0 ) { $can_view = true; $is_my_event = true; } dbi_free_result ( $res ); } if ( ($login != "__public__") && ($public_access_others == "Y") ) { $can_view = true; } if ( ! $can_view ) { $check_group = false; // if not a participant in the event, must be allowed to look at // other user's calendar. if ( $login == "__public__" ) { if ( $public_access_others == "Y" ) $check_group = true; } else { if ( $allow_view_other == "Y" ) $check_group = true; } // If $check_group is true now, it means this user can look at the // event only if they are in the same group as some of the people in // the event. // This gets kind of tricky. If there is a participant from a different // group, do we still show it? For now, the answer is no. // This could be configurable somehow, but how many lines of text would // it need in the admin page to describe this scenario? Would confuse // 99.9% of users. // In summary, make sure at least one event participant is in one of // this user's groups. $my_users = get_my_users (); if ( is_array ( $my_users ) ) { $sql = "SELECT webcal_entry.cal_id FROM webcal_entry, " . "webcal_entry_user WHERE webcal_entry.cal_id = " . "webcal_entry_user.cal_id AND webcal_entry.cal_id = $id " . "AND webcal_entry_user.cal_login IN ( "; for ( $i = 0; $i < count ( $my_users ); $i++ ) { if ( $i > 0 ) $sql .= ", "; $sql .= "'" . $my_users[$i]['cal_login'] . "'"; } $sql .= " )"; $res = dbi_query ( $sql ); if ( $res ) { $row = dbi_fetch_row ( $res ); if ( $row && $row[0] > 0 ) $can_view = true; dbi_free_result ( $res ); } } // If we didn't indicate we need to check groups, then this user // can't view this event. if ( ! $check_group ) $can_view = false; } if ( ! $can_view ) { $error = translate ( "You are not authorized" ); } // copied from edit_entry_handler (functions.php?) function add_duration ( $time, $duration ) { $hour = (int) ( $time / 10000 ); $min = ( $time / 100 ) % 100; $minutes = $hour * 60 + $min + $duration; $h = $minutes / 60; $m = $minutes % 60; $ret = sprintf ( "%d%02d00", $h, $m ); //echo "add_duration ( $time, $duration ) = $ret
"; return $ret; } if ( ! empty ( $year ) ) $thisyear = $year; if ( ! empty ( $month ) ) $thismonth = $month; $pri[1] = translate("Low"); $pri[2] = translate("Medium"); $pri[3] = translate("High"); $unapproved = FALSE; // Make sure this is not a continuation event. // If it is, redirect the user to the original event. $ext_id = -1; if ( $id > 0 ) { $res = dbi_query ( "SELECT cal_ext_for_id FROM webcal_entry " . "WHERE cal_id = $id" ); if ( $res ) { if ( $row = dbi_fetch_row ( $res ) ) { $ext_id = $row[0]; } dbi_free_result ( $res ); } else { // db error... ignore it, I guess. } } if ( $ext_id > 0 ) { $url = "view_entry.php?id=$ext_id"; if ( $date != "" ) $url .= "&date=$date"; if ( $user != "" ) $url .= "&user=$user"; if ( $cat_id != "" ) $url .= "&cat_id=$cat_id"; do_redirect ( $url ); } $INC = array('js/view_entry.php'); print_header($INC); if ( $id < 1 ) { echo translate("Invalid entry id") . "."; exit; } // Try to determine the event status. $event_status = ""; if ( $login != $user ) { // If viewing another user's calendar, check the status of the // event on their calendar (to see if it's deleted). $sql = "SELECT cal_status FROM webcal_entry_user " . "WHERE cal_login = '$user' AND cal_id = $id"; $res = dbi_query ( $sql ); if ( $res ) { if ( $row = dbi_fetch_row ( $res ) ) $event_status = $row[0]; dbi_free_result ( $res ); } } else { $sql = "SELECT cal_id, cal_status FROM webcal_entry_user " . "WHERE cal_login = '$login' AND cal_id = $id"; $res = dbi_query ( $sql ); if ( $res ) { $row = dbi_fetch_row ( $res ); $event_status = $row[1]; dbi_free_result ( $res ); } } // At this point, if we don't have the event status, then either // this user is not viewing an event from his own calendar and not // viewing an event from someone else's calendar. // They probably got here from the search results page (or possibly // by hand typing in the URL.) // Check to make sure that it hasn't been deleted from everyone's // calendar. if ( empty ( $event_status ) ) { $sql = "SELECT cal_status FROM webcal_entry_user " . "WHERE cal_status != 'D' ORDER BY cal_status"; $res = dbi_query ( $sql ); if ( $res ) { if ( $row = dbi_fetch_row ( $res ) ) $event_status = $row[0]; dbi_free_result ( $res ); } } // If we have no event status yet, it must have been deleted. if ( ( empty ( $event_status ) && ! $is_admin ) || ! $can_view ) { echo "

" . translate("Error") . "

" . translate("You are not authorized") . ".\n"; print_trailer (); echo "\n"; exit; } // Load event info now. $sql = "SELECT cal_create_by, cal_date, cal_time, cal_mod_date, " . "cal_mod_time, cal_duration, cal_priority, cal_type, cal_access, " . "cal_name, cal_description FROM webcal_entry WHERE cal_id = " . $id; $res = dbi_query ( $sql ); if ( ! $res ) { echo translate("Invalid entry id") . ": $id"; exit; } $row = dbi_fetch_row ( $res ); $create_by = $row[0]; $orig_date = $row[1]; $event_time = $row[2]; $name = $row[9]; $description = $row[10]; // Timezone Adjustments if ( $event_time >= 0 && $TZ_OFFSET != 0 ) { // -1 = no time specified $adjusted_time = $event_time + $TZ_OFFSET * 10000; $year = substr($row[1],0,4); $month = substr($row[1],4,2); $day = substr($row[1],-2); if ( $adjusted_time > 240000 ) { $gmt = mktime ( 3, 0, 0, $month, $day, $year ); $gmt += $ONE_DAY; } else if ( $adjusted_time < 0 ) { $gmt = mktime ( 3, 0, 0, $month, $day, $year ); $gmt -= $ONE_DAY; } } // Set alterted date $tz_date = ( $gmt ) ? date ( "Ymd", $gmt ) : $row[1]; // save date so the trailer links are for the same time period $thisyear = (int) ( $tz_date / 10000 ); $thismonth = ( $tz_date / 100 ) % 100; $thisday = $tz_date % 100; $thistime = mktime ( 3, 0, 0, $thismonth, $thisday, $thisyear ); $thisdow = date ( "w", $thistime ); // $subject is used for mailto URLs $subject = translate($application_name) . ": " . $name; // Remove the '"' character since it causes some mailers to barf $subject = str_replace ( "\"", "", $subject ); $subject = htmlentities ( $subject ); $event_repeats = false; // build info string for repeating events and end date $sql = "SELECT cal_type, cal_end, cal_frequency, cal_days " . "FROM webcal_entry_repeats WHERE cal_id = $id"; $res = dbi_query ($sql); if ( $res ) { if ( $tmprow = dbi_fetch_row ( $res ) ) { $event_repeats = true; $cal_type = $tmprow[0]; $cal_end = $tmprow[1]; $cal_frequency = $tmprow[2]; $cal_days = $tmprow[3]; if ( $cal_end ) { $rep_str .= " - "; $rep_str .= date_to_str ( $cal_end ); } $rep_str .= " (" . translate("every") . " "; if ( $cal_frequency > 1 ) { switch ( $cal_frequency ) { case 2: $rep_str .= translate("2nd"); break; case 3: $rep_str .= translate("3rd"); break; case 4: $rep_str .= translate("4th"); break; case 5: $rep_str .= translate("5th"); break; case 12: if ( $cal_type == 'monthlyByDay' || $cal_type == 'monthlyByDayR' ) break; default: $rep_str .= $cal_frequency; break; } } $rep_str .= ' '; switch ($cal_type) { case "daily": $rep_str .= translate("Day"); break; case "weekly": $rep_str .= translate("Week"); for ($i=0; $i<=7; $i++) { if (substr($cal_days, $i, 1) == "y") { $rep_str .= ", " . weekday_short_name($i); } } break; case "monthlyByDay": case "monthlyByDayR": if ( $cal_frequency == 12 ) { $rep_str .= month_name ( $thismonth - 1 ) . " / "; } else { $rep_str .= translate("Month") . " / "; } $days_this_month = $thisyear % 4 == 0 ? $ldays_per_month[$thismonth] : $days_per_month[$thismonth]; if ( $cal_type == 'monthlyByDay' ) { $dow1 = date ( "w", mktime ( 3, 0, 0, $thismonth, 1, $thisyear ) ); $days_in_first_week = ( 7 - $dow1 ) % 7; $whichWeek = floor ( ( $thisday - $days_in_first_week ) / 7 ); if ( $thisdow >= $dow1 ) $whichWeek++; } else { $whichWeek = floor ( ( $days_this_month - $thisday ) / 7 ); } $rep_str .= ' '; switch ( $whichWeek ) { case 0: if ( $cal_type == 'monthlyByDay' ) $rep_str .= translate ( "1st" ); break; case 1: $rep_str .= translate ( "2nd" ); break; case 2: $rep_str .= translate ( "3rd" ); break; case 3: $rep_str .= translate ( "4th" ); break; case 4: $rep_str .= translate ( "5th" ); break; } if ( $cal_type == 'monthlyByDayR' ) $rep_str .= " " . translate ( "last" ); $rep_str .= ' ' . weekday_name ( $thisdow ); break; case "monthlyByDate": $rep_str .= translate("Month") . "/" . translate("by date"); break; case "yearly": $rep_str .= translate("Year"); break; } $rep_str .= ")"; } else $rep_str = ""; dbi_free_result ( $res ); } /* calculate end time */ if ( $event_time > 0 && $row[5] > 0 ) $end_str = "-" . display_time ( add_duration ( $row[2], $row[5] ) ); else $end_str = ""; // get the email adress of the creator of the entry user_load_variables ( $create_by, "createby_" ); $email_addr = $createby_email; // If confidential and not this user's event, then // They cannot seem name or description. //if ( $row[8] == "R" && ! $is_my_event && ! $is_admin ) { if ( $row[8] == "R" && ! $is_my_event ) { $is_private = true; $name = "[" . translate("Confidential") . "]"; $description = "[" . translate("Confidential") . "]"; } else { $is_private = false; } if ( $event_repeats && ! empty ( $date ) ) $event_date = $date; else $event_date = $row[1]; // TODO: don't let someone view another user's private entry // by hand editing the URL. // Get category Info if ( $categories_enabled == "Y" ) { $sql = "SELECT cat_name FROM webcal_categories, webcal_entry_user " . "WHERE webcal_entry_user.cal_login = '$login' AND webcal_entry_user.cal_id = $id " . "AND webcal_entry_user.cal_category = webcal_categories.cat_id"; $res2 = dbi_query ( $sql ); if ( $res2 ) { $row2 = dbi_fetch_row ( $res2 ); $category = $row2[0]; dbi_free_result ( $res2 ); } } ?>

= 0 ) { ?> 0 && $row[5] != ( 24 * 60 ) ) { ?> \n"; if ( $is_private ) echo "\n"; else { if ( strlen ( $email_addr ) ) echo "\n"; else echo "\n"; } } ?> \n"; } } ?>

:
:
:
:
:
:
:
:
:
" . translate("Created by") . ":	[" . translate("Confidential") . "]
" . ( $row[0] == "__public__" ? "Public Access" : $createby_fullname ) . "
" . ( $row[0] == "__public__" ? "Public Access" : $createby_fullname ) . "
:
" . translate ( $site_extras[$i][1] ) . ":	"; if ( $extra_type == $EXTRA_URL ) { if ( strlen ( $extras[$extra_name]['cal_data'] ) ) echo "" . $extras[$extra_name]['cal_data'] . ""; } else if ( $extra_type == $EXTRA_EMAIL ) { if ( strlen ( $extras[$extra_name]['cal_data'] ) ) echo "" . $extras[$extra_name]['cal_data'] . ""; } else if ( $extra_type == $EXTRA_DATE ) { if ( $extras[$extra_name]['cal_date'] > 0 ) echo date_to_str ( $extras[$extra_name]['cal_date'] ); } else if ( $extra_type == $EXTRA_TEXT \|\| $extra_type == $EXTRA_MULTILINETEXT ) { echo nl2br ( $extras[$extra_name]['cal_data'] ); } else if ( $extra_type == $EXTRA_USER ) { echo $extras[$extra_name]['cal_data']; } else if ( $extra_type == $EXTRA_REMINDER ) { if ( $extras[$extra_name]['cal_remind'] <= 0 ) etranslate ( "No" ); else { etranslate ( "Yes" ); if ( ( $extra_arg2 & $EXTRA_REMINDER_WITH_DATE ) > 0 ) { echo " - "; echo date_to_str ( $extras[$extra_name]['cal_date'] ); } else if ( ( $extra_arg2 & $EXTRA_REMINDER_WITH_OFFSET ) > 0 ) { echo " - "; $minutes = $extras[$extra_name]['cal_data']; $d = (int) ( $minutes / ( 24 * 60 ) ); $minutes -= ( $d * 24 * 60 ); $h = (int) ( $minutes / 60 ); $minutes -= ( $h * 60 ); if ( $d > 0 ) echo $d . " " . translate("days") . " "; if ( $h > 0 ) echo $h . " " . translate("hours") . " "; if ( $minutes > 0 ) echo $minutes . " " . translate("minutes"); echo " " . translate("before event" ); } } } else if ( $extra_type == $EXTRA_SELECTLIST ) { echo $extras[$extra_name]['cal_data']; } echo "
:	\n"; $res = dbi_query ( $sql ); $first = 1; $num_app = $num_wait = $num_rej = 0; if ( $res ) { while ( $row = dbi_fetch_row ( $res ) ) { $pname = $row[0]; if ( $login == $row[0] && $row[1] == 'W' ) $unapproved = TRUE; if ( $row[1] == 'A' ) $approved[$num_app++] = $pname; else if ( $row[1] == 'W' ) $waiting[$num_wait++] = $pname; else if ( $row[1] == 'R' ) $rejected[$num_rej++] = $pname; } dbi_free_result ( $res ); } else { echo translate ("Database error") . ": " . dbi_error() . " "; } } for ( $i = 0; $i < $num_app; $i++ ) { user_load_variables ( $approved[$i], "temp" ); if ( strlen ( $tempemail ) ) { echo "" . $tempfullname . " \n"; $allmails[] = $tempemail; } else { echo $tempfullname . " \n"; } } // show external users here... if ( ! empty ( $allow_external_users ) && $allow_external_users == "Y" ) { $external_users = event_get_external_users ( $id, 1 ); $ext_users = explode ( "\n", $external_users ); if ( is_array ( $ext_users ) ) { for ( $i = 0; $i < count( $ext_users ); $i++ ) { if ( ! empty ( $ext_users[$i] ) ) echo $ext_users[$i] . " (" . translate("External User") . ") \n"; } } } for ( $i = 0; $i < $num_wait; $i++ ) { user_load_variables ( $waiting[$i], "temp" ); if ( strlen ( $tempemail ) ) { echo " " . $tempfullname . " (?)\n"; $allmails[] = $tempemail; } else { echo " " . $tempfullname . " (?)\n"; } } for ( $i = 0; $i < $num_rej; $i++ ) { user_load_variables ( $rejected[$i], "temp" ); if ( strlen ( $tempemail ) ) { echo " ~~" . $tempfullname . "~~ (" . translate("Rejected") . ")\n"; } else { echo " ~~$tempfullname~~ (" . translate("Rejected") . ")\n"; } } ?>

" . translate("Approve/Confirm entry") . "
\n"; echo "" . translate("Reject entry") . "
\n"; } if ( ! empty ( $user ) && $login != $user ) $u_url = "&user=$user"; else $u_url = ""; $can_edit = ( $is_admin || $is_nonuser_admin || ( $is_assistant && ! $is_private ) || ( $readonly != "Y" && ( $login == $create_by || $single_user == "Y" ) ) ); if ( $public_access == "Y" && $login == "__public__" ) $can_edit = false; $rdate = ""; if ( $event_repeats ) $rdate = "&date=$event_date"; // If approved, but event category not set (and user does not have permission // to edit where they could also set the category), then allow them to // set it through set_cat.php. if ( empty ( $user ) && $categories_enabled == "Y" && $readonly != "Y" && $is_my_event && $login != "__public__" && $event_status != "D" && ! $can_edit ) { echo "" . translate("Set category") . "
\n"; } if ( $can_edit && $event_status != "D" ) { if ( $event_repeats ) { echo "" . translate("Edit repeating entry for all dates") . "
\n"; // Don't allow override of first event if ( ! empty ( $date ) && $date != $orig_date ) echo "" . translate("Edit entry for this date") . "
\n"; echo "" . translate("Delete repeating event for all dates") . "
\n"; // Don't allow deletion of first event if ( ! empty ( $date ) && $date != $orig_date ) echo "" . translate("Delete entry only for this date") . "
\n"; } else { echo "" . translate("Edit entry") . "
\n"; echo "" . translate("Delete entry") . "
\n"; } } elseif ( $readonly != "Y" && $is_my_event && $login != "__public__" && $event_status != "D" ) { echo "" . translate("Delete entry") . "
\n"; } if ( $readonly != "Y" && ! $is_my_event && ! $is_private && $event_status != "D" && $login != "__public__" ) { echo "" . translate("Add to My Calendar") . "
\n"; } if ( count ( $allmails ) > 0 ) { echo "" . translate("Email all participants") . "
\n"; } $show_log = false; if ( $is_admin ) { if ( empty ( $log ) ) { echo "" . translate("Show activity log") . "
\n"; } else { echo "" . translate("Hide activity log") . "
\n"; $show_log = true; } } if ( $show_log ) { echo "

" . translate("Activity Log") . "

\n"; echo "\n"; echo ""; echo ""; echo ""; echo ""; echo "\n"; $res = dbi_query ( "SELECT cal_login, cal_user_cal, cal_type, " . "cal_date, cal_time " . "FROM webcal_entry_log WHERE cal_entry_id = $id " . "ORDER BY cal_log_id DESC" ); if ( $res ) { $font = ""; while ( $row = dbi_fetch_row ( $res ) ) { echo ""; echo ""; echo ""; echo ""; echo "\n"; } dbi_free_result ( $res ); } echo "

" . translate("User") . "	" . translate("Calendar") . "	" . translate("Date") . "/" . translate("Time") . "	" . translate("Action") . "
" . $font . $row[0] . "	" . $font . $row[1] . "	" . $font . date_to_str ( $row[3] ) . " " . display_time ( $row[4] ) . "	" . $font; if ( $row[2] == $LOG_CREATE ) etranslate("Event created"); else if ( $row[2] == $LOG_APPROVE ) etranslate("Event approved"); else if ( $row[2] == $LOG_REJECT ) etranslate("Event rejected"); else if ( $row[2] == $LOG_UPDATE ) etranslate("Event updated"); else if ( $row[2] == $LOG_DELETE ) etranslate("Event deleted"); else if ( $row[2] == $LOG_NOTIFICATION ) etranslate("Notification sent"); else if ( $row[2] == $LOG_REMINDER ) etranslate("Reminder sent"); echo "

\n"; } if (! $is_private) { echo "
\n"; echo "\n"; } ?>