 'or');
$db->groupIn('user_cal1', 'user_cal0');
$db->groupIn('user_cal2', 'user_cal0');
} else {
$db->addWhere('public', 1);
}
$db->addOrder('title');
switch ($mode) {
case 'object':
return $db->getObjects('Calendar_Schedule');
break;
case 'brief':
$db->addColumn('id');
$db->addColumn('title');
$db->setIndexBy('id');
return $db->select('col');
break;
}
}
public static function giveItemPermission($key)
{
$result = Users_Permission::giveItemPermission(Current_User::getId(), $key);
$_SESSION['User']->loadUserGroups();
$_SESSION['User']->loadPermissions();
}
