function user_atom() { global $ical_shifts, $user, $DISPLAY_NEWS; if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}\$/", $_REQUEST['key'])) { $key = $_REQUEST['key']; } else { die("Missing key."); } $user = User_by_api_key($key); if ($user === false) { die("Unable to find user."); } if ($user == null) { die("Key invalid."); } if (!in_array('atom', privileges_for_user($user['UID']))) { die("No privilege for atom."); } $news = sql_select("SELECT * FROM `News` " . (empty($_REQUEST['meetings']) ? '' : 'WHERE `Treffen` = 1 ') . "ORDER BY `ID` DESC LIMIT " . sql_escape($DISPLAY_NEWS)); header('Content-Type: application/atom+xml; charset=utf-8'); $html = '<?xml version="1.0" encoding="utf-8"?> <feed xmlns="http://www.w3.org/2005/Atom"> <title>Engelsystem</title> <id>' . $_SERVER['HTTP_HOST'] . htmlspecialchars(preg_replace('#[&?]key=[a-f0-9]{32}#', '', $_SERVER['REQUEST_URI'])) . '</id> <updated>' . date('Y-m-d\\TH:i:sP', $news[0]['Datum']) . "</updated>\n"; foreach ($news as $news_entry) { $html .= " <entry>\n <title>" . htmlspecialchars($news_entry['Betreff']) . "</title>\n <link href=\"" . page_link_to_absolute("news_comments&nid=") . "{$news_entry['ID']}\"/>\n <id>" . preg_replace('#^https?://#', '', page_link_to_absolute("news")) . "-{$news_entry['ID']}</id>\n <updated>" . date('Y-m-d\\TH:i:sP', $news_entry['Datum']) . "</updated>\n <summary type=\"html\">" . htmlspecialchars($news_entry['Text']) . "</summary>\n </entry>\n"; } $html .= "</feed>"; header("Content-Length: " . strlen($html)); echo $html; die; }
function user_ical() { global $ical_shifts, $user; if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}\$/", $_REQUEST['key'])) { $key = $_REQUEST['key']; } else { die("Missing key."); } $user = User_by_api_key($key); if ($user === false) { die("Unable to find user."); } if ($user == null) { die("Key invalid."); } if (!in_array('ical', privileges_for_user($user['UID']))) { die("No privilege for ical."); } if (isset($_REQUEST['export']) && $_REQUEST['export'] == 'user_shifts') { require_once realpath(__DIR__ . '/user_shifts.php'); view_user_shifts(); } else { $ical_shifts = sql_select("\n SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name` as `room_name`\n FROM `ShiftEntry`\n INNER JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)\n JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`)\n INNER JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)\n WHERE `UID`='" . sql_escape($user['UID']) . "'\n ORDER BY `start`"); } header("Content-Type: text/calendar; charset=utf-8"); $html = "BEGIN:VCALENDAR\r\nVERSION:2.0\r\nPRODID:-//-//Engelsystem//DE\r\nCALSCALE:GREGORIAN\r\n"; foreach ($ical_shifts as $shift) { $html .= "BEGIN:VEVENT\r\n"; $html .= "UID:" . md5($shift['start'] . $shift['end'] . $shift['name']) . "\r\n"; $html .= "SUMMARY:" . str_replace("\n", "\\n", $shift['name']) . " (" . str_replace("\n", "\\n", $shift['title']) . ")\r\n"; if (isset($shift['Comment'])) { $html .= "DESCRIPTION:" . str_replace("\n", "\\n", $shift['Comment']) . "\r\n"; } $html .= "DTSTART;TZID=Europe/Berlin:" . date("Ymd\\THis", $shift['start']) . "\r\n"; $html .= "DTEND;TZID=Europe/Berlin:" . date("Ymd\\THis", $shift['end']) . "\r\n"; $html .= "LOCATION:" . $shift['room_name'] . "\r\n"; $html .= "END:VEVENT\r\n"; } $html .= "END:VCALENDAR\r\n"; $html = trim($html, "\n"); header("Content-Length: " . strlen($html)); echo $html; die; }
/** * Created by PhpStorm. * User: matedealer * Date: 3/23/16 * Time: 7:29 PM */ function users_export_controller($type) { if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}\$/", $_REQUEST['key'])) { $key = $_REQUEST['key']; } else { die("Missing key."); } $user = User_by_api_key($key); if ($user === false) { die("Unable to find user."); } if ($user == null) { die("Key invalid."); } if (!in_array('admin_user', privileges_for_user($user['UID']))) { die("No privilege for export users."); } if ($type == 'csv') { export_csv(); } elseif ($type == 'mail') { export_mail(); } }
/** * Export filtered shifts via JSON. * (Like iCal Export or shifts view) */ function shifts_json_export_controller() { global $ical_shifts, $user; if (isset($_REQUEST['key']) && preg_match("/^[0-9a-f]{32}\$/", $_REQUEST['key'])) { $key = $_REQUEST['key']; } else { die("Missing key."); } $user = User_by_api_key($key); if ($user === false) { die("Unable to find user."); } if ($user == null) { die("Key invalid."); } if (!in_array('shifts_json_export', privileges_for_user($user['UID']))) { die("No privilege for shifts_json_export."); } if (isset($_REQUEST['export']) && $_REQUEST['export'] == 'user_shifts') { require_once realpath(__DIR__ . '/../pages/user_shifts.php'); view_user_shifts(); } else { $ical_shifts = sql_select("\n SELECT `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name` as `room_name`\n FROM `ShiftEntry`\n INNER JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`)\n INNER JOIN `ShiftTypes` ON (`Shifts`.`shifttype_id`=`ShiftTypes`.`id`)\n INNER JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`)\n WHERE `UID`='" . sql_escape($user['UID']) . "'\n ORDER BY `start`"); } header("Content-Type: application/json; charset=utf-8"); echo json_encode($ical_shifts); die; }