0byt3m1n1
Path:
/
data
/
applications
/
aps.bak
/
webcalendar
/
1.2.0-4
/
standard
/
htdocs
/
[
Home
]
File: list_unapproved.php
<?php /* This file lists unapproved entries for one or more users. * * Optional parameters in URL: * url=user specifies that we should only display unapproved * events for that one user * * The user will be allowed to approve/reject the event if: * it is on their own calendar * * @author Craig Knudsen <cknudsen@cknudsen.com> * @copyright Craig Knudsen, <cknudsen@cknudsen.com>, http://www.k5n.us/cknudsen * @license http://www.gnu.org/licenses/gpl.html GNU GPL * @package WebCalendar * @version $Id: list_unapproved.php,v 1.74.2.5 2008/03/07 14:59:26 cknudsen Exp $ */ include_once 'includes/init.php'; send_no_cache_header (); if ( empty ( $user ) ) $user = $login; if ( ! empty ( $_POST ) ) { $process_action = getPostValue ( 'process_action' ); $process_user = getPostValue ( 'process_user' ); if ( ! empty ( $process_action ) ) { foreach ( $_POST as $tid => $app_user ) { if ( substr ( $tid, 0, 5 ) == 'entry' ) { $type = substr ( $tid, 5, 1 ); $id = substr ( $tid, 6 ); if ( empty ( $error ) && $id > 0 ) update_status ( $process_action, $app_user, $id, $type ); } } } } // Only admin user or assistant can specify a username other than his own. if ( ! $is_admin && $user != $login && ! $is_assistant && ! access_is_enabled () ) $user = $login; // Make sure we return after editing an event via this page. remember_this_view (); $key = 0; $eventinfo = $noret = ''; /* List all unapproved events for the specified user. * Exclude "extension" events (used when an event goes past midnight). * TODO: Only include delete link if they have permission to delete * when user access control is enabled. * NOTE: this function is almost identical to the one in rss_unapproved.php. * Just the format (RSS vs HTML) is different. */ function list_unapproved ( $user ) { global $eventinfo, $key, $login, $NONUSER_ENABLED, $noret, $temp_fullname; user_load_variables ( $user, 'temp_' ); $rssLink = '<a href="rss_unapproved.php?user=' . htmlspecialchars ( $user ) . '"><img src="images/rss.png" width="14" height="14" alt="RSS 2.0 - ' . htmlspecialchars ( $temp_fullname ) . '" border="0"/></a>'; $count = 0; $ret = ''; $sql = 'SELECT we.cal_id, we.cal_name, we.cal_description, weu.cal_login, we.cal_priority, we.cal_date, we.cal_time, we.cal_duration, weu.cal_status, we.cal_type FROM webcal_entry we, webcal_entry_user weu WHERE we.cal_id = weu.cal_id AND weu.cal_login = ? AND weu.cal_status = \'W\' ORDER BY weu.cal_login, we.cal_date'; $rows = dbi_get_cached_rows ( $sql, array ( $user ) ); if ( $rows ) { $allDayStr = translate ( 'All day event' ); $appConStr = translate ( 'Approve/Confirm' ); $appSelStr = translate ( 'Approve Selected' ); $checkAllStr = translate ( 'Check All' ); $deleteStr = translate ( 'Delete' ); $emailStr = translate ( 'Emails Will Not Be Sent' ); $rejectSelStr = translate ( 'Reject Selected' ); $rejectStr = translate ( 'Reject' ); $uncheckAllStr = translate ( 'Uncheck All' ); $viewStr = translate ( 'View this entry' ); for ( $i = 0, $cnt = count ( $rows ); $i < $cnt; $i++ ) { $row = $rows[$i]; $key++; $id = $row[0]; $name = $row[1]; $description = $row[2]; $cal_user = $row[3]; $pri = $row[4]; $date = $row[5]; $time = sprintf ( "%06d", $row[6] ); $duration = $row[7]; $status = $row[8]; $type = $row[9]; $view_link = 'view_entry'; $entryID = 'entry' . $type . $id; $linkid = "pop$id-$key"; $timestr = ''; if ( $time > 0 || ( $time == 0 && $duration != 1440 ) ) { $eventstart = date_to_epoch ( $date . $time ); $eventstop = $eventstart + $duration; $eventdate = date_to_str ( date ( 'Ymd', $eventstart ) ); $timestr = display_time ( '', 0, $eventstart ) . ( $duration > 0 ? ' - ' . display_time ( '', 0, $eventstop ) : '' ); } else { // Don't shift date if All Day or Untimed. $eventdate = date_to_str ( $date ); // If All Day display in popup. if ( $time == 0 && $duration == 1440 ) $timestr = $allDayStr; } $ret .= ( $count == 0 ? ' <tr> <td colspan="5"><h3>' . $temp_fullname . ' ' . $rssLink . '</h3></td> </tr>' : '' ) . ' <tr ' . ( $count % 2 == 0 ? '' : 'class="odd"' ) . '> <td width="5%" align="right"><input type="checkbox" name="' . $entryID . '" value="' . $user . '"/></td> <td><a title="' . $viewStr . '" class="entry" id="' . $linkid . '" href="' . $view_link . '.php?id=' . $id . '&user=' . $cal_user . '">' . htmlspecialchars ( $name ) . '</a> (' . $eventdate . '):</td>' /* approve */ . ' <td align="center"><input type="image" src="images/check.gif" title="' . $appConStr . '" onclick="return do_confirm( \'approve\', \'' . $cal_user . '\', \'' . $entryID . '\' );" /></td>' /* reject */ . ' <td align="center"><input type="image" src="images/rejected.gif" title="' . $rejectStr . '" onclick="return do_confirm( \'reject\', \'' . $cal_user . '\', \'' . $entryID . '\' );" /></td>' /* delete */ . ( ! access_is_enabled () || access_user_calendar ( 'edit', $user ) ? ' <td align="center"><input type="image" src="images/delete.png" title="' . $deleteStr . '" onclick="return do_confirm( \'delete\', \'' . $cal_user . '\', \'' . $entryID . '\' );\" /></td>' : '' ) . ' </tr>'; $eventinfo .= build_entry_popup ( 'eventinfo-' . $linkid, $cal_user, $description, $timestr, site_extras_for_popup ( $id ) ); $count++; } if ( $count > 1 ) $ret .= ' <tr> <td colspan="5" nowrap="nowrap"> <img src="images/select.gif" border="0" alt="" /> <label><a title="' . $checkAllStr . '" onclick="check_all( \'' . $user . '\' );">' . $checkAllStr . '</a> / <a title="' . $uncheckAllStr . '" onclick="uncheck_all( \'' . $user . '\' );">' . $uncheckAllStr . '</a></label> <input type="image" src="images/check.gif" title="' . $appSelStr . '" onclick="return do_confirm( \'approveSelected\', \'' . $cal_user . '\' );" /> <input type="image" src="images/rejected.gif" title="' . $rejectSelStr . '" onclick="return do_confirm( \'rejectSelected\', \'' . $cal_user . '\' );" /> ( ' . $emailStr . ' ) </td> </tr>'; } if ( $count == 0 ) $noret .= ' <tr> <td colspan="5" class="nounapproved">' // translate ( 'No unapproved entries for' ) . str_replace ( 'XXX', $temp_fullname, translate ( 'No unapproved entries for XXX.' ) ) . ' ' . $rssLink . '</td> </tr>'; return $ret; } //end list_unapproved () print_header ( array ( 'js/popups.php/true' ), generate_refresh_meta () ); ob_start (); echo ' <h2>' . translate ( 'Unapproved Entries' ) . '</h2>'; $app_user_hash = $app_users = $my_non_users = array (); $non_users = get_nonuser_cals (); foreach ( $non_users as $nonuser ) { if ( user_is_nonuser_admin ( $login, $nonuser['cal_login'] ) ) $my_non_users[]['cal_login'] = $nonuser['cal_login']; } // If a user is specified, we list just that user. if ( ( $is_assistant || $is_nonuser_admin || $is_admin || access_is_enabled () ) && ! empty ( $user ) && $user != $login ) { if ( ! access_is_enabled () || access_user_calendar ( 'approve', $user ) ) { $app_user_hash[$user] = 1; $app_users[] = $user; } else // Not authorized to approve for specified user. echo translate ( 'Not authorized' ); } else { // First, we list ourself. $app_user_hash[$login] = 1; $app_users[] = $login; if ( access_is_enabled () ) { $all = ( $NONUSER_ENABLED == 'Y' ? array_merge ( get_my_users (), $my_non_users ) : get_my_users () ); for ( $j = 0, $cnt = count ( $all ); $j < $cnt; $j++ ) { $x = $all[$j]['cal_login']; if ( access_user_calendar ( 'approve', $x ) && empty ( $app_user_hash[$x] ) ) { $app_user_hash[$x] = 1; $app_users[] = $x; } } } else { if ( $is_admin && $PUBLIC_ACCESS == 'Y' && ( empty ( $user ) || $user != '__public__' ) ) { $app_users_hash['__public__'] = 1; $app_users[] = '__public__'; } $all = $my_non_users; for ( $j = 0, $cnt = count ( $all ); $j < $cnt; $j++ ) { $x = $all[$j]['cal_login']; if ( empty ( $app_user_hash[$x] ) ) { $app_user_hash[$x] = 1; $app_users[] = $x; } } } } echo ' <form action="list_unapproved.php" name="listunapproved" method="post"> <table border="0" summary="">'; for ( $i = 0, $cnt = count ( $app_users ); $i < $cnt; $i++ ) { // List unapproved entries for this user. echo list_unapproved ( $app_users[$i] ); } echo ' <tr> <td colspan="5"> </td> </tr>' // List users with no events. . $noret . ' </table> <input type="hidden" name="process_action" value="" /> <input type="hidden" name="process_user" value="" /> </form>' . ( ! empty ( $eventinfo ) ? $eventinfo : '' ) . ' <script language="javascript" type="text/javascript"> <!-- <![CDATA[ function check_all ( user ) { var theForm = document.forms [ \'listunapproved\' ], z; for ( z = 0; z < theForm.length; z++ ) { if ( theForm[z].type == \'checkbox\' && theForm[z].value == user ) theForm[z].checked = true; } } function uncheck_all ( user ) { var theForm = document.forms[\'listunapproved\'], z; for ( z = 0; z < theForm.length; z++ ) { if ( theForm[z].type == \'checkbox\' && theForm[z].value == user ) theForm[z].checked = false; } } function do_confirm ( phrase, user, id ) { form = document.listunapproved; switch ( phrase ) { case "approve": str = "' . translate ( 'Approve this entry?', true ) . '"; action = \'A\'; break; case "reject": str = "' . translate ( 'Reject this entry?', true ) . '"; action = \'R\'; break; case "delete": str = "' . str_replace ( 'XXX', translate ( 'entry' ), translate ( 'Are you sure you want to delete this XXX?' ) ) . '"; action = \'D\'; break; case "approveSelected": str = "' . translate ( 'Approve Selected entries?', true ) . '"; action = \'A\'; break; case "rejectSelected": str = "' . translate ( 'Reject Selected entries?', true ) . '"; action = \'R\'; break; default: str = action = \'\'; } form.process_action.value = action; form.process_user.value = user; conf = confirm ( str ); // We need this if only single operation. if ( id && conf ) form.elements[id].checked = true; return conf; } //]]> --> </script> '; ob_end_flush (); echo print_trailer (); ?>