Skip to content

Commit

Permalink
Merge branch 'craigk5n:master' into xact
Browse files Browse the repository at this point in the history
  • Loading branch information
bbannon authored Sep 20, 2023
2 parents 05d3e81 + a6de901 commit 7a05859
Show file tree
Hide file tree
Showing 5 changed files with 85 additions and 90 deletions.
2 changes: 1 addition & 1 deletion about.php
Original file line number Diff line number Diff line change
Expand Up @@ -35,11 +35,11 @@
<input type="button" id="ok" name="ok" value="' . translate( 'OK' )
. '" onclick="window.close()">
</form>' . ( empty ( $credits ) ? '' : "
<script src=\"includes/js/v_h_scrolls.js\"></script>
<script>
function start() {
startScroll('creds', '$data');
}
</script>
<script src=\"includes/js/v_h_scrolls.js\"></script>
" ) . print_trailer ( false,true,true );
?>
56 changes: 35 additions & 21 deletions access.php
Original file line number Diff line number Diff line change
Expand Up @@ -3,18 +3,23 @@
* This page is used to manage user access rights.
*
* It has three different modes:
* - list users to manage (no parameters)
* - manage a single user's rights (just "user" parameter)
* this will include which functions the user can access and
* (if $ALLOW_VIEW_OTHER is 'Y') which calendars they can view/edit/approve
* - update the database (form handler)
* - list users to manage (no parameters)
* - manage a single user's rights (just "user" parameter)
* this will include which functions the user can access and
* (if $ALLOW_VIEW_OTHER is 'Y') which calendars they can view/edit/approve
* - update the database (form handler)
*
* Input Parameters:
* user - specifies which user to manage, a form will be presented
* that allows editing rights of this user
*
* access_N - where N is 0 to ACCESS_NUMBER_FUNCTIONS as defined in
* includes/access.php. Each should be either 'Y' or 'N'.
*
* @package WebCalendar
*/
/**
* Include the basics.
*/
require_once 'includes/init.php';

Expand Down Expand Up @@ -206,9 +211,7 @@
$div = ceil( ACCESS_NUMBER_FUNCTIONS / 4 );

// We can reorder the display of user rights here.
$order = [
1, 0, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 27,
15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26];
$order = array_merge ( [1, 0], range ( 2, 14 ), [27], range ( 15, 26 ) );
// Make sure that we have defined all the types of access
// defined in access.php.
assert ( count ( $order ) === ACCESS_NUMBER_FUNCTIONS );
Expand Down Expand Up @@ -346,6 +349,10 @@
$bottomedge = '';
if ( $j === 3 )
continue;

$j8 = $j * 8;
$j64 = $j * 64;

echo '
<tr>
<td class="boxleft leftpadded' . ( $j > 3 ? ' boxbottom' : '' )
Expand Down Expand Up @@ -373,37 +380,37 @@
. ( ! empty( $op['view'] ) && ( $op['view'] & $j ) ? $checked : '' )
. '></td>
<td class="conf ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
. $j * 8 . '" name="v_' . $j * 8 . '"'
. ( ! empty( $op['view'] ) && ( $op['view'] & ( $j * 8 ) )
. $j8 . '" name="v_' . $j8 . '"'
. ( ! empty( $op['view'] ) && ( $op['view'] & $j8 )
? $checked : '' ) . '></td>
<td class="priv ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
. $j * 64 . '" name="v_' . $j * 64 . '"'
. ( ! empty( $op['view'] ) && ( $op['view'] & ( $j * 64 ) )
. $j64 . '" name="v_' . $j64 . '"'
. ( ! empty( $op['view'] ) && ( $op['view'] & $j64 )
? $checked : '' ) . '></td>'
. ( $guser !== '__public__' ? '
<td class="aligncenter boxleft pub ' . $bottomedge . '"><input '
. 'class="form-control-sm" type="checkbox" value="' . $j . '" name="e_' . $j . '"'
. ( ! empty( $op['edit'] ) && ( $op['edit'] & $j ) ? $checked : '' )
. '></td>
<td class="conf ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
. $j * 8 . '" name="e_' . $j * 8 . '"'
. ( ! empty( $op['edit'] ) && ( $op['edit'] & ( $j * 8 ) )
. $j8 . '" name="e_' . $j8 . '"'
. ( ! empty( $op['edit'] ) && ( $op['edit'] & $j8 )
? $checked : '' ) . '></td>
<td class="priv ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
. $j * 64 . '" name="e_' . $j * 64 . '"'
. ( ! empty( $op['edit'] ) && ( $op['edit'] & ( $j * 64 ) )
. $j64 . '" name="e_' . $j64 . '"'
. ( ! empty( $op['edit'] ) && ( $op['edit'] & $j64 )
? $checked : '' ) . '></td>
<td class="aligncenter boxleft pub ' . $bottomedge . '"><input '
. 'class="form-control-sm" type="checkbox" value="' . $j . '" name="a_' . $j . '"'
. ( ! empty( $op['approve'] ) && ( $op['approve'] & $j )
? $checked : '' ) . '></td>
<td class="conf ' . $bottomedge . '"><input class="form-control-sm" type="checkbox" value="'
. $j * 8 . '" name="a_' . $j * 8 . '"'
. ( ! empty( $op['approve'] ) && ( $op['approve'] & ( $j * 8 ) )
. $j8 . '" name="a_' . $j8 . '"'
. ( ! empty( $op['approve'] ) && ( $op['approve'] & $j8 )
? $checked : '' ) . '></td>
<td class="boxright priv ' . $bottomedge
. '"><input class="form-control-sm" type="checkbox" value="' . $j * 64 . '" name="a_' . $j * 64
. '"' . ( ! empty( $op['approve'] ) && ( $op['approve'] & ( $j * 64 ) )
. '"><input class="form-control-sm" type="checkbox" value="' . $j64 . '" name="a_' . $j64
. '"' . ( ! empty( $op['approve'] ) && ( $op['approve'] & $j64 )
? $checked : '' ) . '></td>'
: '' ) . '
</tr>';
Expand Down Expand Up @@ -446,7 +453,14 @@
echo print_trailer();

/**
* Get the list of users that the specified user can see.
* get_list_of_users
*
* @param string $user
*
* @global string $is_admin
* @global string $is_nonuser_admin
*
* @return array of users that the specified user can see.
*/
function get_list_of_users( $user ) {
global $is_admin, $is_nonuser_admin;
Expand Down
11 changes: 7 additions & 4 deletions admin.php
Original file line number Diff line number Diff line change
Expand Up @@ -230,7 +230,7 @@ function save_pref ( $prefs, $src ) {
$handler = 'color_change_handler_' . $k;
$color_sets .= print_color_input_html ( $k, $v, '', '', 'p', '', $handler );
}
$csp = empty($s['CSP']) ? 'none' : $s['CSP'];
$csp = ( $s['CSP'] ?: 'none' );

set_today ( date ( 'Ymd' ) );

Expand Down Expand Up @@ -776,11 +776,13 @@ function save_pref ( $prefs, $src ) {
<div class="form-inline mt-1 mb-2"><label title="' . tooltip ( 'email-smtp-username' ) . '">'
. translate ( 'SMTP Username' )
. ':</label><input type="text" size="30" name="admin_SMTP_USERNAME" value="'
. ( empty ( $s['SMTP_USERNAME'] ) ? '' : $s['SMTP_USERNAME'] ) . '"></div>
. ( $s['SMTP_USERNAME'] ?: '' )
. '"></div>
<div class="form-inline mt-1 mb-2"><label title="' . tooltip ( 'email-smtp-password' ) . '">'
. translate ( 'SMTP Password' )
. ':</label><input type="text" size="30" name="admin_SMTP_PASSWORD" value="'
. ( empty ( $s['SMTP_PASSWORD'] ) ? '' : $s['SMTP_PASSWORD'] ) . '"></div>
. ( $s['SMTP_PASSWORD'] ?: '' )
. '"></div>
</div>
</div>
<p class="bold">' . translate ( 'Default user settings' ) . ':</p>'
Expand Down Expand Up @@ -845,7 +847,8 @@ function save_pref ( $prefs, $src ) {
<p class="form-inline mt-1 mb-2"><label for="admin_BGREPEAT" title="' . tooltip ( 'bgrepeat-help' )
. '">' . translate ( 'Background Repeat' )
. ':</label><input type="text" size="30" name="admin_BGREPEAT" id="admin_BGREPEAT" value="'
. ( empty ( $s['BGREPEAT'] ) ? '' : $s['BGREPEAT'] ) . '"></p>
. ( $s['BGREPEAT'] ?: '' )
. '"></p>
</fieldset>
</div>
</div>
Expand Down
84 changes: 30 additions & 54 deletions includes/functions.php
Original file line number Diff line number Diff line change
Expand Up @@ -932,60 +932,36 @@ function decode_string ( $instr ) {
* @return string HTML for one log entry.
*/
function display_activity_log( $cal_type, $cal_text = '', $break = '<br>&nbsp;' ) {
if ( $cal_type == LOG_APPROVE )
$ret = translate ( 'Event approved' );
elseif ( $cal_type == LOG_APPROVE_J )
$ret = translate ( 'Journal approved' );
elseif ( $cal_type == LOG_APPROVE_T )
$ret = translate ( 'Task approved' );
elseif ( $cal_type == LOG_ATTACHMENT )
$ret = translate ( 'Attachment' );
elseif ( $cal_type == LOG_COMMENT )
$ret = translate ( 'Comment' );
elseif ( $cal_type == LOG_CREATE )
$ret = translate ( 'Event created' );
elseif ( $cal_type == LOG_CREATE_J )
$ret = translate ( 'Journal created' );
elseif ( $cal_type == LOG_CREATE_T )
$ret = translate ( 'Task created' );
elseif ( $cal_type == LOG_DELETE )
$ret = translate ( 'Event deleted' );
elseif ( $cal_type == LOG_DELETE_J )
$ret = translate ( 'Journal deleted' );
elseif ( $cal_type == LOG_DELETE_T )
$ret = translate ( 'Task deleted' );
elseif ( $cal_type == LOG_LOGIN_FAILURE )
$ret = translate ( 'Invalid login' );
elseif ( $cal_type == LOG_NEWUSER_EMAIL )
$ret = translate ( 'New user via email (self registration)' );
elseif ( $cal_type == LOG_NEWUSER_FULL )
$ret = translate ( 'New user (self registration)' );
elseif ( $cal_type == LOG_NOTIFICATION )
$ret = translate ( 'Notification sent' );
elseif ( $cal_type == LOG_REJECT )
$ret = translate ( 'Event rejected' );
elseif ( $cal_type == LOG_REJECT_J )
$ret = translate ( 'Journal rejected' );
elseif ( $cal_type == LOG_REJECT_T )
$ret = translate ( 'Task rejected' );
elseif ( $cal_type == LOG_REMINDER )
$ret = translate ( 'Reminder sent' );
elseif ( $cal_type == LOG_UPDATE )
$ret = translate ( 'Event updated' );
elseif ( $cal_type == LOG_UPDATE_J )
$ret = translate ( 'Journal updated' );
elseif ( $cal_type == LOG_UPDATE_T )
$ret = translate ( 'Task updated' );
elseif ( $cal_type == LOG_USER_ADD )
$ret = translate ( 'Add User' );
elseif ( $cal_type == LOG_USER_DELETE )
$ret = translate ( 'Delete User' );
elseif ( $cal_type == LOG_USER_UPDATE )
$ret = translate ( 'Edit User' );
elseif ( $cal_type == LOG_SYSTEM )
$ret = translate ( 'System Message' );
else
$ret = '???';
$ret = match ( $cal_type ) {
LOG_APPROVE => translate ( 'Event approved' ),
LOG_APPROVE_J => translate ( 'Journal approved' ),
LOG_APPROVE_T => translate ( 'Task approved' ),
LOG_ATTACHMENT => translate ( 'Attachment' ),
LOG_COMMENT => translate ( 'Comment' ),
LOG_CREATE => translate ( 'Event created' ),
LOG_CREATE_J => translate ( 'Journal created' ),
LOG_CREATE_T => translate ( 'Task created' ),
LOG_DELETE => translate ( 'Event deleted' ),
LOG_DELETE_J => translate ( 'Journal deleted' ),
LOG_DELETE_T => translate ( 'Task deleted' ),
LOG_LOGIN_FAILURE => translate ( 'Invalid login' ),
LOG_NEWUSER_EMAIL => translate ( 'New user via email (self registration)' ),
LOG_NEWUSER_FULL => translate ( 'New user (self registration)' ),
LOG_NOTIFICATION => translate ( 'Notification sent' ),
LOG_REJECT => translate ( 'Event rejected' ),
LOG_REJECT_J => translate ( 'Journal rejected' ),
LOG_REJECT_T => translate ( 'Task rejected' ),
LOG_REMINDER => translate ( 'Reminder sent' ),
LOG_SYSTEM => translate ( 'System Message' ),
LOG_UPDATE => translate ( 'Event updated' ),
LOG_UPDATE_J => translate ( 'Journal updated' ),
LOG_UPDATE_T => translate ( 'Task updated' ),
LOG_USER_ADD => translate ( 'Add User' ),
LOG_USER_DELETE => translate ( 'Delete User' ),
LOG_USER_UPDATE => translate ( 'Edit User' ),
default => '???'
};

//fix any broken special characters
if (!empty($cal_text)) {
$cal_text = preg_replace("/&amp;(#[0-9]+|[a-z]+);/i", "&$1;", htmlentities($cal_text));
Expand Down
22 changes: 12 additions & 10 deletions includes/init.php
Original file line number Diff line number Diff line change
Expand Up @@ -151,7 +151,7 @@ function send_http_headers () {
function print_header( $includes = '', $HeadX = '', $BodyX = '',
$disableCustom = false, $disableStyle = false, $disableRSS = false,
$IGNORED = false, $disableUTIL = false ) {
global $BGCOLOR, $browser, $charset, $CUSTOM_HEADER, $CUSTOM_SCRIPT,
global $BGCOLOR, $browser, $charset, $CSP, $CUSTOM_HEADER, $CUSTOM_SCRIPT,
$DISABLE_POPUPS, $DISPLAY_TASKS, $DISPLAY_WEEKENDS, $FONTS, $friendly,
$is_admin, $LANGUAGE, $login, $MENU_ENABLED, $MENU_THEME, $OTHERMONTHBG,
$POPUP_FG, $PUBLIC_ACCESS, $PUBLIC_ACCESS_FULLNAME, $REQUEST_URI, $SCRIPT,
Expand Down Expand Up @@ -191,15 +191,17 @@ function print_header( $includes = '', $HeadX = '', $BodyX = '',

send_http_headers ();

$ret .= "\n<style id=\"antiClickjack\">\n body{display:none !important;}\n</style>\n" .
"<script type=\"text/javascript\">\n" .
" if (self.location.hostname === top.location.hostname) {\n" .
" var antiClickjack = document.getElementById(\"antiClickjack\");\n" .
" antiClickjack.parentNode.removeChild(antiClickjack);\n" .
" } else {\n" .
" top.location = self.location;\n" .
" }\n" .
"</script>\n";
if (empty($CSP) || $CSP == 'none') {
$ret .= "\n<style id=\"antiClickjack\">\n body{display:none !important;}\n</style>\n" .
"<script type=\"text/javascript\">\n" .
" if (self.location.hostname === top.location.hostname) {\n" .
" var antiClickjack = document.getElementById(\"antiClickjack\");\n" .
" antiClickjack.parentNode.removeChild(antiClickjack);\n" .
" } else {\n" .
" top.location = self.location;\n" .
" }\n" .
"</script>\n";
}


$ret .= $ASSETS;
Expand Down

0 comments on commit 7a05859

Please sign in to comment.