[geeklog-cvs] geeklog-1.3/public_html submit.php,1.75,1.76 calendar_event.php,1.34,1.35
dhaun at iowaoutdoors.org
dhaun at iowaoutdoors.org
Sat Oct 30 13:13:25 EDT 2004
Update of /var/cvs/geeklog-1.3/public_html
In directory www:/tmp/cvs-serv17981
Modified Files:
submit.php calendar_event.php
Log Message:
Fixed deleting personal events (again). Also added stricter checks for permissions, event ids, and user ids when handling personal events. The upcoming events block now links to the details of a personal event, instead of the event editor.
Index: submit.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/submit.php,v
retrieving revision 1.75
retrieving revision 1.76
diff -C2 -d -r1.75 -r1.76
*** submit.php 23 Aug 2004 12:38:50 -0000 1.75
--- submit.php 30 Oct 2004 17:13:23 -0000 1.76
***************
*** 48,54 ****
* This is the submission it is modular to allow us to write as little as
* possible. It takes a type and formats a form for the user. Currently the
! * types are link, story and event. If no type is provided, Story is assumeda
*
! * @type string Type of submission user is making
*
*/
--- 48,61 ----
* This is the submission it is modular to allow us to write as little as
* possible. It takes a type and formats a form for the user. Currently the
! * types are link, story and event. If no type is provided, Story is assumed.
*
! * @param string $type type of submission ('link', 'event', 'story')
! * @param string $mode calendar mode ('personal' or empty string)
! * @param int $month month (for events)
! * @param int $day day (for events)
! * @param int $year year (for events)
! * @param int $hour hour (for events)
! * @param string $topic topic (for stories)
! * @return string HTML for submission form
*
*/
***************
*** 463,466 ****
--- 470,475 ----
global $_CONF, $_TABLES, $_USER, $LANG12;
+ $retval = COM_siteHeader ();
+
COM_clearSpeedlimit ($_CONF['speedlimit'], 'submit');
***************
*** 473,477 ****
. $last
. $LANG12[31]
! . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'));
return $retval;
}
--- 482,488 ----
. $last
. $LANG12[31]
! . COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
! . COM_siteFooter ();
!
return $retval;
}
***************
*** 488,493 ****
. $LANG12[21]
. COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'))
! . submissionform($type);
!
return $retval;
}
--- 499,505 ----
. $LANG12[21]
. COM_endBlock(COM_getBlockTemplate('_msg_block', 'footer'))
! . submissionform($type)
! . COM_siteFooter ();
!
return $retval;
}
***************
*** 532,536 ****
. $LANG12[23]
. COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
! . submissionform($type);
return $retval;
--- 544,549 ----
. $LANG12[23]
. COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
! . submissionform($type)
! . COM_siteFooter ();
return $retval;
***************
*** 609,617 ****
$owner_id = 1; // anonymous user
}
! $result = DB_save($_TABLES['events'],'eid,title,event_type,url,datestart,timestart,dateend,timeend,allday,location,address1,address2,city,state,zipcode,description,owner_id',"{$A['eid']},'{$A['title']}','{$A['event_type']}','{$A['url']}','{$A['datestart']}','{$A['timestart']}','{$A['dateend']}','{$A['timeend']}',{$A['allday']},'{$A['location']}','{$A['address1']}','{$A['address2']}','{$A['city']}','{$A['state']}','{$A['zipcode']}','{$A['description']}',$owner_id", $_CONF['site_url'] . '/calendar.php');
if (isset ($_CONF['notification']) && in_array ('event', $_CONF['notification'])) {
sendNotification ($_TABLES['events'], $A);
}
COM_rdfUpToDateCheck ();
}
} else {
--- 622,631 ----
$owner_id = 1; // anonymous user
}
! $result = DB_save($_TABLES['events'],'eid,title,event_type,url,datestart,timestart,dateend,timeend,allday,location,address1,address2,city,state,zipcode,description,owner_id',"{$A['eid']},'{$A['title']}','{$A['event_type']}','{$A['url']}','{$A['datestart']}','{$A['timestart']}','{$A['dateend']}','{$A['timeend']}',{$A['allday']},'{$A['location']}','{$A['address1']}','{$A['address2']}','{$A['city']}','{$A['state']}','{$A['zipcode']}','{$A['description']}',$owner_id");
if (isset ($_CONF['notification']) && in_array ('event', $_CONF['notification'])) {
sendNotification ($_TABLES['events'], $A);
}
COM_rdfUpToDateCheck ();
+ $retval = COM_refresh ($_CONF['site_url'] . '/calendar.php');
}
} else {
***************
*** 623,629 ****
return COM_refresh ($_CONF['site_url'] . '/calendar.php');
}
! $result = DB_save($_TABLES['personal_events'],'uid,eid,title,event_type,url,datestart,timestart,dateend,timeend,allday,location,address1,address2,city,state,zipcode,description',"{$A['uid']},'{$A['eid']}','{$A['title']}','{$A['event_type']}','{$A['url']}','{$A['datestart']}','{$A['timestart']}','{$A['dateend']}','{$A['timeend']}',{$A['allday']},'{$A['location']}','{$A['address1']}','{$A['address2']}','{$A['city']}','{$A['state']}','{$A['zipcode']}','{$A['description']}'",$_CONF['site_url'].'/calendar.php?mode=personal&msg=4');
}
-
} else {
$retval .= COM_startBlock ($LANG12[22], '',
--- 637,644 ----
return COM_refresh ($_CONF['site_url'] . '/calendar.php');
}
! $result = DB_save($_TABLES['personal_events'],'uid,eid,title,event_type,url,datestart,timestart,dateend,timeend,allday,location,address1,address2,city,state,zipcode,description',"{$A['uid']},'{$A['eid']}','{$A['title']}','{$A['event_type']}','{$A['url']}','{$A['datestart']}','{$A['timestart']}','{$A['dateend']}','{$A['timeend']}',{$A['allday']},'{$A['location']}','{$A['address1']}','{$A['address2']}','{$A['city']}','{$A['state']}','{$A['zipcode']}','{$A['description']}'");
! $retval = COM_refresh ($_CONF['site_url']
! . '/calendar.php?mode=personal&msg=17');
}
} else {
$retval .= COM_startBlock ($LANG12[22], '',
***************
*** 631,637 ****
. $LANG12[23]
. COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
! . submissionform($type);
! return $retval;
}
break;
--- 646,653 ----
. $LANG12[23]
. COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
! . submissionform($type)
! . COM_siteFooter ();
! return $retval;
}
break;
***************
*** 649,654 ****
// plugin should include its own redirect - but in case handle
// it here and redirect to the main page
! $retval = COM_refresh ($_CONF['site_url'] . '/index.php');
! return $retval;
}
--- 665,669 ----
// plugin should include its own redirect - but in case handle
// it here and redirect to the main page
! return COM_refresh ($_CONF['site_url'] . '/index.php');
}
***************
*** 693,702 ****
. $LANG12[23]
. COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
! . submissionform($type);
!
! return $retval;
}
break;
}
return $retval;
}
--- 708,717 ----
. $LANG12[23]
. COM_endBlock (COM_getBlockTemplate ('_msg_block', 'footer'))
! . submissionform($type)
! . COM_siteFooter ();
}
break;
}
+
return $retval;
}
***************
*** 722,733 ****
$mode = COM_applyFilter ($http_vars['mode']);
! if ($mode == $LANG12[8]) { // submit
! $display .= COM_siteHeader();
$display .= savesubmission ($type, $HTTP_POST_VARS);
} else {
switch($type) {
case 'link':
! if (SEC_hasRights('link.edit')) {
! echo COM_refresh ($_CONF['site_admin_url'] . '/link.php?mode=edit');
exit;
}
--- 737,762 ----
$mode = COM_applyFilter ($http_vars['mode']);
! if (($mode == $LANG12[8]) && !empty($LANG12[8])) { // submit
$display .= savesubmission ($type, $HTTP_POST_VARS);
+ } else if (($mode == $LANG12[52]) && !empty ($LANG12[52])) { // delete
+ // this is only meant for deleting personal events
+ if (isset ($_USER['uid']) && ($_USER['uid'] > 1) &&
+ ($http_vars['type'] == 'event')) {
+ $eid = COM_applyFilter ($http_vars['eid']);
+ if (!empty ($eid)) {
+ DB_query ("DELETE FROM {$_TABLES['personal_events']} WHERE uid={$_USER['uid']} AND eid='$eid'");
+ echo COM_refresh ($_CONF['site_url']
+ . '/calendar.php?mode=personal&msg=26');
+ exit;
+ }
+ }
+
+ $display = COM_refresh ($_CONF['site_url'] . '/index.php');
} else {
switch($type) {
case 'link':
! if (SEC_hasRights ('link.edit')) {
! echo COM_refresh ($_CONF['site_admin_url']
! . '/link.php?mode=edit');
exit;
}
***************
*** 788,793 ****
$display .= COM_siteHeader ('menu', $pagetitle);
$display .= submissionform($type, $mode, $month, $day, $year, $hour, $topic);
}
- $display .= COM_siteFooter();
echo $display;
--- 817,822 ----
$display .= COM_siteHeader ('menu', $pagetitle);
$display .= submissionform($type, $mode, $month, $day, $year, $hour, $topic);
+ $display .= COM_siteFooter();
}
echo $display;
Index: calendar_event.php
===================================================================
RCS file: /var/cvs/geeklog-1.3/public_html/calendar_event.php,v
retrieving revision 1.34
retrieving revision 1.35
diff -C2 -d -r1.34 -r1.35
*** calendar_event.php 31 Aug 2004 19:00:22 -0000 1.34
--- calendar_event.php 30 Oct 2004 17:13:23 -0000 1.35
***************
*** 14,17 ****
--- 14,18 ----
// | Mark Limburg - mlimburg at users.sourceforge.net |
// | Jason Whittenburg - jwhitten at securitygeeks.com |
+ // | Dirk Haun - dirk at haun-online.de |
// +---------------------------------------------------------------------------+
// | |
***************
*** 34,39 ****
// $Id$
! require_once('lib-common.php');
! require_once($_CONF['path_system'] . 'classes/calendar.class.php');
/**
--- 35,40 ----
// $Id$
! require_once ('lib-common.php');
! require_once ($_CONF['path_system'] . 'classes/calendar.class.php');
/**
***************
*** 41,55 ****
*
* The user has asked that an event be added to their personal
! * calendar. Show a confirmation screen. NOTE: at this time
! * user's can't add their own personal events (i.e. birthdays, etc)
*
! * @eid string event ID to add to user's calendar
*
*/
! function adduserevent($eid)
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG02;
! $eventsql = "SELECT *, datestart AS start, dateend AS end, timestart, timeend, allday FROM {$_TABLES['events']} WHERE eid='$eid'";
$result = DB_query($eventsql);
$nrows = DB_numRows($result);
--- 42,56 ----
*
* The user has asked that an event be added to their personal
! * calendar. Show a confirmation screen.
*
! * @param string $eid event ID to add to user's calendar
! * @return string HTML for confirmation form
*
*/
! function adduserevent ($eid)
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG02;
! $eventsql = "SELECT *, datestart AS start, dateend AS end, timestart, timeend, allday FROM {$_TABLES['events']} WHERE eid='$eid'" . COM_getPermSql ('AND');
$result = DB_query($eventsql);
$nrows = DB_numRows($result);
***************
*** 58,62 ****
$A = DB_fetchArray($result);
$cal_template = new Template($_CONF['path_layout'] . 'calendar');
! $cal_template->set_file(array('addevent'=>'addevent.thtml'));
$cal_template->set_var('site_url', $_CONF['site_url']);
$cal_template->set_var('layout_url', $_CONF['layout_url']);
--- 59,63 ----
$A = DB_fetchArray($result);
$cal_template = new Template($_CONF['path_layout'] . 'calendar');
! $cal_template->set_file (array ('addevent' => 'addevent.thtml'));
$cal_template->set_var('site_url', $_CONF['site_url']);
$cal_template->set_var('layout_url', $_CONF['layout_url']);
***************
*** 88,95 ****
$cal_template->set_var('lang_where',$LANG02[4]);
$location = stripslashes($A['location']) . '<br>'
! . stripslashes ($A['address1']) . '<br>'
! . stripslashes ($A['address2']) . '<br>'
! . stripslashes ($A['city']) . ', ' . $A['state'] . ' ' . $A['zipcode'];
! //$cal_template->set_var('event_location', $A['location']);
$cal_template->set_var('event_location', $location);
$cal_template->set_var('lang_description', $LANG02[5]);
--- 89,96 ----
$cal_template->set_var('lang_where',$LANG02[4]);
$location = stripslashes($A['location']) . '<br>'
! . stripslashes ($A['address1']) . '<br>'
! . stripslashes ($A['address2']) . '<br>'
! . stripslashes ($A['city'])
! . ', ' . $A['state'] . ' ' . $A['zipcode'];
$cal_template->set_var('event_location', $location);
$cal_template->set_var('lang_description', $LANG02[5]);
***************
*** 98,108 ****
$cal_template->set_var('event_id', $eid);
$cal_template->set_var('lang_addtomycalendar', $LANG02[9]);
! $cal_template->parse('output','addevent');
$retval .= $cal_template->finish($cal_template->get_var('output'));
$retval .= COM_endBlock ();
} else {
$retval .= COM_showMessage(23);
! }
!
return $retval;
--- 99,109 ----
$cal_template->set_var('event_id', $eid);
$cal_template->set_var('lang_addtomycalendar', $LANG02[9]);
! $cal_template->parse('output','addevent');
$retval .= $cal_template->finish($cal_template->get_var('output'));
$retval .= COM_endBlock ();
} else {
$retval .= COM_showMessage(23);
! }
!
return $retval;
***************
*** 113,148 ****
*
* User has seen the confirmation screen and they still want to
! * add this event to their calendar. Actually save it now
*
- * @eid string ID of event to save
- * @reminder string Not used yet, for future functionality
- * @emailreminder string Not used yet, for future functionality
*/
! function saveuserevent($eid, $reminder, $emailreminder)
{
! global $_TABLES, $MESSAGE, $_USER, $_CONF;
! /* Below code is for future functionality
! if (strlen($emailreminder) == 0) {
! $emailreminder = 0;
! } else {
! $emailreminder = 1;
! }
! */
! /*
! $savesql = "Insert into {$_TABLES["userevent"]} (uid, eid) values ('{$_USER['uid']}', '{$eid}')";
! DB_query($savesql);
! */
! // Try to delete the event first in case it has already been added
! DB_query ("DELETE FROM {$_TABLES['personal_events']} WHERE uid={$_USER['uid']} AND eid='$eid'");
! $savesql = "INSERT INTO {$_TABLES['personal_events']} (eid,uid,title,event_type,datestart,dateend,allday,address1,address2,city,state,zipcode,url,description,group_id,owner_id,perm_owner,perm_group,perm_members,perm_anon) SELECT eid," . $_USER['uid'] . ",title,event_type,datestart,dateend,allday,address1,address2,city,state,zipcode,url,description,group_id,owner_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['events']} WHERE eid = '{$eid}'";
! DB_query($savesql);
! return COM_refresh ($_CONF['site_url']
! . '/calendar.php?mode=personal&msg=24');
}
--- 114,145 ----
*
* User has seen the confirmation screen and they still want to
! * add this event to their calendar. Actually save it now.
! *
! * @param string $eid ID of event to save
! * @return string HTML refresh
*
*/
! function saveuserevent ($eid)
{
! global $_CONF, $_TABLES, $_USER, $MESSAGE;
! if (isset ($_USER['uid']) && ($_USER['uid'] > 1)) {
! // Try to delete the event first in case it has already been added
! DB_query ("DELETE FROM {$_TABLES['personal_events']} WHERE uid={$_USER['uid']} AND eid='$eid'");
! $result = DB_query ("SELECT eid FROM {$_TABLES['events']} WHERE (eid = '$eid')" . COM_getPermSql ('AND'));
! if (DB_numRows ($result) == 1) {
! $savesql = "INSERT INTO {$_TABLES['personal_events']} (eid,uid,title,event_type,datestart,dateend,allday,address1,address2,city,state,zipcode,url,description,group_id,owner_id,perm_owner,perm_group,perm_members,perm_anon) SELECT eid," . $_USER['uid'] . ",title,event_type,datestart,dateend,allday,address1,address2,city,state,zipcode,url,description,group_id,owner_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['events']} WHERE eid = '{$eid}'";
! DB_query ($savesql);
! return COM_refresh ($_CONF['site_url']
! . '/calendar.php?mode=personal&msg=24');
! }
! }
!
! return COM_refresh ($_CONF['site_url'] . '/index.php');
}
***************
*** 150,157 ****
* Allows user to edit a personal calendar event
*
! * @A array Record to display
*
*/
! function editpersonalevent($A)
{
global $_CONF, $LANG12, $_STATES;
--- 147,155 ----
* Allows user to edit a personal calendar event
*
! * @param array $A Record to display
! * @return string HTML for event editor
*
*/
! function editpersonalevent ($A)
{
global $_CONF, $LANG12, $_STATES;
***************
*** 348,374 ****
}
! function setCalendarLanguage (&$aCalendar) {
global $LANG30;
! $lang_days = array('sunday'=>$LANG30[1],
! 'monday'=>$LANG30[2],
! 'tuesday'=>$LANG30[3],
! 'wednesday'=>$LANG30[4],
! 'thursday'=>$LANG30[5],
! 'friday'=>$LANG30[6],
! 'saturday'=>$LANG30[7]);
! $lang_months = array('january'=>$LANG30[13],
! 'february'=>$LANG30[14],
! 'march'=>$LANG30[15],
! 'april'=>$LANG30[16],
! 'may'=>$LANG30[17],
! 'june'=>$LANG30[18],
! 'july'=>$LANG30[19],
! 'august'=>$LANG30[20],
! 'september'=>$LANG30[21],
! 'october'=>$LANG30[22],
! 'november'=>$LANG30[23],
! 'december'=>$LANG30[24]);
! $aCalendar->setLanguage($lang_days, $lang_months);
}
--- 346,379 ----
}
! /**
! * Set localised day and month names.
! *
! * @param object $aCalendar reference(!) to a Calendar object
! *
! */
! function setCalendarLanguage (&$aCalendar)
! {
global $LANG30;
! $lang_days = array ('sunday' => $LANG30[1],
! 'monday' => $LANG30[2],
! 'tuesday' => $LANG30[3],
! 'wednesday' => $LANG30[4],
! 'thursday' => $LANG30[5],
! 'friday' => $LANG30[6],
! 'saturday' => $LANG30[7]);
! $lang_months = array ('january' => $LANG30[13],
! 'february' => $LANG30[14],
! 'march' => $LANG30[15],
! 'april' => $LANG30[16],
! 'may' => $LANG30[17],
! 'june' => $LANG30[18],
! 'july' => $LANG30[19],
! 'august' => $LANG30[20],
! 'september' => $LANG30[21],
! 'october' => $LANG30[22],
! 'november' => $LANG30[23],
! 'december' => $LANG30[24]);
! $aCalendar->setLanguage ($lang_days, $lang_months);
}
***************
*** 388,423 ****
switch ($action) {
case 'addevent':
! $display .= COM_siteHeader();
! $eid = COM_applyFilter ($HTTP_GET_VARS['eid']);
! if (!empty ($eid)) {
! $display .= adduserevent ($eid);
! } else {
! $display .= COM_showMessage (23);
! }
! $display .= COM_siteFooter ();
break;
case 'saveuserevent':
! $eid = COM_applyFilter ($HTTP_POST_VARS['eid']);
! if (!empty ($eid)) {
! $display .= saveuserevent ($eid, $HTTP_POST_VARS['remind'],
! $HTTP_POST_VARS['emailreminder']);
} else {
! $display .= COM_siteHeader ();
! $display .= COM_showMessage (23);
! $display .= COM_siteFooter ();
}
break;
case 'deleteevent':
! $eid = COM_applyFilter ($HTTP_GET_VARS['eid']);
! if (!empty ($eid) && ($_USER['uid'] > 1)) {
! DB_query ("DELETE FROM {$_TABLES['personal_events']} WHERE uid={$_USER['uid']} AND eid='$eid'");
! $display .= COM_refresh ($_CONF['site_url']
! . '/calendar.php?mode=personal&msg=26');
} else {
! $display .= COM_refresh ($_CONF['site_url'] . '/index.php');
}
break;
--- 393,463 ----
switch ($action) {
case 'addevent':
! if (($_CONF['personalcalendars'] == 1) &&
! isset ($_USER['uid']) && ($_USER['uid'] > 1)) {
! $display .= COM_siteHeader ();
! $eid = COM_applyFilter ($HTTP_GET_VARS['eid']);
! if (!empty ($eid)) {
! $display .= adduserevent ($eid);
! } else {
! $display .= COM_showMessage (23);
! }
! $display .= COM_siteFooter ();
! } else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
! }
break;
case 'saveuserevent':
! if ($_CONF['personalcalendars'] == 1) {
! $eid = COM_applyFilter ($HTTP_POST_VARS['eid']);
! if (!empty ($eid)) {
! $display .= saveuserevent ($eid);
! } else {
! $display .= COM_siteHeader ();
! $display .= COM_showMessage (23);
! $display .= COM_siteFooter ();
! }
} else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
}
break;
case 'deleteevent':
! if ($_CONF['personalcalendars'] == 1) {
! $eid = COM_applyFilter ($HTTP_GET_VARS['eid']);
! if (!empty ($eid) && (isset ($_USER['uid']) && ($_USER['uid'] > 1))) {
! DB_query ("DELETE FROM {$_TABLES['personal_events']} WHERE uid={$_USER['uid']} AND eid='$eid'");
! $display .= COM_refresh ($_CONF['site_url']
! . '/calendar.php?mode=personal&msg=26');
! } else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
! }
} else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
! }
! break;
!
! case 'edit':
! if ($_CONF['personalcalendars'] == 1) {
! $eid = COM_applyFilter ($HTTP_GET_VARS['eid']);
! if (!empty ($eid) && (isset ($_USER['uid']) && ($_USER['uid'] > 1))) {
! $result = DB_query ("SELECT * FROM {$_TABLES['personal_events']} WHERE (eid = '$eid') AND (uid = {$_USER['uid']})");
! if (DB_numRows ($result) == 1) {
! $A = DB_fetchArray ($result);
! $display .= COM_siteHeader ('menu', $LANG30[38])
! . COM_startBlock ($LANG30[38])
! . editpersonalevent ($A)
! . COM_endBlock ()
! . COM_siteFooter ();
! } else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
! }
! } else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
! }
! } else {
! $display = COM_refresh ($_CONF['site_url'] . '/index.php');
}
break;
***************
*** 427,441 ****
$eid = COM_applyFilter ($HTTP_GET_VARS['eid']);
if (!empty ($eid)) {
! if ($mode == 'personal' AND DB_count($_TABLES['events'],'eid',$eid) == 0) {
! $display .= COM_siteHeader('menu', $LANG30[38]);
! $display .= COM_startBlock($LANG30[38]);
! $datesql = "SELECT * FROM {$_TABLES['personal_events']} WHERE eid = '$eid'";
! $result = DB_query($datesql);
! $A = DB_fetchArray($result);
! $display .= editpersonalevent($A);
! $display .= COM_endBlock();
! $display .= COM_siteFooter();
! break;
} else {
if (strpos ($LANG30[9], '%') === false) {
$pagetitle = $LANG30[9];
--- 467,476 ----
$eid = COM_applyFilter ($HTTP_GET_VARS['eid']);
if (!empty ($eid)) {
! if (($mode == 'personal') && ($_CONF['personalcalendars'] == 1) &&
! (isset ($_USER['uid']) && ($_USER['uid'] > 1))) {
! $datesql = "SELECT *,datestart AS start,dateend AS end FROM {$_TABLES['personal_events']} WHERE (eid = '$eid') AND (uid = {$_USER['uid']})";
! $pagetitle = $LANG30[28] . ' ' . $_USER['username'];
} else {
+ $datesql = "SELECT *,datestart AS start,dateend AS end FROM {$_TABLES['events']} WHERE eid = '$eid'";
if (strpos ($LANG30[9], '%') === false) {
$pagetitle = $LANG30[9];
***************
*** 443,451 ****
$pagetitle = sprintf ($LANG30[9], $_CONF['site_name']);
}
- $display .= COM_siteHeader ('menu', $pagetitle);
- $display .= COM_startBlock ($pagetitle);
-
- $datesql = "SELECT *,datestart AS start,dateend AS end FROM {$_TABLES['events']} WHERE eid = '$eid'";
}
} else {
$year = COM_applyFilter ($HTTP_GET_VARS['year']);
--- 478,486 ----
$pagetitle = sprintf ($LANG30[9], $_CONF['site_name']);
}
}
+
+ $display .= COM_siteHeader ('menu', $pagetitle);
+ $display .= COM_startBlock ($pagetitle);
+
} else {
$year = COM_applyFilter ($HTTP_GET_VARS['year']);
***************
*** 499,503 ****
$cal_templates->set_var('lang_month', $str_month);
$cal_templates->set_var('event_year', strftime('%Y',strtotime($A['start'])));
- //$display .= '<br><h1>' . strftime('%B %Y',strtotime($A['start'])) . '</h1>' . LB;
$currentmonth = strftime('%B',strtotime($A['start']));
}
--- 534,537 ----
***************
*** 515,520 ****
}
!
! if (!empty($_USER['uid']) AND $_CONF['personalcalendars'] == 1) {
$tmpresult = DB_query("SELECT * FROM {$_TABLES['personal_events']} WHERE eid='{$A['eid']}' AND uid={$_USER['uid']}");
$tmpnrows = DB_numRows($tmpresult);
--- 549,554 ----
}
! if (!empty ($_USER['uid']) && ($_USER['uid'] > 1) &&
! ($_CONF['personalcalendars'] == 1)) {
$tmpresult = DB_query("SELECT * FROM {$_TABLES['personal_events']} WHERE eid='{$A['eid']}' AND uid={$_USER['uid']}");
$tmpnrows = DB_numRows($tmpresult);
***************
*** 614,620 ****
}
! if ((SEC_hasAccess ($A['owner_id'], $A['group_id'], $A['perm_owner'],
! $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3) &&
! SEC_hasRights ('event.edit')) {
$editurl = $_CONF['site_admin_url']
. '/event.php?mode=edit&eid=' . $eid;
--- 648,663 ----
}
! if ($mode == personal) {
! $editurl = $_CONF['site_url'] . '/calendar_event.php?action=edit'
! . '&eid=' . $eid;
! $cal_templates->set_var ('event_edit', '<a href="' .$editurl . '">'
! . $LANG01[4] . '</a>');
! $cal_templates->set_var ('edit_icon', '<a href="' . $editurl
! . '"><img src="' . $_CONF['layout_url']
! . '/images/edit.gif" alt="' . $LANG01[4] . '" title="'
! . $LANG01[4] . '" border="0"></a>');
! } else if ((SEC_hasAccess ($A['owner_id'], $A['group_id'],
! $A['perm_owner'], $A['perm_group'], $A['perm_members'],
! $A['perm_anon']) == 3) && SEC_hasRights ('event.edit')) {
$editurl = $_CONF['site_admin_url']
. '/event.php?mode=edit&eid=' . $eid;
More information about the geeklog-cvs
mailing list