WebCalendar PHP Cross Reference Groupware Applications

Source: /list_unapproved.php - 318 lines - 11372 bytes - Summary - Text - Print

   1  <?php
   2  /* This file lists unapproved entries for one or more users.
   3   *
   4   * Optional parameters in URL:
   5   * url=user specifies that we should only display unapproved
   6   *   events for that one user
   7   *
   8   * The user will be allowed to approve/reject the event if:
   9   * it is on their own calendar
  10   *
  11   * @author Craig Knudsen <cknudsen@cknudsen.com>
  12   * @copyright Craig Knudsen, <cknudsen@cknudsen.com>, http://www.k5n.us/cknudsen
  13   * @license http://www.gnu.org/licenses/gpl.html GNU GPL
  14   * @package WebCalendar
  15   * @version $Id: list_unapproved.php,v 1.74.2.6 2012/02/28 02:07:45 cknudsen Exp $
  16   */
  17  
  18  include_once  'includes/init.php';
  19  require_valide_referring_url ();
  20  send_no_cache_header ();
  21  
  22  if ( empty ( $user ) )
  23    $user = $login;
  24  
  25  if ( ! empty ( $_POST ) ) {
  26    $process_action = getPostValue ( 'process_action' );
  27    $process_user = getPostValue ( 'process_user' );
  28    if ( ! empty ( $process_action ) ) {
  29      foreach ( $_POST as $tid => $app_user ) {
  30        if ( substr ( $tid, 0, 5 ) == 'entry' ) {
  31          $type = substr ( $tid, 5, 1 );
  32          $id = substr ( $tid, 6 );
  33          if ( empty ( $error ) && $id > 0 )
  34            update_status ( $process_action, $app_user, $id, $type );
  35        }
  36      }
  37    }
  38  }
  39  
  40  // Only admin user or assistant can specify a username other than his own.
  41  if ( ! $is_admin && $user != $login && ! $is_assistant && ! access_is_enabled () )
  42    $user = $login;
  43  // Make sure we return after editing an event via this page.
  44  remember_this_view ();
  45  
  46  $key = 0;
  47  $eventinfo = $noret = '';
  48  
  49  /* List all unapproved events for the specified user.
  50   * Exclude "extension" events (used when an event goes past midnight).
  51   * TODO: Only include delete link if they have permission to delete
  52   *       when user access control is enabled.
  53   * NOTE: this function is almost identical to the one in rss_unapproved.php.
  54   * Just the format (RSS vs HTML) is different.
  55  */
  56  function list_unapproved ( $user ) {
  57    global $eventinfo, $key, $login, $NONUSER_ENABLED, $noret, $temp_fullname;
  58  
  59    user_load_variables ( $user, 'temp_' );
  60  
  61    $rssLink = '<a href="rss_unapproved.php?user=' .
  62      htmlspecialchars ( $user ) . '"><img src="images/rss.png" width="14" height="14" alt="RSS 2.0 - ' .
  63      htmlspecialchars ( $temp_fullname ) . '" border="0"/></a>';
  64  
  65    $count = 0;
  66    $ret = '';
  67  
  68    $sql = 'SELECT we.cal_id, we.cal_name, we.cal_description, weu.cal_login,
  69      we.cal_priority, we.cal_date, we.cal_time, we.cal_duration,
  70      weu.cal_status, we.cal_type
  71      FROM webcal_entry we, webcal_entry_user weu
  72      WHERE we.cal_id = weu.cal_id AND weu.cal_login = ? AND weu.cal_status = \'W\'
  73      ORDER BY weu.cal_login, we.cal_date';
  74    $rows = dbi_get_cached_rows ( $sql, array ( $user ) );
  75    if ( $rows ) {
  76      $allDayStr = translate ( 'All day event' );
  77      $appConStr = translate ( 'Approve/Confirm' );
  78      $appSelStr = translate ( 'Approve Selected' );
  79      $checkAllStr = translate ( 'Check All' );
  80      $deleteStr = translate ( 'Delete' );
  81      $emailStr = translate ( 'Emails Will Not Be Sent' );
  82      $rejectSelStr = translate ( 'Reject Selected' );
  83      $rejectStr = translate ( 'Reject' );
  84      $uncheckAllStr = translate ( 'Uncheck All' );
  85      $viewStr = translate ( 'View this entry' );
  86      for ( $i = 0, $cnt = count ( $rows ); $i < $cnt; $i++ ) {
  87        $row = $rows[$i];
  88        $key++;
  89        $id = $row[0];
  90        $name = $row[1];
  91        $description = $row[2];
  92        $cal_user = $row[3];
  93        $pri = $row[4];
  94        $date = $row[5];
  95        $time = sprintf ( "%06d", $row[6] );
  96        $duration = $row[7];
  97        $status = $row[8];
  98        $type = $row[9];
  99        $view_link = 'view_entry';
 100        $entryID = 'entry' . $type . $id;
 101  
 102        $linkid = "pop$id-$key";
 103        $timestr = '';
 104        if ( $time > 0 || ( $time == 0 && $duration != 1440 ) ) {
 105          $eventstart = date_to_epoch ( $date . $time );
 106          $eventstop = $eventstart + $duration;
 107          $eventdate = date_to_str ( date ( 'Ymd', $eventstart ) );
 108          $timestr = display_time ( '', 0, $eventstart )
 109           . ( $duration > 0 ? ' - ' . display_time ( '', 0, $eventstop ) : '' );
 110        } else {
 111          // Don't shift date if All Day or Untimed.
 112          $eventdate = date_to_str ( $date );
 113          // If All Day display in popup.
 114          if ( $time == 0 && $duration == 1440 )
 115            $timestr = $allDayStr;
 116        }
 117  
 118        $ret .= ( $count == 0 ? '
 119        <tr>
 120          <td colspan="5"><h3>' . $temp_fullname . '&nbsp;' . $rssLink . '</h3></td>
 121        </tr>' : '' ) . '
 122        <tr ' . ( $count % 2 == 0 ? '' : 'class="odd"' ) . '>
 123          <td width="5%" align="right"><input type="checkbox" name="'
 124         . $entryID . '" value="' . $user . '"/></td>
 125          <td><a title="' . $viewStr . '" class="entry" id="' . $linkid
 126         . '" href="' . $view_link . '.php?id=' . $id . '&amp;user=' . $cal_user
 127         . '">' . htmlspecialchars ( $name ) . '</a> (' . $eventdate . '):</td>'
 128        /* approve */ . '
 129          <td align="center"><input type="image" src="images/check.gif" title="'
 130         . $appConStr . '" onclick="return do_confirm( \'approve\', \''
 131         . $cal_user . '\', \'' . $entryID . '\' );" /></td>'
 132        /* reject */ . '
 133          <td align="center"><input type="image" src="images/rejected.gif" title="'
 134         . $rejectStr . '" onclick="return do_confirm( \'reject\', \''
 135         . $cal_user . '\', \'' . $entryID . '\' );" /></td>'
 136        /* delete */
 137         . ( ! access_is_enabled () || access_user_calendar ( 'edit', $user ) ? '
 138          <td align="center"><input type="image" src="images/delete.png" title="'
 139           . $deleteStr . '" onclick="return do_confirm( \'delete\', \''
 140           . $cal_user . '\', \'' . $entryID . '\' );\" /></td>' : '' ) . '
 141        </tr>';
 142  
 143        $eventinfo .= build_entry_popup ( 'eventinfo-' . $linkid, $cal_user,
 144          $description, $timestr, site_extras_for_popup ( $id ) );
 145        $count++;
 146      }
 147      if ( $count > 1 )
 148        $ret .= '
 149        <tr>
 150          <td colspan="5" nowrap="nowrap">&nbsp;
 151            <img src="images/select.gif" border="0" alt="" />
 152            <label><a title="' . $checkAllStr . '" onclick="check_all( \''
 153         . $user . '\' );">' . $checkAllStr . '</a> / <a title="' . $uncheckAllStr
 154         . '" onclick="uncheck_all( \'' . $user . '\' );">' . $uncheckAllStr
 155         . '</a></label>&nbsp;&nbsp;&nbsp;
 156            <input type="image" src="images/check.gif" title="' . $appSelStr
 157         . '" onclick="return do_confirm( \'approveSelected\', \'' . $cal_user
 158         . '\' );" />&nbsp;&nbsp;&nbsp;
 159            <input type="image" src="images/rejected.gif" title="' . $rejectSelStr
 160         . '" onclick="return do_confirm( \'rejectSelected\', \'' . $cal_user
 161         . '\' );" />&nbsp;&nbsp;&nbsp;( ' . $emailStr . ' )
 162          </td>
 163        </tr>';
 164    }
 165    if ( $count == 0 )
 166      $noret .= '
 167        <tr>
 168          <td colspan="5" class="nounapproved">'
 169      // translate ( 'No unapproved entries for' )
 170      . str_replace ( 'XXX', $temp_fullname,
 171        translate ( 'No unapproved entries for XXX.' ) ) .
 172        '&nbsp;' . $rssLink . '</td>
 173        </tr>';
 174  
 175    return $ret;
 176  } //end list_unapproved ()
 177  print_header ( array ( 'js/popups.php/true' ), generate_refresh_meta () );
 178  
 179  ob_start ();
 180  
 181  echo '
 182      <h2>' . translate ( 'Unapproved Entries' ) . '</h2>';
 183  
 184  $app_user_hash = $app_users = $my_non_users = array ();
 185  $non_users = get_nonuser_cals ();
 186  foreach ( $non_users as $nonuser ) {
 187    if ( user_is_nonuser_admin ( $login, $nonuser['cal_login'] ) )
 188      $my_non_users[]['cal_login'] = $nonuser['cal_login'];
 189  }
 190  
 191  // If a user is specified, we list just that user.
 192  if ( ( $is_assistant || $is_nonuser_admin || $is_admin ||
 193      access_is_enabled () ) && ! empty ( $user ) && $user != $login ) {
 194    if ( ! access_is_enabled () ||
 195        access_user_calendar ( 'approve', $user ) ) {
 196      $app_user_hash[$user] = 1;
 197      $app_users[] = $user;
 198    } else
 199      // Not authorized to approve for specified user.
 200      echo translate ( 'Not authorized' );
 201  } else {
 202    // First, we list ourself.
 203    $app_user_hash[$login] = 1;
 204    $app_users[] = $login;
 205    if ( access_is_enabled () ) {
 206      $all = ( $NONUSER_ENABLED == 'Y'
 207        ? array_merge ( get_my_users (), $my_non_users )
 208        : get_my_users () );
 209  
 210      for ( $j = 0, $cnt = count ( $all ); $j < $cnt; $j++ ) {
 211        $x = $all[$j]['cal_login'];
 212        if ( access_user_calendar ( 'approve', $x ) &&
 213            empty ( $app_user_hash[$x] ) ) {
 214          $app_user_hash[$x] = 1;
 215          $app_users[] = $x;
 216        }
 217      }
 218    } else {
 219      if ( $is_admin && $PUBLIC_ACCESS == 'Y' &&
 220        ( empty ( $user ) || $user != '__public__' ) ) {
 221        $app_users_hash['__public__'] = 1;
 222        $app_users[] = '__public__';
 223      }
 224      $all = $my_non_users;
 225      for ( $j = 0, $cnt = count ( $all ); $j < $cnt; $j++ ) {
 226        $x = $all[$j]['cal_login'];
 227        if ( empty ( $app_user_hash[$x] ) ) {
 228          $app_user_hash[$x] = 1;
 229          $app_users[] = $x;
 230        }
 231      }
 232    }
 233  }
 234  
 235  echo '
 236      <form action="list_unapproved.php" name="listunapproved" method="post">
 237        <table border="0" summary="">';
 238  
 239  for ( $i = 0, $cnt = count ( $app_users ); $i < $cnt; $i++ ) {
 240    // List unapproved entries for this user.
 241    echo list_unapproved ( $app_users[$i] );
 242  }
 243  
 244  echo '
 245          <tr>
 246            <td colspan="5">&nbsp;</td>
 247          </tr>' // List users with no events.
 248  . $noret . '
 249        </table>
 250        <input type="hidden" name="process_action" value="" />
 251        <input type="hidden" name="process_user" value="" />
 252      </form>' . ( ! empty ( $eventinfo ) ? $eventinfo : '' ) . '
 253      <script language="javascript" type="text/javascript">
 254  <!-- <![CDATA[
 255        function check_all ( user ) {
 256          var
 257            theForm = document.forms [ \'listunapproved\' ],
 258            z;
 259  
 260          for ( z = 0; z < theForm.length; z++ ) {
 261            if ( theForm[z].type == \'checkbox\' && theForm[z].value == user )
 262              theForm[z].checked = true;
 263          }
 264        }
 265        function uncheck_all ( user ) {
 266          var
 267            theForm = document.forms[\'listunapproved\'],
 268            z;
 269  
 270          for ( z = 0; z < theForm.length; z++ ) {
 271            if ( theForm[z].type == \'checkbox\' && theForm[z].value == user )
 272              theForm[z].checked = false;
 273          }
 274        }
 275        function do_confirm ( phrase, user, id ) {
 276  
 277          form = document.listunapproved;
 278          switch ( phrase ) {
 279            case "approve":
 280              str = "' . translate ( 'Approve this entry?', true ) . '";
 281              action = \'A\';
 282              break;
 283            case "reject":
 284              str = "' . translate ( 'Reject this entry?', true ) . '";
 285              action = \'R\';
 286              break;
 287            case "delete":
 288              str = "' . str_replace ( 'XXX', translate ( 'entry' ),
 289    translate ( 'Are you sure you want to delete this XXX?' ) ) . '";
 290              action = \'D\';
 291              break;
 292            case "approveSelected":
 293              str = "' . translate ( 'Approve Selected entries?', true ) . '";
 294              action = \'A\';
 295              break;
 296            case "rejectSelected":
 297              str = "' . translate ( 'Reject Selected entries?', true ) . '";
 298              action = \'R\';
 299              break;
 300            default:
 301              str = action = \'\';
 302          }
 303          form.process_action.value = action;
 304          form.process_user.value = user;
 305          conf = confirm ( str );
 306          // We need this if only single operation.
 307          if ( id  && conf )
 308            form.elements[id].checked = true;
 309  
 310          return conf;
 311        }
 312  //]]> -->
 313      </script>
 314      ';
 315  ob_end_flush ();
 316  echo print_trailer ();
 317  
 318  ?>

title

Description

title

Description

title

Description

title

title

Body