| [ Index ] |
|
Code source de WebCalendar 1.0.5 |
1 <?php 2 include_once 'includes/init.php'; 3 4 $my_event = false; 5 $can_edit = false; 6 7 // First, check to see if this user should be able to delete this event. 8 if ( $id > 0 ) { 9 // first see who has access to edit this entry 10 if ( $is_admin ) { 11 $can_edit = true; 12 } else if ( $readonly == "Y" ) { 13 $can_edit = false; 14 } else { 15 $can_edit = false; 16 $sql = "SELECT webcal_entry.cal_id FROM webcal_entry, " . 17 "webcal_entry_user WHERE webcal_entry.cal_id = " . 18 "webcal_entry_user.cal_id AND webcal_entry.cal_id = $id " . 19 "AND (webcal_entry.cal_create_by = '$login' " . 20 "OR webcal_entry_user.cal_login = '$login')"; 21 $res = dbi_query ( $sql ); 22 if ( $res ) { 23 $row = dbi_fetch_row ( $res ); 24 if ( $row && $row[0] > 0 ) 25 $can_edit = true; 26 dbi_free_result ( $res ); 27 } 28 } 29 } 30 31 // See who owns the event. Owner should be able to delete. 32 $res = dbi_query ( 33 "SELECT cal_create_by FROM webcal_entry WHERE cal_id = $id" ); 34 if ( $res ) { 35 $row = dbi_fetch_row ( $res ); 36 $owner = $row[0]; 37 dbi_free_result ( $res ); 38 if ( $owner == $login || $is_assistant && ( $user == $owner ) || $is_nonuser_admin && ( $user == $owner ) ) { 39 $my_event = true; 40 $can_edit = true; 41 } 42 } 43 44 if ( $readonly == 'Y' ) 45 $can_edit = false; 46 47 if ( ! $can_edit ) { 48 $error = translate ( "You are not authorized" ); 49 } 50 51 // Is this a repeating event? 52 $event_repeats = false; 53 $res = dbi_query ( "SELECT COUNT(cal_id) FROM webcal_entry_repeats " . 54 "WHERE cal_id = $id" ); 55 if ( $res ) { 56 $row = dbi_fetch_row ( $res ); 57 if ( $row[0] > 0 ) 58 $event_repeats = true; 59 dbi_free_result ( $res ); 60 } 61 $override_repeat = false; 62 if ( ! empty ( $date ) && $event_repeats && ! empty ( $override ) ) { 63 $override_repeat = true; 64 } 65 66 if ( $id > 0 && empty ( $error ) ) { 67 if ( ! empty ( $date ) ) { 68 $thisdate = $date; 69 } else { 70 $res = dbi_query ( "SELECT cal_date FROM webcal_entry WHERE cal_id = $id" ); 71 if ( $res ) { 72 // date format is 19991231 73 $row = dbi_fetch_row ( $res ); 74 $thisdate = $row[0]; 75 } 76 } 77 78 // Only allow delete of webcal_entry & webcal_entry_repeats 79 // if owner or admin, not participant. 80 if ( $is_admin || $my_event ) { 81 82 // Email participants that the event was deleted 83 // First, get list of participants (with status Approved or 84 // Waiting on approval). 85 $sql = "SELECT cal_login FROM webcal_entry_user WHERE cal_id = $id " . 86 "AND cal_status IN ('A','W')"; 87 $res = dbi_query ( $sql ); 88 $partlogin = array (); 89 if ( $res ) { 90 while ( $row = dbi_fetch_row ( $res ) ) { 91 if ( $row[0] != $login ) 92 $partlogin[] = $row[0]; 93 } 94 dbi_free_result($res); 95 } 96 97 // Get event name 98 $sql = "SELECT cal_name, cal_date, cal_time " . 99 "FROM webcal_entry WHERE cal_id = $id"; 100 $res = dbi_query($sql); 101 if ( $res ) { 102 $row = dbi_fetch_row ( $res ); 103 $name = $row[0]; 104 $eventdate = $row[1]; 105 $eventtime = $row[2]; 106 dbi_free_result ( $res ); 107 } 108 $TIME_FORMAT=24; 109 for ( $i = 0; $i < count ( $partlogin ); $i++ ) { 110 // Log the deletion 111 activity_log ( $id, $login, $partlogin[$i], $LOG_DELETE, "" ); 112 113 $do_send = get_pref_setting ( $partlogin[$i], "EMAIL_EVENT_DELETED" ); 114 $user_TZ = get_pref_setting ( $partlogin[$i], "TZ_OFFSET" ); 115 $user_language = get_pref_setting ( $partlogin[$i], "LANGUAGE" ); 116 user_load_variables ( $partlogin[$i], "temp" ); 117 // Want date/time in user's timezone 118 if ( $eventtime != '-1' ) { 119 $eventtime += ( $user_TZ * 10000 ); 120 if ( $eventtime < 0 ) { 121 $eventtime += 240000; 122 } else if ( $eventtime >= 240000 ) { 123 $eventtime -= 240000; 124 } 125 } 126 if ( $partlogin[$i] != $login && $do_send == "Y" && boss_must_be_notified ( $login, $partlogin[$i] ) && 127 strlen ( $tempemail ) && $send_email != "N" ) { 128 if (($GLOBALS['LANGUAGE'] != $user_language) && ! empty ( $user_language ) && ( $user_language != 'none' )){ 129 reset_language ( $user_language ); 130 } 131 $msg = translate("Hello") . ", " . $tempfullname . ".\n\n" . 132 translate("An appointment has been canceled for you by") . 133 " " . $login_fullname . ".\n" . 134 translate("The subject was") . " \"" . $name . "\"\n" . 135 translate("Date") . ": " . date_to_str ($thisdate) . "\n"; 136 if ( $eventtime != '-1' ) $msg .= translate("Time") . ": " . display_time ($eventtime, true); 137 $msg .= "\n\n"; 138 if ( strlen ( $login_email ) ) 139 $extra_hdrs = "From: $login_email\r\nX-Mailer: " . 140 translate($application_name); 141 else 142 $extra_hdrs = "From: $email_fallback_from\r\nX-Mailer: " . 143 translate($application_name); 144 mail ( $tempemail, 145 translate($application_name) . " " . 146 translate("Notification") . ": " . $name, 147 html_to_8bits ($msg), $extra_hdrs ); 148 } 149 } 150 151 // Instead of deleting from the database... mark it as deleted 152 // by setting the status for each participant to "D" (instead 153 // of "A"/Accepted, "W"/Waiting-on-approval or "R"/Rejected) 154 if ( $override_repeat ) { 155 dbi_query ( "INSERT INTO webcal_entry_repeats_not ( cal_id, cal_date ) " . 156 "VALUES ( $id, $date )" ); 157 // Should we log this to the activity log??? 158 } else { 159 // If it's a repeating event, delete any event exceptions 160 // that were entered. 161 if ( $event_repeats ) { 162 $res = dbi_query ( "SELECT cal_id FROM webcal_entry " . 163 "WHERE cal_group_id = $id" ); 164 if ( $res ) { 165 $ex_events = array (); 166 while ( $row = dbi_fetch_row ( $res ) ) { 167 $ex_events[] = $row[0]; 168 } 169 dbi_free_result ( $res ); 170 for ( $i = 0; $i < count ( $ex_events ); $i++ ) { 171 $res = dbi_query ( "SELECT cal_login FROM " . 172 "webcal_entry_user WHERE cal_id = $ex_events[$i]" ); 173 if ( $res ) { 174 $delusers = array (); 175 while ( $row = dbi_fetch_row ( $res ) ) { 176 $delusers[] = $row[0]; 177 } 178 dbi_free_result ( $res ); 179 for ( $j = 0; $j < count ( $delusers ); $j++ ) { 180 // Log the deletion 181 activity_log ( $ex_events[$i], $login, $delusers[$j], 182 $LOG_DELETE, "" ); 183 dbi_query ( "UPDATE webcal_entry_user SET cal_status = 'D' " . 184 "WHERE cal_id = $ex_events[$i] " . 185 "AND cal_login = '$delusers[$j]'" ); 186 } 187 } 188 } 189 } 190 } 191 192 // Now, mark event as deleted for all users. 193 dbi_query ( "UPDATE webcal_entry_user SET cal_status = 'D' " . 194 "WHERE cal_id = $id" ); 195 } 196 } else { 197 // Not the owner of the event and are not the admin. 198 // Just delete the event from this user's calendar. 199 // We could just set the status to 'D' instead of deleting. 200 // (but we would need to make some changes to edit_entry_handler.php 201 // to accomodate this). 202 dbi_query ( "DELETE FROM webcal_entry_user " . 203 "WHERE cal_id = $id AND cal_login = '$login'" ); 204 activity_log ( $id, $login, $login, $LOG_REJECT, "" ); 205 } 206 } 207 208 $ret = getValue ( "ret" ); 209 if ( ! empty ( $ret ) && $ret == "list" ) { 210 $url = "list_unapproved.php"; 211 if ( ! empty ( $user ) ) 212 $url .= "?user=$user"; 213 } else { 214 $url = get_preferred_view ( "", empty ( $user ) ? "" : "user=$user" ); 215 } 216 217 if ( empty ( $error ) ) { 218 do_redirect ( $url ); 219 exit; 220 } 221 print_header(); 222 ?> 223 224 <h2><?php etranslate("Error")?></h2> 225 <blockquote> 226 <?php echo $error; ?> 227 </blockquote> 228 229 <?php print_trailer(); ?> 230 231 </body> 232 </html>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Fri Nov 30 19:09:19 2007 | par Balluche grâce à PHPXref 0.7 |
|
|