$GLOBALS['TODAYCELLBG'] = $s['TODAYCELLBG'];
$GLOBALS['WEEKENDBG'] = $s['WEEKENDBG'];
$GLOBALS['WEEKNUMBER'] = $s['WEEKNUMBER'];
if ($prad || access_can_access_function(ACCESS_DAY, $user)) {
$choices[] = 'day.php';
$choices_text[] = translate('Day');
}
if ($prad || access_can_access_function(ACCESS_WEEK, $user)) {
$choices[] = 'week.php';
$choices_text[] = translate('Week');
}
if ($prad || access_can_access_function(ACCESS_MONTH, $user)) {
$choices[] = 'month.php';
$choices_text[] = translate('Month');
}
if ($prad || access_can_access_function(ACCESS_YEAR, $user)) {
$choices[] = 'year.php';
$choices_text[] = translate('Year');
}
// .
// This should be easier to add more tabs if needed.
if ($prad) {
$tabs_ar = array('settings', '', translate('Settings'), 'public', '', translate('Public Access'), 'uac', '', translate('User Access Control'), 'groups', '', translate('Groups'), 'nonuser', '', translate('NonUser Calendars'), 'other', '', translate('Other'), 'email', '', translate('Email'), 'colors', '', translate('Colors'));
} else {
$tabs_ar = array('settings', '', translate('Settings'));
if ($ALLOW_USER_THEMES == 'Y' || $is_admin) {
$tabs_ar[] = 'themes';
$tabs_ar[] = '';
$tabs_ar[] = translate('Themes');
}
if ($SEND_EMAIL == 'Y') {
}
$choices = array();
$choices_text = array();
if (access_can_access_function(ACCESS_DAY, $user)) {
$choices[] = 'day.php';
$choices_text[] = translate('Day');
}
if (access_can_access_function(ACCESS_WEEK, $user)) {
$choices[] = 'week.php';
$choices_text[] = translate('Week');
}
if (access_can_access_function(ACCESS_MONTH, $user)) {
$choices[] = 'month.php';
$choices_text[] = translate('Month');
}
if (access_can_access_function(ACCESS_YEAR, $user)) {
$choices[] = 'year.php';
$choices_text[] = translate('Year');
}
for ($i = 0, $cnt = count($choices); $i < $cnt; $i++) {
echo '<option value="' . $choices[$i] . '" ';
if ($prefarray['STARTVIEW'] == $choices[$i]) {
echo $selected;
}
echo ' >' . htmlspecialchars($choices_text[$i]) . "</option>\n";
}
// Allow user to select a view also
for ($i = 0, $cnt = count($views); $i < $cnt; $i++) {
if ($views[$i]['cal_owner'] != $user && $views[$i]['cal_is_global'] != 'Y') {
continue;
}
<?php
/* $Id: month.php,v 1.95.2.9 2010/08/15 18:54:34 cknudsen Exp $ */
include_once 'includes/init.php';
//check UAC
if (!access_can_access_function(ACCESS_MONTH) || !empty($user) && !access_user_calendar('view', $user)) {
send_to_preferred_view();
}
if ($user != $login && $is_nonuser_admin) {
load_user_layers($user);
} else {
if (empty($user)) {
load_user_layers();
}
}
$cat_id = getValue('cat_id', '-?[0-9,\\-]*', true);
load_user_categories();
$next = mktime(0, 0, 0, $thismonth + 1, 1, $thisyear);
$nextYmd = date('Ymd', $next);
$nextyear = substr($nextYmd, 0, 4);
$nextmonth = substr($nextYmd, 4, 2);
$prev = mktime(0, 0, 0, $thismonth - 1, 1, $thisyear);
$prevYmd = date('Ymd', $prev);
$prevyear = substr($prevYmd, 0, 4);
$prevmonth = substr($prevYmd, 4, 2);
if ($BOLD_DAYS_IN_YEAR == 'Y') {
$boldDays = true;
$startdate = mktime(0, 0, 0, $prevmonth, 0, $prevyear);
$enddate = mktime(23, 59, 59, $nextmonth + 1, 0, $nextyear);
} else {
$boldDays = false;
if (empty($login) || $login != $_SERVER['PHP_AUTH_USER']) {
$_SERVER['PHP_AUTH_PW'] = $_SERVER['PHP_AUTH_USER'] = '';
unset($_SERVER['PHP_AUTH_USER']);
unset($_SERVER['PHP_AUTH_PW']);
header('WWW-Authenticate: Basic realm="' . $appStr . '"');
header('HTTP/1.0 401 Unauthorized');
exit;
}
}
load_global_settings();
load_user_preferences();
$WebCalendar->setLanguage();
// Load user name, etc.
user_load_variables($login, '');
// Make sure the have privileges to access the activity log
if (!$is_admin || access_is_enabled() && !access_can_access_function(ACCESS_ACTIVITY_LOG)) {
die_miserable_death(print_not_auth(2));
}
$charset = empty($LANGUAGE) ? 'iso-8859-1' : translate('charset');
// This should work ok with RSS, may need to hardcode fallback value.
$lang = languageToAbbrev($LANGUAGE == 'Browser-defined' || $LANGUAGE == 'none' ? $lang : $LANGUAGE);
if ($lang == 'en') {
$lang = 'en-us';
}
//the RSS 2.0 default.
$appStr = generate_application_name();
$descr = $appStr . ' - ' . translate('Activity Log');
// header ( 'Content-type: application/rss+xml');
header('Content-type: text/xml');
echo '<?xml version="1.0" encoding="' . $charset . '"?>
<rss version="2.0" xml:lang="' . $lang . '">
$page = get_preferred_view();
if (access_can_view_page($page)) {
send_to_preferred_view();
} else {
// User's preferences need to be updated to their preferred view.
if (access_can_access_function(ACCESS_PREFERENCES)) {
do_redirect('pref.php');
}
// User does not have access to preferences...
// So, we need to pick another page.
if (access_can_access_function(ACCESS_WEEK)) {
do_redirect('week.php');
} elseif (access_can_access_function(ACCESS_MONTH)) {
do_redirect('month.php');
} elseif (access_can_access_function(ACCESS_DAY)) {
do_redirect('day.php');
} elseif (access_can_access_function(ACCESS_YEAR)) {
do_redirect('year.php');
}
// At this point, this user cannot view the preferred view in their
// preferences (and they cannot update their preferences), and they cannot
// view any of the standard day/week/month/year pages. All that's left is a
// custom view that is either created by them or a global view.
if (count($views) > 0) {
do_redirect($views[0]['url']);
}
// No views either? You gotta be kidding me! ;-)
}
} else {
do_redirect('month.php');
}
function load_user_preferences($guest = '')
{
global $ALLOW_COLOR_CUSTOMIZATION, $browser, $DATE_FORMAT, $DATE_FORMAT_MD, $DATE_FORMAT_MY, $DATE_FORMAT_TASK, $has_boss, $is_assistant, $is_nonuser, $is_nonuser_admin, $lang_file, $LANGUAGE, $login, $prefarray, $user, $views;
$browser = get_web_browser();
$browser_lang = get_browser_language();
$colors = array('BGCOLOR' => 1, 'CELLBG' => 1, 'H2COLOR' => 1, 'HASEVENTSBG' => 1, 'MYEVENTS' => 1, 'OTHERMONTHBG' => 1, 'POPUP_BG' => 1, 'POPUP_FG' => 1, 'TABLEBG' => 1, 'TEXTCOLOR' => 1, 'THBG' => 1, 'THFG' => 1, 'TODAYCELLBG' => 1, 'WEEKENDBG' => 1, 'WEEKNUMBER' => 1);
$lang_found = false;
$prefarray = array();
// Allow __public__ pref to be used if logging in or user not validated.
$tmp_login = empty($guest) ? $login : ($guest == 'guest' ? '__public__' : $guest);
$rows = dbi_get_cached_rows('SELECT cal_setting, cal_value
FROM webcal_user_pref WHERE cal_login = ?', array($tmp_login));
if ($rows) {
for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) {
$row = $rows[$i];
$setting = $row[0];
$value = $row[1];
if ($setting == 'LANGUAGE') {
$lang_found = true;
}
if ($ALLOW_COLOR_CUSTOMIZATION == 'N' && isset($colors[$setting])) {
continue;
}
// $sys_setting = 'sys_' . $setting;
// Save system defaults.
if (!empty($GLOBALS[$setting])) {
$GLOBALS['sys_' . $setting] = $GLOBALS[$setting];
}
$GLOBALS[$setting] = $prefarray[$setting] = $value;
}
}
// Set users timezone.
if (isset($GLOBALS['TIMEZONE'])) {
set_env('TZ', $GLOBALS['TIMEZONE']);
}
// Get views for this user and global views.
// If NUC and not authorized by UAC, disallow global views.
$rows = dbi_get_cached_rows('SELECT cal_view_id, cal_name, cal_view_type,
cal_is_global, cal_owner FROM webcal_view WHERE cal_owner = ? ' . ($is_nonuser && (!access_is_enabled() || access_is_enabled() && !access_can_access_function(ACCESS_VIEW, $guest)) ? '' : ' OR cal_is_global = \'Y\' ') . 'ORDER BY cal_name', array($tmp_login));
if ($rows) {
$views = array();
for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) {
$row = $rows[$i];
$url = 'view_';
if ($row[2] == 'E') {
$url .= 'r.php?';
} elseif ($row[2] == 'S') {
$url .= 't.php?';
} elseif ($row[2] == 'T') {
$url .= 't.php?';
} else {
$url .= strtolower($row[2]) . '.php?';
}
$v = array('cal_view_id' => $row[0], 'cal_name' => $row[1], 'cal_view_type' => $row[2], 'cal_is_global' => $row[3], 'cal_owner' => $row[4], 'url' => $url . 'id=' . $row[0]);
$views[] = $v;
}
}
// If user has not set a language preference and admin has not specified a
// language, then use their browser settings to figure it out
// and save it in the database for future use (email reminders).
$lang = 'none';
if (!$lang_found && strlen($tmp_login) && $tmp_login != '__public__') {
if ($LANGUAGE == 'none') {
$lang = $browser_lang;
}
dbi_execute('INSERT INTO webcal_user_pref ( cal_login, cal_setting,
cal_value ) VALUES ( ?, ?, ? )', array($tmp_login, 'LANGUAGE', $lang));
}
reset_language(!empty($LANGUAGE) && $LANGUAGE != 'none' ? $LANGUAGE : $browser_lang);
if (empty($DATE_FORMAT) || $DATE_FORMAT == 'LANGUAGE_DEFINED') {
$DATE_FORMAT = translate('__month__ __dd__, __yyyy__');
}
if (empty($DATE_FORMAT_MY) || $DATE_FORMAT_MY == 'LANGUAGE_DEFINED') {
$DATE_FORMAT_MY = translate('__month__ __yyyy__');
}
if (empty($DATE_FORMAT_MD) || $DATE_FORMAT_MD == 'LANGUAGE_DEFINED') {
$DATE_FORMAT_MD = translate('__month__ __dd__');
}
if (empty($DATE_FORMAT_TASK) || $DATE_FORMAT_TASK == 'LANGUAGE_DEFINED') {
$DATE_FORMAT_TASK = translate('__mm__/__dd__/__yyyy__');
}
$has_boss = user_has_boss($tmp_login);
$is_assistant = empty($user) ? false : user_is_assistant($tmp_login, $user);
$is_nonuser_admin = $user ? user_is_nonuser_admin($tmp_login, $user) : false;
// if ( $is_nonuser_admin ) load_nonuser_preferences ($user);
}
$can_show_log = access_can_access_function(ACCESS_ACTIVITY_LOG);
}
if ($can_show_log) {
$hideActivityStr = translate('Hide activity log');
$showActivityStr = translate('Show activity log');
echo '
<li><a title="' . (!$show_log ? $showActivityStr . '" class="nav" href="view_entry.php?id=' . $id . '&log=1">' . $showActivityStr : $hideActivityStr . '" class="nav" href="view_entry.php?id=' . $id . '">' . $hideActivityStr) . '</a></li>';
}
echo '
</ul>';
if ($can_show_log && $show_log) {
$PAGE_SIZE = 25;
// number of entries to show at once
echo generate_activity_log($id);
}
if (access_can_access_function(ACCESS_EXPORT) && (!$is_private && !$is_confidential || !access_is_enabled()) && !$hide_details) {
$exportStr = translate('Export');
$exportThisStr = translate('Export this entry to');
$palmStr = translate('Palm Pilot');
$selectStr = generate_export_select();
$userStr = !empty($user) ? '<input type="hidden" name="user" value="' . $user . '" />' : '';
echo <<<EOT
<br />
<form method="post" name="exportform" action="export_handler.php">
<label for="exformat">{$exportThisStr}: </label>
{$selectStr}
<input type="hidden" name="id" value="{$id}" />
{$userStr}
<input type="submit" value="{$exportStr}" />
</form>
EOT;
$advanced = getValue('advanced');
if (strlen($keywords) == 0) {
$error = translate('You must enter one or more search keywords') . '.';
}
$matches = 0;
// Determine if this user is allowed to search the calendar of other users
$search_others = false;
// show "Advanced Search"
if ($single_user == 'Y') {
$search_others = false;
}
if ($is_admin) {
$search_others = true;
} else {
if (access_is_enabled()) {
$search_others = access_can_access_function(ACCESS_ADVANCED_SEARCH);
} else {
if ($login != '__public__' && !empty($ALLOW_VIEW_OTHER) && $ALLOW_VIEW_OTHER == 'Y') {
$search_others = true;
} else {
if ($login == '__public__' && !empty($PUBLIC_ACCESS_OTHERS) && $PUBLIC_ACCESS_OTHERS == 'Y') {
$search_others = true;
}
}
}
}
$users = getValue('users');
if (empty($users) || empty($users[0])) {
$search_others = false;
}
// Security precaution -- make sure users listed in participants list
- handles form submittal from edit_user.php
- provides user with confirmation of successful operation
- refreshes the parent frame (users.php)
This structure is mirrored for groups & nonusers
*/
include_once 'includes/init.php';
if (empty($login) || $login == '__public__') {
// Do not allow public access.
do_redirect(empty($STARTVIEW) ? 'month.php' : $STARTVIEW);
exit;
}
$doUser = $doUsers = $doGroups = $doNUCS = false;
$doUser = !access_is_enabled() || access_can_access_function(ACCESS_ACCOUNT_INFO);
$doUsers = $is_admin || access_is_enabled() && access_can_access_function(ACCESS_USER_MANAGEMENT);
$doRemotes = !empty($REMOTES_ENABLED) && $REMOTES_ENABLED == 'Y' && (!access_is_enabled() || access_can_access_function(ACCESS_IMPORT));
if ($is_admin) {
$doGroups = !empty($GROUPS_ENABLED) && $GROUPS_ENABLED == 'Y';
$doNUCS = !empty($NONUSER_ENABLED) && $NONUSER_ENABLED == 'Y';
}
$currenttab = getValue('tab', '^(users|groups|nonusers|remotes||)$', true);
$currenttab = !empty($currenttab) ? $currenttab : 'users';
$BodyX = 'onload="showTab(\'' . $currenttab . '\');"';
print_header(array('js/visible.php', 'js/users.php/true'), '', $BodyX, '', '', true);
$taborder = array('tabfor', 'tabbak', 'tabbak', 'tabbak', 'tabbak');
$i = 0;
ob_start();
echo display_admin_link() . '
<!-- TABS -->
<div id="tabs">' . ($doUser || $doUsers ? '
<span class="' . $taborder[$i++] . '" id="tab_users"><a href="#tabusers" onclick="return ' . 'showTab( \'users\' )">' . ($is_admin ? translate('Users') : translate('Account')) . '</a></span>' : '') . ($doUsers && $doGroups ? '
// don't allow them to create new users if it's not allowed
if (empty($user)) {
// asking to create a new user
if (!$is_admin) {
// must be admin...
if (!access_can_access_function(ACCESS_USER_MANAGEMENT)) {
$error = print_not_auth(15);
}
}
if (!$admin_can_add_user) {
// if adding users is not allowed...
$error = print_not_auth(16);
}
} else {
// User is editing their account info
if (!access_can_access_function(ACCESS_ACCOUNT_INFO)) {
$error = print_not_auth(17);
}
}
$disableCustom = true;
$INC = array('js/edit_user.php/false');
print_header($INC, '', '', $disableCustom, '', true, false);
if (!empty($error)) {
echo print_error($error);
} else {
?>
<table>
<tr><td style="vertical-align:top; width:50%;">
<h2><?php
if (!empty($user)) {
user_load_variables($user, 'u');
if ($is_admin) {
$names[] = translate('Delete Events');
$links[] = 'purge.php';
}
/*
This Activity Log link shows ALL activity for ALL events, so you really need
to be an admin user for this. Enabling "Activity Log" in UAC just gives you
access to the log for your _own_ events or other events you have access to.
*/
if ($is_admin && (!access_is_enabled() || access_can_access_function(ACCESS_ACTIVITY_LOG))) {
$names[] = translate('Activity Log');
$links[] = 'activity_log.php';
$names[] = translate('System Log');
$links[] = 'activity_log.php?system=1';
}
if ($is_admin || !access_is_enabled() || access_is_enabled && access_can_access_function(ACCESS_SECURITY_AUDIT)) {
$names[] = translate('Security Audit');
$links[] = 'security_audit.php';
}
if ($is_admin && !empty($PUBLIC_ACCESS) && $PUBLIC_ACCESS == 'Y') {
$names[] = translate('Public Preferences');
$links[] = 'pref.php?public=1';
}
if ($is_admin && !empty($PUBLIC_ACCESS) && $PUBLIC_ACCESS == 'Y' && $PUBLIC_ACCESS_CAN_ADD == 'Y' && $PUBLIC_ACCESS_ADD_NEEDS_APPROVAL == 'Y') {
$names[] = translate('Unapproved Public Events');
$links[] = 'list_unapproved.php?user=__public__';
}
}
echo '
<h2>' . translate('Administrative Tools') . '</h2>
<table class="admin">';
function print_menu_dates($menu = false)
{
global $cat_id, $CATEGORIES_ENABLED, $custom_view, $DATE_FORMAT_MD, $DATE_FORMAT_MY, $DISPLAY_WEEKENDS, $id, $login, $SCRIPT, $thisday, $thismonth, $thisyear, $user, $WEEK_START;
$goStr = translate('Go');
$ret = $urlArgs = $include_id = '';
// TODO add this to admin and pref.
// Change this value to 'Y' to enable staying in custom views.
$STAY_IN_VIEW = 'N';
$selected = ' selected="selected"';
if ($STAY_IN_VIEW == 'Y' && !empty($custom_view)) {
$include_id = true;
$monthUrl = $SCRIPT;
} else {
if (access_can_view_page('month.php')) {
$monthUrl = 'month.php';
} else {
$monthUrl = $GLOBALS['STARTVIEW'];
if (preg_match('/[?&](\\S+)=(\\S+)/', $monthUrl, $match)) {
$monthUrl = $match[0];
$urlArgs = '
<input type="hidden" name="' . $match[1] . '" value="' . $match[2] . '" />';
}
}
}
if (access_can_access_function(ACCESS_MONTH)) {
$ret .= '
<form action="' . $monthUrl . '" method="get" name="SelectMonth" id="month' . ($menu ? 'menu' : 'form') . '"> ' . $urlArgs . (!empty($user) && $user != $login ? '
<input type="hidden" name="user" value="' . $user . '" />' : '') . (!empty($id) && $include_id ? '
<input type="hidden" name="id" value="' . $id . '" />' : '') . (!empty($cat_id) && $CATEGORIES_ENABLED == 'Y' && (!$user || $user == $login) ? '
<input type="hidden" name="cat_id" value="' . $cat_id . '" />' : '') . '
<label for="monthselect"><a ' . 'href="javascript:document.SelectMonth.submit()">' . translate('Month') . '</a>: </label>
<select name="date" id="monthselect" ' . 'onchange="document.SelectMonth.submit()">';
if (!empty($thisyear) && !empty($thismonth)) {
$m = $thismonth;
$y = $thisyear;
} else {
$m = date('m');
$y = date('Y');
}
$d_time = mktime(0, 0, 0, $m, 1, $y);
$thisdate = date('Ymd', $d_time);
// $y--;
$m -= 7;
for ($i = 0; $i < 25; $i++) {
$m++;
if ($m > 12) {
$m = 1;
$y++;
}
if ($y >= 1970 && $y < 2038) {
$d = mktime(0, 0, 0, $m, 1, $y);
$dateYmd = date('Ymd', $d);
$ret .= '
<option value="' . $dateYmd . '"' . ($dateYmd == $thisdate ? $selected : '') . '>' . date_to_str($dateYmd, $DATE_FORMAT_MY, false, true, 0) . '</option>';
}
}
}
if (access_can_access_function(ACCESS_WEEK)) {
$ret .= '
</select>' . ($menu ? '' : '
<input type="submit" value="' . $goStr . '" />') . '
</form>' . ($menu ? '
</td>
<td class="ThemeMenubackgr ThemeMenu">' : '');
if ($STAY_IN_VIEW == 'Y' && !empty($custom_view)) {
$weekUrl = $SCRIPT;
} else {
if (access_can_view_page('week.php')) {
$urlArgs = '';
$weekUrl = 'week.php';
} else {
$weekUrl = $GLOBALS['STARTVIEW'];
if (preg_match('/[?&](\\S+)=(\\S+)/', $weekUrl, $match)) {
$weekUrl = $match[0];
$urlArgs = '
<input type="hidden" name="' . $match[1] . '" value="' . $match[2] . '" />';
}
}
}
$ret .= '
<form action="' . $weekUrl . '" method="get" name="SelectWeek" id="week' . ($menu ? 'menu' : 'form') . '">' . $urlArgs . (!empty($user) && $user != $login ? '
<input type="hidden" name="user" value="' . $user . '" />' : '') . (!empty($id) && $include_id ? '
<input type="hidden" name="id" value="' . $id . '" />' : '') . (!empty($cat_id) && $CATEGORIES_ENABLED == 'Y' && (!$user || $user == $login) ? '
<input type="hidden" name="cat_id" value="' . $cat_id . '" />' : '') . '
<label for="weekselect"><a ' . 'href="javascript:document.SelectWeek.submit()">' . translate('Week') . '</a>: </label>
<select name="date" id="weekselect" ' . 'onchange="document.SelectWeek.submit()">';
if (!empty($thisyear) && !empty($thismonth)) {
$m = $thismonth;
$y = $thisyear;
} else {
$m = date('m');
$y = date('Y');
}
$d = empty($thisday) ? date('d') : $thisday;
$d_time = mktime(0, 0, 0, $m, $d, $y);
$thisweek = date('W', $d_time);
$wkstart = get_weekday_before($y, $m, $d);
$lastDay = $DISPLAY_WEEKENDS == 'N' ? 4 : 6;
for ($i = -5; $i <= 9; $i++) {
$twkstart = $wkstart + 604800 * $i;
$twkend = $twkstart + 86400 * $lastDay;
$dateSYmd = date('Ymd', $twkstart);
$dateEYmd = date('Ymd', $twkend);
$dateW = date('W', $twkstart + 86400);
if ($twkstart > 0 && $twkend < 2146021200) {
$ret .= '
<option value="' . $dateSYmd . '"' . ($dateW == $thisweek ? $selected : '') . '>' . (!empty($GLOBALS['PULLDOWN_WEEKNUMBER']) && $GLOBALS['PULLDOWN_WEEKNUMBER'] == 'Y' ? '( ' . $dateW . ' ) ' : '') . sprintf("%s - %s", date_to_str($dateSYmd, $DATE_FORMAT_MD, false, true, 0), date_to_str($dateEYmd, $DATE_FORMAT_MD, false, true, 0)) . '</option>';
}
}
}
if (access_can_access_function(ACCESS_YEAR)) {
$ret .= '
</select>' . ($menu ? '' : '
<input type="submit" value="' . $goStr . '" />') . '
</form>' . ($menu ? '
</td>
<td class="ThemeMenubackgr ThemeMenu" align="right">' : '');
if ($STAY_IN_VIEW == 'Y' && !empty($custom_view)) {
$yearUrl = $SCRIPT;
} else {
if (access_can_view_page('year.php')) {
$urlArgs = '';
$yearUrl = 'year.php';
} else {
$yearUrl = $GLOBALS['STARTVIEW'];
if (preg_match('/[?&](\\S+)=(\\S+)/', $yearUrl, $match)) {
$yearUrl = $match[0];
$urlArgs = '
<input type="hidden" name="' . $match[1] . '" value="' . $match[2] . '" />';
}
}
}
$ret .= '
<form action="' . $yearUrl . '" method="get" name="SelectYear" id="year' . ($menu ? 'menu' : 'form') . '">' . $urlArgs . (!empty($user) && $user != $login ? '
<input type="hidden" name="user" value="' . $user . '" />' : '') . (!empty($id) && $include_id ? '
<input type="hidden" name="id" value="' . $id . '" />' : '') . (!empty($cat_id) && $CATEGORIES_ENABLED == 'Y' && (!$user || $user == $login) ? '
<input type="hidden" name="cat_id" value="' . $cat_id . '" />' : '') . '
<label for="yearselect"><a ' . 'href="javascript:document.SelectYear.submit()">' . translate('Year') . '</a>: </label>
<select name="year" id="yearselect" ' . 'onchange="document.SelectYear.submit()">';
$y = empty($thisyear) ? date('Y') : $thisyear;
for ($i = $y - 2; $i < $y + 6; $i++) {
if ($i >= 1970 && $i < 2038) {
$ret .= '
<option value="' . $i . '"' . ($i == $y ? $selected : '') . ">{$i}" . '</option>';
}
}
$ret .= '
</select>' . ($menu ? '' : '
<input type="submit" value="' . $goStr . '" />') . '
</form>';
}
return $ret;
}
}
//modif LCS
if (!access_is_enabled() && $login != '__public__' || access_can_access_function(ACCESS_IMPORT)) {
$help_list['Import EDT'] = 'lcs_help_import.php';
}
if (!access_is_enabled() && $login != '__public__' || access_can_access_function(ACCESS_IMPORT)) {
$help_list['Import masse'] = 'lcs_help_import2.php';
}
//eom
if (!access_is_enabled() && $login != '__public__' || access_can_access_function(ACCESS_PREFERENCES)) {
$help_list['Preferences'] = 'help_pref.php';
}
if (access_is_enabled() && $login != '__public__') {
$help_list['User Access Control'] = 'help_uac.php';
}
if ($is_admin && !access_is_enabled() || access_can_access_function(ACCESS_IMPORT)) {
$help_list['System Settings'] = 'help_admin.php';
}
$help_list['Documentation'] = 'help_docs.php';
$help_list['Report Bug'] = 'help_bug.php';
$helpListStr = '
<div class="helplist">
' . translate('Page') . ': ';
$page = 0;
if (empty($thispage)) {
$thispage = 0;
}
foreach ($help_list as $key => $val) {
$page++;
$helpListStr .= '
<a' . ($page == $thispage ? ' class="current"' : '') . ' title="' . translate($key) . '" href="' . $val . '?thispage=' . $page . '">' . $page . '</a>';
// don't display current $user in group list
if (!empty($user) && $user == $l) {
continue;
}
// Use the preferred view if it is day/week/month/year.php. Try not to
// use a user-created view because it might not display the proper user's
// events. (Fallback to month.php if this is true.) Of course, if this
// user cannot view any of the standard D/W/M/Y pages, that will force us
// to use the view.
$xurl = get_preferred_view('', 'user='******'view_')) {
if (access_can_access_function(ACCESS_MONTH)) {
$xurl = 'month.php?user='******'week.php?user='******'day.php?user='******'s cal.
}
$groups .= ($i > 0 && $groups != '' ? ", \n" : '') . '<a title="' . "{$f}\" href=\"{$xurl}\">{$f}" . '</a>';
}
if (!empty($groups)) {
$tret .= '<br /><span class="prefix">' . translate('Manage calendar of') . ':</span> ' . $groups;
}
}
// WebCalendar Info...
$tret .= '<br /><br />
<a title="' . $GLOBALS['PROGRAM_NAME'] . '" id="programname" href="' . $GLOBALS['PROGRAM_URL'] . '" target="_blank">' . $GLOBALS['PROGRAM_NAME'] . "</a>\n" . '</div></div>
<!-- /TRAILER -->' . "\n";
}
$menuScript = $tmp1_menuScript;
} else {
jscMenu_close();
}
}
// Add Menu Extra if defined.
if (!empty($menuExtras[5])) {
$menuScript .= parse_menu_extras($menuExtras[5]);
}
// Search Menu
if ($search_url != '' && $menuConfig['Search'] && ($login != '__public__' || $OVERRIDE_PUBLIC != 'Y')) {
jscMenu_menu('Search');
$doAdv = false;
if (!empty($menuConfig['Advanced Search'])) {
// Use UAC if enabled...
if (access_is_enabled() && access_can_access_function(ACCESS_ADVANCED_SEARCH)) {
$doAdv = true;
} else {
if (!access_is_enabled() && !$is_nonuser && $login != '__public__') {
$doAdv = true;
}
}
}
if ($doAdv) {
jscMenu_item('search.png', 'Advanced Search', 'search.php?adv=1');
jscMenu_divider();
}
jscMenu_custom('<td class="ThemeMenuItemLeft"><img src="includes/menu/icons' . '/spacer.gif" /></td><td colspan="2"><form action="search_handler.php' . (!empty($user) ? '?users[]=' . $user : '') . '" ' . 'method="post"><input type="text" name="keywords" size="25" /><input ' . 'type="submit" value="' . translate('Search') . '" /></form></td>');
jscMenu_close();
}
// Add Menu Extra if defined.
// This error should get caught before here anyhow,
// so no need to translate this. This is just in case. :-)
$error = 'Invalid characters in login.';
} else {
if (empty($user)) {
// Username cannot be blank. This is currently the only place
// that calls addUser that is located in $user_inc.
$error = $blankUserStr;
} else {
user_add_user($user, $upassword1, $ufirstname, $ulastname, $uemail, $uis_admin, $u_enabled);
activity_log(0, $login, $user, LOG_USER_ADD, "{$ufirstname} {$ulastname}" . (empty($uemail) ? '' : " <{$uemail}>"));
}
}
}
} else {
if (!empty($add) && !access_can_access_function(ACCESS_USER_MANAGEMENT)) {
$error = print_not_auth(15);
} else {
// Don't allow a user to change themself to an admin by setting
// uis_admin in the URL by hand. They must be admin beforehand.
if (!$is_admin) {
$uis_admin = 'N';
}
user_update_user($user, $ufirstname, $ulastname, $uemail, $uis_admin, $uenabled);
activity_log(0, $login, $user, LOG_USER_UPDATE, "{$ufirstname} {$ulastname}" . (empty($uemail) ? '' : " <{$uemail}>"));
}
}
}
}
}
echo error_check('users.php', false);
* @license http://www.gnu.org/licenses/gpl.html GNU GPL
* @version $Id: edit_remotes.php,v 1.17.2.4 2007/11/12 20:47:48 umcesrjones Exp $
* @package WebCalendar
* @subpackage Edit Remotes
*
* Security
* $REMOTES_ENABLED must be enabled under System Settings and if
* if UAC is enabled, then the user must be allowed to ACCESS_IMPORT.
*/
include_once 'includes/init.php';
print_header(array('js/edit_remotes.php/false', 'js/visible.php'), '', '', true);
$error = '';
if (!$NONUSER_PREFIX) {
$error = translate('NONUSER_PREFIX not set');
}
if ($REMOTES_ENABLED != 'Y' || access_is_enabled() && !access_can_access_function(ACCESS_IMPORT)) {
$error = print_not_auth(11);
}
if ($error) {
echo print_error($error) . '
</body>
</html>';
exit;
}
$add = getValue('add');
$nid = getValue('nid');
// Adding/Editing remote calendar.
if (($add == '1' || !empty($nid)) && empty($error)) {
$userlist = get_nonuser_cals($login, true);
if (empty($nid)) {
$id_display = '<input type="text" name="nid" id="nid" size="20" ' . 'maxlength="20" onchange="check_name();" /> ' . translate('word characters only');
