$user_firstname = getGetValue('firstname'); $user_lastname = getGetValue('lastname'); $user_login = getGetValue('username'); $user_password = getGetValue('password'); // This error should not happen in a properly written client, // so no need to translate it. if (empty($error) && empty($user_login)) { $error = 'Username cannot be blank.'; } // Check for invalid characters in the login. if (empty($error) && addslashes($user_login) != $user_login) { $error = translate('Invalid characters in login'); } // Check to see if username exists... if (empty($error)) { if (user_load_variables($user_login, 'old_')) { // username does already exist... if ($add) { $error = str_replace('XXX', ws_escape_xml($user_login), translate('Username XXX already exists.')); } } else { // username does not already exist... if (!$add || $delete) { $error = str_replace('XXX', ws_escape_xml($user_login), translate('Username XXX does not exist.')); } } } // If adding a user, make sure a password was provided if (empty($error) && $add && empty($user_password)) { $error = translate('You have not entered a password.'); }
} // Make sure they specified a username if (empty($user)) { echo "<?xml version=\"1.0\" encoding=\"utf8\"?>\n<!DOCTYPE html\n PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n \"DTD/xhtml1-transitional.dtd\">\n<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">\n\n <head>\n<title>" . translate("Error") . "</title>\n</head>\n" . "<body>\n<h2>" . translate("Error") . "</h2>\n" . "No user specified.\n</body>\n</html>"; } // Load user preferences (to get the USER_PUBLISH_ENABLED and // DISPLAY_UNAPPROVED setting for this user). $login = $user; load_user_preferences(); if (empty($USER_PUBLISH_ENABLED) || $USER_PUBLISH_ENABLED != 'Y') { header("Content-Type: text/plain"); etranslate("You are not authorized"); exit; } // Load user name, etc. user_load_variables($user, "publish_"); function get_events_for_publish() { global $user; global $DISPLAY_UNAPPROVED; // We exporting repeating events only with the pilot-datebook CSV format $sql = "SELECT webcal_entry.cal_id, webcal_entry.cal_name " . ", webcal_entry.cal_priority, webcal_entry.cal_date " . ", webcal_entry.cal_time " . ", webcal_entry_user.cal_status, webcal_entry.cal_create_by " . ", webcal_entry.cal_access, webcal_entry.cal_duration " . ", webcal_entry.cal_description " . ", webcal_entry_user.cal_category " . "FROM webcal_entry, webcal_entry_user "; $sql .= "WHERE webcal_entry.cal_id = webcal_entry_user.cal_id AND " . "webcal_entry_user.cal_login = '******'"; // Include unapproved events if the user has asked to do so in // their preferences. if ($DISPLAY_UNAPPROVED == "N" || $user == "__public__") { $sql .= " AND webcal_entry_user.cal_status = 'A'"; } else { $sql .= " AND webcal_entry_user.cal_status IN ('W','A')"; } $sql .= " ORDER BY webcal_entry.cal_date";
<?php for ($date = $wkstart, $h = 0; date("Ymd", $date) <= date("Ymd", $wkend); $date += 24 * 3600, $h++) { $wday = strftime("%w", $date); $weekday = weekday_short_name($wday); if (date("Ymd", $date) == date("Ymd", $today)) { echo "<th class=\"today\" style=\"width:{$tdw}%;\">"; } else { echo "<th style=\"width:{$tdw}%;\">"; } echo $weekday . " " . round(date("d", $date)) . "</th>\n"; } echo "</tr>\n"; for ($i = 0; $i < count($viewusers); $i++) { echo "\n<tr>\n"; $user = $viewusers[$i]; user_load_variables($user, "temp"); echo "<th class=\"row\" style=\"width:{$tdw}%;\">{$tempfullname}</th>"; for ($date = $wkstart, $h = 0; date("Ymd", $date) <= date("Ymd", $wkend); $date += 24 * 3600, $h++) { $wday = strftime("%w", $date); if ($wday == 0 || $wday == 6) { echo "<td class=\"weekend\" style=\"width:{$tdw}%;\">"; } else { echo "<td style=\"width:{$tdw}%;\">"; } $events = $e_save[$i]; $repeated_events = $re_save[$i]; if (empty($add_link_in_views) || $add_link_in_views != "N") { echo html_for_add_icon(date("Ymd", $date), "", "", $user); } print_date_entries(date("Ymd", $date), $user, true); echo "</td>";
} $cookie_path = str_replace("login.php", "", $PHP_SELF); //echo "Cookie path: $cookie_path\n"; $out = "<login>\n"; if ($single_user == "Y") { // No login for single-user mode $out .= "<error>No login required for single-user mode</error>\n"; } else { if ($use_http_auth) { // There is no login page when using HTTP authorization $out .= "<error>No login required for HTTP authentication</error>\n"; } else { if (!empty($login) && !empty($password)) { $login = trim($login); if (user_valid_login($login, $password)) { user_load_variables($login, ""); // set login to expire in 365 days srand((double) microtime() * 1000000); $salt = chr(rand(ord('A'), ord('z'))) . chr(rand(ord('A'), ord('z'))); $encoded_login = encode_string($login . "|" . crypt($password, $salt)); //SetCookie ( "webcalendar_session", $encoded_login, 0, $cookie_path ); $out .= " <cookieName>webcalendar_session</cookieName>\n"; $out .= " <cookieValue>{$encoded_login}</cookieValue>\n"; if ($is_admin) { $out .= " <admin>1</admin>\n"; } } else { $out .= " <error>Invalid login</error>\n"; } } }
function build_event_popup($divname, $user, $description, $time) { global $login, $popup_fullnames, $popuptemp_fullname; $ret = "<DIV ID=\"" . $divname . "\" STYLE=\"position: absolute; z-index: 20; visibility: hidden; top: 0px; left: 0px;\">\n" . "<TABLE BORDER=\"0\" WIDTH=\"30%\" CELLPADDING=\"0\" CELLSPACING=\"1\"><TR><TD BGCOLOR=\"" . $GLOBALS["POPUP_FG"] . "\">\n" . "<TABLE BORDER=\"0\" WIDTH=\"100%\" CELLPADDING=\"0\" CELLSPACING=\"1\"><TR><TD BGCOLOR=\"" . $GLOBALS["POPUP_BG"] . "\" CLASS=\"popup\">\n" . "<FONT COLOR=\"" . $GLOBALS["POPUP_FG"] . "\">"; if (empty($popup_fullnames)) { $popup_fullnames = array(); } if ($user != $login) { if (empty($popup_fullnames[$user])) { user_load_variables($user, "popuptemp_"); $popup_fullnames[$user] = $popuptemp_fullname; } $ret .= "<B>" . translate("User") . ":</B> {$popup_fullnames[$user]}<BR>"; } if (strlen($time)) { $ret .= "<B>" . translate("Time") . ":</B> {$time}<BR>"; } $ret .= "<B>" . translate("Description") . ":</B>\n"; $ret .= nl2br(htmlspecialchars($description)); $ret .= "</FONT></TD></TR></TABLE>\n" . "</TD></TR></TABLE>\n" . "</DIV>\n"; return $ret; }
" href="edit_layer.php<?php if ($updating_public) { echo "?public=1"; } ?> "><?php etranslate("Add layer"); ?> </a><br /><br /> <?php $layer_count = 1; if ($layers) { foreach ($layers as $layer) { $layeruser = $layer['cal_layeruser']; user_load_variables($layeruser, "layer"); ?> <span style="font-weight:bold;"><?php etranslate("Layer"); ?> <?php echo $layer_count; ?> </span> (<a title="<?php etranslate("Edit layer"); ?> " href="edit_layer.php?id=<?php echo $layer['cal_layerid'] . $u_url; ?> "><?php
$nouser = translate('No user specified'); // Make sure they specified a username. if (empty($user)) { echo send_doctype($errorStr); echo <<<EOT </head> <body> <h2>{$errorStr}</h2> {$nouser}. </body> </html> EOT; exit; } // Load user preferences (to get the USER_PUBLISH_ENABLED and // DISPLAY_UNAPPROVED setting for this user). $login = $user; load_user_preferences(); if (empty($USER_PUBLISH_ENABLED) || $USER_PUBLISH_ENABLED != 'Y') { header('Content-Type: text/plain'); echo print_not_auth(25); exit; } // Load user name, etc. user_load_variables($user, 'publish_'); // header ( 'Content-Type: text/plain' ); header('Content-Type: text/calendar'); header('Content-Disposition: attachment; filename="' . $user . '.ics"'); $use_all_dates = true; $type = 'publish'; export_ical();
} else { // Check UAC. $can_email = 'Y'; if (access_is_enabled()) { $can_email = access_user_calendar('email', $participants[$i], $login); } // Don't send mail if we are editing a non-user calendar and we are the admin. if (!$is_nonuser_admin && $can_email == 'Y') { // Only send mail if their email address is filled in. $do_send = get_pref_setting($participants[$i], $newevent ? 'EMAIL_EVENT_ADDED' : 'EMAIL_EVENT_UPDATED'); $htmlmail = get_pref_setting($participants[$i], 'EMAIL_HTML'); $t_format = get_pref_setting($participants[$i], 'TIME_FORMAT'); $user_TIMEZONE = get_pref_setting($participants[$i], 'TIMEZONE'); set_env('TZ', $user_TIMEZONE); $user_language = get_pref_setting($participants[$i], 'LANGUAGE'); user_load_variables($participants[$i], 'temp'); if (boss_must_be_notified($login, $participants[$i]) && !empty($tempemail) && $do_send == 'Y' && $send_user_mail && $SEND_EMAIL != 'N') { // We send to creator if they want it. if ($send_own != 'Y' && $participants[$i] == $login) { continue; } reset_language(empty($user_language) || $user_language == 'none' ? $LANGUAGE : $user_language); $fmtdate = $timetype == 'T' ? date('Ymd', $eventstart) : gmdate('Ymd', $eventstart); $msg = str_replace('XXX', $tempfullname, $helloStr) . "\n\n" . str_replace('XXX', $login_fullname, $newevent || empty($old_status[$participants[$i]]) ? $newAppStr : $updAppStr) . "\n" . str_replace('XXX', $name, $subjStr) . "\n\n" . str_replace('XXX', $description, $descStr) . "\n" . str_replace('XXX', date_to_str($fmtdate), $dateStr) . "\n" . ($timetype != 'T' ? '' : str_replace('XXX', display_time('', 2, $eventstart, $t_format), $timeStr) . "\n") . $extra_email_data . str_replace('XXX', generate_application_name(), $REQUIRE_APPROVALS == 'Y' ? translate('Please look on XXX to accept or reject this appointment.') : translate('Please look on XXX to view this appointment.')); // Add URL to event, if we can figure it out. if (!empty($SERVER_URL)) { // DON'T change & to & here. Email will handle it. $url = $SERVER_URL . 'view_entry.php?id=' . $id . '&em=1'; if ($htmlmail == 'Y') { $url = activate_urls($url); }
$WebCalendar->setLanguage(); if (empty($PUBLISH_ENABLED) || $PUBLISH_ENABLED != 'Y') { header('Content-Type: text/plain'); // Mozilla Calendar does not bother showing errors, so they won't see this // error message anyhow... Not sure about Apple iCal or other clients. etranslate('Publishing Disabled (Admin)'); exit; } if (empty($USER_PUBLISH_RW_ENABLED) || $USER_PUBLISH_RW_ENABLED != 'Y') { header('Content-Type: text/plain'); etranslate('Publishing Disabled (User)'); exit; } $prodid = 'Unnamed iCal client'; // Load user name, etc. user_load_variables($login, 'publish_'); function dump_globals() { foreach ($GLOBALS as $K => $V) { do_debug("GLOBALS[{$K}] => " . (strlen($V) < 70 ? $V : '(too long)')); } foreach ($GLOBALS['HTTP_POST_VARS'] as $K => $V) { do_debug("GLOBALS[{$_POST[$K]}] => " . (strlen($V) < 70 ? $V : '(too long)')); } } switch ($_SERVER['REQUEST_METHOD']) { case 'PUT': // do_debug ( "Importing updated remote calendar" ); $calUser = $login; $overwrite = true; $type = 'icalclient';
function TimeMatrix($date, $participants) { global $CELLBG, $TODAYCELLBG, $THFG, $THBG, $TABLEBG; global $user_fullname, $nowYmd, $repeated_events, $events; global $thismonth, $thisday, $thisyear; $increment = 15; $interval = 4; $cell_pix = 6; $participant_pix = '170'; //$interval = (int)(60 / $increment); $first_hour = $GLOBALS["WORK_DAY_START_HOUR"]; $last_hour = $GLOBALS["WORK_DAY_END_HOUR"]; $hours = $last_hour - $first_hour; $cols = $hours * $interval + 1; $total_pix = (int) ($cell_pix * $interval * $hours + $participant_pix); ?> <br /> <table class="matrixd" style="width:<?php echo $total_pix; ?> px;" cellspacing="0" cellpadding="0"> <tr><td class="matrix" colspan="<?php echo $cols; ?> "> <img src="pix.gif" alt="spacer" /> </td></tr> <tr><th style="width:<?php echo $participant_pix; ?> px;"> <?php etranslate("Participants"); ?> </th> <?php $str = ''; $MouseOut = "onmouseout=\"window.status=''; this.style.backgroundColor='" . $CELLBG . "';\""; $CC = 1; for ($i = $first_hour; $i < $last_hour; $i++) { for ($j = 0; $j < $interval; $j++) { $str .= ' <td style="width:' . $cell_pix . 'px;" id="C' . $CC . '" class="dailymatrix" '; switch ($j) { case 0: if ($interval == 4) { $k = $i <= 9 ? '0' : substr($i, 0, 1); } $str .= 'onmousedown="schedule_event(' . $i . ',' . $increment * $j . ");\" onmouseover=\"window.status='Schedule a " . $i . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $i . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">"; $str .= $k . "</td>\n"; break; case 1: if ($interval == 4) { $k = $i <= 9 ? substr($i, 0, 1) : substr($i, 1, 2); } $str .= 'onmousedown="schedule_event(' . $i . ',' . $increment * $j . ");\" onmouseover=\"window.status='Schedule a " . $i . ':' . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $i . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">"; $str .= $k . "</td>\n"; break; default: $str .= 'onmousedown="schedule_event(' . $i . ',' . $increment * $j . ");\" onmouseover=\"window.status='Schedule a " . $i . ':' . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $i . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">"; $str .= " </td>\n"; break; } $CC++; } } echo $str . "</tr>\n<tr><td class=\"matrix\" colspan=\"{$cols}\">\n<img src=\"pix.gif\" alt=\"spacer\" />\n</td></tr>\n"; // Display each participant for ($i = 0; $i < count($participants); $i++) { user_load_variables($participants[$i], "user_"); /* Pre-Load the repeated events for quckier access */ $repeated_events = read_repeated_events($participants[$i], "", $nowYmd); /* Pre-load the non-repeating events for quicker access */ $events = read_events($participants[$i], $nowYmd, $nowYmd); // get all the repeating events for this date and store in array $rep $rep = get_repeating_entries($participants[$i], $nowYmd); // get all the non-repeating events for this date and store in $ev $ev = get_entries($participants[$i], $nowYmd); // combine into a single array for easy processing $ALL = array_merge($rep, $ev); $all_events = array(); // exchange space for to keep from breaking $user_nospace = preg_replace('/\\s/', ' ', $user_fullname); foreach ($ALL as $E) { $E['cal_time'] = sprintf("%06d", $E['cal_time']); $Tmp['START'] = mktime(substr($E['cal_time'], 0, 2), substr($E['cal_time'], 2, 2), 0, $thismonth, $thisday, $thisyear); $Tmp['END'] = $Tmp['START'] + $E['cal_duration'] * 60; $Tmp['ID'] = $E['cal_id']; $all_events[] = $Tmp; } echo "<tr>\n<th class=\"row\" style=\"width:{$participant_pix}px;\">" . $user_nospace . "</th>\n"; $col = 1; for ($j = $first_hour; $j < $last_hour; $j++) { for ($k = 0; $k < $interval; $k++) { $border = $k == '0' ? ' border-left: 1px solid #000000;' : ""; $RC = $CELLBG; $TIME = mktime(sprintf("%02d", $j), $increment * $k, 0, $thismonth, $thisday, $thisyear); $space = " "; foreach ($all_events as $ET) { if ($TIME >= $ET['START'] && $TIME < $ET['END']) { $space = "<a class=\"matrix\" href=\"view_entry.php?id={$ET['ID']}\"><img src=\"pix.gif\" alt=\"spacer\" /></a>"; } } echo "\t<td class=\"matrixappts\" style=\"width:{$cell_pix}px;{$border}\">{$space}</td>\n"; $col++; } } echo "</tr><tr>\n<td class=\"matrix\" colspan=\"{$cols}\"><img src=\"pix.gif\" alt=\"spacer\" /></td></tr>\n"; } // End foreach participant echo "</table>\n"; }
function event_to_text($event, $date) { global $ALLOW_HTML_DESCRIPTION, $event_template, $login, $report_id, $user; $allDayStr = translate('All day event'); $confStr = translate('This event is confidential.'); // translate ( 'Private' ) $privStr = translate('(Private)'); $end_time_str = $start_time_str = $time_str = ''; $tempAllDay = $event->isAllDay(); $tempDurStr = $event->getDuration(); if ($tempAllDay) { $time_str = $allDayStr; } else { if ($event->isUntimed()) { $time_str = translate('Untimed event'); } else { $start_time_str = $time_str = display_time($event->getDateTime()); $time_short = getShortTime($time_str); if ($tempDurStr > 0) { if ($tempAllDay) { $time_str = $allDayStr; } else { $tempEDT = $event->getEndDateTime(); $end_time_str = display_time($tempEDT); $time_str .= ' - ' . display_time($tempEDT); } } } } $name = $event->getName(); $tempAcc = $event->getAccess(); $tempDesc = $event->getDescription(); $tempExtForID = $event->getExtForID(); $tempLog = $event->getLogin(); if ($tempExtForID != '') { $id = $tempExtForID; // translate ( 'cont.' ) $name .= ' ' . translate('(cont.)'); } else { $id = $event->getID(); } if ($tempAcc == 'R') { if ($login != $user && strlen($user) || $login != $tempLog && strlen($tempLog)) { $description_str = $confStr; $name_str = $privStr; } } else { $name_str = htmlspecialchars($name); if (!empty($ALLOW_HTML_DESCRIPTION) && $ALLOW_HTML_DESCRIPTION == 'Y') { $str = str_replace('&', '&', $tempDesc); //fix any broken special characters $str = preg_replace("/&(#[0-9]+|[a-z]+);/i", "&\$1;", $str); $description_str = str_replace('&amp;', '&', $str); if (strstr($description_str, '<') && strstr($description_str, '>')) { // Found some HTML. } else { // No HTML found. Add line breaks. $description_str = nl2br($description_str); } } else { $description_str = nl2br(activate_urls(htmlspecialchars($tempDesc))); } } $date_full_str = date_to_str($date); $date_str = date_to_str($date, '', false); $duration_str = $tempDurStr > 0 ? $tempDurStr . ' ' . translate('minutes') : ''; $temp = $event->getPriority(); $pri_str = $temp > 6 ? translate('Low') : ($temp < 4 ? translate('High') : translate('Medium')); $temp = $event->getStatus(); if ($temp == 'A') { $status_str = translate('Approved'); } elseif ($temp == 'D') { $status_str = translate('Deleted'); } elseif ($temp == 'R') { $status_str = translate('Rejected'); } elseif ($temp == 'W') { $status_str = translate('Waiting for approval'); } else { $status_str = translate('Unknown'); } $location = $event->getLocation(); $url = $event->getUrl(); $href_str = 'view_entry.php?id=' . $id; // Get user's fullname. user_load_variables($tempLog, 'report_'); $fullname = $GLOBALS['report_fullname']; // Replace all variables in the event template. $text = str_replace(array('${date}', '${dateYmd}', '${description}', '${duration}', '${endtime}', '${fulldate}', '${fullname}', '${href}', '${id}', '${location}', '${name}', '${priority}', '${report_id}', '${starttime}', '${time}', '${url}', '${user}'), array($date_str, $date, $description_str, $duration_str, $end_time_str, $date_full_str, $fullname, $href_str, $id, $location, $name_str, $pri_str, $report_id, $start_time_str, $time_str, $url, $tempLog), $event_template); $text = replace_site_extras_in_template($text, format_site_extras(get_site_extra_fields($id), EXTRA_DISPLAY_REPORT)); return $text; }
$fmtdate = $row[1]; $time = sprintf("%06d", $row[2]); dbi_free_result($res); } $eventstart = date_to_epoch($fmtdate . $time); $TIME_FORMAT = 24; for ($i = 0, $cnt = count($partlogin); $i < $cnt; $i++) { // Log the deletion. activity_log($id, $login, $partlogin[$i], $log_delete, ''); // Check UAC. $can_email = access_is_enabled() ? access_user_calendar('email', $partlogin[$i], $login) : false; // Don't email the logged in user. if ($can_email && $partlogin[$i] != $login) { set_env('TZ', get_pref_setting($partlogin[$i], 'TIMEZONE')); $user_language = get_pref_setting($partlogin[$i], 'LANGUAGE'); user_load_variables($partlogin[$i], 'temp'); if (!$is_nonuser_admin && $partlogin[$i] != $login && get_pref_setting($partlogin[$i], 'EMAIL_EVENT_DELETED') == 'Y' && boss_must_be_notified($login, $partlogin[$i]) && !empty($tempemail) && $SEND_EMAIL != 'N') { reset_language(empty($user_language) || $user_language == 'none' ? $LANGUAGE : $user_language); // Use WebCalMailer class. $mail->WC_Send($login_fullname, $tempemail, $tempfullname, $name, str_replace('XXX', $tempfullname, translate('Hello, XXX.')) . ".\n\n" . str_replace('XXX', $login_fullname, translate('XXX has canceled an appointment.')) . "\n" . str_replace('XXX', $name, translate('Subject XXX')) . "\"\n" . str_replace('XXX', date_to_str($thisdate), translate('Date XXX')) . "\n" . (!empty($eventtime) && $eventtime != '-1' ? str_replace('XXX', display_time('', 2, $eventstart, get_pref_setting($partlogin[$i], 'TIME_FORMAT')), translate('Time XXX')) : '') . "\n\n", get_pref_setting($partlogin[$i], 'EMAIL_HTML'), $login_email); } } } // Instead of deleting from the database... // mark it as deleted by setting the status for each participant to "D" // (instead of "A"/Accepted, "W"/Waiting-on-approval or "R"/Rejected). if ($override_repeat) { dbi_execute('INSERT INTO webcal_entry_repeats_not ( cal_id, cal_date, cal_exdate ) VALUES ( ?, ?, ? )', array($id, $date, 1)); // Should we log this to the activity log??? } else {
function list_unapproved($user) { global $eventinfo, $key, $login, $NONUSER_ENABLED, $noret, $temp_fullname; user_load_variables($user, 'temp_'); $rssLink = '<a href="rss_unapproved.php?user='******'"><img src="images/rss.png" width="14" height="14" alt="RSS 2.0 - ' . htmlspecialchars($temp_fullname) . '" border="0"/></a>'; $count = 0; $ret = ''; $sql = 'SELECT we.cal_id, we.cal_name, we.cal_description, weu.cal_login, we.cal_priority, we.cal_date, we.cal_time, we.cal_duration, weu.cal_status, we.cal_type FROM webcal_entry we, webcal_entry_user weu WHERE we.cal_id = weu.cal_id AND weu.cal_login = ? AND weu.cal_status = \'W\' ORDER BY weu.cal_login, we.cal_date'; $rows = dbi_get_cached_rows($sql, array($user)); if ($rows) { $allDayStr = translate('All day event'); $appConStr = translate('Approve/Confirm'); $appSelStr = translate('Approve Selected'); $checkAllStr = translate('Check All'); $deleteStr = translate('Delete'); $emailStr = translate('Emails Will Not Be Sent'); $rejectSelStr = translate('Reject Selected'); $rejectStr = translate('Reject'); $uncheckAllStr = translate('Uncheck All'); $viewStr = translate('View this entry'); for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) { $row = $rows[$i]; $key++; $id = $row[0]; $name = $row[1]; $description = $row[2]; $cal_user = $row[3]; $pri = $row[4]; $date = $row[5]; $time = sprintf("%06d", $row[6]); $duration = $row[7]; $status = $row[8]; $type = $row[9]; $view_link = 'view_entry'; $entryID = 'entry' . $type . $id; $linkid = "pop{$id}-{$key}"; $timestr = ''; if ($time > 0 || $time == 0 && $duration != 1440) { $eventstart = date_to_epoch($date . $time); $eventstop = $eventstart + $duration; $eventdate = date_to_str(date('Ymd', $eventstart)); $timestr = display_time('', 0, $eventstart) . ($duration > 0 ? ' - ' . display_time('', 0, $eventstop) : ''); } else { // Don't shift date if All Day or Untimed. $eventdate = date_to_str($date); // If All Day display in popup. if ($time == 0 && $duration == 1440) { $timestr = $allDayStr; } } $ret .= ($count == 0 ? ' <tr> <td colspan="5"><h3>' . $temp_fullname . ' ' . $rssLink . '</h3></td> </tr>' : '') . ' <tr ' . ($count % 2 == 0 ? '' : 'class="odd"') . '> <td width="5%" align="right"><input type="checkbox" name="' . $entryID . '" value="' . $user . '"/></td> <td><a title="' . $viewStr . '" class="entry" id="' . $linkid . '" href="' . $view_link . '.php?id=' . $id . '&user='******'">' . htmlspecialchars($name) . '</a> (' . $eventdate . '):</td>' . ' <td align="center"><input type="image" src="images/check.gif" title="' . $appConStr . '" onclick="return do_confirm( \'approve\', \'' . $cal_user . '\', \'' . $entryID . '\' );" /></td>' . ' <td align="center"><input type="image" src="images/rejected.gif" title="' . $rejectStr . '" onclick="return do_confirm( \'reject\', \'' . $cal_user . '\', \'' . $entryID . '\' );" /></td>' . (!access_is_enabled() || access_user_calendar('edit', $user) ? ' <td align="center"><input type="image" src="images/delete.png" title="' . $deleteStr . '" onclick="return do_confirm( \'delete\', \'' . $cal_user . '\', \'' . $entryID . '\' );\\" /></td>' : '') . ' </tr>'; $eventinfo .= build_entry_popup('eventinfo-' . $linkid, $cal_user, $description, $timestr, site_extras_for_popup($id)); $count++; } if ($count > 1) { $ret .= ' <tr> <td colspan="5" nowrap="nowrap"> <img src="images/select.gif" border="0" alt="" /> <label><a title="' . $checkAllStr . '" onclick="check_all( \'' . $user . '\' );">' . $checkAllStr . '</a> / <a title="' . $uncheckAllStr . '" onclick="uncheck_all( \'' . $user . '\' );">' . $uncheckAllStr . '</a></label> <input type="image" src="images/check.gif" title="' . $appSelStr . '" onclick="return do_confirm( \'approveSelected\', \'' . $cal_user . '\' );" /> <input type="image" src="images/rejected.gif" title="' . $rejectSelStr . '" onclick="return do_confirm( \'rejectSelected\', \'' . $cal_user . '\' );" /> ( ' . $emailStr . ' ) </td> </tr>'; } } if ($count == 0) { $noret .= ' <tr> <td colspan="5" class="nounapproved">' . str_replace('XXX', $temp_fullname, translate('No unapproved entries for XXX.')) . ' ' . $rssLink . '</td> </tr>'; } return $ret; }
<?php $newgroup = true; $groupname = ""; $groupowner = ""; $groupupdated = ""; if (empty($id)) { $groupname = translate("Unnamed Group"); } else { $newgroup = false; // get group by id $res = dbi_query("SELECT cal_owner, cal_name, cal_last_update, cal_owner " . "FROM webcal_group WHERE cal_group_id = {$id}"); if ($res) { if ($row = dbi_fetch_row($res)) { $groupname = $row[1]; $groupupdated = $row[2]; user_load_variables($row[3], "temp"); $groupowner = $tempfullname; } dbi_fetch_row($res); } } if ($newgroup) { $v = array(); echo "<h2>" . translate("Add Group") . "</h2>\n"; echo "<input type=\"hidden\" name=\"add\" value=\"1\" />\n"; } else { echo "<h2>" . translate("Edit Group") . "</h2>\n"; echo "<input type=\"hidden\" name=\"id\" value=\"{$id}\" />"; } ?>
function list_unapproved($user) { global $temp_fullname, $key, $login; //echo "Listing events for $user <br>"; $sql = "SELECT webcal_entry.cal_id, webcal_entry.cal_name, " . "webcal_entry.cal_description, " . "webcal_entry.cal_priority, webcal_entry.cal_date, " . "webcal_entry.cal_time, webcal_entry.cal_duration, " . "webcal_entry_user.cal_status " . "FROM webcal_entry, webcal_entry_user " . "WHERE webcal_entry.cal_id = webcal_entry_user.cal_id " . "AND ( webcal_entry.cal_ext_for_id IS NULL " . "OR webcal_entry.cal_ext_for_id = 0 ) AND " . "webcal_entry_user.cal_login = '******' AND " . "webcal_entry_user.cal_status = 'W' " . "ORDER BY webcal_entry.cal_date"; $res = dbi_query($sql); $count = 0; $eventinfo = ""; if ($res) { while ($row = dbi_fetch_row($res)) { if ($count == 0) { echo "<ul>\n"; } $key++; $id = $row[0]; $name = $row[1]; $description = $row[2]; $pri = $row[3]; $date = $row[4]; $time = $row[5]; $duration = $row[6]; $status = $row[7]; $divname = "eventinfo-{$id}-{$key}"; echo "<li><a title=\"" . translate("View this entry") . "\" class=\"entry\" href=\"view_entry.php?id={$id}&user={$user}"; echo "\" onmouseover=\"window.status='" . translate("View this entry") . "'; show(event, '{$divname}'); return true;\" onmouseout=\"hide('{$divname}'); return true;\">"; $timestr = ""; if ($time > 0) { $timestr = display_time($time); if ($duration > 0) { // calc end time $h = (int) ($time / 10000); $m = $time / 100 % 100; $m += $duration; $d = $duration; while ($m >= 60) { $h++; $m -= 60; } $end_time = sprintf("%02d%02d00", $h, $m); $timestr .= " - " . display_time($end_time); } } echo htmlspecialchars($name); echo "</a>"; echo " (" . date_to_str($date) . ")\n"; //approve echo ": <a title=\"" . translate("Approve/Confirm") . "\" href=\"approve_entry.php?id={$id}&ret=list&user={$user}"; if ($user == "__public__") { echo "&public=1"; } echo "\" class=\"nav\" onclick=\"return confirm('" . translate("Approve this entry?") . "');\">" . translate("Approve/Confirm") . "</a>, "; //reject echo "<a title=\"" . translate("Reject") . "\" href=\"reject_entry.php?id={$id}&ret=list&user={$user}"; if ($user == "__public__") { echo "&public=1"; } echo "\" class=\"nav\" onclick=\"return confirm('" . translate("Reject this entry?") . "');\">" . translate("Reject") . "</a>"; //delete echo ", <a title=\"" . translate("Delete") . "\" href=\"del_entry.php?id={$id}&ret=list"; if ($user != $login) { echo "&user={$user}"; } echo "\" class=\"nav\" onclick=\"return confirm('" . translate("Are you sure you want to delete this entry?") . "');\">" . translate("Delete") . "</a>"; echo "\n</li>\n"; $eventinfo .= build_event_popup($divname, $user, $description, $timestr, site_extras_for_popup($id)); $count++; } dbi_free_result($res); if ($count > 0) { echo "</ul>\n"; } } if ($count == 0) { user_load_variables($user, "temp_"); echo "<span class=\"nounapproved\">" . translate("No unapproved events for") . " " . $temp_fullname . ".</span>\n"; } else { if (!empty($eventinfo)) { echo $eventinfo; } } }
/** * Draws a daily outlook style availability grid showing events that are * approved and awaiting approval. * * @param string $date Date to show the grid for * @param array $participants Which users should be included in the grid * @param string $popup Not used */ function daily_matrix($date, $participants, $popup = '') { global $CELLBG, $TODAYCELLBG, $THFG, $THBG, $TABLEBG; global $user_fullname, $repeated_events, $events; global $WORK_DAY_START_HOUR, $WORK_DAY_END_HOUR, $TZ_OFFSET, $ignore_offset; $increment = 15; $interval = 4; $participant_pct = '20%'; //use percentage $first_hour = $WORK_DAY_START_HOUR; $last_hour = $WORK_DAY_END_HOUR; $hours = $last_hour - $first_hour; $cols = $hours * $interval + 1; $total_pct = '80%'; $cell_pct = 80 / ($hours * $interval); $master = array(); // Build a master array containing all events for $participants for ($i = 0; $i < count($participants); $i++) { /* Pre-Load the repeated events for quckier access */ $repeated_events = read_repeated_events($participants[$i], "", $date); /* Pre-load the non-repeating events for quicker access */ $events = read_events($participants[$i], $date, $date); // get all the repeating events for this date and store in array $rep $rep = get_repeating_entries($participants[$i], $date); // get all the non-repeating events for this date and store in $ev $ev = get_entries($participants[$i], $date); // combine into a single array for easy processing $ALL = array_merge($rep, $ev); foreach ($ALL as $E) { if ($E['cal_time'] == 0) { $E['cal_time'] = $first_hour . "0000"; $E['cal_duration'] = 60 * ($last_hour - $first_hour); } else { $E['cal_time'] = sprintf("%06d", $E['cal_time']); } $hour = substr($E['cal_time'], 0, 2); $mins = substr($E['cal_time'], 2, 2); // Timezone Offset if (!$ignore_offset) { $hour += $TZ_OFFSET; } while ($hour < 0) { $hour += 24; } while ($hour > 23) { $hour -= 24; } // Make sure hour is 2 digits $hour = sprintf("%02d", $hour); // convert cal_time to slot if ($mins < 15) { $slot = $hour . ''; } elseif ($mins >= 15 && $mins < 30) { $slot = $hour . '.25'; } elseif ($mins >= 30 && $mins < 45) { $slot = $hour . '.5'; } elseif ($mins >= 45) { $slot = $hour . '.75'; } // convert cal_duration to bars $bars = $E['cal_duration'] / $increment; // never replace 'A' with 'W' for ($q = 0; $bars > $q; $q++) { $slot = sprintf("%02.2f", $slot); if (strlen($slot) == 4) { $slot = '0' . $slot; } // add leading zeros $slot = $slot . ''; // convert to a string if (empty($master['_all_'][$slot]) || $master['_all_'][$slot]['stat'] != 'A') { $master['_all_'][$slot]['stat'] = $E['cal_status']; } if (empty($master[$participants[$i]][$slot]) || $master[$participants[$i]][$slot]['stat'] != 'A') { $master[$participants[$i]][$slot]['stat'] = $E['cal_status']; $master[$participants[$i]][$slot]['ID'] = $E['cal_id']; } $slot = $slot + '0.25'; } } } ?> <br /> <table align="center" class="matrixd" style="width:<?php echo $total_pct; ?> ;" cellspacing="0" cellpadding="0"> <tr><td class="matrix" colspan="<?php echo $cols; ?> "></td></tr> <tr><th style="width:<?php echo $participant_pct; ?> ;"> <?php etranslate("Participants"); ?> </th> <?php $str = ''; $MouseOut = "onmouseout=\"window.status=''; this.style.backgroundColor='" . $THBG . "';\""; $CC = 1; for ($i = $first_hour; $i < $last_hour; $i++) { $hour = $i; if ($GLOBALS["TIME_FORMAT"] == "12") { $hour %= 12; if ($hour == 0) { $hour = 12; } } for ($j = 0; $j < $interval; $j++) { $str .= ' <td id="C' . $CC . '" class="dailymatrix" '; $MouseDown = 'onmousedown="schedule_event(' . $i . ',' . sprintf("%02d", $increment * $j) . ');"'; switch ($j) { case 1: if ($interval == 4) { $k = $hour <= 9 ? '0' : substr($hour, 0, 1); } $str .= 'style="width:' . $cell_pct . '%; text-align:right;" ' . $MouseDown . " onmouseover=\"window.status='Schedule a " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">"; $str .= $k . "</td>\n"; break; case 2: if ($interval == 4) { $k = $hour <= 9 ? substr($hour, 0, 1) : substr($hour, 1, 2); } $str .= 'style="width:' . $cell_pct . '%; text-align:left;" ' . $MouseDown . " onmouseover=\"window.status='Schedule a " . $hour . ':' . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">"; $str .= $k . "</td>\n"; break; default: $str .= 'style="width:' . $cell_pct . '%;" ' . $MouseDown . " onmouseover=\"window.status='Schedule a " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . " appointment.'; this.style.backgroundColor='#CCFFCC'; return true;\" " . $MouseOut . " title=\"Schedule an appointment for " . $hour . ':' . ($increment * $j <= 9 ? '0' : '') . $increment * $j . ".\">"; $str .= " </td>\n"; break; } $CC++; } } echo $str . "</tr>\n<tr><td class=\"matrix\" colspan=\"{$cols}\"></td></tr>\n"; // Add user _all_ to beginning of $participants array array_unshift($participants, '_all_'); // Javascript for cells $MouseOver = "onmouseover=\"this.style.backgroundColor='#CCFFCC';\""; $MouseOut = "onmouseout=\"this.style.backgroundColor='" . $CELLBG . "';\""; // Display each participant for ($i = 0; $i < count($participants); $i++) { if ($participants[$i] != '_all_') { // Load full name of user user_load_variables($participants[$i], "user_"); // exchange space for to keep from breaking $user_nospace = preg_replace('/\\s/', ' ', $user_fullname); } else { $user_nospace = translate("All Attendees"); $user_nospace = preg_replace('/\\s/', ' ', $user_nospace); } echo "<tr>\n<th class=\"row\" style=\"width:{$participant_pct};\">" . $user_nospace . "</th>\n"; $col = 1; $viewMsg = translate("View this entry"); // check each timebar for ($j = $first_hour; $j < $last_hour; $j++) { for ($k = 0; $k < $interval; $k++) { $border = $k == '0' ? ' border-left: 1px solid #000000;' : ""; $MouseDown = 'onmousedown="schedule_event(' . $j . ',' . sprintf("%02d", $increment * $k) . ');"'; $RC = $CELLBG; //$space = ''; $space = " "; $r = sprintf("%02d", $j) . '.' . sprintf("%02d", 25 * $k) . ''; if (empty($master[$participants[$i]][$r])) { // ignore this.. } else { if (empty($master[$participants[$i]][$r]['ID'])) { // This is the first line for 'all' users. No event here. $space = "<span class=\"matrix\"><img src=\"pix.gif\" alt=\"\" style=\"height: 8px\" /></span>"; } else { if ($master[$participants[$i]][$r]['stat'] == "A") { $space = "<a class=\"matrix\" href=\"view_entry.php?id={$master[$participants[$i]][$r]['ID']}\"><img src=\"pix.gif\" title=\"{$viewMsg}\" alt=\"{$viewMsg}\" /></a>"; } else { if ($master[$participants[$i]][$r]['stat'] == "W") { $space = "<a class=\"matrix\" href=\"view_entry.php?id={$master[$participants[$i]][$r]['ID']}\"><img src=\"pixb.gif\" title=\"{$viewMsg}\" alt=\"{$viewMsg}\" /></a>"; } } } } echo "<td class=\"matrixappts\" style=\"width:{$cell_pct}%;{$border}\" "; if ($space == " ") { echo "{$MouseDown} {$MouseOver} {$MouseOut}"; } echo ">{$space}</td>\n"; $col++; } } echo "</tr><tr>\n<td class=\"matrix\" colspan=\"{$cols}\">" . "<img src=\"pix.gif\" alt=\"-\" /></td></tr>\n"; } // End foreach participant echo "</table><br />\n"; $busy = translate("Busy"); $tentative = translate("Tentative"); echo "<table align=\"center\"><tr><td class=\"matrixlegend\" >\n"; echo "<img src=\"pix.gif\" title=\"{$busy}\" alt=\"{$busy}\" /> {$busy} \n"; echo "<img src=\"pixb.gif\" title=\"{$tentative}\" alt=\"{$tentative}\" /> {$tentative}\n"; echo "</td></tr></table>\n"; }
function get_default_function_access($page_id, $user) { global $user_is_admin; user_load_variables($user, 'user_'); switch ($page_id) { case ACCESS_ACTIVITY_LOG: case ACCESS_SECURITY_AUDIT: case ACCESS_ADMIN_HOME: case ACCESS_SYSTEM_SETTINGS: case ACCESS_USER_MANAGEMENT: return !empty($user_is_admin) && $user_is_admin == 'Y' ? 'Y' : 'N'; break; default: return 'Y'; break; } }
$events = read_events(!empty($user) && strlen($user) ? $user : $login, $startdate, $enddate, $cat_id); $boldDays = true; $catSelectStr = print_category_menu('year', $thisyear, $cat_id); } // Disable $DISPLAY_ALL_DAYS_IN_MONTH. $DISPLAY_ALL_DAYS_IN_MONTH = 'N'; //Enable empty weekend days to be visible $SHOW_EMPTY_WEEKENDS = true; // Include unapproved events? $get_unapproved = $DISPLAY_UNAPPROVED == 'Y'; $nextStr = translate('Next'); $prevStr = translate('Previous'); $userStr = empty($user) ? '' : '&user='******'N') { if (!empty($user)) { user_load_variables($user, 'user_'); $fullnameStr = $user_fullname; } else { $fullnameStr = $fullname; } } $asstModeStr = $is_assistant ? ' <span class="asstmode">-- ' . translate('Assistant mode') . ' --</span>' : ''; if (empty($friendly)) { $unapprovedStr = display_unapproved_events($is_assistant || $is_nonuser_admin ? $user : $login); $printerStr = generate_printer_friendly('year.php'); } else { $unapprovedStr = $printerStr = ''; } $yr_rows = 3; /* TODO: Move $yr_rows = 3 to webcal_config as default. * Add to webcal_user_prefs for each user.
} else { if ($use_http_auth) { // There is no login page when using HTTP authorization do_redirect('index.php'); } else { if (!empty($login) && !empty($password) && !$logout) { if (get_magic_quotes_gpc()) { $password = stripslashes($password); $login = stripslashes($login); } $login = trim($login); if ($login != addslashes($login)) { die_miserable_death('Illegal characters in login ' . '<tt>' . htmlentities($login) . '</tt>'); } if (user_valid_login($login, $password)) { user_load_variables($login, ''); $encoded_login = encode_string($login . '|' . crypt($password)); // set login to expire in 365 days if (!empty($remember) && $remember == 'yes') { SetCookie('webcalendar_session', $encoded_login, time() + 24 * 3600 * 365, $cookie_path); } else { SetCookie('webcalendar_session', $encoded_login, 0, $cookie_path); } // The cookie "webcalendar_login" is provided as a convenience to // other apps that may wish to find out what the last calendar // login was, so they can use week_ssi.php as a server-side include. // As such, it's not a security risk to have it un-encoded since it // is not used to allow logins within this app. It is used to // load user preferences on the login page (before anyone has // logged in) if $REMEMBER_LAST_LOGIN is set to "Y" (in admin.php). if (!empty($remember) && $remember == 'yes') {
function build_entry_popup($popupid, $user, $description = '', $time, $site_extras = '', $location = '', $name = '', $id = '', $reminder = '') { global $ALLOW_HTML_DESCRIPTION, $DISABLE_POPUPS, $login, $PARTICIPANTS_IN_POPUP, $popup_fullnames, $popuptemp_fullname, $PUBLIC_ACCESS_VIEW_PART, $SUMMARY_LENGTH, $tempfullname; if (!empty($DISABLE_POPUPS) && $DISABLE_POPUPS == 'Y') { return; } // Restrict info if time only set. $details = true; if (function_exists('access_is_enabled') && access_is_enabled() && $user != $login) { $time_only = access_user_calendar('time', $user); $details = $time_only == 'N' ? 1 : 0; } $ret = '<dl id="' . $popupid . '" class="popup">' . "\n"; if (empty($popup_fullnames)) { $popup_fullnames = array(); } $partList = array(); if ($details && $id != '' && !empty($PARTICIPANTS_IN_POPUP) && $PARTICIPANTS_IN_POPUP == 'Y' && !($PUBLIC_ACCESS_VIEW_PART == 'N' && $login == '__public__')) { $rows = dbi_get_cached_rows('SELECT cal_login, cal_status FROM webcal_entry_user WHERE cal_id = ? AND cal_status IN ( \'A\',\'W\' )', array($id)); if ($rows) { for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) { $row = $rows[$i]; $participants[] = $row; } } for ($i = 0, $cnt = count($participants); $i < $cnt; $i++) { user_load_variables($participants[$i][0], 'temp'); $partList[] = $tempfullname . ' ' . ($participants[$i][1] == 'W' ? '(?)' : ''); } $rows = dbi_get_cached_rows('SELECT cal_fullname FROM webcal_entry_ext_user WHERE cal_id = ? ORDER by cal_fullname', array($id)); if ($rows) { $extStr = translate('External User'); for ($i = 0, $cnt = count($rows); $i < $cnt; $i++) { $row = $rows[$i]; $partList[] = $row[0] . ' (' . $extStr . ')'; } } } if ($user != $login) { if (empty($popup_fullnames[$user])) { user_load_variables($user, 'popuptemp_'); $popup_fullnames[$user] = $popuptemp_fullname; } $ret .= '<dt>' . translate('User') . ":</dt>\n<dd>{$popup_fullnames[$user]}</dd>\n"; } $ret .= ($SUMMARY_LENGTH < 80 && strlen($name) && $details ? '<dt>' . htmlspecialchars(substr($name, 0, 40)) . "</dt>\n" : '') . (strlen($time) ? '<dt>' . translate('Time') . ":</dt>\n<dd>{$time}</dd>\n" : '') . (!empty($location) && $details ? '<dt>' . translate('Location') . ":</dt>\n<dd> {$location}</dd>\n" : '') . (!empty($reminder) && $details ? '<dt>' . translate('Send Reminder') . ":</dt>\n<dd> {$reminder}</dd>\n" : ''); if (!empty($partList) && $details) { $ret .= '<dt>' . translate('Participants') . ":</dt>\n"; foreach ($partList as $parts) { $ret .= "<dd> {$parts}</dd>\n"; } } if (!empty($description) && $details) { $ret .= '<dt>' . translate('Description') . ":</dt>\n<dd>"; if (!empty($ALLOW_HTML_DESCRIPTION) && $ALLOW_HTML_DESCRIPTION == 'Y') { // Replace &s and decode special characters. $str = unhtmlentities(str_replace('&amp;', '&', str_replace('&', '&', $description))); // If there is no HTML found, then go ahead and replace // the line breaks ("\n") with the HTML break ("<br />"). $ret .= strstr($str, '<') && strstr($str, '>') ? $str : nl2br($str); } else { // HTML not allowed in description, escape everything. $ret .= nl2br(htmlspecialchars($description)); } $ret .= "</dd>\n"; } //if $description return $ret . (empty($site_extras) ? '' : $site_extras) . "</dl>\n"; }
/* $Id: group_edit.php,v 1.31 2007/07/28 19:21:57 bbannon Exp $ */ include_once 'includes/init.php'; $groupname = $groupowner = $groupupdated = ''; $newgroup = true; if (empty($id)) { $groupname = translate('Unnamed Group'); } else { $newgroup = false; // Get group by id. $res = dbi_execute('SELECT cal_owner, cal_name, cal_last_update, cal_owner FROM webcal_group WHERE cal_group_id = ?', array($id)); if ($res) { if ($row = dbi_fetch_row($res)) { $groupname = $row[1]; $groupupdated = $row[2]; user_load_variables($row[3], 'temp'); $groupowner = $tempfullname; } dbi_fetch_row($res); } } print_header('', '', '', true); ob_start(); echo ' <form action="group_edit_handler.php" method="post"> <h2>'; if ($newgroup) { $v = array(); echo translate('Add Group') . '</h2> <input type="hidden" name="add" value="1'; } else {
function nonuser_load_variables($login, $prefix) { global $error, $nuloadtmp_email; $ret = false; $res = dbi_query("SELECT cal_login, cal_lastname, cal_firstname, " . "cal_admin FROM webcal_nonuser_cals WHERE cal_login = '******'"); if ($res) { while ($row = dbi_fetch_row($res)) { if (strlen($row[1]) || strlen($row[2])) { $fullname = "{$row['2']} {$row['1']}"; } else { $fullname = $row[0]; } // We need the email address for the admin user_load_variables($row[3], 'nuloadtmp_'); $GLOBALS[$prefix . "login"] = $row[0]; $GLOBALS[$prefix . "firstname"] = $row[2]; $GLOBALS[$prefix . "lastname"] = $row[1]; $GLOBALS[$prefix . "fullname"] = $fullname; $GLOBALS[$prefix . "admin"] = $row[3]; $GLOBALS[$prefix . "email"] = $nuloadtmp_email; $ret = true; } dbi_free_result($res); } return $ret; }
} // Get event name $sql = "SELECT cal_name FROM webcal_entry WHERE cal_id = {$id}"; $res = dbi_query($sql); if ($res) { $row = dbi_fetch_row($res); $name = $row[0]; dbi_free_result($res); } // TODO: switch transation language based on user so each user // gets message in their selected language. for ($i = 0; $i < count($partlogin); $i++) { // Log the deletion activity_log($id, $login, $partlogin[$i], $LOG_DELETE, ""); $do_send = get_pref_setting($partlogin[$i], "EMAIL_EVENT_DELETED"); user_load_variables($partlogin[$i], "temp"); if ($partlogin[$i] != $login && $do_send == "Y" && strlen($tempemail) && $send_email != "N") { $msg = translate("Hello") . ", " . $tempfullname . ".\n\n" . translate("An appointment has been canceled for you by") . " " . $login_fullname . ". " . translate("The subject was") . " \"" . $name . "\"\n\n"; if (strlen($login_email)) { $extra_hdrs = "From: {$login_email}\nX-Mailer: " . translate($application_name); } else { $extra_hdrs = "From: {$email_fallback_from}\nX-Mailer: " . translate($application_name); } mail($tempemail, translate($application_name) . " " . translate("Notification") . ": " . $name, html_to_8bits($msg), $extra_hdrs); } } // Instead of deleting from the database... mark it as deleted // by setting the status for each participant to "D" (instead // of "A"/Accepted, "W"/Waiting-on-approval or "R"/Rejected) if ($override_repeat) { dbi_query("INSERT INTO webcal_entry_repeats_not ( cal_id, cal_date ) " . "VALUES ( {$id}, {$date} )");
if (!dbi_query($sql)) { $error = translate("Database error") . ": " . dbi_error(); break; } else { // Don't send mail if we are editing a non-user calendar // and we are the admin if (!$is_nonuser_admin) { $from = $user_email; if (empty($from) && !empty($email_fallback_from)) { $from = $email_fallback_from; } // only send mail if their email address is filled in $do_send = get_pref_setting($participants[$i], $newevent ? "EMAIL_EVENT_ADDED" : "EMAIL_EVENT_UPDATED"); $user_TZ = get_pref_setting($participants[$i], "TZ_OFFSET"); $user_language = get_pref_setting($participants[$i], "LANGUAGE"); user_load_variables($participants[$i], "temp"); if ($participants[$i] != $login && boss_must_be_notified($login, $participants[$i]) && strlen($tempemail) && $do_send == "Y" && $send_user_mail && $send_email != "N") { // Want date/time in user's timezone $user_hour = $hour + $user_TZ; if ($user_hour < 0) { $user_hour += 24; // adjust date $user_date = mktime(3, 0, 0, $month, $day, $year); $user_date -= $ONE_DAY; $user_month = date("m", $date); $user_day = date("d", $date); $user_year = date("Y", $date); } elseif ($user_hour >= 24) { $user_hour -= 24; // adjust date $user_date = mktime(3, 0, 0, $month, $day, $year);
// Since print_date_entries is rather stupid, we can swap the event data // around for users by changing what $events points to. // . $tdw = 12; // Column width percent. echo ' <table class="main"> <tr> <th class="empty"> </th>'; $body = $header = ''; $todayYmd = date('Ymd', $today); for ($i = 0; $i < $viewusercnt; $i++) { $events = $e_save[$i]; $repeated_events = $re_save[$i]; $user = $viewusers[$i]; user_load_variables($user, 'temp'); $body .= ' <tr> <th class="row" style="width:' . $tdw . '%;">' . $tempfullname . '</th>'; for ($date = $wkstart; $date < $wkend; $date += 86400) { $is_weekend = is_weekend($date); if ($is_weekend && $DISPLAY_WEEKENDS == 'N') { continue; } $dateYmd = date('Ymd', $date); $entryStr = print_date_entries($dateYmd, $user, true); $class = ($dateYmd == $todayYmd ? ' class="today"' : (!empty($entryStr) && $entryStr != ' ' ? ' class="hasevents"' : ($is_weekend ? ' class="weekend"' : ''))) . ' style="width:' . $tdw . '%;">'; // . // Build header row. if ($i == 0) { $header .= '
send_http_login(); } } else { if (!empty($login)) { // they are already logged in ($login is set in validate.php) if (strstr($PHP_SELF, "login.php")) { // ignore since login.php will redirect to index.php } else { if ($login == "__public__") { $is_admin = false; $lastname = ""; $firstname = ""; $fullname = "Public Access"; $user_email = ""; } else { user_load_variables($login, "login_"); if (!empty($login_login)) { $is_admin = $login_is_admin == "Y" ? true : false; $lastname = $login_lastname; $firstname = $login_firstname; $fullname = $login_fullname; $user_email = $login_email; } else { // Invalid login if ($use_http_auth) { send_http_login(); } else { // This shouldn't happen since login should be validated in validate.php // If it does happen, it means we received an invalid login cookie. //echo "Error getting user info for login \"$login\"."; do_redirect($login_url . "&error=Invalid+session+found.");
function list_unapproved($user) { global $temp_fullname, $key, $login; //echo "Listing events for $user <BR>"; echo "<UL>\n"; $sql = "SELECT webcal_entry.cal_id, webcal_entry.cal_name, " . "webcal_entry.cal_description, " . "webcal_entry.cal_priority, webcal_entry.cal_date, " . "webcal_entry.cal_time, webcal_entry.cal_duration, " . "webcal_entry_user.cal_status " . "FROM webcal_entry, webcal_entry_user " . "WHERE webcal_entry.cal_id = webcal_entry_user.cal_id " . "AND ( webcal_entry.cal_ext_for_id IS NULL " . "OR webcal_entry.cal_ext_for_id = 0 ) AND " . "webcal_entry_user.cal_login = '******' AND " . "webcal_entry_user.cal_status = 'W' " . "ORDER BY webcal_entry.cal_date"; $res = dbi_query($sql); $count = 0; $eventinfo = ""; if ($res) { while ($row = dbi_fetch_row($res)) { $key++; $id = $row[0]; $name = $row[1]; $description = $row[2]; $pri = $row[3]; $date = $row[4]; $time = $row[5]; $duration = $row[6]; $status = $row[7]; $divname = "eventinfo-{$id}-{$key}"; echo "<LI><A CLASS=\"entry\" HREF=\"view_entry.php?id={$id}"; echo "\" onMouseOver=\"window.status='" . translate("View this entry") . "'; show(event, '{$divname}'); return true;\" onMouseOut=\"hide('{$divname}'); return true;\">"; $timestr = ""; if ($time > 0) { $timestr = display_time($time); if ($duration > 0) { // calc end time $h = (int) ($time / 10000); $m = $time / 100 % 100; $m += $duration; $d = $duration; while ($m >= 60) { $h++; $m -= 60; } $end_time = sprintf("%02d%02d00", $h, $m); $timestr .= " - " . display_time($end_time); } } echo htmlspecialchars($name); echo "</A>"; echo " (" . date_to_str($date) . ")\n"; echo ": <A HREF=\"approve_entry.php?id={$id}&ret=list"; if ($user == "__public__") { echo "&public=1"; } echo "\" CLASS=\"navlinks\" onClick=\"return confirm('" . translate("Approve this entry?") . "');\">" . translate("Approve/Confirm") . "</A>, "; echo "<A HREF=\"reject_entry.php?id={$id}&ret=list"; if ($user == "__public__") { echo "&public=1"; } echo "\" CLASS=\"navlinks\" onClick=\"return confirm('" . translate("Reject this entry?") . "');\">" . translate("Reject") . "</A>"; $eventinfo .= build_event_popup($divname, $user, $description, $timestr, $time); $count++; } dbi_free_result($res); } echo "</UL><P>\n"; if ($count == 0) { user_load_variables($user, "temp_"); echo translate("No unapproved events for") . " " . $temp_fullname . "."; } else { echo $eventinfo; } }
echo $ext_users[$i] . " (" . translate("External User") . ")<br />\n"; } } } } for ($i = 0; $i < $num_wait; $i++) { user_load_variables($waiting[$i], "temp"); if (strlen($tempemail)) { echo "<br /><a href=\"mailto:" . $tempemail . "?subject={$subject}\">" . $tempfullname . "</a> (?)\n"; $allmails[] = $tempemail; } else { echo "<br />" . $tempfullname . " (?)\n"; } } for ($i = 0; $i < $num_rej; $i++) { user_load_variables($rejected[$i], "temp"); if (strlen($tempemail)) { echo "<br /><strike><a href=\"mailto:" . $tempemail . "?subject={$subject}\">" . $tempfullname . "</a></strike> (" . translate("Rejected") . ")\n"; } else { echo "<br /><strike>{$tempfullname}</strike> (" . translate("Rejected") . ")\n"; } } ?> </td></tr> <?php } // end participants ?> </table>
$nonusers = get_nonuser_cals(); $userlist = array_merge($nonusers, $userlist); } for ($i = 0; $i < count($userlist); $i++) { if ($user == $userlist[$i]['cal_login']) { $valid_user = true; } } if ($valid_user == false) { $user = ""; // security precaution } } if (!empty($user)) { $u_url = "user={$user}&"; user_load_variables($user, "user_"); if ($user == "__public__") { $user_fullname = translate($PUBLIC_ACCESS_FULLNAME); } } else { $u_url = ""; $user_fullname = $fullname; if ($login == "__public__") { $user_fullname = translate($PUBLIC_ACCESS_FULLNAME); } } set_today($date); if ($categories_enabled == "Y") { if (!empty($cat_id)) { $cat_id = $cat_id; } elseif (!empty($CATEGORY_VIEW)) {
cal_create_by FROM webcal_entry WHERE cal_id = ?', array($id)); if ($res) { $row = dbi_fetch_row($res); $name = $row[0]; $description = $row[1]; $fmtdate = $row[2]; $time = sprintf("%06d", $row[3]); $creator = $row[4]; dbi_free_result($res); } $eventstart = date_to_epoch($fmtdate . $time); // TODO figure out if creator wants approved comment email. // Check UAC. $send_user_mail = access_is_enabled() ? access_user_calendar('email', $creator, $login) : 'Y'; $htmlmail = get_pref_setting($creator, 'EMAIL_HTML'); user_load_variables($creator, 'temp'); $user_TIMEZONE = get_pref_setting($creator, 'TIMEZONE'); set_env('TZ', $user_TIMEZONE); $user_language = get_pref_setting($creator, 'LANGUAGE'); if ($send_user_mail == 'Y' && strlen($tempemail) && $SEND_EMAIL != 'N') { reset_language(empty($user_language) || $user_language == 'none' ? $LANGUAGE : $user_language); // translate ( 'Hello' ) $msg = str_replace('XXX', $tempfullname, translate('Hello, XXX.')) . "\n\n" . str_replace('XXX', $login_fullname, translate('XXX has approved an appointment and added comments.')) . "\n\n" . str_replace('XXX', $name, translate('Subject XXX')) . "\n" . str_replace('XXX', $description, translate('Description XXX')) . "\n" . str_replace('XXX', date_to_str($fmtdate), translate('Date XXX')) . ' ' . (empty($hour) && empty($minute) ? '' : str_replace('XXX', display_time('', 2, $eventstart, get_pref_setting($creator, 'TIME_FORMAT')), translate('Time XXX'))) . "\n"; if (!empty($SERVER_URL)) { // DON'T change & to & here. email will handle it $url = $SERVER_URL . 'view_entry.php?id=' . $id . '&em=1'; if ($htmlmail == 'Y') { $url = activate_urls($url); } $msg .= "\n" . $url; }