home *** CD-ROM | disk | FTP | other *** search
/ Chip 2004 April / CMCD0404.ISO / Software / Freeware / Programare / groupoffice-com-2.01 / modules / notes / note.php < prev    next >
Encoding:
PHP Script  |  2004-03-08  |  13.6 KB  |  395 lines
  1. <?php
  2. /*
  3. Copyright Intermesh 2003
  4. Author: Merijn Schering <mschering@intermesh.nl>
  5. Version: 1.0 Release date: 08 July 2003
  6.  
  7. This program is free software; you can redistribute it and/or modify it
  8. under the terms of the GNU General Public License as published by the
  9. Free Software Foundation; either version 2 of the License, or (at your
  10. option) any later version.
  11. */
  12.  
  13. require("../../Group-Office.php");
  14.  
  15.  
  16. $GO_SECURITY->authenticate();
  17. $GO_MODULES->authenticate('notes');
  18. require($GO_LANGUAGE->get_language_file('notes'));
  19.  
  20. $page_title=$lang_modules['notes'];
  21. require($GO_CONFIG->class_path."notes.class.inc");
  22. $notes = new notes();
  23.  
  24. $task = isset($_REQUEST['task']) ? $_REQUEST['task'] : '';
  25. $note_id = isset($_REQUEST['note_id']) ? $_REQUEST['note_id'] : 0;
  26.  
  27. $return_to = isset($_REQUEST['return_to']) ? $_REQUEST['return_to'] : $_SERVER['HTTP_REFERER'];
  28. $link_back = isset($_REQUEST['link_back']) ? $_REQUEST['link_back'] : $_SERVER['REQUEST_URI'];
  29.  
  30. switch ($task)
  31. {
  32.     case 'save_note':
  33.         $due_date = date_to_unixtime($_POST['due_date']);
  34.         if ($note_id > 0)
  35.         {
  36.             $name = trim($_POST['name']);
  37.             if ($name == '')
  38.             {
  39.                 $feedback = '<p class="Error">'.$error_missing_field.'</p>';
  40.             }else
  41.             {
  42.                 $existing_note = $notes->get_note_by_name($name);
  43.  
  44.                 if($existing_note && $existing_note['id'] != $note_id)
  45.                 {
  46.                     $feedback = '<p class="Error">'.$pm_note_exists.'</p>';
  47.                 }elseif(!$notes->update_note($_POST['note_id'], $name, $_POST['catagory_id'], $_POST['responsible_user_id'], $due_date, $_POST['content']))
  48.                 {
  49.                     $feedback = '<p class="Error">'.$strSaveError.'</p>';
  50.                 }else
  51.                 {
  52.                     if($note = $notes->get_note($_POST['note_id']))
  53.                     {
  54.                         if ($_POST['responsible_user_id'] > 0 && (!$GO_SECURITY->user_in_acl($_POST['responsible_user_id'], $note['acl_read']) && !$GO_SECURITY->user_in_acl($_POST['responsible_user_id'], $note['acl_write'])))
  55.                         {
  56.                             $GO_SECURITY->add_user_to_acl($_POST['responsible_user_id'], $note['acl_read']);
  57.                         }
  58.                     }
  59.  
  60.                     if ($_POST['close'] == 'true')
  61.                     {
  62.                         header('Location: '.$return_to);
  63.                         exit();
  64.                     }
  65.                 }
  66.             }
  67.         }else
  68.         {
  69.             $name = trim($_POST['name']);
  70.             if ($name == '')
  71.             {
  72.                 $feedback = '<p class="Error">'.$error_missing_field.'</p>';
  73.             }elseif($notes->get_note_by_name($name))
  74.             {
  75.                 $feedback = '<p class="Error">'.$pm_note_exists.'</p>';
  76.             }else
  77.             {
  78.                 $acl_read = $GO_SECURITY->get_new_acl('note read');
  79.                 $acl_write = $GO_SECURITY->get_new_acl('note write');
  80.  
  81.                 if ($acl_read > 0 && $acl_write > 0)
  82.                 {
  83.                     if (!$note_id = $notes->add_note($_POST['user_id'], $_POST['contact_id'], $_POST['project_id'], $_POST['file_path'], $_POST['catagory_id'], $_POST['responsible_user_id'], $due_date, $_POST['name'], $_POST['content'], $acl_read, $acl_write))
  84.                     {
  85.                         $GO_SECURITY->delete_acl($acl_read);
  86.                         $GO_SECURITY->delete_acl($acl_write);
  87.  
  88.                         $feedback = '<p class="Error">'.$strSaveError.'</p>';
  89.                     }else
  90.                     {
  91.                         if ($_POST['contact_id'] > 0)
  92.                         {
  93.                             require_once($GO_CONFIG->class_path.'addressbook.class.inc');
  94.                             $ab = new addressbook();
  95.                             $addressbook = $ab->get_contact($_POST['contact_id']);
  96.  
  97.                             $GO_SECURITY->copy_acl($addressbook['acl_read'], $acl_read);
  98.                             $GO_SECURITY->copy_acl($addressbook['acl_write'], $acl_write);
  99.  
  100.                         }elseif($_POST['project_id'] > 0)
  101.                         {
  102.                             require_once($GO_CONFIG->class_path.'projects.class.inc');
  103.                             $projects = new projects();
  104.                             $project = $projects->get_project($_POST['project_id']);
  105.  
  106.                             $GO_SECURITY->copy_acl($project['acl_read'], $acl_read);
  107.                             $GO_SECURITY->copy_acl($project['acl_write'], $acl_write);
  108.                         }elseif($_POST['file_path'] != '')
  109.                         {
  110.                             require_once($GO_CONFIG->class_path.'filesystem.class.inc');
  111.                             $fs = new filesystem();
  112.  
  113.                             if ($share = $fs->find_share($_POST['file_path']))
  114.                             {
  115.                                 $GO_SECURITY->copy_acl($share['acl_read'], $acl_read);
  116.                                 $GO_SECURITY->copy_acl($share['acl_write'], $acl_write);
  117.                             }
  118.  
  119.                             $GO_SECURITY->add_user_to_acl($GO_SECURITY->user_id, $acl_write);
  120.  
  121.                         }else
  122.                         {
  123.                             $GO_SECURITY->add_user_to_acl($GO_SECURITY->user_id, $acl_write);
  124.                         }
  125.  
  126.                         if ($_POST['responsible_user_id'] > 0 && (!$GO_SECURITY->user_in_acl($_POST['responsible_user_id'], $acl_read) && !$GO_SECURITY->user_in_acl($_POST['responsible_user_id'], $acl_write)))
  127.                         {
  128.                             $GO_SECURITY->add_user_to_acl($_POST['responsible_user_id'], $acl_write);
  129.                         }
  130.  
  131.  
  132.                         if ($_POST['close'] == 'true')
  133.                         {
  134.                             header('Location: '.$return_to);
  135.                             exit();
  136.                         }
  137.                     }
  138.                 }else
  139.                 {
  140.                     $feedback = '<p class="Error">'.$strSaveError.'</p>';
  141.                 }
  142.             }
  143.         }
  144.     break;
  145. }
  146.  
  147. if ($note_id > 0)
  148. {
  149.     $note = $notes->get_note($note_id);
  150.     $tabtable = new tabtable('note_tab', $note['name'], '100%', '400', '120', '', true);
  151.     $tabtable->add_tab('properties', $strProperties);
  152.     $tabtable->add_tab('read_permissions', $strReadRights);
  153.     $tabtable->add_tab('write_permissions', $strWriteRights);
  154. }else
  155. {
  156.     $tabtable = new tabtable('note_tab', $no_new_note, '', '400', '120', '', true);
  157.     $note = false;
  158. }
  159.  
  160.  
  161. if ($note && $task != 'save_note')
  162. {
  163.     $name = $note['name'];
  164.     $contact_id = $note['contact_id'];
  165.     $project_id = $note['project_id'];
  166.     $user_id = $note['user_id'];
  167.     $file_path = $note['file_path'];
  168.     $content = $note['content'];
  169.     $catagory_id = $note['catagory_id'];
  170.     $due_date = $note['due_date'] > 0 ? date($_SESSION['GO_SESSION']['date_format'], $note['due_date']) : '';
  171.     $responsible_user_id = $note['res_user_id'];
  172.     $ctime = date($_SESSION['GO_SESSION']['date_format'].' '.$_SESSION['GO_SESSION']['time_format'], $note['ctime']+($_SESSION['GO_SESSION']['timezone']*3600));
  173.     $mtime = date($_SESSION['GO_SESSION']['date_format'].' '.$_SESSION['GO_SESSION']['time_format'], $note['mtime']+($_SESSION['GO_SESSION']['timezone']*3600));
  174.  
  175. }else
  176. {
  177.     $name = isset($_REQUEST['name']) ? $_REQUEST['name'] : '';
  178.     $catagory_id = isset($_REQUEST['catagory_id']) ? $_REQUEST['catagory_id'] : '0';
  179.     $contact_id = isset($_REQUEST['contact_id']) ? $_REQUEST['contact_id'] : '0';
  180.     $project_id = isset($_REQUEST['project_id']) ? $_REQUEST['project_id'] : '0';
  181.     $file_path = isset($_REQUEST['file_path']) ? $_REQUEST['file_path'] : '';
  182.     $content = isset($_REQUEST['content']) ? $_REQUEST['content'] : '';
  183.     $user_id = isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : $GO_SECURITY->user_id;
  184.     $responsible_user_id = isset($_REQUEST['responsible_user_id']) ? $_REQUEST['responsible_user_id'] : '0';
  185.     $due_date = isset($_REQUEST['due_date']) ? $_REQUEST['due_date'] : '';
  186.     $ctime = date($_SESSION['GO_SESSION']['date_format'], get_time());
  187.     $mtime = date($_SESSION['GO_SESSION']['date_format'], get_time());
  188. }
  189.  
  190. if ($note)
  191. {
  192.     $write_permissions = $GO_SECURITY->has_permission($GO_SECURITY->user_id, $note['acl_write']);
  193.     $read_permissions = $GO_SECURITY->has_permission($GO_SECURITY->user_id, $note['acl_read']);
  194. }else
  195. {
  196.     $write_permissions = true;
  197.     $read_permissions = true;
  198. }
  199.  
  200. if (!$write_permissions && !$read_permissions)
  201. {
  202.     header('Location: '.$GO_CONFIG->host.'error_docs/403.php');
  203.     exit();
  204. }
  205.  
  206. //create htmlarea
  207. if ($tabtable->get_active_tab_id() != 'read_permissions' && $tabtable->get_active_tab_id() != 'write_permissions')
  208. {
  209.     $htmlarea = new htmlarea();
  210.     $GO_HEADER['head'] = $htmlarea->get_header('content', -70, -240, 25);
  211.     $datepicker = new date_picker();
  212.     $GO_HEADER['head'] .= $datepicker->get_header();
  213.     $GO_HEADER['body_arguments'] = 'onload="initEditor()"';
  214. }
  215.  
  216. $page_title = $lang_modules['notes'];
  217. require($GO_THEME->theme_path."header.inc");
  218. echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'" name="notes_form">';
  219. echo '<input type="hidden" name="close" value="false" />';
  220. echo '<input type="hidden" name="note_id" value="'.$note_id.'" />';
  221. echo '<input type="hidden" name="task" value="" />';
  222. echo '<input type="hidden" name="return_to" value="'.$return_to.'" />';
  223. echo '<input type="hidden" name="link_back" value="'.$link_back.'" />';
  224. echo '<input type="hidden" name="contact_id" value="'.$contact_id.'" />';
  225. echo '<input type="hidden" name="user_id" value="'.$user_id.'" />';
  226. echo '<input type="hidden" name="project_id" value="'.$project_id.'" />';
  227. echo '<input type="hidden" name="file_path" value="'.$file_path.'" />';
  228.  
  229. $tabtable->print_head();
  230.  
  231. switch ($tabtable->get_active_tab_id())
  232. {
  233.     case 'read_permissions':
  234.         print_acl($note['acl_read']);
  235.         echo '<br />';
  236.         $button = new button($cmdClose, "javascript:document.location='".$return_to."';");
  237.     break;
  238.  
  239.     case 'write_permissions':
  240.         print_acl($note['acl_write']);
  241.         echo '<br />';
  242.         $button = new button($cmdClose, "javascript:document.location='".$return_to."';");
  243.     break;
  244.  
  245.     default:
  246.         if (isset($feedback)) echo $feedback;
  247.         ?>
  248.         <table border="0" cellspacing="0" cellpadding="4">
  249.         <tr>
  250.             <td valign="top">
  251.             <table border="0" cellspacing="0" cellpadding="4">
  252.             <tr>
  253.                 <td><?php echo $strName; ?>:</td>
  254.                 <td>
  255.                 <?php
  256.                 if ($write_permissions)
  257.                 {
  258.                     echo '<input type="text" class="textbox" style="width: 250px;" name="name" value="'.$name.'" maxlength="50" />';
  259.                 }else
  260.                 {
  261.                     echo $note['name'];
  262.                 }
  263.                 ?>
  264.                 </td>
  265.             <tr>
  266.             <?php
  267.             if ($notes->get_catagories() > 0)
  268.             {
  269.                 echo '<tr><td>'.$no_catagory.':</td><td>';
  270.                 $dropbox = new dropbox();
  271.                 $dropbox->add_value('', $no_none);
  272.                 while($notes->next_record())
  273.                 {
  274.                     $dropbox->add_value($notes->f('id'), $notes->f('name'));
  275.                 }
  276.  
  277.                 $dropbox->print_dropbox('catagory_id', $catagory_id);
  278.                 echo '</td><tr>';
  279.  
  280.             }else
  281.             {
  282.                 echo '<input type="hidden" name="catagory_id" value="0" />';
  283.             }
  284.             echo '<tr><td>'.$no_due_date.':</td><td>';
  285.             $datepicker->print_date_picker('due_date', $_SESSION['GO_SESSION']['date_format'], $due_date);
  286.             echo '</td></tr>';
  287.  
  288.             $ab_module = $GO_MODULES->get_module('addressbook');
  289.  
  290.             require($GO_CONFIG->class_path.'users.class.inc');
  291.             $users = new users();
  292.  
  293.             if ($responsible_user_id > 0 && $user = $users->get_user($responsible_user_id))
  294.             {
  295.                 $middle_name = $user['middle_name'] == '' ? '' : $user['middle_name'].' ';
  296.                 $user_name = $user['first_name'].' '.$middle_name.$user['last_name'];
  297.             }else
  298.             {
  299.                 $user_name = isset($_REQUEST['user_name']) ? $_REQUEST['user_name'] : '';
  300.             }
  301.             echo '<tr><td><table border="0" cellpadding="0" cellspacing="0"><tr><td><a class="normal" href="javascript:popup(\''.$ab_module['url'].'select.php?show_users=true&multiselect=false&GO_HANDLER='.$GO_MODULES->url.'select_responsible_user.php&pass_value=id\',\'550\',\'400\')"><img src="'.$GO_THEME->images['addressbook_small'].'" width="16" height="16" border="0" /></a> </td><td><a class="normal" href="javascript:popup(\''.$ab_module['url'].'select.php?show_users=true&multiselect=false&GO_HANDLER='.$GO_MODULES->url.'select_responsible_user.php&pass_value=id\',\'550\',\'400\')">'.$no_responsible.'</a>: </td></tr></table></td>';
  302.             echo '<td><input type="hidden" value="'.$responsible_user_id.'" name="responsible_user_id" /><input type="hidden" value="'.$user_name.'" name="user_name" /><input type="text" name="user_name_text" class="textbox" style="width: 250px;" value="'.$user_name.'" disabled>';
  303.             echo " <a href='javascript:remove_user()' title=\"".$strDeleteItem."\"><img src=\"".$GO_THEME->images['delete']."\" border=\"0\"></a></td></tr>";
  304.             echo '</td></tr>';
  305.             ?>
  306.             </table>
  307.             </td>
  308.             <td valign="top">
  309.             <table border="0" cellspacing="0" cellpadding="4">
  310.             <?php
  311.             echo '<tr><td>'.$strOwner.':</td><td>'.show_profile($user_id, '', 'normal', $link_back).'</td></tr>';
  312.             echo '<tr><td>'.$strCreatedAt.':</td><td>'.$ctime.'</td><tr>';
  313.             echo '<tr><td>'.$strModifiedAt.':</td><td>'.$mtime.'</td><tr>';
  314.             if ($project_id > 0)
  315.             {
  316.                 require_once($GO_CONFIG->class_path.'projects.class.inc');
  317.                 $projects = new projects();
  318.  
  319.                 $project = $projects->get_project($project_id);
  320.  
  321.                 $project_name = $project['description'] == '' ? $project['name'] : $project['name'].' ('.$project['description'].')';
  322.                 $projects_module = $GO_MODULES->get_module('projects');
  323.  
  324.                 if ($projects_module && ($GO_SECURITY->has_permission($GO_SECURITY->user_id, $projects_module['acl_read']) || $GO_SECURITY->has_permission($GO_SECURITY->user_id, $projects_module['acl_write'])))
  325.                 {
  326.                     echo '<tr><td>'.$no_project.':</td><td><a href="'.$projects_module['url'].'project.php?project_id='.$project_id.'&return_to='.urlencode($_SERVER['REQUEST_URI']).'" class="normal">'.$project_name.'</a></td><tr>';
  327.                 }else
  328.                 {
  329.                     echo '<tr><td>'.$no_project.':</td><td>'.$project_name.'</td><tr>';
  330.                 }
  331.             }elseif($contact_id > 0)
  332.             {
  333.                 echo '<tr><td>'.$no_contact.':</td><td>'.show_contact($contact_id, '', $link_back).'</td><tr>';
  334.             }elseif($file_path != '' && $fs_module = $GO_MODULES->get_module('filesystem'))
  335.             {
  336.                 echo '<tr><td>'.$no_file.':</td><td><a class="normal" href="'.$fs_module['url'].'index.php?path='.urlencode($file_path).'">'.$file_path.'</a></td><tr>';
  337.             }
  338.             ?>
  339.             </table>
  340.             </td>
  341.         </tr>
  342.  
  343.  
  344.  
  345.         <tr>
  346.             <td colspan="2">
  347.             <?php
  348.             $htmlarea->print_htmlarea(smartstrip(htmlspecialchars($content)));
  349.             ?>
  350.             </td>
  351.         </tr>
  352.         <tr>
  353.             <td colspan="2">
  354.             <?php
  355.             if ($write_permissions)
  356.             {
  357.                 $button = new button($cmdOk, "javascript:_save('save_note', 'true');");
  358.                 echo '  ';
  359.                 $button = new button($cmdApply, "javascript:_save('save_note', 'false')");
  360.                 echo '  ';
  361.             }
  362.             $button = new button($cmdClose, "javascript:document.location='".$return_to."';");
  363.             ?>
  364.             </td>
  365.         </tr>
  366.         </table>
  367.  
  368.         <?php
  369.     break;
  370. }
  371.  
  372. $tabtable->print_foot();
  373. echo '</form>';
  374. ?>
  375. <script type="text/javascript">
  376.  
  377. function _save(task, close)
  378. {
  379.     document.notes_form.task.value = task;
  380.     document.notes_form.close.value = close;
  381.     document.notes_form.onsubmit();
  382.     document.notes_form.submit();
  383. }
  384.  
  385. function remove_user()
  386. {
  387.     document.notes_form.responsible_user_id.value = 0;
  388.     document.notes_form.user_name.value = '';
  389.     document.notes_form.user_name_text.value = '';
  390. }
  391.  
  392. </script>
  393. <?php
  394. require($GO_THEME->theme_path."footer.inc");
  395. ?>