From d6405b94fff1853f6654ecb85eea79721827b6ca Mon Sep 17 00:00:00 2001 From: Jim Hu Date: Sun, 28 Dec 2008 10:50:57 +0000 Subject: kill admin.php; misc other changes; bump rc num --- admin/index.php | 45 +++++++++++++++++-------------------- calendars/test.ics | 2 +- config.inc.php | 7 +++--- default_config.php | 3 ++- error.php | 23 +++++++------------ functions/admin_functions.php | 8 +++---- functions/calendar_functions.php | 22 +++++++++--------- functions/ical_parser.php | 3 ++- functions/init.inc.php | 4 ++-- functions/init/cpaths.php | 4 ++-- functions/init/date_range.php | 1 + functions/parse/parse_tzs.php | 2 +- functions/parse/recur_functions.php | 2 +- functions/template.php | 4 ++-- month.php | 1 - 15 files changed, 60 insertions(+), 71 deletions(-) diff --git a/admin/index.php b/admin/index.php index ef85465..815bb44 100644 --- a/admin/index.php +++ b/admin/index.php @@ -1,9 +1,11 @@ ";print_r($_REQUEST); if (empty($phpiCal_config->default_path)) { if (isset($_SERVER['HTTPS']) || strtolower($_SERVER['HTTPS']) == 'on' ) { @@ -12,13 +14,9 @@ if (empty($phpiCal_config->default_path)) { $default_path = 'http://'.$_SERVER['SERVER_NAME'].':'.$_SERVER['SERVER_PORT'].substr($_SERVER['PHP_SELF'],0,strpos($_SERVER['PHP_SELF'],'/admin/')); } } -if ($phpiCal_config->allow_admin != 'yes') { - exit(error('The administration menu has been turned off.', $cal, '../')); -} - -// Load variables from forms and query strings into local scope -if($_POST) {extract($_POST, EXTR_PREFIX_SAME, "post_");} -if($_GET) {extract($_GET, EXTR_PREFIX_SAME, "get_");} +#if ($phpiCal_config->allow_admin != 'yes') { + exit(error('The administration menu has been turned off.', '', '/..')); +#} // Logout by clearing session variables if ((isset($_GET['action'])) && ($_GET['action'] == 'logout')) { @@ -27,12 +25,11 @@ if ((isset($_GET['action'])) && ($_GET['action'] == 'logout')) { unset($_SESSION['phpical_password']); } - // if $auth_method == 'server', don't do any authentication -$username = $_POST['username']; -$password = $_POST['password']; +$username = @$_POST['username']; +$password = @$_POST['password']; -if ($auth_method == 'server') { +if ($phpiCal_config->auth_method == 'server') { $is_loged_in = TRUE; } else { $is_loged_in = FALSE; @@ -41,19 +38,20 @@ if ($auth_method == 'server') { $is_loged_in = TRUE; } - if (isset($username) && $_GET['action'] != 'logout') { + if (isset($username) && @$_GET['action'] != 'logout') { $is_loged_in = login ($username, $password); } } $login_good = ($is_loged_in) ? '' : 'oops'; -$login_bad = ((!$is_loged_in) && ($_GET['action'] == 'login')) ? 'oops' : ''; +$login_bad = ((!$is_loged_in) && (@$_GET['action'] == 'login')) ? 'oops' : ''; +$delete_msg = ''; +$addupdate_msg = ''; if(is_loggedin()){ // Delete a calendar // Not at all secure - need to strip out path info if used by users besides admin in the future - $delete_msg = ''; - if ($_POST['action'] == 'delete') { - foreach ($delete_calendar as $filename) { + if (isset($_POST['action']) && $_POST['action'] == 'delete') { + foreach ($_POST['delete_calendar'] as $filename) { if (!delete_cal(urldecode($filename))) { $delete_msg = $delete_msg . '' . $lang['l_delete_error'] . ' ' . urldecode(substr($filename,0,-4)) . '
'; } else { @@ -63,8 +61,7 @@ if(is_loggedin()){ } // Add or Update a calendar - $addupdate_msg = ''; - if ((isset($_POST['action'])) && ($_POST['action'] == 'addupdate')) { + if (isset($_POST['action']) && $_POST['action'] == 'addupdate') { for ($filenumber = 1; $filenumber < 6; $filenumber++) { $file = $_FILES['calfile']; $addupdate_success = FALSE; @@ -101,15 +98,15 @@ $page->replace_tags(array( 'version' => $phpiCal_config->phpicalendar_version, 'event_js' => '', 'charset' => $phpiCal_config->charset, - 'default_path' => "../".$phpiCal_config->default_path, + 'default_path' => $phpiCal_config->default_path."/..", 'template' => $phpiCal_config->template, 'cal' => $cal, 'getdate' => $getdate, 'calendar_name' => $calendar_name, - 'display_date' => $display_date, + 'display_date' => '', 'current_view' => $current_view, - 'sidebar_date' => $sidebar_date, - 'rss_powered' => $phpiCal_config->rss_powered, +# 'sidebar_date' => $sidebar_date, + 'rss_powered' => $rss_powered, 'rss_available' => '', 'rss_valid' => '', 'show_search' => '', diff --git a/calendars/test.ics b/calendars/test.ics index 577955b..0db2f05 100644 --- a/calendars/test.ics +++ b/calendars/test.ics @@ -1,6 +1,6 @@ BEGIN:VCALENDAR VERSION:2.0 -X-WR-CALNAME:testing \,comma +X-WR-CALNAME:testing\, comma PRODID:-//Apple Computer\, Inc//iCal 2.0//EN X-WR-RELCALID:E47AF849-67C8-49F0-AA36-9FD7495400FD X-WR-TIMEZONE:US/Pacific diff --git a/config.inc.php b/config.inc.php index db7a9e0..7cd0b5b 100644 --- a/config.inc.php +++ b/config.inc.php @@ -29,7 +29,7 @@ Note that the allow_webcals setting allows webcals to be passed as URLs. You do # 'cookie_uri' => '', # 'download_uri' => '', # 'allow_webcals' => 'yes', - 'recursive_path' => 'yes', +# 'recursive_path' => 'yes', /* ** Timezones ** If timezone is not set, all events show in the local time of the source calendar. This isn't a problem if all your calendars are in the same timezone. If you set a timezone for the server, events in other timezones are shown when they occur at the server's time. @@ -57,7 +57,6 @@ phpicalendar currently supports about 30 language variants. For a list of suppo # 'show_todos' => 'no', # 'show_completed' => 'no', 'allow_login' => 'yes', // Set to yes to prompt for login to unlock calendars. -# 'allow_admin' => 'yes', # 'week_start_day' => 'Monday', // Day of the week your week starts on # 'week_length' => '5', // Number of days to display in the week view # 'day_start' => '0600', // Start time for day grid @@ -80,11 +79,11 @@ $blacklisted_cals = array( these arrays provide extra calendar options. */ -$list_webcals[] = array( +$list_webcals = array( # 'webcal://dimer.tamu.edu/calendars/seminars/Biochem.ics' ); $more_webcals['recur_tests'] = array(); -$locked_cals[] = array( +$locked_cals = array( ); /* ========= SPECIAL CALENDARS ========= diff --git a/default_config.php b/default_config.php index 717f851..892a0cc 100644 --- a/default_config.php +++ b/default_config.php @@ -2,7 +2,7 @@ class Configs{ private static $instance; private function __construct(){ - $this->phpicalendar_version = '2.3rc1.4'; + $this->phpicalendar_version = '2.3rc1.6'; // Configuration file for PHP iCalendar 2.25rc1 // // To set values, change the text between the single quotes @@ -33,6 +33,7 @@ class Configs{ $this->cookie_uri = ''; // The HTTP URL to the PHP iCalendar directory, ie. http://www.example.com/phpicalendar -- AUTO SETTING -- Only set if you are having cookie issues. $this->download_uri = ''; // The HTTP URL to your calendars directory, ie. http://www.example.com/phpicalendar/calendars -- AUTO SETTING -- Only set if you are having subscribe issues. $this->default_path = ''; // The HTTP URL to the PHP iCalendar directory, ie. http://www.example.com/phpicalendar + $this->cpath = ''; // optional subdirectory $this->charset = 'UTF-8'; // Character set your calendar is in, suggested UTF-8, or iso-8859-1 for most languages. // Yes/No questions --- 'yes' means Yes, anything else means no. 'yes' must be lowercase. diff --git a/error.php b/error.php index 35e9e19..a7ae585 100644 --- a/error.php +++ b/error.php @@ -3,18 +3,11 @@ if (!defined('BASE')) define('BASE','./'); require_once(BASE.'functions/template.php'); -function error($error_msg='There was an error processing the request.', $file='NONE', $error_base='./') { - global $language, $enable_rss, $lang, $charset, $phpiCal_config; +function error($error_msg='There was an error processing the request.', $file='NONE', $error_base='') { + global $getdate, $rss_powered, $lang, $phpiCal_config, $cal; if (!isset($template)) $template = $phpiCal_config->template; - if (!isset($lang['l_powered_by'])) $lang['l_powered_by'] = 'Powered by'; - if (!isset($lang['l_error_title'])) $lang['l_error_title'] = 'Error!'; - if (!isset($lang['l_error_window'])) $lang['l_error_window'] = 'There was an error!'; - if (!isset($lang['l_error_calendar'])) $lang['l_error_calendar'] = 'The calendar "%s" was being processed when this error occurred.'; - if (!isset($lang['l_error_back'])) $lang['l_error_back'] = 'Please use the "Back" button to return.'; - if (!isset($lang['l_this_site_is'])) $lang['l_this_site_is'] = 'This site is'; - if (!isset($enable_rss)) $enable_rss = 'no'; - $error_calendar = sprintf($lang['l_error_calendar'], $file); + $error_calendar = sprintf($lang['l_error_calendar'], print_r($file,true)); $current_view = 'error'; $display_date = $lang['l_error_title']; $calendar_name = $lang['l_error_title']; @@ -27,7 +20,6 @@ function error($error_msg='There was an error processing the request.', $file='N $default_path = 'http://'.$_SERVER['SERVER_NAME'].':'.$_SERVER['SERVER_PORT'].substr($_SERVER['PHP_SELF'],0,strpos($_SERVER['PHP_SELF'],'/rss/')); } } - $page = new Page(BASE.'templates/'.$template.'/error.tpl'); $page->replace_files(array( @@ -36,12 +28,12 @@ function error($error_msg='There was an error processing the request.', $file='N )); $page->replace_tags(array( - 'version' => $phpicalendar_version, - 'default_path' => $default_path.'/', + 'version' => $phpiCal_config->phpicalendar_version, + 'default_path' => $phpiCal_config->default_path.$error_base, 'template' => $template, 'cal' => $cal, 'getdate' => $getdate, - 'charset' => $charset, + 'charset' => $phpiCal_config->charset, 'calendar_name' => $calendar_name, 'display_date' => $display_date, 'rss_powered' => $rss_powered, @@ -55,7 +47,8 @@ function error($error_msg='There was an error processing the request.', $file='N 'generated' => $generated, 'l_powered_by' => $lang['l_powered_by'], 'l_error_back' => $lang['l_error_back'], - 'l_error_window' => $lang['l_error_window'] + 'l_error_window' => $lang['l_error_window'], + 'l_this_site_is' => $lang['l_this_site_is'] )); diff --git a/functions/admin_functions.php b/functions/admin_functions.php index f396a28..d62c077 100644 --- a/functions/admin_functions.php +++ b/functions/admin_functions.php @@ -47,10 +47,10 @@ function login ($username, $password) { // arg1: string password // returns boolean was login successful function login_ftp ($username, $password) { - global $ftp_server, $ftp_port; + global $phpiCal_config; // set up basic connection - $conn_id = @ftp_connect($ftp_server, $ftp_port); + $conn_id = @ftp_connect($phpiCal_config->ftp_server, $phpiCal_config->ftp_port); if (!$conn_id) exit(error('Cannot connect to FTP server', $filename)); // login with username and password $login_result = @ftp_login($conn_id, $username, $password); @@ -88,6 +88,7 @@ function delete_cal ($filename) { global $_SESSION; global $phpiCal_config; global $calendar_path; + echo $filename; if ($phpiCal_config->auth_method == 'ftp') { $filename = get_ftp_calendar_path() . "/" . $filename; @@ -115,12 +116,11 @@ function delete_cal ($filename) { return TRUE; } else { #$filename = $calendar_path . "/" . $filename; - $delete = unlink($filename); clearstatcache(); if (@file_exists($filename)) { $filesys = eregi_replace("/","\\", $filename); - $delete = system("del $filesys"); + $delete = system("rm -f $filesys"); clearstatcache(); if (@file_exists($filename)) { $delete = chmod ($filename, 0775); diff --git a/functions/calendar_functions.php b/functions/calendar_functions.php index 09279da..48bc9ba 100644 --- a/functions/calendar_functions.php +++ b/functions/calendar_functions.php @@ -41,19 +41,17 @@ function availableCalendars($username, $password, $cal_filename, $admin = false) // This array keeps track of paths we need to search. $search_paths = array($phpiCal_config->calendar_path); - // Add web calendars. if ($cal_filename_local[0] == $phpiCal_config->ALL_CALENDARS_COMBINED || $admin) { if (!isset($http_user) && !$admin) { foreach ($list_webcals as $file) { // Make sure the URL ends with .ics. - if (!preg_match("/.ics$/i", $file)) continue; + if (!is_string($file)) continue; // Add this calendar. array_push($calendars, $file); } } - } - + } // Set some booleans that will dictate our search. $find_all = ($cal_filename_local[0] == $phpiCal_config->ALL_CALENDARS_COMBINED || $admin); @@ -74,10 +72,10 @@ function availableCalendars($username, $password, $cal_filename, $admin = false) // used to identify the calendar filename. if ($find_all || $phpiCal_config->recursive_path == 'yes' || $phpiCal_config->support_ical == 'yes') { // Open the directory. - $dir_handle = @opendir($search_path) - or die(error(sprintf($lang['l_error_path'], $search_path), implode(',', $cal_filename))); + $dir_handle = opendir($search_path) + or die(error("cal fn 78:".sprintf($lang['l_error_path'], $search_path), implode(',', $cal_filename))); if ($dir_handle === false) - die(error(sprintf($lang['l_error_path'], $search_path), implode(',', $cal_filename))); + die(error(" cal fn 80:".sprintf($lang['l_error_path'], $search_path), implode(',', $cal_filename))); // Add each file in the directory that does not begin with a dot. while (false !== ($file = readdir($dir_handle))) { @@ -110,7 +108,7 @@ function availableCalendars($username, $password, $cal_filename, $admin = false) if (in_array($cal_name, $blacklisted_cals)) continue; // If HTTP authenticated, make sure this calendar is available // to the user. - if (isset($http_user) && !in_array($cal_name, $apache_map[$http_user])) continue; + if (isset($http_user) && isset($apache_map[$http_user]) && !in_array($cal_name, $apache_map[$http_user])) continue; // Make sure this calendar is not locked. if (!$admin && in_array($cal_name, $locked_cals) && !in_array($cal_name, $unlocked_cals)) continue; @@ -157,10 +155,10 @@ function availableCalendarNames($username, $password, $cal_filename, $admin = fa // // $cal_path = The path to the calendar file. function getCalendarName($cal_path) { - global $support_ical; + global $phpiCal_config; // If iCal is supported, check the directory for an Info.plist. - if ($support_ical == 'yes') { + if ($phpiCal_config->support_ical == 'yes') { // Look for the Info.plist file. $plist_filename = dirname($cal_path)."/Info.plist"; if (is_file($plist_filename)) { @@ -186,7 +184,7 @@ function getCalendarName($cal_path) { // // $cals = The calendars (entire path, e.g. from availableCalendars). function display_ical_list($cals, $pick=FALSE) { - global $cal, $current_view, $getdate, $calendar_lang, $all_cal_comb_lang, $cal_filelist, $cal_displaynames, $phpiCal_config; + global $cal, $current_view, $getdate, $lang, $calendar_lang, $all_cal_comb_lang, $cal_filelist, $cal_displaynames, $phpiCal_config; // Print each calendar option. $return = ''; foreach ($cals as $cal_tmp) { @@ -216,7 +214,7 @@ function display_ical_list($cals, $pick=FALSE) { if ($prop_pos !== false) $property = substr($property,0,$prop_pos); $property = strtoupper($property); if ($property == "X-WR-CALNAME"){ - $cal_displayname_tmp = $data; + $cal_displayname_tmp = stripslashes($data); break; } } diff --git a/functions/ical_parser.php b/functions/ical_parser.php index a70522c..cafcd0a 100644 --- a/functions/ical_parser.php +++ b/functions/ical_parser.php @@ -128,6 +128,7 @@ foreach ($cal_filelist as $cal_key=>$filename) { $line = trim(stripslashes($line)); switch ($line) { + case 'BEGIN:VFREEBUSY': case 'BEGIN:VEVENT': // each of these vars were being set to an empty string unset ( @@ -165,7 +166,7 @@ foreach ($cal_filelist as $cal_key=>$filename) { $organizer = array(); break; - + case 'END:VFREEBUSY': case 'END:VEVENT': include BASE."functions/parse/end_vevent.php"; break; diff --git a/functions/init.inc.php b/functions/init.inc.php index 3c1c469..955d45a 100644 --- a/functions/init.inc.php +++ b/functions/init.inc.php @@ -75,14 +75,14 @@ foreach ($cal_filenames as $cal_filename) { substr($cal_filename, 0, 9) == 'webcal://') { #jump sends cal url without .ics extension. Add it if needed. - if (substr($cal_filename, -4) != ".ics") $cal_filename .= ".ics"; + # if (substr($cal_filename, -4) != ".ics") $cal_filename .= ".ics"; $web_cals[] = $cal_filename; } // Otherwise it is a local calendar. else { // Check blacklisted. - if (in_array($cal_filename, $phpiCal_config->blacklisted_cals) && $cal_filename !='') { + if (in_array($cal_filename, $blacklisted_cals) && $cal_filename !='') { exit(error($lang['l_error_restrictedcal'], $cal_filename)); } $local_cals[] = urldecode(str_replace(".ics", '', basename($cal_filename))); diff --git a/functions/init/cpaths.php b/functions/init/cpaths.php index 773f3cb..e728654 100644 --- a/functions/init/cpaths.php +++ b/functions/init/cpaths.php @@ -26,7 +26,7 @@ if (isset($user_template["$cpath"])){ $template = $user_template["$cpath"]; } #set up specific webcals for a particular cpath -if (isset($more_webcals) && is_array($more_webcals[$cpath])){ - $list_webcals = array_merge($list_webcals, $more_webcals["$cpath"]); +if (isset($more_webcals[$cpath]) && is_array($more_webcals[$cpath])){ + foreach ($more_webcals[$cpath] as $wcal)$list_webcals[] = $wcal; } $phpiCal_config->setProperty('calendar_path',$calendar_path); \ No newline at end of file diff --git a/functions/init/date_range.php b/functions/init/date_range.php index d9f7b54..81e9190 100644 --- a/functions/init/date_range.php +++ b/functions/init/date_range.php @@ -33,6 +33,7 @@ switch ($current_view){ $mArray_begin = mktime (0,0,0,$start_month,1,($start_year)); $mArray_end = mktime (0,0,0,$end_month,31,($end_year)); break; + case 'admin': case 'error': case 'preferences': $mArray_begin = time(); diff --git a/functions/parse/parse_tzs.php b/functions/parse/parse_tzs.php index 8b02cb5..7f2dfce 100644 --- a/functions/parse/parse_tzs.php +++ b/functions/parse/parse_tzs.php @@ -1,6 +1,6 @@ "; -} \ No newline at end of file +} diff --git a/functions/template.php b/functions/template.php index 46f5163..5535f69 100644 --- a/functions/template.php +++ b/functions/template.php @@ -16,7 +16,7 @@ class Page { function draw_admin() { global $phpiCal_config, $getdate, $cal, $master_array, $is_loged_in; - + $delete_table = ''; if ($is_loged_in == TRUE) { // Print Calendar Checkboxes $COLUMNS_TO_PRINT = 3; @@ -1062,7 +1062,7 @@ class Page { $file = str_replace("templates/$phpiCal_config->template","templates/default",$file); } if (!is_file($file)){ - exit(error($lang['l_error_path'], $file)); + exit(error($lang['l_error_path']." template 1065", $file)); } ob_start(); include($file); diff --git a/month.php b/month.php index 82ce981..9aec865 100644 --- a/month.php +++ b/month.php @@ -53,7 +53,6 @@ $login_querys = login_querys(); $logout_querys = logout_querys(); $page = new Page(BASE.'templates/'.$phpiCal_config->template.'/month.tpl'); - $page->replace_files(array( 'header' => BASE.'templates/'.$phpiCal_config->template.'/header.tpl', 'event_js' => BASE.'functions/event.js', -- cgit v1.2.3