X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;ds=sidebyside;f=mod%2Fevents.php;h=f147e005459ab85f1b7c21710007c368a833254e;hb=66bf39216b890a0b89f9bef537204a5e637ac8b1;hp=c4d40252d37c72e905ec2175de5fe512a0c4cc51;hpb=d7bb671b776f2e947f1d34090d8ad899c0eb3d9b;p=friendica.git diff --git a/mod/events.php b/mod/events.php index c4d40252d3..f147e00545 100644 --- a/mod/events.php +++ b/mod/events.php @@ -9,18 +9,23 @@ use Friendica\Content\Nav; use Friendica\Content\Widget\CalendarExport; use Friendica\Core\ACL; use Friendica\Core\L10n; +use Friendica\Core\Logger; +use Friendica\Core\Renderer; use Friendica\Core\System; use Friendica\Core\Worker; use Friendica\Database\DBA; use Friendica\Model\Event; use Friendica\Model\Item; use Friendica\Model\Profile; +use Friendica\Module\Login; use Friendica\Util\DateTimeFormat; +use Friendica\Util\Strings; use Friendica\Util\Temporal; require_once 'include/items.php'; -function events_init(App $a) { +function events_init(App $a) +{ if (!local_user()) { return; } @@ -42,20 +47,21 @@ function events_init(App $a) { return; } -function events_post(App $a) { +function events_post(App $a) +{ - logger('post: ' . print_r($_REQUEST, true), LOGGER_DATA); + Logger::log('post: ' . print_r($_REQUEST, true), Logger::DATA); if (!local_user()) { return; } - $event_id = (x($_POST, 'event_id') ? intval($_POST['event_id']) : 0); - $cid = (x($_POST, 'cid') ? intval($_POST['cid']) : 0); + $event_id = !empty($_POST['event_id']) ? intval($_POST['event_id']) : 0; + $cid = !empty($_POST['cid']) ? intval($_POST['cid']) : 0; $uid = local_user(); - $start_text = escape_tags(defaults($_REQUEST, 'start_text', '')); - $finish_text = escape_tags(defaults($_REQUEST, 'finish_text', '')); + $start_text = Strings::escapeHtml(defaults($_REQUEST, 'start_text', '')); + $finish_text = Strings::escapeHtml(defaults($_REQUEST, 'finish_text', '')); $adjust = intval(defaults($_POST, 'adjust', 0)); $nofinish = intval(defaults($_POST, 'nofinish', 0)); @@ -63,8 +69,8 @@ function events_post(App $a) { // The default setting for the `private` field in event_store() is false, so mirror that $private_event = false; - $start = NULL_DATE; - $finish = NULL_DATE; + $start = DBA::NULL_DATETIME; + $finish = DBA::NULL_DATETIME; if ($start_text) { $start = $start_text; @@ -91,13 +97,13 @@ function events_post(App $a) { // and we'll waste a bunch of time responding to it. Time that // could've been spent doing something else. - $summary = escape_tags(trim(defaults($_POST, 'summary', ''))); - $desc = escape_tags(trim(defaults($_POST, 'desc', ''))); - $location = escape_tags(trim(defaults($_POST, 'location', ''))); + $summary = Strings::escapeHtml(trim(defaults($_POST, 'summary', ''))); + $desc = Strings::escapeHtml(trim(defaults($_POST, 'desc', ''))); + $location = Strings::escapeHtml(trim(defaults($_POST, 'location', ''))); $type = 'event'; $action = ($event_id == '') ? 'new' : "event/" . $event_id; - $onerror_url = System::baseUrl() . "/events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish"; + $onerror_path = "events/" . $action . "?summary=$summary&description=$desc&location=$location&start=$start_text&finish=$finish_text&adjust=$adjust&nofinish=$nofinish"; if (strcmp($finish, $start) < 0 && !$nofinish) { notice(L10n::t('Event can not end before it has started.') . EOL); @@ -105,16 +111,16 @@ function events_post(App $a) { echo L10n::t('Event can not end before it has started.'); killme(); } - goaway($onerror_url); + $a->internalRedirect($onerror_path); } - if (!$summary || ($start === NULL_DATE)) { + if (!$summary || ($start === DBA::NULL_DATETIME)) { notice(L10n::t('Event title and start time are required.') . EOL); if (intval($_REQUEST['preview'])) { echo L10n::t('Event title and start time are required.'); killme(); } - goaway($onerror_url); + $a->internalRedirect($onerror_path); } $share = intval(defaults($_POST, 'share', 0)); @@ -137,7 +143,7 @@ function events_post(App $a) { $str_contact_deny = !empty($_POST['contact_deny']) ? perms2str($_POST['contact_deny']) : ''; // Undo the pseudo-contact of self, since there are real contacts now - if (strpos($str_contact_allow, '<' . $self . '>') !== false ) { + if (strpos($str_contact_allow, '<' . $self . '>') !== false) { $str_contact_allow = str_replace('<' . $self . '>', '', $str_contact_allow); } // Make sure to set the `private` field as true. This is necessary to @@ -184,18 +190,18 @@ function events_post(App $a) { Worker::add(PRIORITY_HIGH, "Notifier", "event", $item_id); } - goaway($_SESSION['return_url']); + $a->internalRedirect('events'); } -function events_content(App $a) { - +function events_content(App $a) +{ if (!local_user()) { notice(L10n::t('Permission denied.') . EOL); - return; + return Login::form(); } if ($a->argc == 1) { - $_SESSION['return_url'] = System::baseUrl() . '/' . $a->cmd; + $_SESSION['return_path'] = $a->cmd; } if (($a->argc > 2) && ($a->argv[1] === 'ignore') && intval($a->argv[2])) { @@ -221,19 +227,14 @@ function events_content(App $a) { // get the translation strings for the callendar $i18n = Event::getStrings(); - $htpl = get_markup_template('event_head.tpl'); - $a->page['htmlhead'] .= replace_macros($htpl, [ + $htpl = Renderer::getMarkupTemplate('event_head.tpl'); + $a->page['htmlhead'] .= Renderer::replaceMacros($htpl, [ '$baseurl' => System::baseUrl(), '$module_url' => '/events', '$modparams' => 1, '$i18n' => $i18n, ]); - $etpl = get_markup_template('event_end.tpl'); - $a->page['end'] .= replace_macros($etpl, [ - '$baseurl' => System::baseUrl(), - ]); - $o = ''; $tabs = ''; // tabs @@ -244,7 +245,7 @@ function events_content(App $a) { $mode = 'view'; $y = 0; $m = 0; - $ignored = (x($_REQUEST, 'ignored') ? intval($_REQUEST['ignored']) : 0); + $ignored = !empty($_REQUEST['ignored']) ? intval($_REQUEST['ignored']) : 0; if ($a->argc > 1) { if ($a->argc > 2 && $a->argv[1] == 'event') { @@ -272,7 +273,6 @@ function events_content(App $a) { // The view mode part is similiar to /mod/cal.php if ($mode == 'view') { - $thisyear = DateTimeFormat::localNow('Y'); $thismonth = DateTimeFormat::localNow('m'); if (!$y) { @@ -312,10 +312,10 @@ function events_content(App $a) { $finish = sprintf('%d-%d-%d %d:%d:%d', $y, $m, $dim, 23, 59, 59); if ($a->argc > 1 && $a->argv[1] === 'json') { - if (x($_GET, 'start')) { - $start = $_GET['start']; + if (!empty($_GET['start'])) { + $start = $_GET['start']; } - if (x($_GET, 'end')) { + if (!empty($_GET['end'])) { $finish = $_GET['end']; } } @@ -349,7 +349,7 @@ function events_content(App $a) { $r = Event::sortByDate($r); foreach ($r as $rr) { $j = $rr['adjust'] ? DateTimeFormat::local($rr['start'], 'j') : DateTimeFormat::utc($rr['start'], 'j'); - if (!x($links,$j)) { + if (empty($links[$j])) { $links[$j] = System::baseUrl() . '/' . $a->cmd . '#link-' . $j; } } @@ -363,28 +363,28 @@ function events_content(App $a) { $events = Event::prepareListForTemplate($r); } - if ($a->argc > 1 && $a->argv[1] === 'json'){ + if ($a->argc > 1 && $a->argv[1] === 'json') { echo json_encode($events); killme(); } - if (x($_GET, 'id')) { - $tpl = get_markup_template("event.tpl"); + if (!empty($_GET['id'])) { + $tpl = Renderer::getMarkupTemplate("event.tpl"); } else { - $tpl = get_markup_template("events_js.tpl"); + $tpl = Renderer::getMarkupTemplate("events_js.tpl"); } // Get rid of dashes in key names, Smarty3 can't handle them foreach ($events as $key => $event) { $event_item = []; foreach ($event['item'] as $k => $v) { - $k = str_replace('-' ,'_', $k); + $k = str_replace('-', '_', $k); $event_item[$k] = $v; } $events[$key]['item'] = $event_item; } - $o = replace_macros($tpl, [ + $o = Renderer::replaceMacros($tpl, [ '$baseurl' => System::baseUrl(), '$tabs' => $tabs, '$title' => L10n::t('Events'), @@ -403,7 +403,7 @@ function events_content(App $a) { '$list' => L10n::t('list'), ]); - if (x($_GET, 'id')) { + if (!empty($_GET['id'])) { echo $o; killme(); } @@ -428,41 +428,45 @@ function events_content(App $a) { } // In case of an error the browser is redirected back here, with these parameters filled in with the previous values - if (x($_REQUEST, 'nofinish')) {$orig_event['nofinish'] = $_REQUEST['nofinish'];} - if (x($_REQUEST, 'adjust')) {$orig_event['adjust'] = $_REQUEST['adjust'];} - if (x($_REQUEST, 'summary')) {$orig_event['summary'] = $_REQUEST['summary'];} - if (x($_REQUEST, 'description')) {$orig_event['description'] = $_REQUEST['description'];} - if (x($_REQUEST, 'location')) {$orig_event['location'] = $_REQUEST['location'];} - if (x($_REQUEST, 'start')) {$orig_event['start'] = $_REQUEST['start'];} - if (x($_REQUEST, 'finish')) {$orig_event['finish'] = $_REQUEST['finish'];} - if (x($_REQUEST,'finish')) $orig_event['finish'] = $_REQUEST['finish']; - - $n_checked = ((x($orig_event) && $orig_event['nofinish']) ? ' checked="checked" ' : ''); - $a_checked = ((x($orig_event) && $orig_event['adjust']) ? ' checked="checked" ' : ''); - - $t_orig = (x($orig_event) ? $orig_event['summary'] : ''); - $d_orig = (x($orig_event) ? $orig_event['desc'] : ''); - $l_orig = (x($orig_event) ? $orig_event['location'] : ''); - $eid = (x($orig_event) ? $orig_event['id'] : 0); - $cid = (x($orig_event) ? $orig_event['cid'] : 0); - $uri = (x($orig_event) ? $orig_event['uri'] : ''); + if (!empty($_REQUEST['nofinish'])) {$orig_event['nofinish'] = $_REQUEST['nofinish'];} + if (!empty($_REQUEST['adjust'])) {$orig_event['adjust'] = $_REQUEST['adjust'];} + if (!empty($_REQUEST['summary'])) {$orig_event['summary'] = $_REQUEST['summary'];} + if (!empty($_REQUEST['description'])) {$orig_event['description'] = $_REQUEST['description'];} + if (!empty($_REQUEST['location'])) {$orig_event['location'] = $_REQUEST['location'];} + if (!empty($_REQUEST['start'])) {$orig_event['start'] = $_REQUEST['start'];} + if (!empty($_REQUEST['finish'])) {$orig_event['finish'] = $_REQUEST['finish'];} + + $n_checked = (!empty($orig_event['nofinish']) ? ' checked="checked" ' : ''); + $a_checked = (!empty($orig_event['adjust']) ? ' checked="checked" ' : ''); + + $t_orig = !empty($orig_event) ? $orig_event['summary'] : ''; + $d_orig = !empty($orig_event) ? $orig_event['desc'] : ''; + $l_orig = !empty($orig_event) ? $orig_event['location'] : ''; + $eid = !empty($orig_event) ? $orig_event['id'] : 0; + $cid = !empty($orig_event) ? $orig_event['cid'] : 0; + $uri = !empty($orig_event) ? $orig_event['uri'] : ''; $sh_disabled = ''; - $sh_checked = ''; + $sh_checked = ''; - if (x($orig_event)) { - $sh_checked = (($orig_event['allow_cid'] === '<' . local_user() . '>' && !$orig_event['allow_gid'] && !$orig_event['deny_cid'] && !$orig_event['deny_gid']) ? '' : ' checked="checked" '); + if (!empty($orig_event) + && ($orig_event['allow_cid'] !== '<' . local_user() . '>' + || $orig_event['allow_gid'] + || $orig_event['deny_cid'] + || $orig_event['deny_gid'])) + { + $sh_checked = ' checked="checked" '; } if ($cid || $mode === 'edit') { $sh_disabled = 'disabled="disabled"'; } - $sdt = (x($orig_event) ? $orig_event['start'] : 'now'); - $fdt = (x($orig_event) ? $orig_event['finish'] : 'now'); + $sdt = !empty($orig_event) ? $orig_event['start'] : 'now'; + $fdt = !empty($orig_event) ? $orig_event['finish'] : 'now'; $tz = date_default_timezone_get(); - if (x($orig_event)) { + if (!empty($orig_event)) { $tz = ($orig_event['adjust'] ? date_default_timezone_get() : 'UTC'); } @@ -470,15 +474,15 @@ function events_content(App $a) { $smonth = DateTimeFormat::convert($sdt, $tz, 'UTC', 'm'); $sday = DateTimeFormat::convert($sdt, $tz, 'UTC', 'd'); - $shour = (x($orig_event) ? DateTimeFormat::convert($sdt, $tz, 'UTC', 'H') : '00'); - $sminute = (x($orig_event) ? DateTimeFormat::convert($sdt, $tz, 'UTC', 'i') : '00'); + $shour = !empty($orig_event) ? DateTimeFormat::convert($sdt, $tz, 'UTC', 'H') : '00'; + $sminute = !empty($orig_event) ? DateTimeFormat::convert($sdt, $tz, 'UTC', 'i') : '00'; $fyear = DateTimeFormat::convert($fdt, $tz, 'UTC', 'Y'); $fmonth = DateTimeFormat::convert($fdt, $tz, 'UTC', 'm'); $fday = DateTimeFormat::convert($fdt, $tz, 'UTC', 'd'); - $fhour = (x($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'H') : '00'); - $fminute = (x($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'i') : '00'); + $fhour = !empty($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'H') : '00'; + $fminute = !empty($orig_event) ? DateTimeFormat::convert($fdt, $tz, 'UTC', 'i') : '00'; $perms = ACL::getDefaultUserPermissions($orig_event); @@ -495,9 +499,9 @@ function events_content(App $a) { $uri = ''; } - $tpl = get_markup_template('event_form.tpl'); + $tpl = Renderer::getMarkupTemplate('event_form.tpl'); - $o .= replace_macros($tpl,[ + $o .= Renderer::replaceMacros($tpl, [ '$post' => System::baseUrl() . '/events', '$eid' => $eid, '$cid' => $cid, @@ -511,11 +515,31 @@ function events_content(App $a) { '$title' => L10n::t('Event details'), '$desc' => L10n::t('Starting date and Title are required.'), '$s_text' => L10n::t('Event Starts:') . ' *', - '$s_dsel' => Temporal::getDateTimeField(new DateTime(), DateTime::createFromFormat('Y', $syear+5), DateTime::createFromFormat('Y-m-d H:i', "$syear-$smonth-$sday $shour:$sminute"), L10n::t('Event Starts:'), 'start_text', true, true, '', '', true), + '$s_dsel' => Temporal::getDateTimeField( + new DateTime(), + DateTime::createFromFormat('Y', $syear+5), + DateTime::createFromFormat('Y-m-d H:i', "$syear-$smonth-$sday $shour:$sminute"), + L10n::t('Event Starts:'), + 'start_text', + true, + true, + '', + '', + true + ), '$n_text' => L10n::t('Finish date/time is not known or not relevant'), '$n_checked' => $n_checked, '$f_text' => L10n::t('Event Finishes:'), - '$f_dsel' => Temporal::getDateTimeField(new DateTime(), DateTime::createFromFormat('Y', $fyear+5), DateTime::createFromFormat('Y-m-d H:i', "$fyear-$fmonth-$fday $fhour:$fminute"), L10n::t('Event Finishes:'), 'finish_text', true, true, 'start_text'), + '$f_dsel' => Temporal::getDateTimeField( + new DateTime(), + DateTime::createFromFormat('Y', $fyear+5), + DateTime::createFromFormat('Y-m-d H:i', "$fyear-$fmonth-$fday $fhour:$fminute"), + L10n::t('Event Finishes:'), + 'finish_text', + true, + true, + 'start_text' + ), '$a_text' => L10n::t('Adjust for viewer timezone'), '$a_checked' => $a_checked, '$d_text' => L10n::t('Description:'), @@ -536,7 +560,6 @@ function events_content(App $a) { '$basic' => L10n::t('Basic'), '$advanced' => L10n::t('Advanced'), '$permissions' => L10n::t('Permissions'), - ]); return $o; @@ -557,6 +580,6 @@ function events_content(App $a) { info(L10n::t('Event removed') . EOL); } - goaway(System::baseUrl() . '/events'); + $a->internalRedirect('events'); } }