forked from craigk5n/webcalendar
-
Notifications
You must be signed in to change notification settings - Fork 0
/
approve_entry.php
147 lines (133 loc) · 5.08 KB
/
approve_entry.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
<?php
include_once 'includes/init.php';
require_valid_referring_url ();
require ( 'includes/classes/WebCalMailer.class' );
$error = '';
if ( $readonly == 'Y' )
$error = print_not_auth();
// Give user a chance to add comments to approval email.
if ( getPostValue( 'comments' ) !== null ) {
$comments = getPostValue ( 'comments' );
$cancel = getPostValue ( 'cancel' );
} else
if ( empty ( $ret ) ) {
$q_string = ( ! empty ( $_SERVER['QUERY_STRING'] )
? '?' . $_SERVER['QUERY_STRING'] : '' );
print_header();
echo '
<form action="approve_entry.php' . $q_string
. '" method="post" name="add_comments">
<table cellspacing="5">
<tr>
<td class="aligncenter alignbottom"><h3>'
. translate ( 'Additional Comments (optional)' ) . '</h3></td>
<tr>
<tr>
<td class="aligncenter"><textarea name="comments" rows="5" '
. 'cols="60"></textarea></td>
</tr>
<tr>
<td class="aligncenter">
<input type="submit" value="' . translate ( 'Approve and Send' )
. '" />
<input type="submit" id="cancel" name="cancel" value="'
. translate( 'Approve and Exit' ) . '" />
</td>
</tr>
<tr>
<td>'
. translate ( '(Your comments will be emailed to the event creator.)' ) . '</td>
</tr>
</table>
</form>
</body>
</html>
';
exit;
}
$user = getValue ( 'user' );
$type = getValue ( 'type' );
$id = getValue ( 'id' );
// Allow administrators to approve public events.
$app_user = ( $PUBLIC_ACCESS == 'Y' && ! empty ( $public ) && $is_admin
? '__public__' : ( $is_assistant || $is_nonuser_admin ? $user : $login ) );
// If User Access Control is enabled, we check to see if they are
// allowed to approve for the specified user.
if ( access_is_enabled() && ! empty ( $user ) && $user != $login &&
access_user_calendar ( 'approve', $user ) )
$app_user = $user;
if ( empty ( $error ) && $id > 0 )
update_status ( 'A', $app_user, $id, $type );
if ( ! empty ( $comments ) && empty ( $cancel ) ) {
$mail = new WebCalMailer;
// Email event creator to notify that it was approved with comments.
// Get the name of the event.
$res = dbi_execute ( 'SELECT cal_name, cal_description, cal_date, cal_time, cal_create_by
FROM webcal_entry
WHERE cal_id = ?', [$id] );
if ( $res ) {
$row = dbi_fetch_row ( $res );
$name = $row[0];
$description = $row[1];
$fmtdate = $row[2];
$time = sprintf ( "%06d", $row[3] );
$creator = $row[4];
dbi_free_result ( $res );
}
$eventstart = date_to_epoch ( $fmtdate . $time );
// TODO figure out if creator wants approved comment email.
// Check UAC.
$send_user_mail = ( access_is_enabled()
? access_user_calendar ( 'email', $creator, $login ) : 'Y' );
$htmlmail = get_pref_setting ( $creator, 'EMAIL_HTML' );
user_load_variables ( $creator, 'temp' );
$user_TIMEZONE = get_pref_setting ( $creator, 'TIMEZONE' );
set_env ( 'TZ', $user_TIMEZONE );
$user_language = get_pref_setting ( $creator, 'LANGUAGE' );
if ( $send_user_mail == 'Y' && strlen ( $tempemail ) && $SEND_EMAIL != 'N' ) {
reset_language ( empty ( $user_language ) || ( $user_language == 'none' )
? $LANGUAGE : $user_language );
$msg = str_replace ( 'XXX', $tempfullname, translate ( 'Hello, XXX.' ) )
. "\n\n" . str_replace ( 'XXX', $login_fullname,
translate ( 'XXX has approved an appointment and added comments.' ) ) . "\n\n"
. str_replace ( 'XXX', $name, translate ( 'Subject XXX' ) ) . "\n"
. str_replace ( 'XXX', $description, translate ( 'Description XXX' ) ) . "\n"
. str_replace ( 'XXX', date_to_str ( $fmtdate ), translate ( 'Date XXX' ) )
. ' ' . ( empty ( $hour ) && empty ( $minute )
? '' : str_replace ( 'XXX',
// Display using user's GMT offset and display TZID.
display_time ( '', 2, $eventstart,
get_pref_setting ( $creator, 'TIME_FORMAT' ) ),
translate ( 'Time XXX' ) ) ) . "\n";
if ( ! empty ( $SERVER_URL ) ) {
// DON'T change & to & here. email will handle it
$url = $SERVER_URL . 'view_entry.php?id=' . $id . '&em=1';
if ( $htmlmail == 'Y' )
$url = activate_urls ( $url );
$msg .= "\n" . $url;
}
if ( ! empty ( $comments ) )
$msg .= "\n\n" . str_replace ( 'XXX', $comments,
translate ( 'Comments XXX' ) );
$from = ( strlen ( $login_email ) ? $login_email : $EMAIL_FALLBACK_FROM );
// Send mail.
$mail->WC_Send ( $login_fullname, $tempemail,
$tempfullname, $name, $msg, $htmlmail, $from );
activity_log ( $id, $login, $creator, LOG_NOTIFICATION,
str_replace ( 'XXX', $app_user,
translate ( 'Approved w/Comments by XXX.' ) ) );
}
}
// Return to login TIMEZONE.
set_env ( 'TZ', $TIMEZONE );
if ( empty ( $error ) && empty ( $mailerError ) ) {
do_redirect ( ! empty ( $ret ) && $ret == 'listall'
? 'list_unapproved.php'
: ( ( ! empty ( $ret ) && $ret == 'list'
? 'list_unapproved.php?'
: 'view_entry.php?id=' . $id . '&' ) . 'user=' . $app_user ) );
exit;
}
// Process errors.
$mail->MailError ( $mailerError, $error );
?>