3 * @copyright Copyright (C) 2020, Friendica
5 * @license GNU AGPL version 3 or any later version
7 * This program is free software: you can redistribute it and/or modify
8 * it under the terms of the GNU Affero General Public License as
9 * published by the Free Software Foundation, either version 3 of the
10 * License, or (at your option) any later version.
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU Affero General Public License for more details.
17 * You should have received a copy of the GNU Affero General Public License
18 * along with this program. If not, see <https://www.gnu.org/licenses/>.
24 use Friendica\Content\Nav;
25 use Friendica\Content\Widget\CalendarExport;
26 use Friendica\Core\ACL;
27 use Friendica\Core\Logger;
28 use Friendica\Core\Renderer;
29 use Friendica\Core\Theme;
30 use Friendica\Core\Worker;
31 use Friendica\Database\DBA;
33 use Friendica\Model\Event;
34 use Friendica\Model\Item;
35 use Friendica\Model\User;
36 use Friendica\Module\BaseProfile;
37 use Friendica\Module\Security\Login;
38 use Friendica\Util\DateTimeFormat;
39 use Friendica\Util\Strings;
40 use Friendica\Util\Temporal;
41 use Friendica\Worker\Delivery;
43 function events_init(App $a)
49 // If it's a json request abort here because we don't
50 // need the widget data
51 if ($a->argc > 1 && $a->argv[1] === 'json') {
55 if (empty(DI::page()['aside'])) {
56 DI::page()['aside'] = '';
59 $cal_widget = CalendarExport::getHTML();
61 DI::page()['aside'] .= $cal_widget;
66 function events_post(App $a)
69 Logger::debug('post', ['request' => $_REQUEST]);
75 $event_id = !empty($_POST['event_id']) ? intval($_POST['event_id']) : 0;
76 $cid = !empty($_POST['cid']) ? intval($_POST['cid']) : 0;
79 $start_text = Strings::escapeHtml($_REQUEST['start_text'] ?? '');
80 $finish_text = Strings::escapeHtml($_REQUEST['finish_text'] ?? '');
82 $adjust = intval($_POST['adjust'] ?? 0);
83 $nofinish = intval($_POST['nofinish'] ?? 0);
85 // The default setting for the `private` field in event_store() is false, so mirror that
86 $private_event = false;
88 $start = DBA::NULL_DATETIME;
89 $finish = DBA::NULL_DATETIME;
96 $finish = $finish_text;
100 $start = DateTimeFormat::convert($start, 'UTC', date_default_timezone_get());
102 $finish = DateTimeFormat::convert($finish, 'UTC', date_default_timezone_get());
105 $start = DateTimeFormat::utc($start);
107 $finish = DateTimeFormat::utc($finish);
111 // Don't allow the event to finish before it begins.
112 // It won't hurt anything, but somebody will file a bug report
113 // and we'll waste a bunch of time responding to it. Time that
114 // could've been spent doing something else.
116 $summary = trim($_POST['summary'] ?? '');
117 $desc = trim($_POST['desc'] ?? '');
118 $location = trim($_POST['location'] ?? '');
122 'summary' => $summary,
123 'description' => $desc,
124 'location' => $location,
125 'start' => $start_text,
126 'finish' => $finish_text,
128 'nofinish' => $nofinish,
131 $action = ($event_id == '') ? 'new' : 'event/' . $event_id;
132 $onerror_path = 'events/' . $action . '?' . http_build_query($params, null, null, PHP_QUERY_RFC3986);
134 if (strcmp($finish, $start) < 0 && !$nofinish) {
135 notice(DI::l10n()->t('Event can not end before it has started.'));
136 if (intval($_REQUEST['preview'])) {
137 echo DI::l10n()->t('Event can not end before it has started.');
140 DI::baseUrl()->redirect($onerror_path);
143 if (!$summary || ($start === DBA::NULL_DATETIME)) {
144 notice(DI::l10n()->t('Event title and start time are required.'));
145 if (intval($_REQUEST['preview'])) {
146 echo DI::l10n()->t('Event title and start time are required.');
149 DI::baseUrl()->redirect($onerror_path);
152 $share = intval($_POST['share'] ?? 0);
154 $c = q("SELECT `id` FROM `contact` WHERE `uid` = %d AND `self` LIMIT 1",
158 if (DBA::isResult($c)) {
166 $user = User::getById($uid, ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);
167 if (!DBA::isResult($user)) {
171 $aclFormatter = DI::aclFormatter();
172 $str_contact_allow = isset($_REQUEST['contact_allow']) ? $aclFormatter->toString($_REQUEST['contact_allow']) : $user['allow_cid'] ?? '';
173 $str_group_allow = isset($_REQUEST['group_allow']) ? $aclFormatter->toString($_REQUEST['group_allow']) : $user['allow_gid'] ?? '';
174 $str_contact_deny = isset($_REQUEST['contact_deny']) ? $aclFormatter->toString($_REQUEST['contact_deny']) : $user['deny_cid'] ?? '';
175 $str_group_deny = isset($_REQUEST['group_deny']) ? $aclFormatter->toString($_REQUEST['group_deny']) : $user['deny_gid'] ?? '';
177 $visibility = $_REQUEST['visibility'] ?? '';
178 if ($visibility === 'public') {
179 // The ACL selector introduced in version 2019.12 sends ACL input data even when the Public visibility is selected
180 $str_contact_allow = $str_group_allow = $str_contact_deny = $str_group_deny = '';
181 } else if ($visibility === 'custom') {
182 // Since we know from the visibility parameter the item should be private, we have to prevent the empty ACL
183 // case that would make it public. So we always append the author's contact id to the allowed contacts.
184 // See https://github.com/friendica/friendica/issues/9672
185 $str_contact_allow .= $aclFormatter->toString(Contact::getPublicIdByUserId($uid));
188 $str_contact_allow = '<' . $self . '>';
189 $str_group_allow = $str_contact_deny = $str_group_deny = '';
192 // Make sure to set the `private` field as true. This is necessary to
193 // have the posts show up correctly in Diaspora if an event is created
194 // as visible only to self at first, but then edited to display to others.
195 if (strlen($str_group_allow) || strlen($str_contact_allow) || strlen($str_group_deny) || strlen($str_contact_deny)) {
196 $private_event = true;
200 $datarray['start'] = $start;
201 $datarray['finish'] = $finish;
202 $datarray['summary'] = $summary;
203 $datarray['desc'] = $desc;
204 $datarray['location'] = $location;
205 $datarray['type'] = $type;
206 $datarray['adjust'] = $adjust;
207 $datarray['nofinish'] = $nofinish;
208 $datarray['uid'] = $uid;
209 $datarray['cid'] = $cid;
210 $datarray['allow_cid'] = $str_contact_allow;
211 $datarray['allow_gid'] = $str_group_allow;
212 $datarray['deny_cid'] = $str_contact_deny;
213 $datarray['deny_gid'] = $str_group_deny;
214 $datarray['private'] = $private_event;
215 $datarray['id'] = $event_id;
217 if (intval($_REQUEST['preview'])) {
218 $html = Event::getHTML($datarray);
223 $item_id = Event::store($datarray);
226 Worker::add(PRIORITY_HIGH, "Notifier", Delivery::POST, $item_id);
229 DI::baseUrl()->redirect('events');
232 function events_content(App $a)
235 notice(DI::l10n()->t('Permission denied.'));
236 return Login::form();
240 $_SESSION['return_path'] = DI::args()->getCommand();
243 if (($a->argc > 2) && ($a->argv[1] === 'ignore') && intval($a->argv[2])) {
244 q("UPDATE `event` SET `ignore` = 1 WHERE `id` = %d AND `uid` = %d",
250 if (($a->argc > 2) && ($a->argv[1] === 'unignore') && intval($a->argv[2])) {
251 q("UPDATE `event` SET `ignore` = 0 WHERE `id` = %d AND `uid` = %d",
257 if ($a->theme_events_in_profile) {
258 Nav::setSelected('home');
260 Nav::setSelected('events');
263 // get the translation strings for the callendar
264 $i18n = Event::getStrings();
266 DI::page()->registerStylesheet('view/asset/fullcalendar/dist/fullcalendar.min.css');
267 DI::page()->registerStylesheet('view/asset/fullcalendar/dist/fullcalendar.print.min.css', 'print');
268 DI::page()->registerFooterScript('view/asset/moment/min/moment-with-locales.min.js');
269 DI::page()->registerFooterScript('view/asset/fullcalendar/dist/fullcalendar.min.js');
271 $htpl = Renderer::getMarkupTemplate('event_head.tpl');
272 DI::page()['htmlhead'] .= Renderer::replaceMacros($htpl, [
273 '$module_url' => '/events',
281 if ($a->theme_events_in_profile) {
282 $tabs = BaseProfile::getTabsHTML($a, 'events', true);
288 $ignored = !empty($_REQUEST['ignored']) ? intval($_REQUEST['ignored']) : 0;
291 if ($a->argc > 2 && $a->argv[1] == 'event') {
293 $event_id = intval($a->argv[2]);
295 if ($a->argc > 2 && $a->argv[1] == 'drop') {
297 $event_id = intval($a->argv[2]);
299 if ($a->argc > 2 && $a->argv[1] == 'copy') {
301 $event_id = intval($a->argv[2]);
303 if ($a->argv[1] === 'new') {
307 if ($a->argc > 2 && intval($a->argv[1]) && intval($a->argv[2])) {
309 $y = intval($a->argv[1]);
310 $m = intval($a->argv[2]);
314 // The view mode part is similiar to /mod/cal.php
315 if ($mode == 'view') {
316 $thisyear = DateTimeFormat::localNow('Y');
317 $thismonth = DateTimeFormat::localNow('m');
319 $y = intval($thisyear);
322 $m = intval($thismonth);
325 // Put some limits on dates. The PHP date functions don't seem to do so well before 1900.
326 // An upper limit was chosen to keep search engines from exploring links millions of years in the future.
335 $dim = Temporal::getDaysInMonth($y, $m);
336 $start = sprintf('%d-%d-%d %d:%d:%d', $y, $m, 1, 0, 0, 0);
337 $finish = sprintf('%d-%d-%d %d:%d:%d', $y, $m, $dim, 23, 59, 59);
339 if ($a->argc > 1 && $a->argv[1] === 'json') {
340 if (!empty($_GET['start'])) {
341 $start = $_GET['start'];
343 if (!empty($_GET['end'])) {
344 $finish = $_GET['end'];
348 $start = DateTimeFormat::utc($start);
349 $finish = DateTimeFormat::utc($finish);
351 $adjust_start = DateTimeFormat::local($start);
352 $adjust_finish = DateTimeFormat::local($finish);
354 // put the event parametes in an array so we can better transmit them
356 'event_id' => intval($_GET['id'] ?? 0),
359 'adjust_start' => $adjust_start,
360 'adjust_finish' => $adjust_finish,
361 'ignore' => $ignored,
364 // get events by id or by date
365 if ($event_params['event_id']) {
366 $r = Event::getListById(local_user(), $event_params['event_id']);
368 $r = Event::getListByDate(local_user(), $event_params);
373 if (DBA::isResult($r)) {
374 $r = Event::sortByDate($r);
375 foreach ($r as $rr) {
376 $j = $rr['adjust'] ? DateTimeFormat::local($rr['start'], 'j') : DateTimeFormat::utc($rr['start'], 'j');
377 if (empty($links[$j])) {
378 $links[$j] = DI::baseUrl() . '/' . DI::args()->getCommand() . '#link-' . $j;
385 // transform the event in a usable array
386 if (DBA::isResult($r)) {
387 $r = Event::sortByDate($r);
388 $events = Event::prepareListForTemplate($r);
391 if ($a->argc > 1 && $a->argv[1] === 'json') {
392 header('Content-Type: application/json');
393 echo json_encode($events);
397 if (!empty($_GET['id'])) {
398 $tpl = Renderer::getMarkupTemplate("event.tpl");
400 $tpl = Renderer::getMarkupTemplate("events_js.tpl");
403 // Get rid of dashes in key names, Smarty3 can't handle them
404 foreach ($events as $key => $event) {
406 foreach ($event['item'] as $k => $v) {
407 $k = str_replace('-', '_', $k);
408 $event_item[$k] = $v;
410 $events[$key]['item'] = $event_item;
413 // ACL blocks are loaded in modals in frio
414 DI::page()->registerFooterScript(Theme::getPathForFile('asset/typeahead.js/dist/typeahead.bundle.js'));
415 DI::page()->registerFooterScript(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.js'));
416 DI::page()->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput.css'));
417 DI::page()->registerStylesheet(Theme::getPathForFile('js/friendica-tagsinput/friendica-tagsinput-typeahead.css'));
419 $o = Renderer::replaceMacros($tpl, [
421 '$title' => DI::l10n()->t('Events'),
422 '$view' => DI::l10n()->t('View'),
423 '$new_event' => [DI::baseUrl() . '/events/new', DI::l10n()->t('Create New Event'), '', ''],
424 '$previous' => [DI::baseUrl() . '/events/$prevyear/$prevmonth', DI::l10n()->t('Previous'), '', ''],
425 '$next' => [DI::baseUrl() . '/events/$nextyear/$nextmonth', DI::l10n()->t('Next'), '', ''],
426 '$calendar' => Temporal::getCalendarTable($y, $m, $links, ' eventcal'),
428 '$events' => $events,
430 '$today' => DI::l10n()->t('today'),
431 '$month' => DI::l10n()->t('month'),
432 '$week' => DI::l10n()->t('week'),
433 '$day' => DI::l10n()->t('day'),
434 '$list' => DI::l10n()->t('list'),
437 if (!empty($_GET['id'])) {
445 if (($mode === 'edit' || $mode === 'copy') && $event_id) {
446 $r = q("SELECT * FROM `event` WHERE `id` = %d AND `uid` = %d LIMIT 1",
450 if (DBA::isResult($r)) {
455 // Passed parameters overrides anything found in the DB
456 if (in_array($mode, ['edit', 'new', 'copy'])) {
458 $share_disabled = '';
460 if (empty($orig_event)) {
461 $orig_event = User::getById(local_user(), ['allow_cid', 'allow_gid', 'deny_cid', 'deny_gid']);;
462 } elseif ($orig_event['allow_cid'] !== '<' . local_user() . '>'
463 || $orig_event['allow_gid']
464 || $orig_event['deny_cid']
465 || $orig_event['deny_gid']) {
466 $share_checked = ' checked="checked" ';
469 // In case of an error the browser is redirected back here, with these parameters filled in with the previous values
470 if (!empty($_REQUEST['nofinish'])) {$orig_event['nofinish'] = $_REQUEST['nofinish'];}
471 if (!empty($_REQUEST['adjust'])) {$orig_event['adjust'] = $_REQUEST['adjust'];}
472 if (!empty($_REQUEST['summary'])) {$orig_event['summary'] = $_REQUEST['summary'];}
473 if (!empty($_REQUEST['desc'])) {$orig_event['desc'] = $_REQUEST['desc'];}
474 if (!empty($_REQUEST['location'])) {$orig_event['location'] = $_REQUEST['location'];}
475 if (!empty($_REQUEST['start'])) {$orig_event['start'] = $_REQUEST['start'];}
476 if (!empty($_REQUEST['finish'])) {$orig_event['finish'] = $_REQUEST['finish'];}
478 $n_checked = (!empty($orig_event['nofinish']) ? ' checked="checked" ' : '');
479 $a_checked = (!empty($orig_event['adjust']) ? ' checked="checked" ' : '');
481 $t_orig = $orig_event['summary'] ?? '';
482 $d_orig = $orig_event['desc'] ?? '';
483 $l_orig = $orig_event['location'] ?? '';
484 $eid = $orig_event['id'] ?? 0;
485 $cid = $orig_event['cid'] ?? 0;
486 $uri = $orig_event['uri'] ?? '';
488 if ($cid || $mode === 'edit') {
489 $share_disabled = 'disabled="disabled"';
492 $sdt = $orig_event['start'] ?? 'now';
493 $fdt = $orig_event['finish'] ?? 'now';
495 $tz = date_default_timezone_get();
496 if (!empty($orig_event)) {
497 $tz = ($orig_event['adjust'] ? date_default_timezone_get() : 'UTC');
500 $syear = DateTimeFormat::convert($sdt, $tz, 'UTC', 'Y');
501 $smonth = DateTimeFormat::convert($sdt, $tz, 'UTC', 'm');
502 $sday = DateTimeFormat::convert($sdt, $tz, 'UTC', 'd');
504 $shour = !empty($orig_event) ? DateTimeFormat::convert($sdt, $tz, 'UTC', 'H') : '00';
505 $sminute = !empty($orig_event) ? DateTimeFormat::convert($sdt, $tz, 'UTC', 'i') : '00';
507 $fyear = DateTimeFormat::convert($fdt, $tz, 'UTC', 'Y');
508 $fmonth = DateTimeFormat::convert($fdt, $tz, 'UTC', 'm');
509 $fday = DateTimeFormat::convert($fdt, $tz, 'UTC', 'd');
511 $fhour = !empty($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'H') : '00';
512 $fminute = !empty($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'i') : '00';
514 if (!$cid && in_array($mode, ['new', 'copy'])) {
515 $acl = ACL::getFullSelectorHTML(DI::page(), $a->user, false, ACL::getDefaultUserPermissions($orig_event));
520 // If we copy an old event, we need to remove the ID and URI
521 // from the original event.
522 if ($mode === 'copy') {
527 $tpl = Renderer::getMarkupTemplate('event_form.tpl');
529 $o .= Renderer::replaceMacros($tpl, [
530 '$post' => DI::baseUrl() . '/events',
535 '$title' => DI::l10n()->t('Event details'),
536 '$desc' => DI::l10n()->t('Starting date and Title are required.'),
537 '$s_text' => DI::l10n()->t('Event Starts:') . ' <span class="required" title="' . DI::l10n()->t('Required') . '">*</span>',
538 '$s_dsel' => Temporal::getDateTimeField(
540 DateTime::createFromFormat('Y', intval($syear) + 5),
541 DateTime::createFromFormat('Y-m-d H:i', "$syear-$smonth-$sday $shour:$sminute"),
542 DI::l10n()->t('Event Starts:'),
550 '$n_text' => DI::l10n()->t('Finish date/time is not known or not relevant'),
551 '$n_checked' => $n_checked,
552 '$f_text' => DI::l10n()->t('Event Finishes:'),
553 '$f_dsel' => Temporal::getDateTimeField(
555 DateTime::createFromFormat('Y', intval($fyear) + 5),
556 DateTime::createFromFormat('Y-m-d H:i', "$fyear-$fmonth-$fday $fhour:$fminute"),
557 DI::l10n()->t('Event Finishes:'),
563 '$a_text' => DI::l10n()->t('Adjust for viewer timezone'),
564 '$a_checked' => $a_checked,
565 '$d_text' => DI::l10n()->t('Description:'),
566 '$d_orig' => $d_orig,
567 '$l_text' => DI::l10n()->t('Location:'),
568 '$l_orig' => $l_orig,
569 '$t_text' => DI::l10n()->t('Title:') . ' <span class="required" title="' . DI::l10n()->t('Required') . '">*</span>',
570 '$t_orig' => $t_orig,
571 '$summary' => ['summary', DI::l10n()->t('Title:'), $t_orig, '', '*'],
572 '$sh_text' => DI::l10n()->t('Share this event'),
573 '$share' => ['share', DI::l10n()->t('Share this event'), $share_checked, '', $share_disabled],
574 '$sh_checked' => $share_checked,
575 '$nofinish' => ['nofinish', DI::l10n()->t('Finish date/time is not known or not relevant'), $n_checked],
576 '$adjust' => ['adjust', DI::l10n()->t('Adjust for viewer timezone'), $a_checked],
577 '$preview' => DI::l10n()->t('Preview'),
579 '$submit' => DI::l10n()->t('Submit'),
580 '$basic' => DI::l10n()->t('Basic'),
581 '$advanced' => DI::l10n()->t('Advanced'),
582 '$permissions' => DI::l10n()->t('Permissions'),
588 // Remove an event from the calendar and its related items
589 if ($mode === 'drop' && $event_id) {
590 $ev = Event::getListById(local_user(), $event_id);
592 // Delete only real events (no birthdays)
593 if (DBA::isResult($ev) && $ev[0]['type'] == 'event') {
594 Item::deleteForUser(['id' => $ev[0]['itemid']], local_user());
597 if (Item::exists(['id' => $ev[0]['itemid']])) {
598 notice(DI::l10n()->t('Failed to remove event'));
601 DI::baseUrl()->redirect('events');