0byt3m1n1
Path:
/
data
/
applications
/
aps.bak
/
webcalendar
/
1.2.3-0
/
standard
/
htdocs
/
includes
/
[
Home
]
File: views.php
<?php /** * This file includes functions needed by the custom views. * * @author Craig Knudsen <cknudsen@cknudsen.com> * @copyright Craig Knudsen, <cknudsen@cknudsen.com>, http://www.k5n.us/cknudsen * @license http://www.gnu.org/licenses/gpl.html GNU GPL * @version $Id: views.php,v 1.23.2.3 2007/11/12 15:40:33 umcesrjones Exp $ * @package WebCalendar */ /** * Initialize view variables and check permissions. * @param int $view_id id for the view */ function view_init ( $view_id ) { global $views, $error, $login; global $ALLOW_VIEW_OTHER, $is_admin; global $view_name, $view_type, $custom_view; //set this to prove we in are inside a custom view page $custom_view = true; if ( ( empty ( $ALLOW_VIEW_OTHER ) || $ALLOW_VIEW_OTHER == 'N' ) && ! $is_admin ) { // not allowed... send_to_preferred_view (); } if ( empty ( $view_id ) ) { do_redirect ( 'views.php' ); } // Find view name in $views[] $view_name = ''; $view_type = ''; $viewcnt = count ( $views ); for ( $i = 0; $i < $viewcnt; $i++ ) { if ( $views[$i]['cal_view_id'] == $view_id ) { $view_name = htmlspecialchars ( $views[$i]['cal_name'] ); $view_type = $views[$i]['cal_view_type']; } } // If view_name not found, then the specified view id does not // belong to current user. if ( empty ( $view_name ) ) { $error = print_not_auth (34); } } /** * Remove any users from the view list who this user is not * allowed to view. * @param int $view_id id of the view * @return the array of valid users */ function view_get_user_list ( $view_id ) { global $error, $login, $is_admin, $NONUSER_ENABLED, $USER_SEES_ONLY_HIS_GROUPS; // get users in this view $res = dbi_execute ( 'SELECT cal_login FROM webcal_view_user WHERE cal_view_id = ?', array ( $view_id ) ); $ret = array (); $all_users = false; if ( $res ) { while ( $row = dbi_fetch_row ( $res ) ) { $ret[] = $row[0]; if ( $row[0] == '__all__' ) $all_users = true; } dbi_free_result ( $res ); } else { $error = db_error (); } if ( $all_users ) { $users = get_my_users ( '', 'view' ); $ret = array (); $usercnt = count ( $users ); for ( $i = 0; $i < $usercnt; $i++ ) { $ret[] = $users[$i]['cal_login']; } } else { $myusers = get_my_users ( '', 'view' ); if ( ! empty ( $NONUSER_ENABLED ) && $NONUSER_ENABLED == 'Y' ) { $myusers = array_merge ( $myusers, get_my_nonusers ( $login, true, 'view' ) ); } // Make sure this user is allowed to see all users in this view // If this is a global view, it may include users that this user // is not allowed to see. if ( ! empty ( $USER_SEES_ONLY_HIS_GROUPS ) && $USER_SEES_ONLY_HIS_GROUPS == 'Y' ) { $userlookup = array (); $myusercnt = count ( $myusers ); for ( $i = 0; $i < $myusercnt; $i++ ) { $userlookup[$myusers[$i]['cal_login']] = 1; } $newlist = array (); $retcnt = count ( $ret ); for ( $i = 0; $i < $retcnt; $i++ ) { if ( ! empty ( $userlookup[$ret[$i]] ) ) $newlist[] = $ret[$i]; } $ret = $newlist; } //Sort user list... $sortlist = array (); $myusercnt = count ( $myusers ); $retcnt = count ( $ret ); for ( $i = 0; $i < $myusercnt; $i++ ) { for ( $j = 0; $j < $retcnt; $j++ ) { if ( $myusers[$i]['cal_login'] == $ret[$j] ) { $sortlist[] = $ret[$j]; break; } } } $ret = $sortlist; } // If user access control enabled, check against that as well. if ( access_is_enabled () && ! $is_admin ) { $newlist = array (); $retcnt = count ( $ret ); for ( $i = 0; $i < $retcnt; $i++ ) { if ( access_user_calendar ( 'view', $ret[$i] ) ) $newlist[] = $ret[$i]; } $ret = $newlist; } //echo "<pre>"; print_r ( $ret ); echo "</pre>\n"; return $ret; } ?>