search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Patch for postgresql happiness
[moodle.git] / calendar / event.php
blobec1af92eedf5bddae9c40f5dda2aacb37045df55
1 <?php // $Id$
2
3 /////////////////////////////////////////////////////////////////////////////
4 // //
5 // NOTICE OF COPYRIGHT //
6 // //
7 // Moodle - Calendar extension //
8 // //
9 // Copyright (C) 2003-2004 Greek School Network www.sch.gr //
10 // //
11 // Designed by: //
12 // Avgoustos Tsinakos (tsinakos@uom.gr) //
13 // Jon Papaioannou (pj@uom.gr) //
14 // //
15 // Programming and development: //
16 // Jon Papaioannou (pj@uom.gr) //
17 // //
18 // For bugs, suggestions, etc contact: //
19 // Jon Papaioannou (pj@uom.gr) //
20 // //
21 // The current module was developed at the University of Macedonia //
22 // (www.uom.gr) under the funding of the Greek School Network (www.sch.gr) //
23 // The aim of this project is to provide additional and improved //
24 // functionality to the Asynchronous Distance Education service that the //
25 // Greek School Network deploys. //
26 // //
27 // This program is free software; you can redistribute it and/or modify //
28 // it under the terms of the GNU General Public License as published by //
29 // the Free Software Foundation; either version 2 of the License, or //
30 // (at your option) any later version. //
31 // //
32 // This program is distributed in the hope that it will be useful, //
33 // but WITHOUT ANY WARRANTY; without even the implied warranty of //
34 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
35 // GNU General Public License for more details: //
36 // //
37 // http://www.gnu.org/copyleft/gpl.html //
38 // //
39 /////////////////////////////////////////////////////////////////////////////
40
41 require_once('../config.php');
42 require_once($CFG->dirroot.'/calendar/lib.php');
43 require_once($CFG->dirroot.'/course/lib.php');
44 require_once($CFG->dirroot.'/mod/forum/lib.php');
45
46 require_login();
47
48 if(isguest()) {
49 // Guests cannot do anything with events
50 redirect(CALENDAR_URL.'view.php?view=upcoming');
51 }
52
53 require_variable($_REQUEST['action']);
54 optional_variable($_REQUEST['id']);
55 optional_variable($_REQUEST['type'], 'select');
56 $_REQUEST['id'] = intval($_REQUEST['id']); // Always a good idea, against SQL injections
57
58 if(!$site = get_site()) {
59 redirect($CFG->wwwroot.'/'.$CFG->admin.'/index.php');
60 }
61
62 $now = usergetdate(time());
63 $nav = calendar_get_link_tag(get_string('calendar', 'calendar'), CALENDAR_URL.'view.php?view=upcoming&amp;', $now['mday'], $now['mon'], $now['year']);
64 $day = intval($now['mday']);
65 $mon = intval($now['mon']);
66 $yr = intval($now['year']);
67
68 if ($usehtmleditor = can_use_richtext_editor()) {
69 $defaultformat = FORMAT_HTML;
70 } else {
71 $defaultformat = FORMAT_MOODLE;
72 }
73
74 // If a course has been supplied in the URL, change the filters to show that one
75 if(!empty($_GET['course'])) {
76 if(is_numeric($_GET['course']) && $_GET['course'] > 0 && record_exists('course', 'id', $_GET['course'])) {
77 if($_GET['course'] == 1) {
78 // If coming from the home page, show all courses
79 $SESSION->cal_courses_shown = calendar_get_default_courses(true);
80 calendar_set_referring_course(0);
81 }
82 else {
83 // Otherwise show just this one
84 $SESSION->cal_courses_shown = intval($_GET['course']);
85 calendar_set_referring_course($SESSION->cal_courses_shown);
86 }
87 }
88 }
89
90 switch($_REQUEST['action']) {
91 case 'delete':
92 $title = get_string('deleteevent', 'calendar');
93 $event = get_record('event', 'id', $_REQUEST['id']);
94 if($event === false) {
95 error('Invalid event');
96 }
97 if(!calendar_edit_event_allowed($event)) {
98 error('You are not authorized to do this');
99 }
100 break;
101
102 case 'edit':
103 $title = get_string('editevent', 'calendar');
104 $event = get_record('event', 'id', $_REQUEST['id']);
105 if($event === false) {
106 error('Invalid event');
107 }
108 if(!calendar_edit_event_allowed($event)) {
109 error('You are not authorized to do this');
110 }
111
112 if($form = data_submitted()) {
113
114 $form->name = strip_tags($form->name); // Strip all tags
115 //$form->description = clean_text($form->description , $form->format); // Clean up any bad tags
116
117 $form->timestart = make_timestamp($form->startyr, $form->startmon, $form->startday, $form->starthr, $form->startmin);
118 if($form->duration == 1) {
119 $form->timeduration = make_timestamp($form->endyr, $form->endmon, $form->endday, $form->endhr, $form->endmin) - $form->timestart;
120 if($form->timeduration < 0) {
121 $form->timeduration = 0;
122 }
123 }
124 else if($form->duration == 2) {
125 $form->timeduration = $form->minutes * 60;
126 }
127 else {
128 $form->timeduration = 0;
129 }
130 validate_form($form, $err);
131 if (count($err) == 0) {
132 $form->timemodified = time();
133 update_record('event', $form);
134
135 /// Log the event update.
136 add_to_log($form->courseid, 'calendar', 'edit', 'event.php?action=edit&amp;id='.$form->id, $form->name);
137
138 // OK, now redirect to day view
139 redirect(CALENDAR_URL.'view.php?view=day&cal_d='.$form->startday.'&cal_m='.$form->startmon.'&cal_y='.$form->startyr);
140 }
141 else {
142 foreach ($err as $key => $value) {
143 $focus = 'form.'.$key;
144 }
145 }
146 }
147 break;
148
149 case 'new':
150 $title = get_string('newevent', 'calendar');
151 $form = data_submitted();
152 if(!empty($form) && $form->type == 'defined') {
153
154 $form->name = strip_tags($form->name); // Strip all tags
155 //$form->description = clean_text($form->description , $form->format); // Clean up any bad tags
156
157 $form->timestart = make_timestamp($form->startyr, $form->startmon, $form->startday, $form->starthr, $form->startmin);
158 if($form->duration == 1) {
159 $form->timeduration = make_timestamp($form->endyr, $form->endmon, $form->endday, $form->endhr, $form->endmin) - $form->timestart;
160 if($form->timeduration < 0) {
161 $form->timeduration = 0;
162 }
163 }
164 else if ($form->duration == 2) {
165 $form->timeduration = $form->minutes * 60;
166 }
167 else {
168 $form->timeduration = 0;
169 }
170 if(!calendar_add_event_allowed($form->courseid, $form->groupid, $form->userid)) {
171 error('You are not authorized to do this');
172 }
173 validate_form($form, $err);
174 if (count($err) == 0) {
175 $form->timemodified = time();
176
177 /// Get the event id for the log record.
178 $eventid = insert_record('event', $form, true);
179
180 /// Log the event entry.
181 add_to_log($form->courseid, 'calendar', 'add', 'event.php?action=edit&amp;id='.$eventid, $form->name);
182
183 if ($form->repeat) {
184 for($i = 1; $i < $form->repeats; $i++) {
185 $form->timestart += 604800; // add one week
186 /// Get the event id for the log record.
187 $eventid = insert_record('event', $form, true);
188 /// Log the event entry.
189 add_to_log($form->courseid, 'calendar', 'add', 'event.php?action=edit&amp;id='.$eventid, $form->name);
190 }
191 }
192
193 // OK, now redirect to day view
194 redirect(CALENDAR_URL.'view.php?view=day&cal_d='.$form->startday.'&cal_m='.$form->startmon.'&cal_y='.$form->startyr);
195 }
196 else {
197 foreach ($err as $key => $value) {
198 $focus = 'form'.$key;
199 }
200 }
201 }
202 break;
203 }
204 if(empty($focus)) $focus = '';
205
206 // Let's see if we are supposed to provide a referring course link
207 // but NOT for the "main page" course
208 if($SESSION->cal_course_referer > 1 &&
209 ($shortname = get_field('course', 'shortname', 'id', $SESSION->cal_course_referer)) !== false) {
210 // If we know about the referring course, show a return link
211 $nav = '<a href="'.$CFG->wwwroot.'/course/view.php?id='.$SESSION->cal_course_referer.'">'.$shortname.'</a> -> '.$nav;
212 }
213
214 print_header(get_string('calendar', 'calendar').': '.$title, $site->fullname, $nav.' -> '.$title,
215 $focus, '', true, '', '<p class="logininfo">'.user_login_string($site).'</p>');
216
217 echo calendar_overlib_html();
218
219 echo '<table border="0" cellpadding="3" cellspacing="0" width="100%"><tr valign="top">';
220 echo '<td valign="top" width="100%">';
221
222 switch($_REQUEST['action']) {
223 case 'delete':
224 if(!empty($_REQUEST['confirm']) && $_REQUEST['confirm'] == 1) {
225 // Kill it and redirect to day view
226 if(($event = get_record('event', 'id', $_REQUEST['id'])) !== false) {
227 /// Log the event delete.
228
229 delete_records('event', 'id', $_REQUEST['id']);
230
231 // pj - fixed the course id problem, but now we have another one:
232 // what to do with the URL?
233 add_to_log($event->courseid, 'calendar', 'delete', '', $event->name);
234 }
235
236 if(checkdate($_REQUEST['m'], $_REQUEST['d'], $_REQUEST['y'])) {
237 // Being a bit paranoid to check this, but it doesn't hurt
238 redirect(CALENDAR_URL.'view.php?view=day&cal_d='.$_REQUEST['d'].'&cal_m='.$_REQUEST['m'].'&cal_y='.$_REQUEST['y']);
239 }
240 else {
241 // Redirect to now
242 redirect(CALENDAR_URL.'view.php?view=day&cal_d='.$now['mday'].'&cal_m='.$now['mon'].'&cal_y='.$now['year']);
243 }
244 }
245 else {
246 $eventtime = usergetdate($event->timestart);
247 $m = $eventtime['mon'];
248 $d = $eventtime['mday'];
249 $y = $eventtime['year'];
250 // Display confirmation form
251 print_side_block_start(get_string('deleteevent', 'calendar').': '.$event->name, array('class' => 'mycalendar'));
252 include('event_delete.html');
253 print_side_block_end();
254 }
255 break;
256
257 case 'edit':
258 if(empty($form)) {
259 $form->name = $event->name;
260 $form->courseid = $event->courseid; // Not to update, but for date validation
261 $form->description = $event->description;
262 $form->timestart = $event->timestart;
263 $form->timeduration = $event->timeduration;
264 $form->id = $event->id;
265 $form->format = $defaultformat;
266 if($event->timeduration > 3600) {
267 // More than one hour, so default to normal duration mode
268 $form->duration = 1;
269 $form->minutes = '';
270 }
271 else if($event->timeduration) {
272 // Up to one hour, "minutes" mode probably is better here
273 $form->duration = 2;
274 $form->minutes = $event->timeduration / 60;
275 }
276 else {
277 // No duration
278 $form->duration = 0;
279 $form->minutes = '';
280 }
281 }
282 if (!empty($form->courseid)) { // Fixes bug 1488
283 $course = get_record('course', 'id', $form->courseid);
284 } else {
285 $course = $site;
286 }
287
288 print_side_block_start(get_string('editevent', 'calendar'), array('class' => 'mycalendar'));
289 include('event_edit.html');
290 print_side_block_end();
291 if ($usehtmleditor) {
292 use_html_editor("description");
293 }
294 break;
295
296 case 'new':
297 optional_variable($_GET['cal_y']);
298 optional_variable($_GET['cal_m']);
299 optional_variable($_GET['cal_d']);
300 optional_variable($form->timestart, -1);
301
302 if($_GET['cal_y'] && $_GET['cal_m'] && $_GET['cal_d'] && checkdate($_GET['cal_m'], $_GET['cal_d'], $_GET['cal_y'])) {
303 $form->timestart = make_timestamp($_GET['cal_y'], $_GET['cal_m'], $_GET['cal_d'], 0, 0, 0);
304 }
305 else if($_GET['cal_y'] && $_GET['cal_m'] && checkdate($_GET['cal_m'], 1, $_GET['cal_y'])) {
306 if($_GET['cal_y'] == $now['year'] && $_GET['cal_m'] == $now['mon']) {
307 $form->timestart = make_timestamp($_GET['cal_y'], $_GET['cal_m'], $now['mday'], 0, 0, 0);
308 }
309 else {
310 $form->timestart = make_timestamp($_GET['cal_y'], $_GET['cal_m'], 1, 0, 0, 0);
311 }
312 }
313 if($form->timestart < 0) {
314 $form->timestart = time();
315 }
316
317 calendar_get_allowed_types($allowed);
318 if(!$allowed->groups && !$allowed->courses && !$allowed->site) {
319 // Take the shortcut
320 $_REQUEST['type'] = 'user';
321 }
322
323 $header = '';
324
325 switch($_REQUEST['type']) {
326 case 'user':
327 $form->name = '';
328 $form->description = '';
329 $form->courseid = 0;
330 $form->groupid = 0;
331 $form->userid = $USER->id;
332 $form->modulename = '';
333 $form->eventtype = '';
334 $form->instance = 0;
335 $form->timeduration = 0;
336 $form->duration = 0;
337 $form->repeat = 0;
338 $form->repeats = '';
339 $form->minutes = '';
340 $header = get_string('typeuser', 'calendar');
341 break;
342 case 'group':
343 optional_variable($_REQUEST['groupid']);
344 $groupid = $_REQUEST['groupid'];
345 if(!($group = get_record('groups', 'id', $groupid) )) {
346 calendar_get_allowed_types($allowed);
347 $_REQUEST['type'] = 'select';
348 }
349 else {
350 $form->name = '';
351 $form->description = '';
352 $form->courseid = $group->courseid;
353 $form->groupid = $group->id;
354 $form->userid = $USER->id;
355 $form->modulename = '';
356 $form->eventtype = '';
357 $form->instance = 0;
358 $form->timeduration = 0;
359 $form->duration = 0;
360 $form->repeat = 0;
361 $form->repeats = '';
362 $form->minutes = '';
363 $header = get_string('typegroup', 'calendar');
364 }
365 break;
366 case 'course':
367 optional_variable($_REQUEST['courseid']);
368 $courseid = $_REQUEST['courseid'];
369 if(!record_exists('course', 'id', $courseid)) {
370 calendar_get_allowed_types($allowed);
371 $_REQUEST['type'] = 'select';
372 }
373 else {
374 $form->name = '';
375 $form->description = '';
376 $form->courseid = $courseid;
377 $form->groupid = 0;
378 $form->userid = $USER->id;
379 $form->modulename = '';
380 $form->eventtype = '';
381 $form->instance = 0;
382 $form->timeduration = 0;
383 $form->duration = 0;
384 $form->repeat = 0;
385 $form->repeats = '';
386 $form->minutes = '';
387 $header = get_string('typecourse', 'calendar');
388 }
389 break;
390 case 'site':
391 $form->name = '';
392 $form->description = '';
393 $form->courseid = 1;
394 $form->groupid = 0;
395 $form->userid = $USER->id;
396 $form->modulename = '';
397 $form->eventtype = '';
398 $form->instance = 0;
399 $form->timeduration = 0;
400 $form->duration = 0;
401 $form->repeat = 0;
402 $form->repeats = '';
403 $form->minutes = '';
404 $header = get_string('typesite', 'calendar');
405 break;
406 case 'defined':
407 case 'select':
408 break;
409 default:
410 error('Unsupported event type');
411 }
412
413 $form->format = $defaultformat;
414 if(!empty($header)) {
415 $header = ' ('.$header.')';
416 }
417
418 print_side_block_start(get_string('newevent', 'calendar').$header, array('class' => 'mycalendar'));
419 if($_REQUEST['type'] == 'select') {
420 $defaultcourse = $SESSION->cal_course_referer;
421 if(isteacheredit($defaultcourse, $USER->id)) {
422 $defaultgroup = 0;
423 }
424 else {
425 $defaultgroup = user_group($defaultcourse, $USER->id);
426 }
427 optional_variable($_REQUEST['groupid'], $defaultgroup->id);
428 optional_variable($_REQUEST['courseid'], $defaultcourse);
429 $groupid = $_REQUEST['groupid'];
430 $courseid = $_REQUEST['courseid'];
431 include('event_select.html');
432 }
433 else {
434 include('event_new.html');
435 if ($usehtmleditor) {
436 use_html_editor("description");
437 }
438 }
439 print_side_block_end();
440 break;
441 }
442 echo '</td>';
443
444 // START: Last column (3-month display)
445 echo '<td style="vertical-align: top; width: 180px;">';
446
447 $defaultcourses = calendar_get_default_courses();
448 calendar_set_filters($courses, $groups, $users, $defaultcourses, $defaultcourses);
449
450 print_side_block_start(get_string('monthlyview', 'calendar'));
451 list($prevmon, $prevyr) = calendar_sub_month($mon, $yr);
452 list($nextmon, $nextyr) = calendar_add_month($mon, $yr);
453
454 echo calendar_filter_controls('event', 'action='.$_REQUEST['action'].'&amp;type='.$_REQUEST['type'].'&amp;id='.$_REQUEST['id']);
455 echo '<p>';
456 echo calendar_top_controls('display', array('m' => $prevmon, 'y' => $prevyr));
457 echo calendar_get_mini($courses, $groups, $users, $prevmon, $prevyr);
458 echo '</p><p>';
459 echo calendar_top_controls('display', array('m' => $mon, 'y' => $yr));
460 echo calendar_get_mini($courses, $groups, $users, $mon, $yr);
461 echo '</p><p>';
462 echo calendar_top_controls('display', array('m' => $nextmon, 'y' => $nextyr));
463 echo calendar_get_mini($courses, $groups, $users, $nextmon, $nextyr);
464 echo '</p>';
465 print_side_block_end();
466 print_spacer(1, 180);
467 echo '</td>';
468
469 echo '</tr></table>';
470
471 print_footer();
472
473
474 function validate_form(&$form, &$err) {
475
476 $form->name = trim($form->name);
477 $form->description = trim($form->description);
478
479 if(empty($form->name)) {
480 $err['name'] = get_string('errornoeventname', 'calendar');
481 }
482 if(empty($form->description)) {
483 $err['description'] = get_string('errornodescription', 'calendar');
484 }
485 if(!checkdate($form->startmon, $form->startday, $form->startyr)) {
486 $err['timestart'] = get_string('errorinvaliddate', 'calendar');
487 }
488 if($form->duration == 2 and !checkdate($form->endmon, $form->endday, $form->endyr)) {
489 $err['timeduration'] = get_string('errorinvaliddate', 'calendar');
490 }
491 if($form->duration == 2 and !($form->minutes > 0 and $form->minutes < 1000)) {
492 $err['minutes'] = get_string('errorinvalidminutes', 'calendar');
493 }
494 if (!empty($form->repeat) and !($form->repeats > 1 and $form->repeats < 100)) {
495 $err['repeats'] = get_string('errorinvalidrepeats', 'calendar');
496 }
497 if(!empty($form->courseid)) {
498 // Timestamps must be >= course startdate
499 $course = get_record('course', 'id', $form->courseid);
500 if($course === false) {
501 error('Event belongs to invalid course');
502 }
503 else if($form->timestart < $course->startdate) {
504 $err['timestart'] = get_string('errorbeforecoursestart', 'calendar');
505 }
506 }
507 }
508
509 function calendar_add_event_allowed($courseid, $groupid, $userid) {
510 global $USER;
511
512 if(isadmin()) {
513 return true;
514 }
515 else if($courseid == 0 && $groupid == 0 && $userid == $USER->id) {
516 return true;
517 }
518 else if($courseid != 0 && isteacheredit($courseid)) {
519 return true;
520 }
521
522 return false;
523 }
524
525 function calendar_get_allowed_types(&$allowed) {
526 global $USER, $CFG, $SESSION;
527
528 $allowed->user = true; // User events always allowed
529 $allowed->groups = false; // This may change just below
530 $allowed->courses = false; // This may change just below
531 $allowed->site = isadmin($USER->id);
532
533 if(!empty($SESSION->cal_course_referer) && $SESSION->cal_course_referer > 1 && isteacheredit($SESSION->cal_course_referer, $USER->id)) {
534 $allowed->courses = array($SESSION->cal_course_referer => 1);
535 $allowed->groups = get_groups($SESSION->cal_course_referer);
536 }
537
538 //[pj]: This was used when we wanted to display all legal choices
539 /*
540 if($allowed->site) {
541 $allowed->courses = get_courses('all', 'c.shortname');
542 $allowed->groups = get_records_sql('SELECT g.*, c.fullname FROM '.$CFG->prefix.'groups g LEFT JOIN '.$CFG->prefix.'course c ON g.courseid = c.id ORDER BY c.shortname');
543 }
544 else if(!empty($USER->teacheredit)) {
545 $allowed->courses = get_records_select('course', 'id != 1 AND id IN ('.implode(',', array_keys($USER->teacheredit)).')');
546 $allowed->groups = get_records_sql('SELECT g.*, c.fullname FROM '.$CFG->prefix.'groups g LEFT JOIN '.$CFG->prefix.'course c ON g.courseid = c.id WHERE g.courseid IN ('.implode(',', array_keys($USER->teacheredit)).')');
547 }
548 */
549 }
550
551 ?>
Read-only mirror of the Moodle CVS