Location: PHPKode > projects > Meeting Request Scheduling and Booking System > mrsbs/php/schedule/schedule-op-handler.php
<?PHP

   // Schedule operations handler
   //
   // Version: $Revision: 1.9 $
   // Date: $Date: 2007/09/05 11:27:45 $
   //
   // Copyright (c) 2006 - 2007 Benjamin Oshrin
   // License restrictions apply, see LICENSE for details.

$auth_required = 1;
include('../lib/mrsbs.inc');

// We must have a place to go back to

if(isset($rvar_return))
  $op_ret = $rvar_return;
else
  mexit($tx['op.err.badparam'], 1);

// Verify that the requested operation is authorized

if(isset($rvar_mtgid))
  $mtgid = $rvar_mtgid;
else
  $mtgid = -1;

if(authorize("schedule", $rvar_op, $mtgid))
{
  $result = $tx['op.err.badparam'];
  
  switch($rvar_op)
  {
  case "begin":
    // Allocate a new meeting ID and create an entry for it.  Clone an
    // existing meeting if provided and authorized.

    if(isset($rvar_cloneid) && $rvar_cloneid > 0
       && authorize("schedule", "clone"))
      $newid = create_new_meeting($rvar_cloneid);
    else
      $newid = create_new_meeting();
    
    if($newid > -1)
    {
      // Chop any parameters in $op_ret and append $newid -- duplicated in
      // "what", below
      $x = explode("?", $op_ret);
      $op_ret = $x[0] . "?mtgid=" . $newid;
      $result = $tx['op.newmtgid'] . " (" . $newid . ")";
    }
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // begin
  case "cancel":
    if(cancel_meeting($mtgid))
      $result = $tx['op.successful'] . ": " . $tx['op.canceled.mtg'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // cancel
  case "confirmloc":
    if(confirm_meeting_location($mtgid))
      $result = $tx['op.successful'] . ": " . $tx['op.confirmed'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // confirmloc
  case "location":
    switch($rvar_loc)
    {
    case 'l':
      $newlocid = $rvar_location;
      break;
    case 't':
      $newlocid = -2;
      break;
    case 'n':
    default:
      $newlocid = -1;
      break;
    }

    if(change_meeting_location($mtgid, $newlocid))
      $result = $tx['op.successful'] . ": " . $tx['op.changed'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // confirmloc
    break; // location
  case "notify":
    if(send_notifications($rvar_mtgid, $rvar_note,
			  ((isset($rvar_all) && ($rvar_all == "some")) ?
			   $rvar_recipients : false)))			  
      $result = $tx['op.successful'] . ": " . $tx['op.sentinvites'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // notify
  case "recalculate":
  case "calculate":
    $ch = schedule_event($rvar_mtgid);

    if($ch)
    {
      if(send_notifications($rvar_mtgid, "", false, $ch))
	$result = $tx['op.successful'] . ": " . $tx['op.sentinvites'];
      else
      {
	$result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
	$err++;
      }	
    }
    else
      $result = $tx['op.successful'] . ": " . $tx['op.recalculate.same'];
    break; // recalculate
  case "send":
    if(send_invitations($rvar_mtgid, $rvar_note,
			((isset($rvar_all) && ($rvar_all == "some")) ?
			 $rvar_recipients : false))
       && update_meeting_status($rvar_mtgid, "I"))
    $result = $tx['op.successful'] . ": " . $tx['op.sentinvites'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // send
  case "sendnotify":
    if(update_meeting_time($rvar_mtgid, -1)
       && update_meeting_status($rvar_mtgid, "S")
       && send_notifications($rvar_mtgid, $rvar_note))
       
      $result = $tx['op.successful'] . ": " . $tx['op.sentinvites'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // sendnotify
  case "uncancel":
    if(reinstate_meeting($mtgid, "x"))
      $result = $tx['op.successful'] . ": " . $tx['op.uncanceled.mtg'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // cancel
  case "what":
    // Update the 'what' part of the meeting
    if($mtgid == -1)
    {
      // We need to first create a meeting

      $mtgid = create_new_meeting();

      if($mtgid > -1)
      {
	// Chop any parameters in $op_ret and append $newid -- copied from
	// "begin", above
	$x = explode("?", $op_ret);
	$op_ret = $x[0] . "?mtgid=" . $mtgid;
	$result = $tx['op.newmtgid'] . " (" . $mtgid . ")";
      }
    }
    
    if(update_meeting_what($mtgid, $rvar_summary, $rvar_description))
      $result = $tx['op.successful'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // what
  case "when":
    // Update the windows of the meeting

    $froms = array();
    $untils = array();

    for($i = 0;$i < count($rvar_windowid);$i++)
    {
      $hmf = preg_split('/-/', $rvar_hmf[$i]);
      $hmu = preg_split('/-/', $rvar_hmu[$i]);

      // is_dst (the -1 parameter) is deprecated in php5
      $froms[$i] = mktime($hmf[0], $hmf[1], 0, $rvar_mf[$i], $rvar_df[$i],
			  $rvar_yf[$i], -1);
      $untils[$i] = mktime($hmu[0], $hmu[1], 0, $rvar_mu[$i], $rvar_du[$i],
			   $rvar_yu[$i], -1);
    }
    
    if(update_meeting_when($mtgid, $rvar_windowid, $rvar_pref, $froms, $untils,
			   $rvar_remove, $rvar_curpref, $rvar_curfrom,
			   $rvar_curuntil))
      $result = $tx['op.successful'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // when
  case "when2":
    // Update duration and replyby

    $hmr = preg_split('/-/', $rvar_hmr);
    // is_dst (the -1 parameter) is deprecated in php5
    $replyby = mktime($hmr[0], $hmr[1], 0, $rvar_mr, $rvar_dr, $rvar_yr, -1);

    $dur = $rvar_duration;

    if($dur > 0)
    {
      if($rvar_durunits == "h")
	$dur *= 60;
      elseif($rvar_durunits == "d")
	$dur *= 1440;
      
      if($rvar_replybym && $rvar_replybym=="on")
	$rbm = "R";
      else
	$rbm = "W";
      
      if(update_meeting_when2($mtgid, $dur, $replyby, $rbm,
			      $rvar_curduration, $rvar_curreplyby,
			      $rvar_curreplybym))
	$result = $tx['op.successful'];
      else
      {
	$result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
	$err++;
      }
    }
    else
    {
      $op_ret = "when2.php?mtgid=" . $mtgid;
      $result = $tx['sd.time.baddur'];
      $err++;
    }
    break; // when2
  case "whennew":
    $hmf = preg_split('/-/', $rvar_hmf);
    $hmu = preg_split('/-/', $rvar_hmu);
    
    // is_dst (the -1 parameter) is deprecated in php5
    $begint = mktime($hmf[0], $hmf[1], 0, $rvar_mf, $rvar_df, $rvar_yf, -1);
    $endt = mktime($hmu[0], $hmu[1], 0, $rvar_mu, $rvar_du, $rvar_yu, -1);

    if($begint == $endt)
    {
      $result = $tx['sd.time.same'];
      $err++;
    }
    elseif($begint > $endt)
    {
      $result = $tx['sd.time.backwards'];
      $err++;
    }
    elseif(add_meeting_window($mtgid, $begint, $endt))
      $result = $tx['op.successful'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }

    // Stick the current values back in to repopulate the form
    $op_ret .= "&mf=" . $rvar_mf .
      "&df=" . $rvar_df .
      "&yf=" . $rvar_yf .
      "&hf=" . $hmf[0] .
      "&nf=" . $hmf[1] .
      "&mu=" . $rvar_mu .
      "&du=" . $rvar_du .
      "&yu=" . $rvar_yu .
      "&hu=" . $hmu[0] .
      "&nu=" . $hmu[1];

    break; // whennew
  case "where":
    // Update the potential sites for the meeting.  We don't authorize
    // permission to use locid here since the host should only be able
    // to select from permitted locations, and we really need to
    // enforce it at scheduling time.
    $r = false;
    
    switch($rvar_loc)
    {
    case "l":
      $r = update_meeting_potential_locations($mtgid,
					      $rvar_locid,
					      $rvar_locpref);
      break;
    case "n":
    case "t":
      $r = update_meeting_location($mtgid, ($rvar_loc == "n" ? -1 : -2), "C");
      break;
    case "u":
      // However, here we are effectively scheduling the room.  If we
      // were going to allocate a reservation (eg in mrbs) we would
      // verify permission before proceeding.
      $r = update_meeting_location($mtgid, $rvar_locuse, "C");
      break;
    }

    if($r)
      $result = $tx['op.successful'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // where
  case "who":
    // Update the attendees of the meeting
    if(update_meeting_who($mtgid, $rvar_inviteid, $rvar_status, $rvar_remove,
			  $rvar_curstatus))
      $result = $tx['op.successful'];
    else
    {
      $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
      $err++;
    }
    break; // who
  case "who2":
    if(authorize("schedule", "host", $mtgid, $rvar_host))
    {
      // Update the host of the meeting
      if(update_meeting_host($mtgid, $rvar_host))
      {
	if(authorize("schedule", "owner", $mtgid))
	{
	  // Update the owner of the meeting if permitted

	  if(update_meeting_owner($mtgid, $rvar_owner))
	    $result = $tx['op.successful'];
	  else
	  {
	    $result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
	    $err++;
	  }
	}
	else
	  $result = $tx['op.successful'];
      }
      else
      {
	$result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
	$err++;
      }
    }
    else
    {
      $result = $tx['op.err.perm'];
      $err++;
    }
    break; // host
  case "whonew":
    // Lookup the requested person.  If one, add to the meeting,
    // otherwise generate a list of candidates

    $cinfo = false;  // If 1 contact found, this is it
    $mfound = false; // True if > 1 found
    $dirq = false;
    
    if(strchr($rvar_invitee, '@'))
    {
      // If we were given an email address, just jump directly to
      // getting a contactid.

      $cinfo = lookup_user_by_email($rvar_invitee);
    }
    else
    {
      // Lookup the string in the database and directory, and combine
      // the results

      $dinfo = search_contacts($rvar_invitee);
      
      $dirq = directory_query($rvar_invitee);

      if($dinfo && $dinfo['count']==1 && (!$dirq || $dirq['count'] == 0))
      {
	// Database matched 1, directory matched 0
	
	$cinfo = $dinfo[0];
      }
      elseif((!$dinfo || $dinfo['count']==0) && $dirq && $dirq['count'] == 1)
      {
	// Database matched 0, directory matched 1

	// Lookup the user by email to generate a contactid.

	$cinfo = lookup_user_by_email($dirq[0]['mail'][0]);
      }
      elseif(($dinfo && $dinfo['count'] > 0) || ($dirq && $dirq['count'] > 0))
      {
	// Multiple found, consolidate and output database matches first.
	// Check uniqueness on mail address since contactids may not have
	// been assigned to directory matches.

	$seen = array();
	$scount = 0;

	$p_op_ret = $rvar_mreturn . "&status=" . $rvar_status;

	if($dinfo && $dinfo['count'] > 0)
	{
	  for($i = 0;$i < $dinfo['count'];$i++)
	  {
	    if($dinfo[$i]['mail'] != "" && !isset($seen[$dinfo[$i]['mail']]))
	    {
	      $p_op_ret .= "&name[]=" .
		render_name("full",
			    $dinfo[$i]['givenname'],
			    $dinfo[$i]['sn'],
			    $dinfo[$i]['mail']);
	      $p_op_ret .= "&candidate[]=" . $dinfo[$i]['mail'];
	      
	      $seen[$dinfo[$i]['mail']] = true;
	      $scount++;
	    }
	  }
	}
	
	if($dirq && $dirq['count'] > 0)
	{
	  for($i = 0;$i < $dirq['count'];$i++)
	  {
	    if($dirq[$i]['mail'][0] != "" &&
	       !isset($seen[$dirq[$i]['mail'][0]]))
	    {
	      $p_op_ret .= "&name[]=" .
		render_name("full",
			    $dirq[$i]['givenname'][0],
			    $dirq[$i]['sn'][0],
			    $dirq[$i]['mail'][0]);
	      $p_op_ret .= "&candidate[]=" . $dirq[$i]['mail'][0];
	      
	      $seen[$dinfo[$i]['mail']] = true;
	      $scount++;
	    }
	  }
	}

	// We might have found only one entry once consolidated.
	// If so, return that entry.

	if($scount == 1)
	{
	  // In a sense it doesn't matter which entry we return, so we'll
	  // go with the database entry, which might have a preferred
	  // nickname.

	  $cinfo = $dinfo[0];
	}
	else
	{
	  $op_ret = $p_op_ret;
	  $result = $tx['op.invitee.multiple'] . " " . $rvar_invitee;
	  $err++;
	  $mfound = true;
	}
      }
      // else nothing found
    }
    
    if($cinfo)
    {
      switch(add_meeting_invitee($mtgid, $cinfo['contactid'], $rvar_status))
      {
      case -1:
	$result = $tx['op.invitee.already'];
	$err++;
	break;
      case 1:
	$result = $tx['op.successful'];
	break;
      default:
	$result = $tx['op.failed'] . ": " . $dbc->ErrorMsg();
	$err++;
	break;
      }
    }
    elseif(!$mfound)
    {
      // No match, punt to add new contact
      
      $op_ret = $rvar_nreturn . "&status=" . $rvar_status;
      
      if(strchr($rvar_invitee, '@'))
	$op_ret .= "&mail=" . $rvar_invitee;
      else
      {
	$name = explode(" ", $rvar_invitee, 2);
	
	$op_ret .= "&givenname=" . $name[0] . "&sn=" . $name[1];
      }

      $op_ret .= "&return=" . urlencode("../schedule/who.php?mtgid=" .
					$rvar_mtgid);
      
      $result = "";
    }
    break; // whonew
  case "whorecent":
    // That is who-recent, not whore-cent.
    // For each person, see if the contactid exists and if so add to the mtg.
    $w_total = count($rvar_invitees);
    $w_good = 0;
    $w_notfound = 0;
    $w_already = 0;
    
    for($i = 0;$i < $w_total;$i++)
    {
      if(get_contact($rvar_invitees[$i]))
      {
	if(add_meeting_invitee($rvar_mtgid, $rvar_invitees[$i], $rvar_status))
	  $w_good++;
	else
	  $w_already++;
      }
      else
	$w_notfound++;
    }
    
    if($w_total == $w_good)
      $result = $tx['op.successful'];
    else
    {
      $result = $tx['op.successful'] . ": " . $w_good . ", " .
	$tx['op.invitee.already'] . ": " . $w_already . ", " .
	$tx['ct.err.notfound'] . ": " . $w_notfound;
      
      $err++;      
    }
    break; // whorecent
  case "null":
    $result = "";
    break;
  default:
    break;
  }
}
else
{
  $result = $tx['op.err.perm'];
  $err++;
}

?>
<HTML>
<HEAD>
<META HTTP-EQUIV="refresh" CONTENT="<?PHP print (isset($err) ? "1" : "0");?>;URL=<?PHP
  if(strstr($op_ret, "?")) $c = "&";
  else $c = "?";
  print hstr($op_ret);
  if($result != "") print $c . (isset($err) ? "error=" : "result=") . hstr($result);
?>">
</HEAD>
<BODY BGCOLOR=gray>
<?PHP /*print $op_ret;*/?>
</BODY>
</HTML>
Return current item: Meeting Request Scheduling and Booking System