PageRenderTime 63ms CodeModel.GetById 26ms RepoModel.GetById 0ms app.codeStats 1ms

/gforge/plugins/webcalendar/www/includes/functions.php

https://github.com/mathieu/fusionforge
PHP | 4856 lines | 3734 code | 198 blank | 924 comment | 861 complexity | 2e66508705879474cd63b39f9a15e631 MD5 | raw file
Possible License(s): MPL-2.0-no-copyleft-exception, GPL-2.0

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. /**
  3. * All of WebCalendar's functions
  4. *
  5. * @author Craig Knudsen <cknudsen@cknudsen.com>
  6. * @copyright Craig Knudsen, <cknudsen@cknudsen.com>, http://www.k5n.us/cknudsen
  7. * @license http://www.gnu.org/licenses/gpl.html GNU GPL
  8. * @package WebCalendar
  9. */
  10. if ( empty ( $PHP_SELF ) && ! empty ( $_SERVER ) &&
  11. ! empty ( $_SERVER['PHP_SELF'] ) ) {
  12. $PHP_SELF = $_SERVER['PHP_SELF'];
  13. }
  14. if ( ! empty ( $PHP_SELF ) && preg_match ( "/\/includes\//", $PHP_SELF ) ) {
  15. die ( "You can't access this file directly!" );
  16. }
  17. /**#@+
  18. * Used for activity log
  19. * @global string
  20. */
  21. $LOG_CREATE = "C";
  22. $LOG_APPROVE = "A";
  23. $LOG_REJECT = "X";
  24. $LOG_UPDATE = "U";
  25. $LOG_DELETE = "D";
  26. $LOG_NOTIFICATION = "N";
  27. $LOG_REMINDER = "R";
  28. /**#@-*/
  29. /**
  30. * Number of seconds in a day
  31. *
  32. * @global int $ONE_DAY
  33. */
  34. $ONE_DAY = 86400;
  35. /**
  36. * Array containing the number of days in each month in a non-leap year
  37. *
  38. * @global array $days_per_month
  39. */
  40. $days_per_month = array ( 0, 31, 28, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 );
  41. /**
  42. * Array containing the number of days in each month in a leap year
  43. *
  44. * @global array $ldays_per_month
  45. */
  46. $ldays_per_month = array ( 0, 31, 29, 31, 30, 31, 30, 31, 31, 30, 31, 30, 31 );
  47. /**
  48. * Array of global variables which are not allowed to by set via HTTP GET/POST
  49. *
  50. * This is a security precaution to prevent users from overriding any global
  51. * variables
  52. *
  53. * @global array $noSet
  54. */
  55. $noSet = array (
  56. "is_admin" => 1,
  57. "db_type" => 1,
  58. "db_host" => 1,
  59. "db_login" => 1,
  60. "db_password" => 1,
  61. "db_persistent" => 1,
  62. "PROGRAM_NAME" => 1,
  63. "PROGRAM_URL" => 1,
  64. "readonly" => 1,
  65. "single_user" => 1,
  66. "single_user_login" => 1,
  67. "use_http_auth" => 1,
  68. "user_inc" => 1,
  69. "includedir" => 1,
  70. "NONUSER_PREFIX" => 1,
  71. "languages" => 1,
  72. "browser_languages" => 1,
  73. "pub_acc_enabled" => 1,
  74. "user_can_update_password" => 1,
  75. "admin_can_add_user" => 1,
  76. "admin_can_delete_user" => 1,
  77. );
  78. // This code is a temporary hack to make the application work when
  79. // register_globals is set to Off in php.ini (the default setting in
  80. // PHP 4.2.0 and after).
  81. if ( empty ( $HTTP_GET_VARS ) ) $HTTP_GET_VARS = $_GET;
  82. if ( ! empty ( $HTTP_GET_VARS ) ) {
  83. while (list($key, $val) = @each($HTTP_GET_VARS)) {
  84. // don't allow anything to have <script> in it...
  85. if ( ! is_array ( $val ) ) {
  86. if ( preg_match ( "/<\s*script/i", $val ) ) {
  87. echo "Security violation!"; exit;
  88. }
  89. }
  90. if ( $key == "login" ) {
  91. if ( strstr ( $PHP_SELF, "login.php" ) ) {
  92. //$GLOBALS[$key] = $val;
  93. $GLOBALS[$key] = $val;
  94. }
  95. } else {
  96. if ( empty ( $noSet[$key] ) ) {
  97. $GLOBALS[$key] = $val;
  98. //echo "XXX $key<br />\n";
  99. }
  100. }
  101. //echo "GET var '$key' = '$val' <br />\n";
  102. }
  103. reset ( $HTTP_GET_VARS );
  104. }
  105. if ( empty ( $HTTP_POST_VARS ) ) $HTTP_POST_VARS = $_POST;
  106. if ( ! empty ( $HTTP_POST_VARS ) ) {
  107. while (list($key, $val) = @each($HTTP_POST_VARS)) {
  108. // don't allow anything to have <script> in it... except 'template'
  109. if ( ! is_array ( $val ) && $key != 'template' ) {
  110. if ( preg_match ( "/<\s*script/i", $val ) ) {
  111. echo "Security violation!"; exit;
  112. }
  113. }
  114. if ( empty ( $noSet[$key] ) ) {
  115. $GLOBALS[$key] = $val;
  116. }
  117. }
  118. reset ( $HTTP_POST_VARS );
  119. }
  120. //while (list($key, $val) = @each($HTTP_POST_FILES)) {
  121. // $GLOBALS[$key] = $val;
  122. //}
  123. //while (list($key, $val) = @each($HTTP_SESSION_VARS)) {
  124. // $GLOBALS[$key] = $val;
  125. //}
  126. if ( empty ( $HTTP_COOKIE_VARS ) ) $HTTP_COOKIE_VARS = $_COOKIE;
  127. if ( ! empty ( $HTTP_COOKIE_VARS ) ) {
  128. while (list($key, $val) = @each($HTTP_COOKIE_VARS)) {
  129. if ( empty ( $noSet[$key] ) && substr($key,0,12) == "webcalendar_" ) {
  130. $GLOBALS[$key] = $val;
  131. }
  132. //echo "COOKIE var '$key' = '$val' <br />\n";
  133. }
  134. reset ( $HTTP_COOKIE_VARS );
  135. }
  136. // Don't allow a user to put "login=XXX" in the URL if they are not
  137. // coming from the login.php page.
  138. if ( empty ( $PHP_SELF ) && ! empty ( $_SERVER['PHP_SELF'] ) )
  139. $PHP_SELF = $_SERVER['PHP_SELF']; // backward compatibility
  140. if ( empty ( $PHP_SELF ) )
  141. $PHP_SELF = ''; // this happens when running send_reminders.php from CL
  142. if ( ! strstr ( $PHP_SELF, "login.php" ) && ! empty ( $GLOBALS["login"] ) ) {
  143. $GLOBALS["login"] = "";
  144. }
  145. // Define an array to use to jumble up the key: $offsets
  146. // We define a unique key to scramble the cookie we generate.
  147. // We use the admin install password that the user set to make
  148. // the salt unique for each WebCalendar install.
  149. if ( ! empty ( $settings ) && ! empty ( $settings['install_password'] ) ) {
  150. $salt = $settings['install_password'];
  151. } else {
  152. $salt = md5 ( $db_login );
  153. }
  154. $salt_len = strlen ( $salt );
  155. if ( ! empty ( $db_password ) ) {
  156. $salt2 = md5 ( $db_password );
  157. } else {
  158. $salt2 = md5 ( "oogabooga" );
  159. }
  160. $salt2_len = strlen ( $salt2 );
  161. $offsets = array ();
  162. for ( $i = 0; $i < $salt_len || $i < $salt2_len; $i++ ) {
  163. $offsets[$i] = 0;
  164. if ( $i < $salt_len )
  165. $offsets[$i] += ord ( substr ( $salt, $i, 1 ) );
  166. if ( $i < $salt2_len )
  167. $offsets[$i] += ord ( substr ( $salt2, $i, 1 ) );
  168. $offsets[$i] %= 128;
  169. }
  170. /* debugging code...
  171. for ( $i = 0; $i < count ( $offsets ); $i++ ) {
  172. echo "offset $i: $offsets[$i] <br />\n";
  173. }
  174. */
  175. /*
  176. * Functions start here. All non-function code should be above this
  177. *
  178. * Note to developers:
  179. * Documentation is generated from the function comments below.
  180. * When adding/updating functions, please follow the following conventions
  181. * seen below. Your cooperation in this matter is appreciated :-)
  182. *
  183. * If you want your documentation to link to the db documentation,
  184. * just make sure you mention the db table name followed by "table"
  185. * on the same line. Here's an example:
  186. * Retrieve preferences from the webcal_user_pref table.
  187. *
  188. */
  189. /**
  190. * Gets the value resulting from an HTTP POST method.
  191. *
  192. * <b>Note:</b> The return value will be affected by the value of
  193. * <var>magic_quotes_gpc</var> in the php.ini file.
  194. *
  195. * @param string $name Name used in the HTML form
  196. *
  197. * @return string The value used in the HTML form
  198. *
  199. * @see getGetValue
  200. */
  201. function getPostValue ( $name ) {
  202. global $HTTP_POST_VARS;
  203. if ( isset ( $_POST ) && is_array ( $_POST ) && ! empty ( $_POST[$name] ) ) {
  204. $HTTP_POST_VARS[$name] = $_POST[$name];
  205. return $_POST[$name];
  206. } else if ( ! isset ( $HTTP_POST_VARS ) ) {
  207. return null;
  208. } else if ( ! isset ( $HTTP_POST_VARS[$name] ) ) {
  209. return null;
  210. }
  211. return ( $HTTP_POST_VARS[$name] );
  212. }
  213. /**
  214. * Gets the value resulting from an HTTP GET method.
  215. *
  216. * <b>Note:</b> The return value will be affected by the value of
  217. * <var>magic_quotes_gpc</var> in the php.ini file.
  218. *
  219. * If you need to enforce a specific input format (such as numeric input), then
  220. * use the {@link getValue()} function.
  221. *
  222. * @param string $name Name used in the HTML form or found in the URL
  223. *
  224. * @return string The value used in the HTML form (or URL)
  225. *
  226. * @see getPostValue
  227. */
  228. function getGetValue ( $name ) {
  229. global $HTTP_GET_VARS;
  230. if ( isset ( $_GET ) && is_array ( $_GET ) && ! empty ( $_GET[$name] ) ) {
  231. $HTTP_GET_VARS[$name] = $_GET[$name];
  232. return $_GET[$name];
  233. } else if ( ! isset ( $HTTP_GET_VARS ) ) {
  234. return null;
  235. } else if ( ! isset ( $HTTP_GET_VARS[$name] ) ) {
  236. return null;
  237. }
  238. return ( $HTTP_GET_VARS[$name] );
  239. }
  240. /**
  241. * Gets the value resulting from either HTTP GET method or HTTP POST method.
  242. *
  243. * <b>Note:</b> The return value will be affected by the value of
  244. * <var>magic_quotes_gpc</var> in the php.ini file.
  245. *
  246. * <b>Note:</b> If you need to get an integer value, yuou can use the
  247. * getIntValue function.
  248. *
  249. * @param string $name Name used in the HTML form or found in the URL
  250. * @param string $format A regular expression format that the input must match.
  251. * If the input does not match, an empty string is
  252. * returned and a warning is sent to the browser. If The
  253. * <var>$fatal</var> parameter is true, then execution
  254. * will also stop when the input does not match the
  255. * format.
  256. * @param bool $fatal Is it considered a fatal error requiring execution to
  257. * stop if the value retrieved does not match the format
  258. * regular expression?
  259. *
  260. * @return string The value used in the HTML form (or URL)
  261. *
  262. * @uses getGetValue
  263. * @uses getPostValue
  264. */
  265. function getValue ( $name, $format="", $fatal=false ) {
  266. $val = getPostValue ( $name );
  267. if ( ! isset ( $val ) )
  268. $val = getGetValue ( $name );
  269. // for older PHP versions...
  270. if ( ! isset ( $val ) && get_magic_quotes_gpc () == 1 &&
  271. ! empty ( $GLOBALS[$name] ) )
  272. $val = $GLOBALS[$name];
  273. if ( ! isset ( $val ) )
  274. return "";
  275. if ( ! empty ( $format ) && ! preg_match ( "/^" . $format . "$/", $val ) ) {
  276. // does not match
  277. if ( $fatal ) {
  278. die_miserable_death ( "Fatal Error: Invalid data format for $name" );
  279. }
  280. // ignore value
  281. return "";
  282. }
  283. return $val;
  284. }
  285. /**
  286. * Gets an integer value resulting from an HTTP GET or HTTP POST method.
  287. *
  288. * <b>Note:</b> The return value will be affected by the value of
  289. * <var>magic_quotes_gpc</var> in the php.ini file.
  290. *
  291. * @param string $name Name used in the HTML form or found in the URL
  292. * @param bool $fatal Is it considered a fatal error requiring execution to
  293. * stop if the value retrieved does not match the format
  294. * regular expression?
  295. *
  296. * @return string The value used in the HTML form (or URL)
  297. *
  298. * @uses getValue
  299. */
  300. function getIntValue ( $name, $fatal=false ) {
  301. $val = getValue ( $name, "-?[0-9]+", $fatal );
  302. return $val;
  303. }
  304. /**
  305. * Loads default system settings (which can be updated via admin.php).
  306. *
  307. * System settings are stored in the webcal_config table.
  308. *
  309. * <b>Note:</b> If the setting for <var>server_url</var> is not set, the value
  310. * will be calculated and stored in the database.
  311. *
  312. * @global string User's login name
  313. * @global bool Readonly
  314. * @global string HTTP hostname
  315. * @global int Server's port number
  316. * @global string Request string
  317. * @global array Server variables
  318. */
  319. function load_global_settings () {
  320. global $login, $readonly, $HTTP_HOST, $SERVER_PORT, $REQUEST_URI, $_SERVER;
  321. // Note: when running from the command line (send_reminders.php),
  322. // these variables are (obviously) not set.
  323. // TODO: This type of checking should be moved to a central locationm
  324. // like init.php.
  325. if ( isset ( $_SERVER ) && is_array ( $_SERVER ) ) {
  326. if ( empty ( $HTTP_HOST ) && isset ( $_SERVER["HTTP_POST"] ) )
  327. $HTTP_HOST = $_SERVER["HTTP_HOST"];
  328. if ( empty ( $SERVER_PORT ) && isset ( $_SERVER["SERVER_PORT"] ) )
  329. $SERVER_PORT = $_SERVER["SERVER_PORT"];
  330. if ( empty ( $REQUEST_URI ) && isset ( $_SERVER["REQUEST_URI"] ) )
  331. $REQUEST_URI = $_SERVER["REQUEST_URI"];
  332. }
  333. $res = dbi_query ( "SELECT cal_setting, cal_value FROM webcal_config" );
  334. if ( $res ) {
  335. while ( $row = dbi_fetch_row ( $res ) ) {
  336. $setting = $row[0];
  337. $value = $row[1];
  338. //echo "Setting '$setting' to '$value' <br />\n";
  339. $GLOBALS[$setting] = $value;
  340. }
  341. dbi_free_result ( $res );
  342. }
  343. // If app name not set.... default to "Title". This gets translated
  344. // later since this function is typically called before translate.php
  345. // is included.
  346. // Note: We usually use translate($application_name) instead of
  347. // translate("Title").
  348. if ( empty ( $GLOBALS["application_name"] ) )
  349. $GLOBALS["application_name"] = "Title";
  350. // If $server_url not set, then calculate one for them, then store it
  351. // in the database.
  352. if ( empty ( $GLOBALS["server_url"] ) ) {
  353. if ( ! empty ( $HTTP_HOST ) && ! empty ( $REQUEST_URI ) ) {
  354. $ptr = strrpos ( $REQUEST_URI, "/" );
  355. if ( $ptr > 0 ) {
  356. $uri = substr ( $REQUEST_URI, 0, $ptr + 1 );
  357. $server_url = "http://" . $HTTP_HOST;
  358. if ( ! empty ( $SERVER_PORT ) && $SERVER_PORT != 80 )
  359. $server_url .= ":" . $SERVER_PORT;
  360. $server_url .= $uri;
  361. dbi_query ( "INSERT INTO webcal_config ( cal_setting, cal_value ) ".
  362. "VALUES ( 'server_url', '$server_url' )" );
  363. $GLOBALS["server_url"] = $server_url;
  364. }
  365. }
  366. }
  367. // If no font settings, then set some
  368. if ( empty ( $GLOBALS["FONTS"] ) ) {
  369. if ( $GLOBALS["LANGUAGE"] == "Japanese" )
  370. $GLOBALS["FONTS"] = "Osaka, Arial, Helvetica, sans-serif";
  371. else
  372. $GLOBALS["FONTS"] = "Arial, Helvetica, sans-serif";
  373. }
  374. }
  375. /**
  376. * Gets the list of active plugins.
  377. *
  378. * Should be called after {@link load_global_settings()} and {@link load_user_preferences()}.
  379. *
  380. * @internal cek: ignored since I am not sure this will ever be used...
  381. *
  382. * @return array Active plugins
  383. *
  384. * @ignore
  385. */
  386. function get_plugin_list ( $include_disabled=false ) {
  387. // first get list of available plugins
  388. $sql = "SELECT cal_setting FROM webcal_config " .
  389. "WHERE cal_setting LIKE '%.plugin_status'";
  390. if ( ! $include_disabled )
  391. $sql .= " AND cal_value = 'Y'";
  392. $sql .= " ORDER BY cal_setting";
  393. $res = dbi_query ( $sql );
  394. $plugins = array ();
  395. if ( $res ) {
  396. while ( $row = dbi_fetch_row ( $res ) ) {
  397. $e = explode ( ".", $row[0] );
  398. if ( $e[0] != "" ) {
  399. $plugins[] = $e[0];
  400. }
  401. }
  402. dbi_free_result ( $res );
  403. } else {
  404. echo translate("Database error") . ": " . dbi_error (); exit;
  405. }
  406. if ( count ( $plugins ) == 0 ) {
  407. $plugins[] = "webcalendar";
  408. }
  409. return $plugins;
  410. }
  411. /**
  412. * Get plugins available to the current user.
  413. *
  414. * Do this by getting a list of all plugins that are not disabled by the
  415. * administrator and make sure this user has not disabled any of them.
  416. *
  417. * It's done this was so that when an admin adds a new plugin, it shows up on
  418. * each users system automatically (until they disable it).
  419. *
  420. * @return array Plugins available to current user
  421. *
  422. * @ignore
  423. */
  424. function get_user_plugin_list () {
  425. $ret = array ();
  426. $all_plugins = get_plugin_list ();
  427. for ( $i = 0; $i < count ( $all_plugins ); $i++ ) {
  428. if ( $GLOBALS[$all_plugins[$i] . ".disabled"] != "N" )
  429. $ret[] = $all_plugins[$i];
  430. }
  431. return $ret;
  432. }
  433. /**
  434. * Identify user's browser.
  435. *
  436. * Returned value will be one of:
  437. * - "Mozilla/5" = Mozilla (open source Mozilla 5.0)
  438. * - "Mozilla/[3,4]" = Netscape (3.X, 4.X)
  439. * - "MSIE 4" = MSIE (4.X)
  440. *
  441. * @return string String identifying browser
  442. *
  443. * @ignore
  444. */
  445. function get_web_browser () {
  446. if ( ereg ( "MSIE [0-9]", getenv ( "HTTP_USER_AGENT" ) ) )
  447. return "MSIE";
  448. if ( ereg ( "Mozilla/[234]", getenv ( "HTTP_USER_AGENT" ) ) )
  449. return "Netscape";
  450. if ( ereg ( "Mozilla/[5678]", getenv ( "HTTP_USER_AGENT" ) ) )
  451. return "Mozilla";
  452. return "Unknown";
  453. }
  454. /**
  455. * Logs a debug message.
  456. *
  457. * Generally, we do not leave calls to this function in the code. It is used
  458. * for debugging only.
  459. *
  460. * @param string $msg Text to be logged
  461. */
  462. function do_debug ( $msg ) {
  463. // log to /tmp/webcal-debug.log
  464. //error_log ( date ( "Y-m-d H:i:s" ) . "> $msg\n",
  465. // 3, "/tmp/webcal-debug.log" );
  466. //error_log ( date ( "Y-m-d H:i:s" ) . "> $msg\n",
  467. // 2, "sockieman:2000" );
  468. }
  469. /**
  470. * Gets user's preferred view.
  471. *
  472. * The user's preferred view is stored in the $STARTVIEW global variable. This
  473. * is loaded from the user preferences (or system settings if there are no user
  474. * prefererences.)
  475. *
  476. * @param string $indate Date to pass to preferred view in YYYYMMDD format
  477. * @param string $args Arguments to include in the URL (such as "user=joe")
  478. *
  479. * @return string URL of the user's preferred view
  480. */
  481. function get_preferred_view ( $indate="", $args="" ) {
  482. global $STARTVIEW, $thisdate;
  483. $url = empty ( $STARTVIEW ) ? "month.php" : $STARTVIEW;
  484. // We used to just store "month" in $STARTVIEW without the ".php"
  485. // This is just to prevent users from getting a "404 not found" if
  486. // they have not updated their preferences.
  487. if ( $url == "month" || $url == "day" || $url == "week" || $url == "year" )
  488. $url .= ".php";
  489. $url = str_replace ( '&amp;', '&', $url );
  490. $url = str_replace ( '&', '&amp;', $url );
  491. $xdate = empty ( $indate ) ? $thisdate : $indate;
  492. if ( ! empty ( $xdate ) ) {
  493. if ( strstr ( $url, "?" ) )
  494. $url .= '&amp;' . "date=$xdate";
  495. else
  496. $url .= '?' . "date=$xdate";
  497. }
  498. if ( ! empty ( $args ) ) {
  499. if ( strstr ( $url, "?" ) )
  500. $url .= '&amp;' . $args;
  501. else
  502. $url .= '?' . $args;
  503. }
  504. return $url;
  505. }
  506. /**
  507. * Sends a redirect to the user's preferred view.
  508. *
  509. * The user's preferred view is stored in the $STARTVIEW global variable. This
  510. * is loaded from the user preferences (or system settings if there are no user
  511. * prefererences.)
  512. *
  513. * @param string $indate Date to pass to preferred view in YYYYMMDD format
  514. * @param string $args Arguments to include in the URL (such as "user=joe")
  515. */
  516. function send_to_preferred_view ( $indate="", $args="" ) {
  517. $url = get_preferred_view ( $indate, $args );
  518. do_redirect ( $url );
  519. }
  520. /** Sends a redirect to the specified page.
  521. *
  522. * The database connection is closed and execution terminates in this function.
  523. *
  524. * <b>Note:</b> MS IIS/PWS has a bug in which it does not allow us to send a
  525. * cookie and a redirect in the same HTTP header. When we detect that the web
  526. * server is IIS, we accomplish the redirect using meta-refresh. See the
  527. * following for more info on the IIS bug:
  528. *
  529. * {@link http://www.faqts.com/knowledge_base/view.phtml/aid/9316/fid/4}
  530. *
  531. * @param string $url The page to redirect to. In theory, this should be an
  532. * absolute URL, but all browsers accept relative URLs (like
  533. * "month.php").
  534. *
  535. * @global string Type of webserver
  536. * @global array Server variables
  537. * @global resource Database connection
  538. */
  539. function do_redirect ( $url ) {
  540. global $SERVER_SOFTWARE, $_SERVER, $c;
  541. // Replace any '&amp;' with '&' since we don't want that in the HTTP
  542. // header.
  543. $url = str_replace ( '&amp;', '&', $url );
  544. if ( empty ( $SERVER_SOFTWARE ) )
  545. $SERVER_SOFTWARE = $_SERVER["SERVER_SOFTWARE"];
  546. //echo "SERVER_SOFTWARE = $SERVER_SOFTWARE <br />\n"; exit;
  547. if ( ( substr ( $SERVER_SOFTWARE, 0, 5 ) == "Micro" ) ||
  548. ( substr ( $SERVER_SOFTWARE, 0, 3 ) == "WN/" ) ) {
  549. echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<!DOCTYPE html
  550. PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
  551. \"DTD/xhtml1-transitional.dtd\">
  552. <html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">
  553. <head>\n<title>Redirect</title>\n" .
  554. "<meta http-equiv=\"refresh\" content=\"0; url=$url\" />\n</head>\n<body>\n" .
  555. "Redirecting to.. <a href=\"" . $url . "\">here</a>.</body>\n</html>";
  556. } else {
  557. Header ( "Location: $url" );
  558. //print "<javascript>window.location.href='index.php';</script>" ;
  559. echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<!DOCTYPE html
  560. PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
  561. \"DTD/xhtml1-transitional.dtd\">
  562. <html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">
  563. <head>\n<title>Redirect</title>\n</head>\n<body>\n" .
  564. "Redirecting to aa... <a href=\"" . $url . "\">here</a>.</body>\n</html>";
  565. }
  566. dbi_close ( $c );
  567. exit;
  568. }
  569. /**
  570. * Sends an HTTP login request to the browser and stops execution.
  571. */
  572. function send_http_login () {
  573. global $lang_file, $application_name;
  574. if ( strlen ( $lang_file ) ) {
  575. Header ( "WWW-Authenticate: Basic realm=\"" . translate("Title") . "\"");
  576. Header ( "HTTP/1.0 401 Unauthorized" );
  577. echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<!DOCTYPE html
  578. PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
  579. \"DTD/xhtml1-transitional.dtd\">
  580. <html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">
  581. <head>\n<title>Unauthorized</title>\n</head>\n<body>\n" .
  582. "<h2>" . translate("Title") . "</h2>\n" .
  583. translate("You are not authorized") .
  584. "\n</body>\n</html>";
  585. } else {
  586. Header ( "WWW-Authenticate: Basic realm=\"WebCalendar\"");
  587. Header ( "HTTP/1.0 401 Unauthorized" );
  588. echo "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<!DOCTYPE html
  589. PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"
  590. \"DTD/xhtml1-transitional.dtd\">
  591. <html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"en\" lang=\"en\">
  592. <head>\n<title>Unauthorized</title>\n</head>\n<body>\n" .
  593. "<h2>WebCalendar</h2>\n" .
  594. "You are not authorized" .
  595. "\n</body>\n</html>";
  596. }
  597. exit;
  598. }
  599. /**
  600. * Generates a cookie that saves the last calendar view.
  601. *
  602. * Cookie is based on the current <var>$REQUEST_URI</var>.
  603. *
  604. * We save this cookie so we can return to this same page after a user
  605. * edits/deletes/etc an event.
  606. *
  607. * @global string Request string
  608. */
  609. function remember_this_view () {
  610. global $REQUEST_URI;
  611. if ( empty ( $REQUEST_URI ) )
  612. $REQUEST_URI = $_SERVER["REQUEST_URI"];
  613. // do not use anything with friendly in the URI
  614. if ( strstr ( $REQUEST_URI, "friendly=" ) )
  615. return;
  616. SetCookie ( "webcalendar_last_view", $REQUEST_URI );
  617. }
  618. /**
  619. * Gets the last page stored using {@link remember_this_view()}.
  620. *
  621. * @return string The URL of the last view or an empty string if it cannot be
  622. * determined.
  623. *
  624. * @global array Cookies
  625. */
  626. function get_last_view () {
  627. global $HTTP_COOKIE_VARS;
  628. $val = '';
  629. if ( isset ( $_COOKIE["webcalendar_last_view"] ) ) {
  630. $HTTP_COOKIE_VARS["webcalendar_last_view"] = $_COOKIE["webcalendar_last_view"];
  631. $val = $_COOKIE["webcalendar_last_view"];
  632. } else if ( isset ( $HTTP_COOKIE_VARS["webcalendar_last_view"] ) ) {
  633. $val = $HTTP_COOKIE_VARS["webcalendar_last_view"];
  634. }
  635. $val = str_replace ( "&", "&amp;", $val );
  636. return $val;
  637. }
  638. /**
  639. * Sends HTTP headers that tell the browser not to cache this page.
  640. *
  641. * Different browser use different mechanisms for this, so a series of HTTP
  642. * header directives are sent.
  643. *
  644. * <b>Note:</b> This function needs to be called before any HTML output is sent
  645. * to the browser.
  646. */
  647. function send_no_cache_header () {
  648. header ( "Expires: Mon, 26 Jul 1997 05:00:00 GMT" );
  649. header ( "Last-Modified: " . gmdate ( "D, d M Y H:i:s" ) . " GMT" );
  650. header ( "Cache-Control: no-store, no-cache, must-revalidate" );
  651. header ( "Cache-Control: post-check=0, pre-check=0", false );
  652. header ( "Pragma: no-cache" );
  653. }
  654. /**
  655. * Loads the current user's preferences as global variables from the webcal_user_pref table.
  656. *
  657. * Also loads the list of views for this user (not really a preference, but
  658. * this is a convenient place to put this...)
  659. *
  660. * <b>Notes:</b>
  661. * - If <var>$allow_color_customization</var> is set to 'N', then we ignore any
  662. * color preferences.
  663. * - Other default values will also be set if the user has not saved a
  664. * preference and no global value has been set by the administrator in the
  665. * system settings.
  666. */
  667. function load_user_preferences () {
  668. global $login, $browser, $views, $prefarray, $is_assistant,
  669. $has_boss, $user, $is_nonuser_admin, $allow_color_customization;
  670. $lang_found = false;
  671. $colors = array (
  672. "BGCOLOR" => 1,
  673. "H2COLOR" => 1,
  674. "THBG" => 1,
  675. "THFG" => 1,
  676. "CELLBG" => 1,
  677. "TODAYCELLBG" => 1,
  678. "WEEKENDBG" => 1,
  679. "POPUP_BG" => 1,
  680. "POPUP_FG" => 1,
  681. );
  682. $browser = get_web_browser ();
  683. $browser_lang = get_browser_language ();
  684. $prefarray = array ();
  685. // Note: default values are set in config.php
  686. $res = dbi_query (
  687. "SELECT cal_setting, cal_value FROM webcal_user_pref " .
  688. "WHERE cal_login = '$login'" );
  689. if ( $res ) {
  690. while ( $row = dbi_fetch_row ( $res ) ) {
  691. $setting = $row[0];
  692. $value = $row[1];
  693. if ( $allow_color_customization == 'N' ) {
  694. if ( isset ( $colors[$setting] ) )
  695. continue;
  696. }
  697. $sys_setting = "sys_" . $setting;
  698. // save system defaults
  699. if ( ! empty ( $GLOBALS[$setting] ) )
  700. $GLOBALS["sys_" . $setting] = $GLOBALS[$setting];
  701. $GLOBALS[$setting] = $value;
  702. $prefarray[$setting] = $value;
  703. if ( $setting == "LANGUAGE" )
  704. $lang_found = true;
  705. }
  706. dbi_free_result ( $res );
  707. }
  708. // get views for this user and global views
  709. $res = dbi_query (
  710. "SELECT cal_view_id, cal_name, cal_view_type, cal_is_global " .
  711. "FROM webcal_view " .
  712. "WHERE cal_owner = '$login' OR cal_is_global = 'Y' " .
  713. "ORDER BY cal_name" );
  714. if ( $res ) {
  715. $views = array ();
  716. while ( $row = dbi_fetch_row ( $res ) ) {
  717. if ( $row[2] == 'S' )
  718. $url = "view_t.php?timeb=1&amp;id=$row[0]";
  719. else if ( $row[2] == 'T' )
  720. $url = "view_t.php?timeb=0&amp;id=$row[0]";
  721. else
  722. $url = "view_" . strtolower ( $row[2] ) . ".php?id=$row[0]";
  723. $v = array (
  724. "cal_view_id" => $row[0],
  725. "cal_name" => $row[1],
  726. "cal_view_type" => $row[2],
  727. "cal_is_global" => $row[3],
  728. "url" => $url
  729. );
  730. $views[] = $v;
  731. }
  732. dbi_free_result ( $res );
  733. }
  734. // If user has not set a language preference, then use their browser
  735. // settings to figure it out, and save it in the database for future
  736. // use (email reminders).
  737. if ( ! $lang_found && strlen ( $login ) && $login != "__public__" ) {
  738. $LANGUAGE = $browser_lang;
  739. dbi_query ( "INSERT INTO webcal_user_pref " .
  740. "( cal_login, cal_setting, cal_value ) VALUES " .
  741. "( '$login', 'LANGUAGE', '$LANGUAGE' )" );
  742. }
  743. if ( empty ( $GLOBALS["DATE_FORMAT_MY"] ) )
  744. $GLOBALS["DATE_FORMAT_MY"] = "__month__ __yyyy__";
  745. if ( empty ( $GLOBALS["DATE_FORMAT_MD"] ) )
  746. $GLOBALS["DATE_FORMAT_MD"] = "__month__ __dd__";
  747. $is_assistant = empty ( $user ) ? false :
  748. user_is_assistant ( $login, $user );
  749. $has_boss = user_has_boss ( $login );
  750. $is_nonuser_admin = ($user) ? user_is_nonuser_admin ( $login, $user ) : false;
  751. if ( $is_nonuser_admin ) load_nonuser_preferences ($user);
  752. }
  753. /**
  754. * Gets the list of external users for an event from the webcal_entry_ext_user table in an HTML format.
  755. *
  756. * @param int $event_id Event ID
  757. * @param int $use_mailto When set to 1, email address will contain an href
  758. * link with a mailto URL.
  759. *
  760. * @return string The list of external users for an event formatte in HTML.
  761. */
  762. function event_get_external_users ( $event_id, $use_mailto=0 ) {
  763. global $error;
  764. $ret = "";
  765. $res = dbi_query ( "SELECT cal_fullname, cal_email " .
  766. "FROM webcal_entry_ext_user " .
  767. "WHERE cal_id = $event_id " .
  768. "ORDER by cal_fullname" );
  769. if ( $res ) {
  770. while ( $row = dbi_fetch_row ( $res ) ) {
  771. if ( strlen ( $ret ) )
  772. $ret .= "\n";
  773. // Remove [\d] if duplicate name
  774. $trow = trim( preg_replace( '/\[[\d]]/' , "", $row[0] ) );
  775. $ret .= $trow;
  776. if ( strlen ( $row[1] ) ) {
  777. if ( $use_mailto ) {
  778. $ret .= " <a href=\"mailto:$row[1]\">&lt;" .
  779. htmlentities ( $row[1] ) . "&gt;</a>";
  780. } else {
  781. $ret .= " &lt;". htmlentities ( $row[1] ) . "&gt;";
  782. }
  783. }
  784. }
  785. dbi_free_result ( $res );
  786. } else {
  787. echo translate("Database error") .": " . dbi_error ();
  788. echo "<br />\nSQL:<br />\n$sql";
  789. exit;
  790. }
  791. return $ret;
  792. }
  793. /**
  794. * Adds something to the activity log for an event.
  795. *
  796. * The information will be saved to the webcal_entry_log table.
  797. *
  798. * @param int $event_id Event ID
  799. * @param string $user Username of user doing this
  800. * @param string $user_cal Username of user whose calendar is affected
  801. * @param string $type Type of activity we are logging:
  802. * - $LOG_CREATE
  803. * - $LOG_APPROVE
  804. * - $LOG_REJECT
  805. * - $LOG_UPDATE
  806. * - $LOG_DELETE
  807. * - $LOG_NOTIFICATION
  808. * - $LOG_REMINDER
  809. * @param string $text Text comment to add with activity log entry
  810. */
  811. function activity_log ( $event_id, $user, $user_cal, $type, $text ) {
  812. $next_id = 1;
  813. if ( empty ( $type ) ) {
  814. echo "Error: type not set for activity log!";
  815. // but don't exit since we may be in mid-transaction
  816. return;
  817. }
  818. $res = dbi_query ( "SELECT MAX(cal_log_id) FROM webcal_entry_log" );
  819. if ( $res ) {
  820. if ( $row = dbi_fetch_row ( $res ) ) {
  821. $next_id = $row[0] + 1;
  822. }
  823. dbi_free_result ( $res );
  824. }
  825. $date = date ( "Ymd" );
  826. $time = date ( "Gis" );
  827. $sql_text = empty ( $text ) ? "NULL" : "'$text'";
  828. $sql_user_cal = empty ( $user_cal ) ? "NULL" : "'$user_cal'";
  829. $sql = "INSERT INTO webcal_entry_log ( " .
  830. "cal_log_id, cal_entry_id, cal_login, cal_user_cal, cal_type, " .
  831. "cal_date, cal_time, cal_text ) VALUES ( $next_id, $event_id, " .
  832. "'$user', $sql_user_cal, '$type', $date, $time, $sql_text )";
  833. if ( ! dbi_query ( $sql ) ) {
  834. echo "Database error: " . dbi_error ();
  835. echo "<br />\nSQL:<br />\n$sql";
  836. exit;
  837. }
  838. }
  839. /**
  840. * Gets a list of users.
  841. *
  842. * If groups are enabled, this will restrict the list of users to only those
  843. * users who are in the same group(s) as the user (unless the user is an admin
  844. * user). We allow admin users to see all users because they can also edit
  845. * someone else's events (so they may need access to users who are not in the
  846. * same groups that they are in).
  847. *
  848. * @return array Array of users, where each element in the array is an array
  849. * with the following keys:
  850. * - cal_login
  851. * - cal_lastname
  852. * - cal_firstname
  853. * - cal_is_admin
  854. * - cal_is_admin
  855. * - cal_email
  856. * - cal_password
  857. * - cal_fullname
  858. */
  859. function get_my_users () {
  860. global $login, $is_admin, $groups_enabled, $user_sees_only_his_groups;
  861. if ( $groups_enabled == "Y" && $user_sees_only_his_groups == "Y" &&
  862. ! $is_admin ) {
  863. // get groups that current user is in
  864. $res = dbi_query ( "SELECT cal_group_id FROM webcal_group_user " .
  865. "WHERE cal_login = '$login'" );
  866. $groups = array ();
  867. if ( $res ) {
  868. while ( $row = dbi_fetch_row ( $res ) ) {
  869. $groups[] = $row[0];
  870. }
  871. dbi_fetch_row ( $res );
  872. }
  873. $u = user_get_users ();
  874. $u_byname = array ();
  875. for ( $i = 0; $i < count ( $u ); $i++ ) {
  876. $name = $u[$i]['cal_login'];
  877. $u_byname[$name] = $u[$i];
  878. }
  879. $ret = array ();
  880. if ( count ( $groups ) == 0 ) {
  881. // Eek. User is in no groups... Return only themselves
  882. $ret[] = $u_byname[$login];
  883. return $ret;
  884. }
  885. // get list of users in the same groups as current user
  886. $sql = "SELECT DISTINCT(webcal_group_user.cal_login), cal_lastname, cal_firstname from webcal_group_user " .
  887. "LEFT JOIN webcal_user ON webcal_group_user.cal_login = webcal_user.cal_login " .
  888. "WHERE cal_group_id ";
  889. if ( count ( $groups ) == 1 )
  890. $sql .= "= " . $groups[0];
  891. else {
  892. $sql .= "IN ( " . implode ( ", ", $groups ) . " )";
  893. }
  894. $sql .= " ORDER BY cal_lastname, cal_firstname, webcal_group_user.cal_login";
  895. //echo "SQL: $sql <br />\n";
  896. $res = dbi_query ( $sql );
  897. if ( $res ) {
  898. while ( $row = dbi_fetch_row ( $res ) ) {
  899. $ret[] = $u_byname[$row[0]];
  900. }
  901. dbi_free_result ( $res );
  902. }
  903. return $ret;
  904. } else {
  905. // groups not enabled... return all users
  906. //echo "No groups. ";
  907. return user_get_users ();
  908. }
  909. }
  910. /**
  911. * Gets a preference setting for the specified user.
  912. *
  913. * If no value is found in the database, then the system default setting will
  914. * be returned.
  915. *
  916. * @param string $user User login we are getting preference for
  917. * @param string $setting Name of the setting
  918. *
  919. * @return string The value found in the webcal_user_pref table for the
  920. * specified setting or the sytem default if no user settings
  921. * was found.
  922. */
  923. function get_pref_setting ( $user, $setting ) {
  924. $ret = '';
  925. // set default
  926. if ( ! isset ( $GLOBALS["sys_" .$setting] ) ) {
  927. // this could happen if the current user has not saved any pref. yet
  928. if ( ! empty ( $GLOBALS[$setting] ) )
  929. $ret = $GLOBALS[$setting];
  930. } else {
  931. $ret = $GLOBALS["sys_" .$setting];
  932. }
  933. $sql = "SELECT cal_value FROM webcal_user_pref " .
  934. "WHERE cal_login = '" . $user . "' AND " .
  935. "cal_setting = '" . $setting . "'";
  936. //echo "SQL: $sql <br />\n";
  937. $res = dbi_query ( $sql );
  938. if ( $res ) {
  939. if ( $row = dbi_fetch_row ( $res ) )
  940. $ret = $row[0];
  941. dbi_free_result ( $res );
  942. }
  943. return $ret;
  944. }
  945. /**
  946. * Gets browser-specified language preference.
  947. *
  948. * @return string Preferred language
  949. *
  950. * @ignore
  951. */
  952. function get_browser_language () {
  953. global $HTTP_ACCEPT_LANGUAGE, $browser_languages;
  954. $ret = "";
  955. if ( empty ( $HTTP_ACCEPT_LANGUAGE ) &&
  956. isset ( $_SERVER["HTTP_ACCEPT_LANGUAGE"] ) )
  957. $HTTP_ACCEPT_LANGUAGE = $_SERVER["HTTP_ACCEPT_LANGUAGE"];
  958. if ( empty ( $HTTP_ACCEPT_LANGUAGE ) ) {
  959. return "none";
  960. } else {
  961. $langs = explode ( ",", $HTTP_ACCEPT_LANGUAGE );
  962. for ( $i = 0; $i < count ( $langs ); $i++ ) {
  963. $l = strtolower ( trim ( ereg_replace(';.*', '', $langs[$i] ) ) );
  964. $ret .= "\"$l\" ";
  965. if ( ! empty ( $browser_languages[$l] ) ) {
  966. return $browser_languages[$l];
  967. }
  968. }
  969. }
  970. //if ( strlen ( $HTTP_ACCEPT_LANGUAGE ) )
  971. // return "none ($HTTP_ACCEPT_LANGUAGE not supported)";
  972. //else
  973. return "none";
  974. }
  975. /**
  976. * Loads current user's layer info into layer global variable.
  977. *
  978. * If the system setting <var>$allow_view_other</var> is not set to 'Y', then
  979. * we ignore all layer functionality. If <var>$force</var> is 0, we only load
  980. * layers if the current user preferences have layers turned on.
  981. *
  982. * @param string $user Username of user to load layers for
  983. * @param int $force If set to 1, then load layers for this user even if
  984. * user preferences have layers turned off.
  985. */
  986. function load_user_layers ($user="",$force=0) {
  987. global $login;
  988. global $layers;
  989. global $LAYERS_STATUS, $allow_view_other;
  990. if ( $user == "" )
  991. $user = $login;
  992. $layers = array ();
  993. if ( empty ( $allow_view_other ) || $allow_view_other != 'Y' )
  994. return; // not allowed to view others' calendars, so cannot use layers
  995. if ( $force || ( ! empty ( $LAYERS_STATUS ) && $LAYERS_STATUS != "N" ) ) {
  996. $res = dbi_query (
  997. "SELECT cal_layerid, cal_layeruser, cal_color, cal_dups " .
  998. "FROM webcal_user_layers " .
  999. "WHERE cal_login = '$user' ORDER BY cal_layerid" );
  1000. if ( $res ) {
  1001. $count = 1;
  1002. while ( $row = dbi_fetch_row ( $res ) ) {
  1003. $layers[$row[0]] = array (
  1004. "cal_layerid" => $row[0],
  1005. "cal_layeruser" => $row[1],
  1006. "cal_color" => $row[2],
  1007. "cal_dups" => $row[3]
  1008. );
  1009. $count++;
  1010. }
  1011. dbi_free_result ( $res );
  1012. }
  1013. } else {
  1014. //echo "Not loading!";
  1015. }
  1016. }
  1017. /**
  1018. * Generates the HTML used in an event popup for the site_extras fields of an event.
  1019. *
  1020. * @param int $id Event ID
  1021. *
  1022. * @return string The HTML to be used within the event popup for any site_extra
  1023. * fields found for the specified event
  1024. */
  1025. function site_extras_for_popup ( $id ) {
  1026. global $site_extras_in_popup, $site_extras;
  1027. // These are needed in case the site_extras.php file was already
  1028. // included.
  1029. global $EXTRA_TEXT, $EXTRA_MULTILINETEXT, $EXTRA_URL, $EXTRA_DATE,
  1030. $EXTRA_EMAIL, $EXTRA_USER, $EXTRA_REMINDER, $EXTRA_SELECTLIST;
  1031. global $EXTRA_REMINDER_WITH_DATE, $EXTRA_REMINDER_WITH_OFFSET,
  1032. $EXTRA_REMINDER_DEFAULT_YES;
  1033. $ret = '';
  1034. if ( $site_extras_in_popup != 'Y' )
  1035. return '';
  1036. include_once 'includes/site_extras.php';
  1037. $extras = get_site_extra_fields ( $id );
  1038. for ( $i = 0; $i < count ( $site_extras ); $i++ ) {
  1039. $extra_name = $site_extras[$i][0];
  1040. $extra_type = $site_extras[$i][2];
  1041. $extra_arg1 = $site_extras[$i][3];
  1042. $extra_arg2 = $site_extras[$i][4];
  1043. if ( ! empty ( $extras[$extra_name]['cal_name'] ) ) {
  1044. $ret .= "<dt>" . translate ( $site_extras[$i][1] ) . ":</dt>\n<dd>";
  1045. if ( $extra_type == $EXTRA_DATE ) {
  1046. if ( $extras[$extra_name]['cal_date'] > 0 )
  1047. $ret .= date_to_str ( $extras[$extra_name]['cal_date'] );
  1048. } else if ( $extra_type == $EXTRA_TEXT ||
  1049. $extra_type == $EXTRA_MULTILINETEXT ) {
  1050. $ret .= nl2br ( $extras[$extra_name]['cal_data'] );
  1051. } else if ( $extra_type == $EXTRA_REMINDER ) {
  1052. if ( $extras[$extra_name]['cal_remind'] <= 0 )
  1053. $ret .= translate ( "No" );
  1054. else {
  1055. $ret .= translate ( "Yes" );
  1056. if ( ( $extra_arg2 & $EXTRA_REMINDER_WITH_DATE ) > 0 ) {
  1057. $ret .= "&nbsp;&nbsp;-&nbsp;&nbsp;";
  1058. $ret .= date_to_str ( $extras[$extra_name]['cal_date'] );
  1059. } else if ( ( $extra_arg2 & $EXTRA_REMINDER_WITH_OFFSET ) > 0 ) {
  1060. $ret .= "&nbsp;&nbsp;-&nbsp;&nbsp;";
  1061. $minutes = $extras[$extra_name]['cal_data'];
  1062. $d = (int) ( $minutes / ( 24 * 60 ) );
  1063. $minutes -= ( $d * 24 * 60 );
  1064. $h = (int) ( $minutes / 60 );
  1065. $minutes -= ( $h * 60 );
  1066. if ( $d > 0 )
  1067. $ret .= $d . "&nbsp;" . translate("days") . "&nbsp;";
  1068. if ( $h > 0 )
  1069. $ret .= $h . "&nbsp;" . translate("hours") . "&nbsp;";
  1070. if ( $minutes > 0 )
  1071. $ret .= $minutes . "&nbsp;" . translate("minutes");
  1072. $ret .= "&nbsp;" . translate("before event" );
  1073. }
  1074. }
  1075. } else {
  1076. $ret .= $extras[$extra_name]['cal_data'];
  1077. }
  1078. $ret .= "</dd>\n";
  1079. }
  1080. }
  1081. return $ret;
  1082. }
  1083. /**
  1084. * Builds the HTML for the event popup.
  1085. *
  1086. * @param string $popupid CSS id to use for event popup
  1087. * @param string $user Username of user the event pertains to
  1088. * @param string $description Event description
  1089. * @param string $time Time of the event (already formatted in a display format)
  1090. * @param string $site_extras HTML for any site_extras for this event
  1091. *
  1092. * @return string The HTML for the event popup
  1093. */
  1094. function build_event_popup ( $popupid, $user, $description, $time, $site_extras='' ) {
  1095. global $login, $popup_fullnames, $popuptemp_fullname;
  1096. $ret = "<dl id=\"$popupid\" class=\"popup\">\n";
  1097. if ( empty ( $popup_fullnames ) )
  1098. $popup_fullnames = array ();
  1099. if ( $user != $login ) {
  1100. if ( empty ( $popup_fullnames[$user] ) ) {
  1101. user_load_variables ( $user, "popuptemp_" );
  1102. $popup_fullnames[$user] = $popuptemp_fullname;
  1103. }
  1104. $ret .= "<dt>" . translate ("User") .
  1105. ":</dt>\n<dd>$popup_fullnames[$user]</dd>\n";
  1106. }
  1107. if ( strlen ( $time ) )
  1108. $ret .= "<dt>" . translate ("Time") . ":</dt>\n<dd>$time</dd>\n";
  1109. $ret .= "<dt>" . translate ("Description") . ":</dt>\n<dd>";
  1110. if ( ! empty ( $GLOBALS['allow_html_description'] ) &&
  1111. $GLOBALS['allow_html_description'] == 'Y' ) {
  1112. $str = str_replace ( "&", "&amp;", $description );
  1113. $str = str_replace ( "&amp;amp;", "&amp;", $str );
  1114. // If there is no html found, then go ahead and replace
  1115. // the line breaks ("\n") with the html break.
  1116. if ( strstr ( $str, "<" ) && strstr ( $str, ">" ) ) {
  1117. // found some html...
  1118. $ret .= $str;
  1119. } else {
  1120. // no html, replace line breaks
  1121. $ret .= nl2br ( $str );
  1122. }
  1123. } else {
  1124. // html not allowed in description, escape everything
  1125. $ret .= nl2br ( htmlspecialchars ( $description ) );
  1126. }
  1127. $ret .= "</dd>\n";
  1128. if ( ! empty ( $site_extras ) )
  1129. $ret .= $site_extras;
  1130. $ret .= "</dl>\n";
  1131. return $ret;
  1132. }
  1133. /**
  1134. * Prints out a date selection box for use in a form.
  1135. *
  1136. * @param string $prefix Prefix to use in front of form element names
  1137. * @param int $date Currently selected date (in YYYYMMDD format)
  1138. *
  1139. * @uses date_selection_html
  1140. */
  1141. function print_date_selection ( $prefix, $date ) {
  1142. print date_selection_html ( $prefix, $date );
  1143. }
  1144. /**
  1145. * Generate HTML for a date selection for use in a form.
  1146. *
  1147. * @param string $prefix Prefix to use in front of form element names
  1148. * @param int $date Currently selected date (in YYYYMMDD format)
  1149. *
  1150. * @return string HTML for the selection box
  1151. */
  1152. function date_selection_html ( $prefix, $date ) {
  1153. $ret = "";
  1154. $num_years = 20;
  1155. if ( strlen ( $date ) != 8 )
  1156. $date = date ( "Ymd" );
  1157. $thisyear = $year = substr ( $date, 0, 4 );
  1158. $thismonth = $month = substr ( $date, 4, 2 );
  1159. $thisday = $day = substr ( $date, 6, 2 );
  1160. if ( $thisyear - date ( "Y" ) >= ( $num_years - 1 ) )
  1161. $num_years = $thisyear - date ( "Y" ) + 2;
  1162. $ret .= "<select name=\"" . $prefix . "day\">\n";
  1163. for ( $i = 1; $i <= 31; $i++ )
  1164. $ret .= "<option value=\"$i\"" .
  1165. ( $i == $thisday ? " selected=\"selected\"" : "" ) . ">$i</option>\n";
  1166. $ret .= "</select>\n<select name=\"" . $prefix . "month\">\n";
  1167. for ( $i = 1; $i <= 12; $i++ ) {
  1168. $m = month_short_name ( $i - 1 );
  1169. $ret .= "<option value=\"$i\"" .
  1170. ( $i == $thismonth ? " selected=\"selected\"" : "" ) . ">$m</option>\n";
  1171. }
  1172. $ret .= "</select>\n<select name=\"" . $prefix . "year\">\n";
  1173. for ( $i = -10; $i < $num_years; $i++ ) {
  1174. $y = $thisyear + $i;
  1175. $ret .= "<option value=\"$y\"" .
  1176. ( $y == $thisyear ? " selected=\"selected\"" : "" ) . ">$y</option>\n";
  1177. }
  1178. $ret .= "</select>\n";
  1179. $ret .= "<input type=\"button\" onclick=\"selectDate( '" .
  1180. $prefix . "day','" . $prefix . "month','" . $prefix . "year',$date, event)\" value=\"" .
  1181. translate("Select") . "...\" />\n";
  1182. return $ret;
  1183. }
  1184. /**
  1185. * Prints out a minicalendar for a month.
  1186. *
  1187. * @todo Make day.php NOT be a special case
  1188. *
  1189. * @param int $thismonth Number of the month to print
  1190. * @param int $thisyear Number of the year
  1191. * @param bool $showyear Show the year in the calendar's title?
  1192. * @param bool $show_weeknums Show week numbers to the left of each row?
  1193. * @param string $minical_id id attribute for the minical table
  1194. * @param string $month_link URL and query string for month link that should
  1195. * come before the date specification (e.g.
  1196. * month.php? or view_l.php?id=7&amp;)
  1197. */
  1198. function display_small_month ( $thismonth, $thisyear, $showyear,
  1199. $show_weeknums=false, $minical_id='', $month_link='month.php?' ) {
  1200. global $WEEK_START, $user, $login, $boldDays, $get_unapproved;
  1201. global $DISPLAY_WEEKNUMBER;
  1202. global $SCRIPT, $thisday; // Needed for day.php
  1203. global $caturl, $today;
  1204. if ( $user != $login && ! empty ( $user ) ) {
  1205. $u_url = "user=$user" . "&amp;";
  1206. } else {
  1207. $u_url = '';
  1208. }
  1209. //start the minical table for each month
  1210. echo "\n<table class=\"minical\"";
  1211. if ( $minical_id != '' ) {
  1212. echo " id=\"$minical_id\"";
  1213. }
  1214. echo ">\n";
  1215. $monthstart = mktime(2,0,0,$thismonth,1,$thisyear);
  1216. $monthend = mktime(2,0,0,$thismonth + 1,0,$thisyear);
  1217. if ( $SCRIPT == 'day.php' ) {
  1218. $month_ago = date ( "Ymd",
  1219. mktime ( 3, 0, 0, $thismonth - 1, $thisday, $thisyear ) );
  1220. $month_ahead = date ( "Ymd",
  1221. mktime ( 3, 0, 0, $thismonth + 1, $thisday, $thisyear ) );
  1222. echo "<caption>$thisday</caption>\n";
  1223. echo "<thead>\n";
  1224. echo "<tr class=\"monthnav\"><th colspan=\"7\">\n";
  1225. echo "<a title=\"" .
  1226. translate("Previous") . "\" class=\"prev\" href=\"day.php?" . $u_url .
  1227. "date=$month_ago$caturl\"><img src=\"leftarrowsmall.gif\" alt=\"" .
  1228. translate("Previous") . "\" /></a>\n";
  1229. echo "<a title=\"" .
  1230. translate("Next") . "\" class=\"next\" href=\"day.php?" . $u_url .
  1231. "date=$month_ahead$caturl\"><img src=\"rightarrowsmall.gif\" alt=\"" .
  1232. translate("Next") . "\" /></a>\n";
  1233. echo month_name ( $thismonth - 1 );
  1234. if ( $showyear != '' ) {
  1235. echo " $thisyear";
  1236. }
  1237. echo "</th></tr>\n<tr>\n";
  1238. } else { //not day script
  1239. //print the month name
  1240. echo "<caption><a href=\"{$month_link}{$u_url}year=$thisyear&amp;month=$thismonth\">";
  1241. echo month_name ( $thismonth - 1 ) .
  1242. ( $showyear ? " $thisyear" : "" );
  1243. echo "</a></caption>\n";
  1244. echo "<thead>\n<tr>\n";
  1245. }
  1246. //determine if the week starts on sunday or monday
  1247. if ( $WEEK_START == "1" ) {
  1248. $wkstart = get_monday_before ( $thisyear, $thismonth, 1 );
  1249. } else {
  1250. $wkstart = get_sunday_before ( $thisyear, $thismonth, 1 );
  1251. }
  1252. //print the headers to display the day of the week (sun, mon, tues, etc.)
  1253. // if we're showing week numbers we need an extra column
  1254. if ( $show_weeknums && $DISPLAY_WEEKNUMBER == 'Y' )
  1255. echo "<th class=\"empty\">&nbsp;</th>\n";
  1256. //if the week doesn't start on monday, print the day
  1257. if ( $WEEK_START == 0 ) echo "<th>" .
  1258. weekday_short_name ( 0 ) . "</th>\n";
  1259. //cycle through each day of the week until gone
  1260. for ( $i = 1; $i < 7; $i++ ) {
  1261. echo "<th>" . weekday_short_name ( $i ) . "</th>\n";
  1262. }
  1263. //if the week DOES start on monday, print sunday
  1264. if ( $WEEK_START == 1 )
  1265. echo "<th>" . weekday_short_name ( 0 ) . "</th>\n";
  1266. //end the header row
  1267. echo "</tr>\n</thead>\n<tbody>\n";
  1268. for ($i = $wkstart; date("Ymd",$i) <= date ("Ymd",$monthend);
  1269. $i += (24 * 3600 * 7) ) {
  1270. echo "<tr>\n";
  1271. if ( $show_weeknums && $DISPLAY_WEEKNUMBER == 'Y' ) {
  1272. echo "<td class=\"weeknumber\"><a href=\"week.php?" . $u_url .
  1273. "date=".date("Ymd", $i)."\">(" . week_number($i) . ")</a></td>\n";
  1274. }
  1275. for ($j = 0; $j < 7; $j++) {
  1276. $date = $i + ($j * 24 * 3600);
  1277. $dateYmd = date ( "Ymd", $date );
  1278. $hasEvents = false;
  1279. if ( $boldDays ) {
  1280. $ev = get_entries ( $user, $dateYmd, $get_unapproved );
  1281. if ( count ( $ev ) > 0 ) {
  1282. $hasEvents = true;
  1283. } else {
  1284. $rep = get_repeating_entries ( $user, $dateYmd, $get_unapproved );
  1285. if ( count ( $rep ) > 0 )
  1286. $hasEvents = true;
  1287. }
  1288. }
  1289. if ( $dateYmd >= date ("Ymd",$monthstart) &&
  1290. $dateYmd <= date ("Ymd",$monthend) ) {
  1291. echo "<td";
  1292. $wday = date ( 'w', $date );
  1293. $class = '';
  1294. //add class="weekend" if it's saturday or sunday
  1295. if ( $wday == 0 || $wday == 6 ) {
  1296. $class = "weekend";
  1297. }
  1298. //if the day being viewed is today's date AND script = day.php
  1299. if ( $dateYmd == $thisyear . $thismonth . $thisday &&
  1300. $SCRIPT == 'day.php' ) {
  1301. //if it's also a weekend, add a space between class names to combine styles
  1302. if ( $class != '' ) {
  1303. $class .= ' ';
  1304. }
  1305. $class .= "selectedday";
  1306. }
  1307. if ( $hasEvents ) {
  1308. if ( $class != '' ) {
  1309. $class .= ' ';
  1310. }
  1311. $class .= "hasevents";
  1312. }
  1313. if ( $class != '' ) {
  1314. echo " class=\"$class\"";
  1315. }
  1316. if ( date ( "Ymd", $date ) == date ( "Ymd", $today ) ){
  1317. echo " id=\"today\"";
  1318. }
  1319. echo "><a href=\"day.php?" .$u_url . "date=" . $dateYmd .
  1320. "\">";
  1321. echo date ( "d", $date ) . "</a></td>\n";
  1322. } else {
  1323. echo "<td class=\"empty\">&nbsp;</td>\n";
  1324. }
  1325. } // end for $j
  1326. echo "</tr>\n";
  1327. } // end for $i
  1328. echo "</tbody>\n</table>\n";
  1329. }
  1330. /**
  1331. * Prints the HTML for one day's events in the month view.
  1332. *
  1333. * @param int $id Event ID
  1334. * @param int $date Date of event (relevant in repeating events) in
  1335. * YYYYMMDD format
  1336. * @param int $time Time (in HHMMSS format)
  1337. * @param int $duration Event duration in minutes
  1338. * @param string $name Event name
  1339. * @param string $description Long description of event
  1340. * @param string $status Event status
  1341. * @param int $pri Event priority
  1342. * @param string $access Event access
  1343. * @param string $event_owner Username of user associated with this event
  1344. * @param int $event_cat Category of event for <var>$event_owner</var>
  1345. *
  1346. * @staticvar int Used to ensure all event popups have a unique id
  1347. *
  1348. * @uses build_event_popup
  1349. */
  1350. function print_entry ( $id, $date, $time, $duration,
  1351. $name, $description, $status,
  1352. $pri, $access, $event_owner, $event_cat=-1 ) {
  1353. global $eventinfo, $login, $user, $PHP_SELF, $TZ_OFFSET;
  1354. static $key = 0;
  1355. global $layers;
  1356. if ( $login != $event_owner && strlen ( $event_owner ) ) {
  1357. $class = "layerentry";
  1358. } else {
  1359. $class = "entry";
  1360. if ( $status == "W" ) $class = "unapprovedentry";
  1361. }
  1362. // if we are looking at a view, then always use "entry"
  1363. if ( strstr ( $PHP_SELF, "view_m.php" ) ||
  1364. strstr ( $PHP_SELF, "view_w.php" ) ||
  1365. strstr ( $PHP_SELF, "view_v.php" ) ||
  1366. strstr ( $PHP_SELF, "view_t.php" ) )
  1367. $class = "entry";
  1368. if ( $pri == 3 ) echo "<strong>";
  1369. $popupid = "eventinfo-$id-$key";
  1370. $key++;
  1371. echo "<a title=\"" .
  1372. translate("View this entry") . "\" class=\"$class\" href=\"view_entry.php?id=$id&amp;date=$date";
  1373. if ( strlen ( $user ) > 0 )
  1374. echo "&amp;user=" . $user;
  1375. echo "\" onmouseover=\"window.status='" .
  1376. translate("View this entry") .
  1377. "'; show(event, '$popupid'); return true;\" onmouseout=\"window.status=''; hide('$popupid'); return true;\">";
  1378. $icon = "circle.gif";
  1379. $catIcon = '';
  1380. if ( $event_cat > 0 ) {
  1381. $catIcon = "icons/cat-" . $event_cat . ".gif";
  1382. if ( ! file_exists ( $catIcon ) )
  1383. $catIcon = '';
  1384. }
  1385. if ( empty ( $catIcon ) ) {
  1386. echo "<img src=\"$icon\" class=\"bullet\" alt=\"" .
  1387. translate("View this entry") . "\" />";
  1388. } else {
  1389. // Use category icon
  1390. echo "<img src=\"$catIcon\" alt=\"" .
  1391. translate("View this entry") . "\" /><br />";
  1392. }
  1393. if ( $login != $event_owner && strlen ( $event_owner ) ) {
  1394. if ($layers) foreach ($layers as $layer) {
  1395. if ($layer['cal_layeruser'] == $event_owner) {
  1396. echo("<span style=\"color:" . $layer['cal_color'] . ";\">");
  1397. }
  1398. }
  1399. }
  1400. $timestr = "";
  1401. if ( $duration == ( 24 * 60 ) ) {
  1402. $timestr = translate("All day event");
  1403. } else if ( $time != -1 ) {
  1404. $timestr = display_time ( $time );
  1405. $time_short = preg_replace ("/(:00)/", '', $timestr);
  1406. echo $time_short . "&raquo;&nbsp;";
  1407. if ( $duration > 0 ) {
  1408. // calc end time
  1409. $h = (int) ( $time / 10000 );
  1410. $m = ( $time / 100 ) % 100;
  1411. $m += $duration;
  1412. $d = $duration;
  1413. while ( $m >= 60 ) {
  1414. $h++;
  1415. $m -= 60;
  1416. }
  1417. $end_time = sprintf ( "%02d%02d00", $h, $m );
  1418. $timestr .= " - " . display_time ( $end_time );
  1419. }
  1420. }
  1421. if ( $login != $user && $access == 'R' && strlen ( $user ) ) {
  1422. echo "(" . translate("Pr…

Large files files are truncated, but you can click here to view the full file