/** * This function launches an error * @param boolean $caldav_context Whether we are responding via CalDAV or interactively * @param int $user_no the user who will receive this ics file * @param string $path the $path where the PUT failed to store such as /user_foo/home/ * @param string $message An optional error message to return to the client * @param int $error_no An optional value for the HTTP error code */ function rollback_on_error($caldav_context, $user_no, $path, $message = '', $error_no = 500) { global $c, $bad_events; if (!$message) { $message = translate('Database error'); } $qry = new AwlQuery(); $qry->Rollback(); if ($caldav_context) { if (isset($bad_events) && isset($c->skip_bad_event_on_import) && $c->skip_bad_event_on_import) { $bad_events[] = $message; } else { global $request; $request->DoResponse($error_no, $message); } // and we don't return from that, ever... } $c->messages[] = sprintf(translate('Status: %d, Message: %s, User: %d, Path: %s'), $error_no, $message, $user_no, $path); }
$qry->Begin(); $etag = md5($request->raw_post); $params = array(':user_no' => $dest->GetProperty('user_no'), ':dav_name' => $dest->bound_from(), ':etag' => $etag, ':dav_data' => $request->raw_post, ':session_user' => $session->user_no); if ($dest->Exists()) { $sql = 'UPDATE caldav_data SET caldav_data=:dav_data, dav_etag=:etag, logged_user=:session_user, modified=current_timestamp, user_no=:user_no, caldav_type=\'VCARD\' WHERE dav_name=:dav_name'; $response_code = 200; $qry->QDo($sql, $params); $qry->QDo("SELECT dav_id FROM caldav_data WHERE dav_name = :dav_name ", array(':dav_name' => $params[':dav_name'])); } else { $sql = 'INSERT INTO caldav_data ( user_no, dav_name, dav_etag, caldav_data, caldav_type, logged_user, created, modified, collection_id ) VALUES( :user_no, :dav_name, :etag, :dav_data, \'VCARD\', :session_user, current_timestamp, current_timestamp, :collection_id )'; $params[':collection_id'] = $collection_id; $response_code = 201; $qry->QDo($sql, $params); $qry->QDo("SELECT currval('dav_id_seq') AS dav_id"); } $row = $qry->Fetch(); require_once 'vcard.php'; $vcard = new vCard($request->raw_post); $vcard->Write($row->dav_id, $dest->Exists()); $qry->QDo("SELECT write_sync_change( {$collection_id}, {$response_code}, :dav_name)", array(':dav_name' => $dest->bound_from())); if (!$qry->Commit()) { $qry->Rollback(); $request->DoResponse(500, "A database error occurred"); } header('ETag: "' . $etag . '"'); if ($response_code == 200) { $response_code = 204; } $request->DoResponse($response_code);
/** * Write the roles associated with the user * @return Success. */ function WriteRoles() { global $c, $session; if (isset($_POST['roles']) && is_array($_POST['roles'])) { $roles = ""; $params = array(); foreach ($_POST['roles'] as $k => $v) { if ($v && $v != "off") { $roles .= $roles == '' ? '' : ', '; $roles .= AwlQuery::quote($k); } } $qry = new AwlQuery(); if ($roles == '') { $succeeded = $qry->QDo('DELETE FROM role_member WHERE user_no = ' . $this->user_no); } else { $succeeded = $qry->Begin(); $sql = 'DELETE FROM role_member WHERE user_no = ' . $this->user_no; $sql .= ' AND role_no NOT IN (SELECT role_no FROM roles WHERE role_name IN (' . $roles . ') )'; if ($succeeded) { $succeeded = $qry->QDo($sql); } $sql = 'INSERT INTO role_member (role_no, user_no)'; $sql .= ' SELECT role_no, ' . $this->user_no . ' FROM roles WHERE role_name IN (' . $roles . ')'; $sql .= ' EXCEPT SELECT role_no, user_no FROM role_member'; if ($succeeded) { $succeeded = $qry->QDo($sql); } if ($succeeded) { $qry->Commit(); } else { $qry->Rollback(); } } if (!$succeeded) { $c->messages[] = i18n('ERROR: There was a database error writing the roles information!'); $c->messages[] = i18n('Please note the time and advise the administrator of your system.'); return false; } } return true; }