diff --git a/composer.lock b/composer.lock index 91982ab86..6933602b0 100644 --- a/composer.lock +++ b/composer.lock @@ -800,16 +800,16 @@ }, { "name": "phpunit/phpunit", - "version": "9.6.13", + "version": "9.6.15", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "f3d767f7f9e191eab4189abe41ab37797e30b1be" + "reference": "05017b80304e0eb3f31d90194a563fd53a6021f1" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/f3d767f7f9e191eab4189abe41ab37797e30b1be", - "reference": "f3d767f7f9e191eab4189abe41ab37797e30b1be", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/05017b80304e0eb3f31d90194a563fd53a6021f1", + "reference": "05017b80304e0eb3f31d90194a563fd53a6021f1", "shasum": "" }, "require": { @@ -883,7 +883,7 @@ "support": { "issues": "https://github.com/sebastianbergmann/phpunit/issues", "security": "https://github.com/sebastianbergmann/phpunit/security/policy", - "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.13" + "source": "https://github.com/sebastianbergmann/phpunit/tree/9.6.15" }, "funding": [ { @@ -899,7 +899,7 @@ "type": "tidelift" } ], - "time": "2023-09-19T05:39:22+00:00" + "time": "2023-12-01T16:55:19+00:00" }, { "name": "sebastian/cli-parser", @@ -1867,16 +1867,16 @@ }, { "name": "theseer/tokenizer", - "version": "1.2.1", + "version": "1.2.2", "source": { "type": "git", "url": "https://github.com/theseer/tokenizer.git", - "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e" + "reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/theseer/tokenizer/zipball/34a41e998c2183e22995f158c581e7b5e755ab9e", - "reference": "34a41e998c2183e22995f158c581e7b5e755ab9e", + "url": "https://api.github.com/repos/theseer/tokenizer/zipball/b2ad5003ca10d4ee50a12da31de12a5774ba6b96", + "reference": "b2ad5003ca10d4ee50a12da31de12a5774ba6b96", "shasum": "" }, "require": { @@ -1905,7 +1905,7 @@ "description": "A small library for converting tokenized PHP source code into XML and potentially other formats", "support": { "issues": "https://github.com/theseer/tokenizer/issues", - "source": "https://github.com/theseer/tokenizer/tree/1.2.1" + "source": "https://github.com/theseer/tokenizer/tree/1.2.2" }, "funding": [ { @@ -1913,7 +1913,7 @@ "type": "github" } ], - "time": "2021-07-28T10:34:58+00:00" + "time": "2023-11-20T00:12:19+00:00" }, { "name": "twbs/bootstrap", diff --git a/export.php b/export.php index 8d50698d2..a6a7f733a 100644 --- a/export.php +++ b/export.php @@ -116,9 +116,9 @@ function updateDateFields () { var displayAll = $('#exportall')[0].checked; if (displayAll) { - $('#dateArea').show(); - } else { $('#dateArea').hide(); + } else { + $('#dateArea').show(); } } diff --git a/export_handler.php b/export_handler.php index 305399a95..fc5538a24 100644 --- a/export_handler.php +++ b/export_handler.php @@ -217,19 +217,19 @@ function transmit_header( $mime, $file ) { die_miserable_death ( 'Invalid format "' . htmlspecialchars($format) . '"' ); $id = getValue ( 'id', '-?[0-9]+', true ); -$use_all_dates = getPostValue ( 'use_all_dates' ); +$use_all_dates = getPostValue ( 'use_all_dates', '' ); if ( strtolower ( $use_all_dates ) != 'y' ) $use_all_dates = ''; -$include_layers = getPostValue ( 'include_layers' ); +$include_layers = getPostValue ( 'include_layers', '' ); if ( strtolower ( $include_layers ) != 'y' ) $include_layers = ''; -$include_deleted = getPostValue ( 'include_deleted' ); +$include_deleted = getPostValue ( 'include_deleted', '' ); if ( strtolower ( $include_deleted ) != 'y' ) $include_deleted = ''; -$cat_filter = getPostValue ( 'cat_filter' ); +$cat_filter = getPostValue ( 'cat_filter', '' ); if ( $cat_filter == 0 ) $cat_filter = ''; @@ -247,11 +247,13 @@ function transmit_header( $mime, $file ) { $enddate = sprintf ( "%04d%02d%02d", $endyear, $endmonth, $endday ); $moddate = sprintf ( "%04d%02d%02d", $modyear, $modmonth, $modday ); -mt_srand ( ( float ) microtime() * 1000000 ); +mt_srand(time()); if ( empty ( $id ) ) $id = 'all'; +load_global_settings(); // Need server URL + $outputName = 'webcalendar-' . "$login-$id"; if ( substr ( $format, 0, 4 ) == 'ical' ) { transmit_header ( 'text/calendar', $outputName . '.ics' ); diff --git a/includes/functions.php b/includes/functions.php index a37afa831..aeb685b4f 100644 --- a/includes/functions.php +++ b/includes/functions.php @@ -3951,6 +3951,37 @@ function isLeapYear(int $year = null): bool { return ($year % 4 == 0 && $year % 100 != 0) || $year % 400 == 0; } + +function getServerUrl($checkDatabase = true): string +{ + global $SERVER_URL, $HTTP_HOST, $REQUEST_URI; + $ret = null; + + if (false&&$checkDatabase) { + $rows = dbi_get_cached_rows('SELECT cal_value FROM webcal_config WHERE cal_setting = ?', ['SERVER_URL']); + if (!empty($rows) && !empty($rows[0]) && !empty($rows[0][0])) { + $ret = $rows[0][0]; + } + } + // Calculate it. + if (empty($ret)) + $ret = determineServerUrl(); + $ret = rtrim($ret, '/'); + return $ret . '/'; +} + +function determineServerUrl(): string +{ + $protocol = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on') ? 'https' : 'http'; + $host = $_SERVER['HTTP_HOST']; + $port = $_SERVER['SERVER_PORT']; + $folder = dirname($_SERVER['SCRIPT_NAME']); + $url = $protocol . '://'. $host . '/'; + if ($folder != '/') + $url .= $folder; + return $url; +} + /** * Loads default system settings (which can be updated via admin.php). * diff --git a/includes/user-app-joomla.php b/includes/user-app-joomla.php index 100fb2c46..b399ab797 100644 --- a/includes/user-app-joomla.php +++ b/includes/user-app-joomla.php @@ -349,8 +349,7 @@ function user_logged_in () { // Redirect the user to the login-app.php page function app_login_screen( $return ) { - global $SERVER_URL; - header ( "Location: {$SERVER_URL}login-app.php?return_path={$return}"); + header ( "Location: " . getServerUrl() . "login-app.php?return_path={$return}"); exit; } diff --git a/includes/xcal.php b/includes/xcal.php index 998d31590..7ac151f91 100644 --- a/includes/xcal.php +++ b/includes/xcal.php @@ -92,7 +92,7 @@ function wc_export_fold_lines ( $string, $encoding = 'none', $limit = 76 ) { if ( strcmp( $encoding, 'quotedprintable' ) == 0 ) $enc = export_quoted_printable_encode( $string[$i] ); else if ( strcmp( $encoding, 'utf8' ) == 0 ) - $enc = utf8_encode ( $string[$i] ); + $enc = mb_convert_encoding($string[$i], 'UTF-8', mb_detect_encoding($string[$i])); } if ( $string[$i] == ':' ) $start_encode = 1; @@ -219,12 +219,15 @@ function export_get_attendee( $id, $export ) { // Use "Full Name " if we have it, // Just "login" if that's all we have. $attendee[$count] .= ';CN="' - . ( empty( $user['cal_firstname'] ) && empty( $user['cal_lastname'] ) - ? $user['cal_login'] - : utf8_encode( $user['cal_firstname'] ) . ' ' - . utf8_encode( $user['cal_lastname'] ) ) . '"' - . ':MAILTO:' . ( empty( $user['cal_email'] ) - ? $EMAIL_FALLBACK_FROM : $user['cal_email'] ); + . (empty($user['cal_firstname']) && empty($user['cal_lastname']) + ? $user['cal_login'] + : mb_convert_encoding($user['cal_firstname'], 'UTF-8', mb_detect_encoding($user['cal_firstname'])) . ' ' + . mb_convert_encoding($user['cal_lastname'], 'UTF-8', mb_detect_encoding($user['cal_lastname']))) . '"'; + if (!empty($user['cal_email'])) { + $attendee[$count] .= ':MAILTO:' . $user['cal_email']; + } else if (strpos('@', $EMAIL_FALLBACK_FROM) > 0) { + $attendee[$count] .= ':MAILTO:' . $EMAIL_FALLBACK_FROM; + } } $count++; } //end if ( count ( $user ) > 0 ) @@ -739,15 +742,18 @@ function export_get_event_entry( $id = 'all', $attachment = false ) { return $res; } //end function export_get_event_entry($id) function generate_uid ( $id = '' ) { - global $login, $SERVER_URL; + global $login; - $uid = $SERVER_URL; + $uid = getServerUrl(); if ( empty ( $uid ) ) $uid = 'UNCONFIGURED-WEBCALENDAR'; - $uid = str_replace ( 'http://', ' ', $uid ); + $uid = str_replace ( 'http://', '', $uid ); + $uid = str_replace ( 'https://', '', $uid ); + $uid = str_replace ( ':', '-', $uid ); $uid .= sprintf ( "-%s-%010d", $login, $id ); - $uid = preg_replace ( "/[\s\/\.-]+/", '-', $uid ); + $uid = preg_replace ( "/[\/-]+/", '-', $uid ); $uid = strtoupper ( $uid ); + return $uid; } // Add entries in the webcal_import and webcal_import_data tables. @@ -944,8 +950,12 @@ function export_ical ( $id = 'all', $attachment = false ) { // Always output something, even if no records come back // This prevents errors on the iCal client $ret = "BEGIN:VCALENDAR\r\n"; - $title = utf8_encode ( 'X-WR-CALNAME;VALUE=TEXT:' . - ( empty ( $publish_fullname ) ? $login : translate ( $publish_fullname ) ) ); + $title = mb_convert_encoding( + 'X-WR-CALNAME;VALUE=TEXT:' . + (empty($publish_fullname) ? $login : translate($publish_fullname)), + 'UTF-8', + mb_detect_encoding(empty($publish_fullname) ? $login : $publish_fullname) + ); $title = str_replace ( ',', "\\,", $title ); $ret .= "$title\r\n"; $ret .= generate_prodid ( 'ics' ); diff --git a/install/index.php b/install/index.php index af577bc24..03c1cb1ea 100644 --- a/install/index.php +++ b/install/index.php @@ -257,6 +257,10 @@ function_exists('gd_info'), $connectError = dbi_error(); } } +if (!empty($_GET['action']) && $_GET['action'] == "phpinfo") { + phpinfo (); + exit; +} $emptyDatabase = $canConnectDb ? isEmptyDatabase() : true; $unsavedDbSettings = !empty($_SESSION['unsavedDbSettings']); // Keep track if Db settings were modified by not yet saved $reportedDbVersion = 'Unknown'; diff --git a/install/install_phpsettings.php b/install/install_phpsettings.php index 03c506ba6..e325ea992 100644 --- a/install/install_phpsettings.php +++ b/install/install_phpsettings.php @@ -1,10 +1,10 @@ - - - - + + + + @@ -27,6 +27,12 @@
+ + \ No newline at end of file +?> + + + \ No newline at end of file diff --git a/pref.php b/pref.php index 2db74bb25..8a1062d63 100644 --- a/pref.php +++ b/pref.php @@ -762,35 +762,32 @@ function save_pref( $prefs, $src) { - ">     \n"; - echo htmlspecialchars ( $SERVER_URL ) . + echo htmlspecialchars ( getServerUrl() ) . 'publish.php?user=' . ( $updating_public ? '__public__' : $user ); ?>   - "> - ">        - - ">        - "> @@ -817,19 +813,17 @@ function save_pref( $prefs, $src) { - ">      \n"; - echo htmlspecialchars ( $SERVER_URL ) . + echo htmlspecialchars ( getServerUrl() ) . 'freebusy.php?user=' . ( $updating_public ? '__public__' : $user ); ?>   - diff --git a/register.php b/register.php index db83d9056..c342932b7 100644 --- a/register.php +++ b/register.php @@ -221,15 +221,11 @@ function generate_password() ) . "\n"; - // Add URL to event, if we can figure it out. - if (!empty($SERVER_URL)) { - $url = $SERVER_URL . 'login.php'; - - if ($htmlmail == 'Y') - $url = activate_urls($url); - - $msg .= "\n\n" . $url; - } + // Add URL to event + $url = getServerUrl() . 'login.php'; + if ($htmlmail == 'Y') + $url = activate_urls($url); + $msg .= "\n\n" . $url; $msg .= "\n\n" . translate('You may change your password after logging in the first time.') . "\n\n" . translate('If you received this email in error') . "\n\n"; diff --git a/rss.php b/rss.php index a9e2a1982..f69589b58 100644 --- a/rss.php +++ b/rss.php @@ -244,14 +244,14 @@ <![CDATA[' . $appStr . ']]> - ' . $SERVER_URL . ' + ' . getServerUrl() . ' ' . $lang . ' :"http://k5n.us/webcalendar.php?v=' . $PROGRAM_VERSION . '" <![CDATA[' . $appStr . ']]> - ' . $SERVER_URL . ' + ' . getServerUrl() . ' http://k5n.us/k5n_small.gif '; @@ -288,7 +288,7 @@ echo ' <![CDATA[' . $dateinfo . $entries[$j]->getName() . ']]> - ' . $SERVER_URL . 'view_entry.php?id=' . $entries[$j]->getID() + ' . getServerUrl() . 'view_entry.php?id=' . $entries[$j]->getID() . '&friendly=1&rssuser=' . $login . '&date=' . $d . ' getDescription() . ']]>' . ( empty ( $category ) ? '' : ' @@ -296,7 +296,7 @@ // . '' /* RSS 2.0 date format Wed, 02 Oct 2002 13:00:00 GMT */. ' ' . gmdate ( 'D, d M Y H:i:s', $unixtime ) . ' GMT - ' . $SERVER_URL . 'view_entry.php?id=' . $entries[$j]->getID() + ' . getServerUrl() . 'view_entry.php?id=' . $entries[$j]->getID() . '&friendly=1&rssuser=' . $login . '&date=' . $d . ' '; $numEvents++; @@ -337,7 +337,7 @@ echo ' <![CDATA[' . $dateinfo . $rentries[$j]->getName() . ']]> - ' . $SERVER_URL . "view_entry.php?id=" . $rentries[$j]->getID() + ' . getServerUrl() . "view_entry.php?id=" . $rentries[$j]->getID() . '&friendly=1&rssuser=' . $login . '&date=' . $d . ' getDescription() . ']]>' . ( empty ( $category ) ? '' : ' @@ -345,7 +345,7 @@ // . '' . ' ' . gmdate ( 'D, d M Y H:i:s', $unixtime ) . ' GMT - ' . $SERVER_URL . 'view_entry.php?id=' . $rentries[$j]->getID() + ' . getServerUrl() . 'view_entry.php?id=' . $rentries[$j]->getID() . '&friendly=1&rssuser=' . $login . '&date=' . $d . ' '; $numEvents++; diff --git a/rss_activity_log.php b/rss_activity_log.php index 1bb852ead..cacee5c91 100644 --- a/rss_activity_log.php +++ b/rss_activity_log.php @@ -109,14 +109,14 @@ <![CDATA[' . $appStr . ']]> - ' . $SERVER_URL . ' + ' . getServerUrl() . ' ' . $lang . ' WebCalendar ' . $PROGRAM_VERSION . ' <![CDATA[' . $appStr . ']]> - ' . $SERVER_URL . ' + ' . getServerUrl() . ' http://k5n.us/k5n_small.gif ' . "\n"; @@ -134,7 +134,7 @@ * Generate the activity log. */ function rss_activity_log ( $sys, $entries ) { - global $ALLOW_HTML_DESCRIPTION, $login, $SERVER_URL; + global $ALLOW_HTML_DESCRIPTION, $login; $sql_params = []; @@ -193,7 +193,7 @@ function rss_activity_log ( $sys, $entries ) { $ret .= "\n" . ' <![CDATA[' . $subject . ': ' . htmlspecialchars( $l_ename ) . ']]>' . "\n " - . $SERVER_URL . 'view_entry.php?id=' . $l_eid . "\n" + . getServerUrl() . 'view_entry.php?id=' . $l_eid . "\n" . ' '; if ( $ALLOW_HTML_DESCRIPTION == 'Y' ) { $x = str_replace ( '&', '&', $l_description ); @@ -206,7 +206,7 @@ function rss_activity_log ( $sys, $entries ) { // . ' ' . "\n" /* RSS 2.0 date format Wed, 02 Oct 2002 13:00:00 GMT */ . '' . gmdate( 'D, d M Y H:i:s', $unixtime ) . ' GMT' - . "\n" . ' ' . $SERVER_URL . 'view_entry.php?id=' . $l_eid + . "\n" . ' ' . getServerUrl() . 'view_entry.php?id=' . $l_eid . '&friendly=1&rssuser=' . $login . '&date=' . $l_date . "\n" . "\n\n"; } diff --git a/rss_unapproved.php b/rss_unapproved.php index 33e09f8c7..d0dd61240 100644 --- a/rss_unapproved.php +++ b/rss_unapproved.php @@ -129,14 +129,14 @@ <![CDATA[' . $appStr . ']]> - ' . $SERVER_URL . ' + ' . getServerUrl() . ' ' . $lang . ' WebCalendar ' . $PROGRAM_VERSION . ' <![CDATA[' . $appStr . ']]> - ' . $SERVER_URL . ' + ' . getServerUrl() . ' http://k5n.us/k5n_small.gif ' . "\n"; @@ -155,7 +155,7 @@ * Just the format (RSS vs HTML) is different. */ function list_unapproved ( $user ) { - global $login, $SERVER_URL; + global $login; $count = 0; $ret = ''; @@ -212,7 +212,7 @@ function list_unapproved ( $user ) { $ret .= "\n" . ' <![CDATA[' . htmlspecialchars ( $name ) . ']]>' . - "\n " . $SERVER_URL . + "\n " . getServerUrl() . $view_link . '.php?id=' . $id . '&user=' . $cal_user . "\n" . ' ' . "\n"; @@ -221,7 +221,7 @@ function list_unapproved ( $user ) { /* RSS 2.0 date format Wed, 02 Oct 2002 13:00:00 GMT */ $ret .= '' . gmdate ( 'D, d M Y H:i:s', $unixtime ) . ' GMT' . "\n" . - ' ' . $SERVER_URL . 'view_entry.php?id=' . $id . + ' ' . getServerUrl() . 'view_entry.php?id=' . $id . '&friendly=1&rssuser=' . $login . '&date=' . $d . "\n"; $ret .= "\n\n"; diff --git a/tools/send_reminders.php b/tools/send_reminders.php index e9d46ba30..49ecd8433 100755 --- a/tools/send_reminders.php +++ b/tools/send_reminders.php @@ -257,7 +257,7 @@ function send_reminder ( $id, $event_date ) { global $ALLOW_EXTERNAL_USERS, $attachics, $debug, $def_tz, $emails, $EXTERNAL_REMINDERS, $htmlmail, $ignore_user_case, $is_task, $LANGUAGE, - $languages, $names, $only_testing, $SERVER_URL, $site_extras, $tz, $t_format; + $languages, $names, $only_testing, $site_extras, $tz, $t_format; $ext_participants = $participants = []; $num_ext_participants = $num_participants = 0; @@ -319,7 +319,7 @@ function send_reminder ( $id, $event_date ) { // Send mail. We send one user at a time so that we can switch // languages between users if needed (as well as HTML vs plain text). $mailusers = $recipients = []; - if ( isset ( $single_user ) && $single_user == 'Y' ) { + if ( isset ( $single_user ) && $single_user == 'Y' && !empty($single_user_login)) { $mailusers[] = $emails[$single_user_login]; $recipients[] = $single_user_login; } else { @@ -384,11 +384,9 @@ function send_reminder ( $id, $event_date ) { $name = $row[9]; $description = $row[10]; - // Add trailing '/' if not found in server_url. // Don't include link for External users. - if ( ! empty ( $SERVER_URL ) && ! $isExt ) { - $eventURL = $SERVER_URL - . ( substr ( $SERVER_URL, -1, 1 ) == '/' ? '' : '/' ) + if ( ! $isExt ) { + $eventURL = getServerUrl() . 'view_entry.php?id=' . $id . '&em=1'; if ( $useHtml == 'Y' ) diff --git a/ws/ws.php b/ws/ws.php index 574b70652..a1a295cba 100644 --- a/ws/ws.php +++ b/ws/ws.php @@ -66,6 +66,7 @@ function ws_print_event_xml ( $id, $event_date, $extra_tags = '' ) { global $ALLOW_EXTERNAL_USERS, $DISABLE_PARTICIPANTS_FIELD, $DISABLE_PRIORITY_FIELD, $EXTERNAL_REMINDERS, $SERVER_URL, $single_user, $single_user_login, $site_extras, $WS_DEBUG; + $out = ''; // Get participants first... $res = dbi_execute ( 'SELECT cal_login, cal_status FROM webcal_entry_user @@ -131,9 +132,9 @@ function ws_print_event_xml ( $id, $event_date, $extra_tags = '' ) { $out = ' ' . $id . ' - ' . ws_escape_xml ( $name ) . '' . ( ! empty ( $SERVER_URL ) ? ' - ' . $SERVER_URL . ( substr ( $SERVER_URL, -1, 1 ) == '/' ? '' : '/' ) - . 'view_entry.php?id=' . $id . '' : '' ) . ' + ' . ws_escape_xml ( $name ) . '' . + '' . getServerUrl() + . 'view_entry.php?id=' . $id . '' . ' ' . ws_escape_xml ( $description ) . ' ' . date_to_str ( $event_date ) . ' ' . $event_date . ' @@ -193,9 +194,6 @@ function ws_print_event_xml ( $id, $event_date, $extra_tags = '' ) { $se .= $extras[$extra_name]['cal_date']; elseif ( $extra_type == EXTRA_MULTILINETEXT ) $se .= ws_escape_xml ( $extras[$extra_name]['cal_data'] ); - elseif ( $extra_type == EXTRA_REMINDER ) - $se .= ( $extras[$extra_name]['cal_remind'] > 0 - ? translate ( 'Yes' ) : translate ( 'No' ) ); else // Default method for EXTRA_URL, EXTRA_TEXT, etc... $se .= ws_escape_xml ( $extras[$extra_name]['cal_data'] );