WebCalendar PHP Cross Reference Groupware Applications

Source: /edit_template.php - 143 lines - 4521 bytes - Summary - Text - Print

   1  <?php
   2  /* $Id: edit_template.php,v 1.36.2.3 2012/02/28 02:07:45 cknudsen Exp $
   3   *
   4   * Page Description:
   5   * This page will present the HTML form to edit an entry in the cal_report table,
   6   * and this page will also process the form.
   7   * This is only used for editing the custom header/trailer.
   8   * The report_id is always 0.
   9   *
  10   * Input Parameters:
  11   * type - "header" or "trailer"
  12   *
  13   * Security:
  14   * Admin permissions are checked by the WebCalendar class.
  15   */
  16  include_once  'includes/init.php';
  17  require_valide_referring_url ();
  18  
  19  $cur = $error = '';
  20  $found = $foundOld = false;
  21  $report_id = 0;
  22  $type = getValue ( 'type', 'H|S|T', true );
  23  $user = '__system__';
  24  
  25  if ( ! empty ( $ALLOW_USER_HEADER ) && $ALLOW_USER_HEADER == 'Y' ) {
  26    $user = getValue ( 'user' );
  27    if ( empty ( $user ) )
  28      $user = '__system__';
  29  }
  30  
  31  if ( $user == '__system__' )
  32    assert ( '($is_admin && ! access_is_enabled () ) ||
  33      access_can_access_function ( ACCESS_SYSTEM_SETTINGS )' );
  34  
  35  // Get existing value.
  36  $res = dbi_execute ( 'SELECT cal_template_text FROM webcal_user_template
  37    WHERE cal_type = ? AND cal_login = ?', array ( $type, $user ) );
  38  if ( $res ) {
  39    if ( $row = dbi_fetch_row ( $res ) ) {
  40      $cur = $row[0];
  41      $found = true;
  42    }
  43    dbi_free_result ( $res );
  44  }
  45  
  46  // Check the cal_template_text table
  47  // since that is where we stored it in 1.0 and before.
  48  if ( ! $found ) {
  49    $res = dbi_execute ( 'SELECT cal_template_text FROM webcal_report_template
  50      WHERE cal_template_type = ? AND cal_report_id = 0', array ( $type ) );
  51    if ( $res ) {
  52      if ( $row = dbi_fetch_row ( $res ) ) {
  53        $cur = $row[0];
  54        $foundOld = true;
  55      }
  56      dbi_free_result ( $res );
  57    }
  58  }
  59  
  60  if ( empty ( $REQUEST_METHOD ) )
  61    $REQUEST_METHOD = $_SERVER['REQUEST_METHOD'];
  62  
  63  // Handle form submission.
  64  if ( $REQUEST_METHOD == 'POST' ) {
  65    // Was this a delete request?
  66    $delete = getPostValue ( 'delete' );
  67    if ( $user != '__system__' && ! empty ( $delete ) ) {
  68      dbi_execute ( 'DELETE FROM webcal_user_template WHERE cal_type = ?
  69        AND cal_login = ?', array ( $type, $user ) );
  70      echo '<html><body onload="window.close();"></body></html>';
  71      exit;
  72    }
  73  
  74    $query_params = array ( getPostValue ( 'template' ), $type, $user );
  75  
  76    if ( $found )
  77      $sql = 'UPDATE webcal_user_template SET cal_template_text = ?
  78        WHERE cal_type = ? AND cal_login = ?';
  79    else {
  80      $sql = 'INSERT INTO webcal_user_template ( cal_template_text, cal_type,
  81        cal_login ) VALUES ( ?, ?, ? )';
  82  
  83      if ( $foundOld && $user == '__system__' )
  84        // User is upgrading from WebCalendar 1.0 to 1.1.
  85        // Delete from the webcal_report_template table and move the info
  86        // to the new webcal_user_template table.
  87        dbi_execute ( 'DELETE FROM webcal_report_template
  88          WHERE cal_template_type = ? AND cal_report_id = 0 ', array ( $type ) );
  89    }
  90    if ( ! dbi_execute ( $sql, $query_params ) )
  91      $error = db_error ();
  92    else {
  93      echo '<html>
  94    <head></head>
  95    <body onload="window.close();">
  96      Done
  97    </body>
  98  </html>';
  99      exit;
 100    }
 101  }
 102  
 103  print_header ( '', '', '', true );
 104  /*
 105   echo 'report_id: ' . $report_id . '<br />
 106  report_name: ' . $report_name . '<br />
 107  report_user: ' . $report_user . '<br />
 108  ';
 109  */
 110  echo '
 111      <h2>';
 112  if ( $type == 'H' )
 113    etranslate ( 'Edit Custom Header' );
 114  elseif ( $type == 'S' )
 115    etranslate ( 'Edit Custom Script/Stylesheet' );
 116  else
 117    etranslate ( 'Edit Custom Trailer' );
 118  
 119  if ( $user != '__system__' ) {
 120    user_load_variables ( $user, 'temp_' );
 121    echo ' [' . $temp_fullname . ']';
 122  }
 123  
 124  echo '</h2>' . ( ! empty ( $error ) ? print_error ( $error ) : '
 125      <form action="edit_template.php" method="post" name="reportform">
 126        <input type="hidden" name="type" value="' . $type . '" />'
 127     . ( ! empty ( $ALLOW_USER_HEADER ) && $ALLOW_USER_HEADER == 'Y' && !
 128      empty ( $user ) && $user != '__system__' ? '
 129        <input type="hidden" name="user" value="' . $user . '" />' : '' ) . '
 130        <textarea rows="15" cols="60" name="template">' . htmlspecialchars ( $cur )
 131     . '</textarea><br />
 132        <input type="button" value="' . translate ( 'Cancel' )
 133     . '" onclick="window.close();" />
 134        <input name="action" type="submit" value="' . translate ( 'Save' ) . '" />'
 135     . ( ! empty ( $user ) ? '
 136        <input name="delete" type="submit" value="' . translate ( 'Delete' )
 137       . '" onclick="return confirm( \''
 138       . str_replace ( 'XXX', translate ( 'entry' ),
 139        translate ( 'Are you sure you want to delete this XXX?' ) ) . '\');" />'
 140      : '' ) . '
 141      </form>' ) . "\n" . print_trailer ( false, true, true );
 142  
 143  ?>

title

Description

title

Description

title

Description

title

title

Body