forked from craigk5n/webcalendar
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathedit_nonusers_handler.php
More file actions
142 lines (128 loc) · 4.78 KB
/
edit_nonusers_handler.php
File metadata and controls
142 lines (128 loc) · 4.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
<?php
include_once 'includes/init.php';
require_valid_referring_url ();
load_user_layers();
if ( ! $is_admin ) {
echo print_not_auth( true ) . '</body></html>';
exit;
}
$error = '';
$delete = getPostValue ( 'delete' );
$save = getPostValue ( 'Save' );
$add = getPostValue ( 'Add' );
$nid = getPostValue ( 'nid' );
$nfirstname = getPostValue ( 'nfirstname' );
$nlastname = getPostValue ( 'nlastname' );
$nadmin = getPostValue ( 'nadmin' );
$old_admin = getPostValue ( 'old_admin' );
$ispublic = getPostValue ( 'ispublic' );
if ( empty ( $ispublic ) ) $ispublic = 'N';
if ( ! empty ( $delete ) ) {
// delete this nonuser calendar
// Get event ids for all events this user is a participant
$events = get_users_event_ids ( $nid );
// Now count number of participants in each event...
// If just 1, then save id to be deleted
$delete_em = [];
for ( $i = 0, $cnt = count ( $events ); $i < $cnt; $i++ ) {
$res = dbi_execute ( 'SELECT COUNT( * )
FROM webcal_entry_user WHERE cal_id = ?', [$events[$i]] );
if ( $res ) {
if ( $row = dbi_fetch_row ( $res ) ) {
if ( $row[0] == 1 )
$delete_em[] = $events[$i];
}
dbi_free_result ( $res );
}
}
// Now delete events that were just for this user
for ( $i = 0, $cnt = count ( $delete_em ); $i < $cnt; $i++ ) {
dbi_execute ( 'DELETE FROM webcal_entry_repeats WHERE cal_id = ?',
[$delete_em[$i]] );
dbi_execute ( 'DELETE FROM webcal_entry_repeats_not WHERE cal_id = ?',
[$delete_em[$i]] );
dbi_execute ( 'DELETE FROM webcal_entry_log WHERE cal_entry_id = ?',
[$delete_em[$i]] );
dbi_execute ( 'DELETE FROM webcal_import_data WHERE cal_id = ?',
[$delete_em[$i]] );
dbi_execute ( 'DELETE FROM webcal_site_extras WHERE cal_id = ?',
[$delete_em[$i]] );
dbi_execute ( 'DELETE FROM webcal_entry_ext_user WHERE cal_id = ?',
[$delete_em[$i]] );
dbi_execute ( 'DELETE FROM webcal_reminders WHERE cal_id =? ',
[$delete_em[$i]] );
dbi_execute ( 'DELETE FROM webcal_blob WHERE cal_id = ?',
[$delete_em[$i]] );
dbi_execute ( 'DELETE FROM webcal_entry WHERE cal_id = ?',
[$delete_em[$i]] );
}
// Delete user participation from events
dbi_execute ( 'DELETE FROM webcal_entry_user WHERE cal_login = ?',
[$nid] );
// Delete any layers other users may have that point to this user.
dbi_execute ( 'DELETE FROM webcal_user_layers WHERE cal_layeruser = ?',
[$nid] );
// Delete any UAC calendar access entries for this user.
dbi_execute ( 'DELETE FROM webcal_access_user WHERE cal_login = ?
OR cal_other_user = ?', [$nid, $nid] );
// Delete any UAC function access entries for this user.
dbi_execute ( 'DELETE FROM webcal_access_function WHERE cal_login = ?',
[$nid] );
// Delete user
if ( ! dbi_execute ( 'DELETE FROM webcal_nonuser_cals WHERE cal_login = ?',
[$nid] ) )
$error = db_error();
} else {
if ( ! empty ( $save ) ) {
// Updating
$query_params = [];
$sql = 'UPDATE webcal_nonuser_cals SET ';
if ($nlastname) {
$sql .= ' cal_lastname = ?, ';
$query_params[] = $nlastname;
}
if ($nfirstname) {
$sql .= ' cal_firstname = ?, ';
$query_params[] = $nfirstname;
}
if ( $ispublic ) {
$sql .= ' cal_is_public = ?, ';
$query_params[] = $ispublic;
}
$query_params[] = $nadmin;
$query_params[] = $nid;
if ( ! dbi_execute ( $sql . 'cal_admin = ? WHERE cal_login = ?',
$query_params ) )
$error = db_error();
} else {
// Adding
if ( preg_match ( '/^[\w]+$/', $nid ) ) {
$nid = $NONUSER_PREFIX.$nid;
if ( ! dbi_execute ( 'INSERT INTO webcal_nonuser_cals ( cal_login,
cal_firstname, cal_lastname, cal_admin, cal_is_public )
VALUES ( ?, ?, ?, ?, ? )',
[$nid, $nfirstname, $nlastname, $nadmin, $ispublic] ) ) {
$error = db_error();
}
} else {
$error = translate ( 'Calendar ID' ).' '.translate ( 'word characters only' ).'.';
}
}
//Add entry in UAC access table for new admin and remove for of admin
//first delete any record for this user/nuc combo
dbi_execute ( 'DELETE FROM webcal_access_user WHERE cal_login = ?
AND cal_other_user = ?', [$nadmin, $nid] );
if ( ! dbi_execute ( 'INSERT INTO webcal_access_user ( cal_login,
cal_other_user, cal_can_view, cal_can_edit, cal_can_approve, cal_can_invite,
cal_can_email, cal_see_time_only ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ? )',
[$nadmin, $nid, 511, 511, 511, 'Y', 'Y', 'N'] ) ) {
die_miserable_death ( translate ( 'Database error' ) . ': ' . dbi_error() );
}
// Delete old admin...
//TODO Make this an optional step
if ( ! empty ( $old_admin ) )
dbi_execute ( 'DELETE FROM webcal_access_user WHERE cal_login = ?
AND cal_other_user = ?', [$old_admin, $nid] );
}
echo error_check('users.php?tab=nonusers', false);
?>