X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fcal.php;h=6f483acc163478853847b72c36b343bccb0117d4;hb=50ba02809425b9cc166909bc30100ec2c4e338e1;hp=ae4928bdf2b1c44d74fff3a7c7332902ce6d9ca1;hpb=dad58e0f6fdff5e1ff8a002bb31119a38f08268b;p=friendica.git diff --git a/mod/cal.php b/mod/cal.php index ae4928bdf2..6f483acc16 100644 --- a/mod/cal.php +++ b/mod/cal.php @@ -9,18 +9,20 @@ use Friendica\App; use Friendica\Content\Feature; use Friendica\Content\Nav; +use Friendica\Content\Widget; use Friendica\Core\Config; use Friendica\Core\L10n; use Friendica\Core\System; -use Friendica\Database\DBM; +use Friendica\Database\DBA; use Friendica\Model\Contact; +use Friendica\Model\Event; use Friendica\Model\Group; +use Friendica\Model\Item; use Friendica\Model\Profile; use Friendica\Protocol\DFRN; use Friendica\Util\DateTimeFormat; use Friendica\Util\Temporal; - -require_once 'include/event.php'; +use Friendica\Util\Security; function cal_init(App $a) { @@ -28,52 +30,54 @@ function cal_init(App $a) DFRN::autoRedir($a, $a->argv[1]); } - if ((Config::get('system', 'block_public')) && (!local_user()) && (!remote_user())) { - return; + if (Config::get('system', 'block_public') && !local_user() && !remote_user()) { + System::httpExit(403, ['title' => L10n::t('Access denied.')]); } - Nav::setSelected('events'); + if ($a->argc < 2) { + System::httpExit(403, ['title' => L10n::t('Access denied.')]); + } - if ($a->argc > 1) { - $nick = $a->argv[1]; - $user = dba::selectFirst('user', [], ['nickname' => $nick, 'blocked' => false]); - if (!DBM::is_result($user)) { - return; - } + Nav::setSelected('events'); - $a->data['user'] = $user; - $a->profile_uid = $user['uid']; + $nick = $a->argv[1]; + $user = DBA::selectFirst('user', [], ['nickname' => $nick, 'blocked' => false]); + if (!DBA::isResult($user)) { + System::httpExit(404, ['title' => L10n::t('Page not found.')]); + } - // if it's a json request abort here becaus we don't - // need the widget data - if ($a->argv[2] === 'json') { - return; - } + $a->data['user'] = $user; + $a->profile_uid = $user['uid']; - $profile = Profile::getByNickname($nick, $a->profile_uid); + // if it's a json request abort here becaus we don't + // need the widget data + if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) { + return; + } - $account_type = Contact::getAccountType($profile); + $profile = Profile::getByNickname($nick, $a->profile_uid); - $tpl = get_markup_template("vcard-widget.tpl"); + $account_type = Contact::getAccountType($profile); - $vcard_widget = replace_macros($tpl, [ - '$name' => $profile['name'], - '$photo' => $profile['photo'], - '$addr' => (($profile['addr'] != "") ? $profile['addr'] : ""), - '$account_type' => $account_type, - '$pdesc' => (($profile['pdesc'] != "") ? $profile['pdesc'] : ""), - ]); + $tpl = get_markup_template("vcard-widget.tpl"); - $cal_widget = widget_events(); + $vcard_widget = replace_macros($tpl, [ + '$name' => $profile['name'], + '$photo' => $profile['photo'], + '$addr' => (($profile['addr'] != "") ? $profile['addr'] : ""), + '$account_type' => $account_type, + '$pdesc' => (($profile['pdesc'] != "") ? $profile['pdesc'] : ""), + ]); - if (!x($a->page, 'aside')) { - $a->page['aside'] = ''; - } + $cal_widget = Widget\CalendarExport::getHTML(); - $a->page['aside'] .= $vcard_widget; - $a->page['aside'] .= $cal_widget; + if (!x($a->page, 'aside')) { + $a->page['aside'] = ''; } + $a->page['aside'] .= $vcard_widget; + $a->page['aside'] .= $cal_widget; + return; } @@ -82,7 +86,7 @@ function cal_content(App $a) Nav::setSelected('events'); // get the translation strings for the callendar - $i18n = get_event_strings(); + $i18n = Event::getStrings(); $htpl = get_markup_template('event_head.tpl'); $a->page['htmlhead'] .= replace_macros($htpl, [ @@ -92,15 +96,10 @@ function cal_content(App $a) '$i18n' => $i18n, ]); - $etpl = get_markup_template('event_end.tpl'); - $a->page['end'] .= replace_macros($etpl, [ - '$baseurl' => System::baseUrl(), - ]); - $mode = 'view'; $y = 0; $m = 0; - $ignored = ((x($_REQUEST, 'ignored')) ? intval($_REQUEST['ignored']) : 0); + $ignored = (x($_REQUEST, 'ignored') ? intval($_REQUEST['ignored']) : 0); $format = 'ical'; if ($a->argc == 4 && $a->argv[2] == 'export') { @@ -131,20 +130,20 @@ function cal_content(App $a) intval($contact_id), intval($a->profile['profile_uid']) ); - if (DBM::is_result($r)) { + if (DBA::isResult($r)) { $remote_contact = true; } } $is_owner = local_user() == $a->profile['profile_uid']; - if ($a->profile['hidewall'] && (!$is_owner) && (!$remote_contact)) { + if ($a->profile['hidewall'] && !$is_owner && !$remote_contact) { notice(L10n::t('Access to this profile has been restricted.') . EOL); return; } // get the permissions - $sql_perms = item_permissions_sql($owner_uid, $remote_contact, $groups); + $sql_perms = Item::getPermissionsSQLByUserId($owner_uid, $remote_contact, $groups); // we only want to have the events of the profile owner $sql_extra = " AND `event`.`cid` = 0 " . $sql_perms; @@ -194,7 +193,7 @@ function cal_content(App $a) $finish = sprintf('%d-%d-%d %d:%d:%d', $y, $m, $dim, 23, 59, 59); - if ($a->argv[2] === 'json') { + if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) { if (x($_GET, 'start')) { $start = $_GET['start']; } @@ -212,25 +211,25 @@ function cal_content(App $a) // put the event parametes in an array so we can better transmit them $event_params = [ - 'event_id' => (x($_GET, 'id') ? $_GET["id"] : 0), - 'start' => $start, - 'finish' => $finish, - 'adjust_start' => $adjust_start, + 'event_id' => intval(defaults($_GET, 'id', 0)), + 'start' => $start, + 'finish' => $finish, + 'adjust_start' => $adjust_start, 'adjust_finish' => $adjust_finish, - 'ignored' => $ignored, + 'ignore' => $ignored, ]; // get events by id or by date - if (x($_GET, 'id')) { - $r = event_by_id($owner_uid, $event_params, $sql_extra); + if ($event_params['event_id']) { + $r = Event::getListById($owner_uid, $event_params['event_id'], $sql_extra); } else { - $r = events_by_date($owner_uid, $event_params, $sql_extra); + $r = Event::getListByDate($owner_uid, $event_params, $sql_extra); } $links = []; - if (DBM::is_result($r)) { - $r = sort_by_date($r); + if (DBA::isResult($r)) { + $r = Event::sortByDate($r); foreach ($r as $rr) { $j = $rr['adjust'] ? DateTimeFormat::local($rr['start'], 'j') : DateTimeFormat::utc($rr['start'], 'j'); if (!x($links, $j)) { @@ -240,9 +239,9 @@ function cal_content(App $a) } // transform the event in a usable array - $events = process_events($r); + $events = Event::prepareListForTemplate($r); - if ($a->argv[2] === 'json') { + if (!empty($a->argv[2]) && ($a->argv[2] === 'json')) { echo json_encode($events); killme(); } @@ -293,20 +292,20 @@ function cal_content(App $a) } if ($mode == 'export') { - if (!(intval($owner_uid))) { + if (!intval($owner_uid)) { notice(L10n::t('User not found')); return; } // Test permissions // Respect the export feature setting for all other /cal pages if it's not the own profile - if (((local_user() !== intval($owner_uid))) && !Feature::isEnabled($owner_uid, "export_calendar")) { + if ((local_user() !== intval($owner_uid)) && !Feature::isEnabled($owner_uid, "export_calendar")) { notice(L10n::t('Permission denied.') . EOL); - goaway('cal/' . $nick); + $a->internalRedirect('cal/' . $nick); } // Get the export data by uid - $evexport = event_export($owner_uid, $format); + $evexport = Event::exportListByUserId($owner_uid, $format); if (!$evexport["success"]) { if ($evexport["content"]) { @@ -323,7 +322,7 @@ function cal_content(App $a) $return_path = "cal/" . $nick; } - goaway($return_path); + $a->internalRedirect($return_path); } // If nothing went wrong we can echo the export content