forked from craigk5n/webcalendar
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcategory_handler.php
150 lines (135 loc) · 4.74 KB
/
category_handler.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
<?php
include_once 'includes/init.php';
require_valid_referring_url ();
$icon_max_size = '6000';
$icon_path = 'icons/';
/**
* Rename any icons associated with this cat_id.
*/
function renameIcon ( $id ) {
global $icon_path;
$bakIcon = $catIcon = $icon_path . 'cat-';
$bakIcon .= date ( 'YmdHis' ) . '.gif';
$catIcon .= $id . '.gif';
if ( ! file_exists ( $catIcon ) )
$catIcon = 'icons/cat-' . $id . '.png';
if ( file_exists ( $catIcon ) )
rename ( $catIcon, $bakIcon );
}
// Does the category belong to the user?
$is_my_event = false;
$id = getValue ( 'id' );
$catname = getValue ( 'catname' );
// prohibit any html in category name (including <script>)
$catname = strip_tags ( $catname );
$catcolor = getValue ( 'catcolor' );
$isglobal = getValue ( 'isglobal' );
$delIcon = getPostValue ( 'delIcon' );
if ( empty ( $id ) )
$is_my_event = true; // New event.
else {
$res = dbi_execute ( 'SELECT cat_id, cat_owner FROM webcal_categories
WHERE cat_id = ?', [$id] );
if ( $res ) {
$row = dbi_fetch_row ( $res );
$is_my_event = ( $row[0] == $id && $row[1] == $login ||
( empty ( $row[1] ) && $is_admin ) );
dbi_free_result ( $res );
} else
$error = db_error();
}
if ( ! empty ( $_FILES['FileName'] ) )
$file = $_FILES['FileName'];
// Make sure we clear $file if no file was upoaded.
if ( ! empty ( $file['tmp_name'] ) && $file['tmp_name'] == 'none' )
$file = '';
if ( ! $is_my_event )
$error = print_not_auth();
$delete = getPostValue ( 'delete' );
if ( empty ( $error ) && ! empty ( $delete ) ) {
// Delete this category.
if ( ! dbi_execute ( 'DELETE FROM webcal_categories
WHERE cat_id = ? AND ( cat_owner = ?'
. ( $is_admin ? ' OR cat_owner IS NULL )' : ' )' ),
[$id, $login] ) ) {
$error = db_error();
}
if ( ! dbi_execute ( 'DELETE FROM webcal_entry_categories
WHERE cat_id = ? AND ( cat_owner = ?'
. ( $is_admin ? ' OR cat_owner IS NULL )' : ' )' ),
[$id, $login] ) ) {
$error = db_error();
}
// Rename any icons associated with this cat_id.
renameIcon ( $id );
} else if ( empty ( $error ) && empty ( $catname ) ) {
$error = translate ( 'Category name is required' );
} else if ( empty ( $error ) ) {
if ( ! empty ( $id ) ) {
# Update (don't let them change global status).
if ( ! dbi_execute ( 'UPDATE webcal_categories
SET cat_name = ?, cat_color = ? WHERE cat_id = ?',
[$catname, $catcolor, $id] ) )
$error = db_error();
if ( ! empty ( $delIcon ) && $delIcon == 'Y' )
renameIcon ( $id );
} else {
// Add new category.
// Get new id.
$res = dbi_execute ( 'SELECT MAX( cat_id ) FROM webcal_categories' );
if ( $res ) {
$row = dbi_fetch_row ( $res );
$id = $row[0] + 1;
dbi_free_result ( $res );
$catowner = ( $is_admin
? ( $isglobal == 'Y' ? null : $login )
: $login );
if ( ! dbi_execute ( 'INSERT INTO webcal_categories ( cat_id, cat_owner,
cat_name, cat_color ) VALUES ( ?, ?, ?, ? )',
[$id, $catowner, $catname, $catcolor] ) )
$error = db_error();
} else
$error = db_error();
}
if ( empty ( $delIcon ) && is_dir( $icon_path ) && ( !
empty ( $ENABLE_ICON_UPLOADS ) && $ENABLE_ICON_UPLOADS == 'Y' ||
$is_admin ) ) {
// Save icon if uploaded.
if ( ! empty ( $file['tmp_name'] ) ) {
if ( ( $file['type'] == 'image/gif' || $file['type'] == 'image/png' )
&& $file['size'] <= $icon_max_size ) {
// $icon_props = getimagesize( $file['tmp_name'] );
// print_r ($icon_props );
$path_parts = pathinfo ( $_SERVER['SCRIPT_FILENAME'] );
$fullIcon = $path_parts['dirname'] . '/'
. $icon_path . 'cat-' . $id;
if ( $file['type'] == 'image/gif' )
$fullIcon .= '.gif';
else
$fullIcon .= '.png';
renameIcon ( $id );
$file_result = move_uploaded_file ( $file['tmp_name'], $fullIcon );
// echo "Upload Result:" . $file_result;
} else if ( $file['size'] > $icon_max_size ) {
$error = translate ( 'File size exceeds maximum.' );
} else if ( $file['type'] != 'image/gif' &&
$file['type'] != 'image/png' ) {
$error = translate ( 'File is not a GIF or PNG image' ) . ': '
. $file['type'];
}
}
// Copy icon if local file specified.
$urlname = getPostvalue ( 'urlname' );
if ( ! empty ( $urlname ) && file_exists ( $icon_path . $urlname ) ) {
if ( preg_match ( '/.(gif|GIF)$/', $urlname ) )
copy ( $icon_path . $urlname, $icon_path . 'cat-' . $id . '.gif' );
else
copy ( $icon_path . $urlname, $icon_path . 'cat-' . $id . '.png' );
}
}
}
if ( empty ( $error ) )
do_redirect ( 'category.php' );
print_header();
echo print_error ( $error ) . print_trailer();
?>