mod/events.php

   1 <?php
   2
   3 require_once('include/datetime.php');
   4 require_once('include/event.php');
   5
   6 function events_post(&$a) {
   7
   8         if(! local_user())
   9                 return;
  10
  11         $event_id = ((x($_POST,'event_id')) ? intval($_POST['event_id']) : 0);
  12         $uid      = local_user();
  13         $start    = strip_tags($_POST['start']);
  14         $finish   = strip_tags($_POST['finish']);
  15         $desc     = escape_tags($_POST['desc']);
  16         $location = escape_tags($_POST['location']);
  17         $type     = 'event';
  18         $adjust   = intval($_POST['adjust']);
  19
  20         $str_group_allow   = perms2str($_POST['group_allow']);
  21         $str_contact_allow = perms2str($_POST['contact_allow']);
  22         $str_group_deny    = perms2str($_POST['group_deny']);
  23         $str_contact_deny  = perms2str($_POST['contact_deny']);
  24
  25
  26         if($event_id) {
  27                 $r = q("UPDATE `event` SET
  28                         `edited` = '%s',
  29                         `start` = '%s',
  30                         `finish` = '%s',
  31                         `desc` = '%s',
  32                         `location` = '%s',
  33                         `type` = '%s',
  34                         `adjust` = %d,
  35                         `allow_cid` = '%s',
  36                         `allow_gid` = '%s',
  37                         `deny_cid` = '%s',
  38                         `deny_gid` = '%s'
  39                         WHERE `id` = %d AND `uid` = %d LIMIT 1",
  40
  41                         dbesc(datetime_convert()),
  42                         dbesc($start),
  43                         dbesc($finish),
  44                         dbesc($desc),
  45                         dbesc($location),
  46                         dbesc($type),
  47                         intval($adjust),
  48                         dbesc($str_contact_allow),
  49                         dbesc($str_group_allow),
  50                         dbesc($str_contact_deny),
  51                         dbesc($str_group_deny),
  52                         intval($event_id),
  53                         intval($local_user())
  54                 );
  55
  56         }
  57         else {
  58
  59                 $uri = item_new_uri($a->get_hostname(),local_user());
  60
  61                 $r = q("INSERT INTO `event` ( `uid`,`uri`,`created`,`edited`,`start`,`finish`,`desc`,`location`,`type`,
  62                         `adjust`,`allow_cid`,`allow_gid`,`deny_cid`,`deny_gid`)
  63                         VALUES ( %d, '%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %d, '%s', '%s', '%s', '%s' ) ",
  64                         intval(local_user()),
  65
  66                         dbesc(datetime_convert()),
  67                         dbesc(datetime_convert()),
  68                         dbesc($start),
  69                         dbesc($finish),
  70                         dbesc($desc),
  71                         dbesc($location),
  72                         dbesc($type),
  73                         intval($adjust),
  74                         dbesc($str_contact_allow),
  75                         dbesc($str_group_allow),
  76                         dbesc($str_contact_deny),
  77                         dbesc($str_group_deny)
  78
  79                 );
  80         }
  81
  82 }
  83
  84
  85
  86 function events_content(&$a) {
  87
  88         if(! local_user()) {
  89                 notice( t('Permission denied.') . EOL);
  90                 return;
  91         }
  92
  93         $mode = 'view';
  94         $y = 0;
  95         $m = 0;
  96
  97         if($a->argc > 1) {
  98                 if($a->argc > 2 && $a->argv[1] == 'event') {
  99                         $mode = 'edit';
 100                         $event_id = intval($a->argv[2]);
 101                 }
 102                 if($a->argv[1] === 'new') {
 103                         $mode = 'new';
 104                         $event_id = 0;
 105                 }
 106                 if($a->argc > 2 && intval($a->argv[1]) && intval($a->argv[2])) {
 107                         $mode = 'view';
 108                         $y = intval($a->argv[1]);
 109                         $m = intval($a->argv[2]);
 110                 }
 111         }
 112
 113         if($mode == 'view') {
 114             $thisyear = datetime_convert('UTC',date_default_timezone_get(),'now','Y');
 115         $thismonth = datetime_convert('UTC',date_default_timezone_get(),'now','m');
 116                 if(! $y)
 117                         $y = intval($thisyear);
 118                 if(! $m)
 119                         $m = intval($thismonth);
 120
 121
 122                 $o .= cal($y,$m,false);
 123
 124                 return $o;
 125         }
 126
 127         if($mode === 'edit' || $mode === 'new') {
 128                 $tpl = get_markup_template('event_form.tpl');
 129
 130                 $year = datetime_convert('UTC', date_default_timezone_get(), 'now', 'Y');
 131
 132
 133                 $o .= replace_macros($tpl,array(
 134                         '$post' => $a->get_baseurl() . '/events',
 135                         '$e_text' => t('Event details'),
 136                         '$s_text' => t('Starting date/time:'),
 137                         '$s_dsel' => datesel('start',$year+5,$year,false,$year,0,0),
 138                         '$s_tsel' => timesel('start',0,0),
 139                         '$f_text' => t('Finish date/time:'),
 140                         '$f_dsel' => datesel('start',$year+5,$year,false,$year,0,0),
 141                         '$f_tsel' => timesel('start',0,0),
 142                         '$d_text' => t('Description:'),
 143                         '$d_orig' => '',
 144                         '$l_text' => t('Location:'),
 145                         '$l_orig' => '',
 146                         '$submit' => t('Submit')
 147
 148                 ));
 149
 150                 return $o;
 151         }
 152 }