<?php
/****************************************************************************************/
/* ACollab */
/****************************************************************************************/
/* Copyright (c) 2002-2004 Adaptive Technology Resource Centre / University of Toronto */
/* */
/* http://atutor.ca/acollab */
/* */
/* This program is free software. You may redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation; either version 2 of the License, */
/* or (at your option) any later version. */
/* */
/* This program is distributed in the hope that it will be useful, but */
/* WITHOUT ANY WARRANTY; without even the implied warranty of */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. */
/* See the GNU General Public License for more details. */
/* */
/* You may access the GNU General Public License at: */
/* http://www.opensource.org/licenses/gpl-license.php */
/* */
/* You may contact the Adaptive Technology Resource Centre at */
/* Robarts Library, University of Toronto */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5 */
/* Further contact information is available at http://www.utoronto.ca/atrc/ */
/****************************************************************************************/
/* Programmer: */
/* Joel Kronenberg - ATRC */
/****************************************************************************************/
// $Id: add_event.php 477 2005-03-29 21:36:22Z shozubq $
define('AC_INCLUDE_PATH', '../include/');
require(AC_INCLUDE_PATH.'vitals.inc.php');
require(AC_INCLUDE_PATH.'lib/calendar.class.php');
require(AC_INCLUDE_PATH.'lib/folders.inc.php');
authenticate(USER_CLIENT, USER_GROUP_ADMIN, USER_ADMIN);
$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('events_calendar');
$_SECTION[1][1] = 'events/';
$_SECTION[2][0] = _AC('add_event');
$_SECTION[2][1] = 'events/';
if (isset($_POST['cancel'])) {
Header('Location: index.php');
exit;
}
if (isset($_POST['submit'])) {
$_POST['event_title'] = trim($_POST['event_title']);
$_POST['description'] = trim($_POST['description']);
$_POST['start_year'] = intval($_POST['start_year']);
$_POST['start_month'] = intval($_POST['start_month']);
$_POST['start_day'] = intval($_POST['start_day']);
$_POST['start_hour'] = intval($_POST['start_hour']);
$_POST['start_min'] = intval($_POST['start_min']);
$_POST['end_year'] = intval($_POST['end_year']);
$_POST['end_month'] = intval($_POST['end_month']);
$_POST['end_day'] = intval($_POST['end_day']);
$_POST['end_hour'] = intval($_POST['end_hour']);
$_POST['end_min'] = intval($_POST['end_min']);
$_POST['folder'] = intval($_POST['folder']);
if ($_POST['title'] == '') {
$errors[] = E_EVENT_EMPTY_TITLE;
}
if (is_uploaded_file($_FILES['file']['tmp_name']) && $_POST['folder'] == '') {
$errors[] = E_FOLDER_NOT_SELECTED;
}
if ($_POST['description'] == '') {
$errors[] = E_EVENT_EMPTY_DESC;
}
if (!checkdate($_POST['start_month'], $_POST['start_day'], $_POST['start_year'])) {
$errors[] = E_EVENT_SDATE_INVALID;
}
if ((($_POST['end_year'] > 0) || ($_POST['end_month'] > 0) || ($_POST['end_day'] > 0))
&& (!checkdate($_POST['end_month'], $_POST['end_day'], $_POST['end_year']))) {
$errors[] = E_EVENT_EDATE_INVALID;
}
$start_stamp= mktime ($_POST['start_hour'], $_POST['start_min'], 0, $_POST['start_month'], $_POST['start_day'], $_POST['start_year']);
$end_stamp = mktime ($_POST['end_hour'], $_POST['end_min'], 0, $_POST['end_month'], $_POST['end_day'], $_POST['end_year']);
if (($end_stamp > 0) && ($start_stamp >= $end_stamp)) {
$errors[] = E_EVENT_SEDATE_INVALID;
}
$_POST['start_month'] = str_pad($_POST['start_month'], 2, '0', STR_PAD_LEFT);
$_POST['start_day'] = str_pad($_POST['start_day'], 2, '0', STR_PAD_LEFT);
$_POST['start_hour'] = str_pad($_POST['start_hour'], 2, '0', STR_PAD_LEFT);
$_POST['start_min'] = str_pad($_POST['start_min'], 2, '0', STR_PAD_LEFT);
$_POST['end_month'] = str_pad($_POST['end_month'], 2, '0', STR_PAD_LEFT);
$_POST['end_day'] = str_pad($_POST['end_day'], 2, '0', STR_PAD_LEFT);
$_POST['end_hour'] = str_pad($_POST['end_hour'], 2, '0', STR_PAD_LEFT);
$_POST['end_min'] = str_pad($_POST['end_min'], 2, '0', STR_PAD_LEFT);
$start_date = $_POST['start_year'].'-'.$_POST['start_month'].'-'.$_POST['start_day'].' '.$_POST['start_hour'].':'.$_POST['start_min'].':00';
$end_date = $_POST['end_year'].'-'.$_POST['end_month'].'-'.$_POST['end_day'].' '.$_POST['end_hour'].':'.$_POST['end_min'].':00';
if (!$errors) {
$_POST['title'] = $addslashes($_POST['title']);
$_POST['description'] = $addslashes($_POST['description']);
$sql = "INSERT INTO ".TABLE_PREFIX."events VALUES (0, $_SESSION[group_id], $_SESSION[member_id], '$start_date', '$end_date', '$_POST[title]', '$_POST[description]', '')";
if (mysql_query($sql, $db)) {
$event_id = mysql_insert_id($db);
/* add the related files */
if (is_array($_POST['files'])){
$num_files = count($_POST['files']);
$sql = '';
for($i = 1; $i <= $num_files; $i++) {
if ($_POST['files'][$i] != '') {
$sql .= '('.$event_id.','.$_POST['files'][$i].'),';
}
}
$sql = substr($sql, 0, -1);
if ($sql != '') {
$sql = 'INSERT INTO '.TABLE_PREFIX.'events_files VALUES '.$sql;
mysql_query($sql, $db);
}
}
if (is_uploaded_file($_FILES['file']['tmp_name'])) {
$sql = "INSERT INTO ".TABLE_PREFIX."files VALUES (0, $_SESSION[group_id], $_SESSION[member_id], $_POST[folder], NOW(), '{$_FILES[file][name]}', '$_POST[title]', 0, 0, 0)";
if (mysql_query($sql, $db)) {
$file_id = mysql_insert_id($db);
$sql = "INSERT INTO ".TABLE_PREFIX."files_revisions VALUES (0, $file_id, $_SESSION[member_id], NOW(), '{$_FILES[file][name]}', '{$_FILES[file][size]}', '$_POST[description]',0)";
if (mysql_query($sql, $db)) {
$revision_id = mysql_insert_id($db);
$char = substr($revision_id, 0, 1).'/';
if (move_uploaded_file($_FILES['file']['tmp_name'], UPLOAD_DIR.$char.$revision_id)) {
/* for added security we add the sticky bit "1" so that only the owner of this file can delete it */
@chmod(UPLOAD_DIR.$char.$file_id, 01600);
$sql = "UPDATE ".TABLE_PREFIX."files SET num_revisions=1 WHERE file_id=$file_id";
$result = mysql_query($sql, $db);
$sql_event = "INSERT INTO ".TABLE_PREFIX."events_files VALUES ($event_id, $revision_id)";
$result = mysql_query($sql_event, $db);
} else {
/* undo the file we just added, b/c it didn't save correctly. */
$sql = "DELETE FROM ".TABLE_PREFIX."files_revisions WHERE revision_id=$revision_id";
$result = mysql_query($sql, $db);
}
}
}
}
/*notify subscribers about addition of new thread*/
$my_group = get_group($_SESSION['group_id']);
require(AC_INCLUDE_PATH . 'classes/acollabmailer.class.php');
$mail = new ACollabMailer;
$mail->From = ADMIN_EMAIL;
$mail->FromName = _AC('group_admin');
$mail->Subject = _AC('event_notification');
$mail->Body = _AC('event_new_event', $my_group['title'], $_POST['title'], $_base_href.'sign_in.php');
$user_list = notify_subscribers('N_CALENDAR');
if (!empty($user_list)) {
while ($user = mysql_fetch_assoc($user_list)) {
$bcc = true;
$mail->AddBCC($user['email']);
}
}
if ($bcc) {
if(!$mail->Send()) {
echo "Message could not be sent. <p>";
echo "Mailer Error: " . $mail->ErrorInfo;
exit;
}
}
header('Location: index.php?f='.F_EVENT_ADDED);
exit;
} else {
$errors[] = E_EVENT_ADD;
}
}
}
require(AC_INCLUDE_PATH.'header.inc.php');
print_popup_help('help_add_event');
if (isset($errors)) {
print_errors($errors);
echo '<br />';
}
if (!isset($_POST['submit']) && isset($_GET['m'], $_GET['d'], $_GET['y'])) {
$_GET['m'] = str_pad($_GET['m'], 2, '0', STR_PAD_LEFT);
$_GET['d'] = str_pad($_GET['d'], 2, '0', STR_PAD_LEFT);
$start_date = $_GET['y'].'-'.$_GET['m'].'-'.$_GET['d'].' 00:00:00';
}
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data" name="form" id="form">
<table border="0" cellspacing="0" cellpadding="2" align="center" class="box2" width="75%">
<tr>
<th colspan="5" class="box"><h3><?php echo _AC('add_event'); ?></h3></th>
</tr>
<tr>
<td class="row1" colspan="4"><p><?php echo _AC('event_files'); ?></p></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td colspan="3" class="row1"><img src="images/clr.gif" height="1" width="1" alt="" /><br /><?php
echo _AC('denotes_required', '<img src="images/required.gif" height="14" width="14" alt="'._AC('required_field').'" />');
?><br /></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right"><b><?php echo _AC('start_date'); ?>:</b></td>
<td class="row1"><img src="images/required.gif" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" /></td>
<td class="row1"><?php
echo date_print_select($start_date, 'start', false, AT_DATE_SHOW_DATES);
?></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right"><b><?php echo _AC('start_time'); ?>:</b></td>
<td class="row1"> </td>
<td class="row1"><?php
echo date_print_select($start_date, 'start', true, AT_DATE_SHOW_TIME);
?></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right"><b><?php echo _AC('end_date'); ?>:</b></td>
<td class="row1"> </td>
<td class="row1"><?php
echo date_print_select($end_date, 'end', true, AT_DATE_SHOW_DATES);
?></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right"><b><?php echo _AC('end_time'); ?>:</b></td>
<td class="row1"> </td>
<td class="row1"><?php
echo date_print_select($end_date, 'end', true, AT_DATE_SHOW_TIME);
?></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right"><label for="title"><b><?php echo _AC('event_title'); ?>:</b></label></td>
<td class="row1"><img src="images/required.gif" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" /></td>
<td class="row1"><input type="text" name="title" class="input" size="45" maxlength="100" id="title" value="<?php echo $_POST['title']; ?>" onfocus="this.className='input highlight'" onblur="this.className='input'" /></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right" valign="top"><label for="desc"><b><?php echo _AC('description'); ?>:</b></label></td>
<td class="row1" valign="top"><img src="images/required.gif" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" class="img" /></td>
<td class="row1"><textarea name="description" id="desc" cols="50" rows="10" class="input" onfocus="this.className='input highlight'" onblur="this.className='input'"><?php echo $_POST['description']; ?></textarea></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="center" colspan="3"><?php echo _AC('event_attach_files'); ?></td>
<td class="row1"> </td>
</tr>
<?php
$sql = "SELECT MAX(FR.revision_id), FR.file_id, F.title FROM ".TABLE_PREFIX."files F, ".TABLE_PREFIX."files_revisions FR WHERE F.group_id=$_SESSION[group_id] AND F.file_id=FR.file_id AND F.folder_id > 0 GROUP BY F.title, F.file_id";
$result = mysql_query($sql, $db);
$files = array();
if ($result) {
while ($row = mysql_fetch_array($result)) {
$files[$row['file_id']] = $row;
}
$num_files = count($files);
}
if ($num_files == 0) {
?>
<tr>
<td class="row1"> </td>
<td class="row1" align="right"><b><?php echo _AC('file_1'); ?>:</b></td>
<td class="row1"> </td>
<td class="row1"><?php echo _AC('no_files_available'); ?></td>
<td class="row1"> </td>
</tr>
<?php } else {
for($i=1; $i<=min($num_files, 5); $i++) { ?>
<tr>
<td class="row1"> </td>
<td class="row1" align="right"><b><?php echo _AC('file_'.$i); ?>:</b></td>
<td class="row1"> </td>
<td class="row1"><?php
echo '<select name="files['.$i.']">';
echo '<option></option>';
echo '<option>-- '._AC('drafting_room').' --</option>';
$current_section = FILE_DRAFTING;
foreach ($files as $key => $value) {
if ($current_section != $value['section_type']) {
echo '<option>-- '._AC('library').' --</option>';
$current_section = $value['section_type'];
}
echo '<option value="'.$value[0].'"';
if (is_array($_POST['files']) && ($_POST['files'][$i] == $value[0])) {
echo ' selected="selected"';
}
echo '>'.$value['title'].'</option>';
}
echo '</select>';
?></td>
<td class="row1"> </td>
</tr>
<?php
}
} ?>
<?php
$folders = get_folders();
//can only upload files if a public folder exists
if ($folders) {
?>
<tr>
<td class="row1"> </td>
<td class="row1" align="center" colspan="3"><?php echo _AC('or_upload_file'); ?></td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right">
<label for="file"><strong><?php echo _AC('upload_file'); ?></strong></label>
</td>
<td class="row1"> </td>
<td class="row1">
<input type="file" name="file" id="file" class="input" size="30" onfocus="this.className='input highlight'" onblur="this.className='input'" />
</td>
<td class="row1"> </td>
</tr>
<tr>
<td class="row1"> </td>
<td class="row1" align="right" valign="top">
<label for="file"><strong><?php echo _AC('folder'); ?></strong></label>
</td>
<td class="row1"> </td>
<td class="row1"><?php
echo '<select name="folder" size="5" id="folder" class="input" onfocus="this.className=\'input highlight\'" onblur="this.className=\'input\'">';
echo '<optgroup label="'._AC('group_folders').'">';
foreach ($folders as $id => $folder) {
if ($id != 0) {
echo '<option value="'.$id.'"';
if ($id == $fid) {
echo ' selected="selected"';
}
echo '>'.$folder['title'].'</option>';
}
}
echo '</optgroup></select>';
?></td>
<td class="row1"> </td>
</tr>
<?php
} else {
?>
<tr>
<td class="row1"> </td>
<td class="row1" align="center" colspan="3"><?php echo _AC('no_folders_found'); ?></td>
<td class="row1"> </td>
</tr>
<?php
}
?>
<tr>
<td class="row1"> </td>
<td class="row1" colspan="3" align="right"><br /><input type="submit" name="submit" value="<?php echo _AC('submit_event'); ?>" class="submitY" onfocus="this.className='submitY highlight'" onblur="this.className='submitY'" /> <input type="submit" name="cancel" value="<?php echo _AC('cancel'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /><br /><br /></td>
<td class="row1"> </td>
</tr>
</table>
</form>
<?php
require(AC_INCLUDE_PATH.'footer.inc.php');
?>