home *** CD-ROM | disk | FTP | other *** search

---

/ Chip 2004 April / CMCD0404.ISO / Software / Freeware / Programare / groupoffice-com-2.01 / modules / notes / note.php

< prev

next >

Wrap

PHP Script  |  2004-03-08  |  14KB  |  395 lines

---

1. <?php
2. /*
3. Copyright Intermesh 2003
4. Author: Merijn Schering <mschering@intermesh.nl>
5. Version: 1.0 Release date: 08 July 2003
6.  
7. This program is free software; you can redistribute it and/or modify it
8. under the terms of the GNU General Public License as published by the
9. Free Software Foundation; either version 2 of the License, or (at your
10. option) any later version.
11. */
12.  
13. require("../../Group-Office.php");
14.  
15.  
16. $GO_SECURITY->authenticate();
17. $GO_MODULES->authenticate('notes');
18. require($GO_LANGUAGE->get_language_file('notes'));
19.  
20. $page_title=$lang_modules['notes'];
21. require($GO_CONFIG->class_path."notes.class.inc");
22. $notes = new notes();
23.  
24. $task = isset($_REQUEST['task']) ? $_REQUEST['task'] : '';
25. $note_id = isset($_REQUEST['note_id']) ? $_REQUEST['note_id'] : 0;
26.  
27. $return_to = isset($_REQUEST['return_to']) ? $_REQUEST['return_to'] : $_SERVER['HTTP_REFERER'];
28. $link_back = isset($_REQUEST['link_back']) ? $_REQUEST['link_back'] : $_SERVER['REQUEST_URI'];
29.  
30. switch ($task)
31. {
32.     case 'save_note':
33.         $due_date = date_to_unixtime($_POST['due_date']);
34.         if ($note_id > 0)
35.         {
36.             $name = trim($_POST['name']);
37.             if ($name == '')
38.             {
39.                 $feedback = '<p class="Error">'.$error_missing_field.'</p>';
40.             }else
41.             {
42.                 $existing_note = $notes->get_note_by_name($name);
43.  
44.                 if($existing_note && $existing_note['id'] != $note_id)
45.                 {
46.                     $feedback = '<p class="Error">'.$pm_note_exists.'</p>';
47.                 }elseif(!$notes->update_note($_POST['note_id'], $name, $_POST['catagory_id'], $_POST['responsible_user_id'], $due_date, $_POST['content']))
48.                 {
49.                     $feedback = '<p class="Error">'.$strSaveError.'</p>';
50.                 }else
51.                 {
52.                     if($note = $notes->get_note($_POST['note_id']))
53.                     {
54.                         if ($_POST['responsible_user_id'] > 0 && (!$GO_SECURITY->user_in_acl($_POST['responsible_user_id'], $note['acl_read']) && !$GO_SECURITY->user_in_acl($_POST['responsible_user_id'], $note['acl_write'])))
55.                         {
56.                             $GO_SECURITY->add_user_to_acl($_POST['responsible_user_id'], $note['acl_read']);
57.                         }
58.                     }
59.  
60.                     if ($_POST['close'] == 'true')
61.                     {
62.                         header('Location: '.$return_to);
63.                         exit();
64.                     }
65.                 }
66.             }
67.         }else
68.         {
69.             $name = trim($_POST['name']);
70.             if ($name == '')
71.             {
72.                 $feedback = '<p class="Error">'.$error_missing_field.'</p>';
73.             }elseif($notes->get_note_by_name($name))
74.             {
75.                 $feedback = '<p class="Error">'.$pm_note_exists.'</p>';
76.             }else
77.             {
78.                 $acl_read = $GO_SECURITY->get_new_acl('note read');
79.                 $acl_write = $GO_SECURITY->get_new_acl('note write');
80.  
81.                 if ($acl_read > 0 && $acl_write > 0)
82.                 {
83.                     if (!$note_id = $notes->add_note($_POST['user_id'], $_POST['contact_id'], $_POST['project_id'], $_POST['file_path'], $_POST['catagory_id'], $_POST['responsible_user_id'], $due_date, $_POST['name'], $_POST['content'], $acl_read, $acl_write))
84.                     {
85.                         $GO_SECURITY->delete_acl($acl_read);
86.                         $GO_SECURITY->delete_acl($acl_write);
87.  
88.                         $feedback = '<p class="Error">'.$strSaveError.'</p>';
89.                     }else
90.                     {
91.                         if ($_POST['contact_id'] > 0)
92.                         {
93.                             require_once($GO_CONFIG->class_path.'addressbook.class.inc');
94.                             $ab = new addressbook();
95.                             $addressbook = $ab->get_contact($_POST['contact_id']);
96.  
97.                             $GO_SECURITY->copy_acl($addressbook['acl_read'], $acl_read);
98.                             $GO_SECURITY->copy_acl($addressbook['acl_write'], $acl_write);
99.  
100.                         }elseif($_POST['project_id'] > 0)
101.                         {
102.                             require_once($GO_CONFIG->class_path.'projects.class.inc');
103.                             $projects = new projects();
104.                             $project = $projects->get_project($_POST['project_id']);
105.  
106.                             $GO_SECURITY->copy_acl($project['acl_read'], $acl_read);
107.                             $GO_SECURITY->copy_acl($project['acl_write'], $acl_write);
108.                         }elseif($_POST['file_path'] != '')
109.                         {
110.                             require_once($GO_CONFIG->class_path.'filesystem.class.inc');
111.                             $fs = new filesystem();
112.  
113.                             if ($share = $fs->find_share($_POST['file_path']))
114.                             {
115.                                 $GO_SECURITY->copy_acl($share['acl_read'], $acl_read);
116.                                 $GO_SECURITY->copy_acl($share['acl_write'], $acl_write);
117.                             }
118.  
119.                             $GO_SECURITY->add_user_to_acl($GO_SECURITY->user_id, $acl_write);
120.  
121.                         }else
122.                         {
123.                             $GO_SECURITY->add_user_to_acl($GO_SECURITY->user_id, $acl_write);
124.                         }
125.  
126.                         if ($_POST['responsible_user_id'] > 0 && (!$GO_SECURITY->user_in_acl($_POST['responsible_user_id'], $acl_read) && !$GO_SECURITY->user_in_acl($_POST['responsible_user_id'], $acl_write)))
127.                         {
128.                             $GO_SECURITY->add_user_to_acl($_POST['responsible_user_id'], $acl_write);
129.                         }
130.  
131.  
132.                         if ($_POST['close'] == 'true')
133.                         {
134.                             header('Location: '.$return_to);
135.                             exit();
136.                         }
137.                     }
138.                 }else
139.                 {
140.                     $feedback = '<p class="Error">'.$strSaveError.'</p>';
141.                 }
142.             }
143.         }
144.     break;
145. }
146.  
147. if ($note_id > 0)
148. {
149.     $note = $notes->get_note($note_id);
150.     $tabtable = new tabtable('note_tab', $note['name'], '100%', '400', '120', '', true);
151.     $tabtable->add_tab('properties', $strProperties);
152.     $tabtable->add_tab('read_permissions', $strReadRights);
153.     $tabtable->add_tab('write_permissions', $strWriteRights);
154. }else
155. {
156.     $tabtable = new tabtable('note_tab', $no_new_note, '', '400', '120', '', true);
157.     $note = false;
158. }
159.  
160.  
161. if ($note && $task != 'save_note')
162. {
163.     $name = $note['name'];
164.     $contact_id = $note['contact_id'];
165.     $project_id = $note['project_id'];
166.     $user_id = $note['user_id'];
167.     $file_path = $note['file_path'];
168.     $content = $note['content'];
169.     $catagory_id = $note['catagory_id'];
170.     $due_date = $note['due_date'] > 0 ? date($_SESSION['GO_SESSION']['date_format'], $note['due_date']) : '';
171.     $responsible_user_id = $note['res_user_id'];
172.     $ctime = date($_SESSION['GO_SESSION']['date_format'].' '.$_SESSION['GO_SESSION']['time_format'], $note['ctime']+($_SESSION['GO_SESSION']['timezone']*3600));
173.     $mtime = date($_SESSION['GO_SESSION']['date_format'].' '.$_SESSION['GO_SESSION']['time_format'], $note['mtime']+($_SESSION['GO_SESSION']['timezone']*3600));
174.  
175. }else
176. {
177.     $name = isset($_REQUEST['name']) ? $_REQUEST['name'] : '';
178.     $catagory_id = isset($_REQUEST['catagory_id']) ? $_REQUEST['catagory_id'] : '0';
179.     $contact_id = isset($_REQUEST['contact_id']) ? $_REQUEST['contact_id'] : '0';
180.     $project_id = isset($_REQUEST['project_id']) ? $_REQUEST['project_id'] : '0';
181.     $file_path = isset($_REQUEST['file_path']) ? $_REQUEST['file_path'] : '';
182.     $content = isset($_REQUEST['content']) ? $_REQUEST['content'] : '';
183.     $user_id = isset($_REQUEST['user_id']) ? $_REQUEST['user_id'] : $GO_SECURITY->user_id;
184.     $responsible_user_id = isset($_REQUEST['responsible_user_id']) ? $_REQUEST['responsible_user_id'] : '0';
185.     $due_date = isset($_REQUEST['due_date']) ? $_REQUEST['due_date'] : '';
186.     $ctime = date($_SESSION['GO_SESSION']['date_format'], get_time());
187.     $mtime = date($_SESSION['GO_SESSION']['date_format'], get_time());
188. }
189.  
190. if ($note)
191. {
192.     $write_permissions = $GO_SECURITY->has_permission($GO_SECURITY->user_id, $note['acl_write']);
193.     $read_permissions = $GO_SECURITY->has_permission($GO_SECURITY->user_id, $note['acl_read']);
194. }else
195. {
196.     $write_permissions = true;
197.     $read_permissions = true;
198. }
199.  
200. if (!$write_permissions && !$read_permissions)
201. {
202.     header('Location: '.$GO_CONFIG->host.'error_docs/403.php');
203.     exit();
204. }
205.  
206. //create htmlarea
207. if ($tabtable->get_active_tab_id() != 'read_permissions' && $tabtable->get_active_tab_id() != 'write_permissions')
208. {
209.     $htmlarea = new htmlarea();
210.     $GO_HEADER['head'] = $htmlarea->get_header('content', -70, -240, 25);
211.     $datepicker = new date_picker();
212.     $GO_HEADER['head'] .= $datepicker->get_header();
213.     $GO_HEADER['body_arguments'] = 'onload="initEditor()"';
214. }
215.  
216. $page_title = $lang_modules['notes'];
217. require($GO_THEME->theme_path."header.inc");
218. echo '<form method="post" action="'.$_SERVER['PHP_SELF'].'" name="notes_form">';
219. echo '<input type="hidden" name="close" value="false" />';
220. echo '<input type="hidden" name="note_id" value="'.$note_id.'" />';
221. echo '<input type="hidden" name="task" value="" />';
222. echo '<input type="hidden" name="return_to" value="'.$return_to.'" />';
223. echo '<input type="hidden" name="link_back" value="'.$link_back.'" />';
224. echo '<input type="hidden" name="contact_id" value="'.$contact_id.'" />';
225. echo '<input type="hidden" name="user_id" value="'.$user_id.'" />';
226. echo '<input type="hidden" name="project_id" value="'.$project_id.'" />';
227. echo '<input type="hidden" name="file_path" value="'.$file_path.'" />';
228.  
229. $tabtable->print_head();
230.  
231. switch ($tabtable->get_active_tab_id())
232. {
233.     case 'read_permissions':
234.         print_acl($note['acl_read']);
235.         echo '<br />';
236.         $button = new button($cmdClose, "javascript:document.location='".$return_to."';");
237.     break;
238.  
239.     case 'write_permissions':
240.         print_acl($note['acl_write']);
241.         echo '<br />';
242.         $button = new button($cmdClose, "javascript:document.location='".$return_to."';");
243.     break;
244.  
245.     default:
246.         if (isset($feedback)) echo $feedback;
247.         ?>
248.         <table border="0" cellspacing="0" cellpadding="4">
249.         <tr>
250.             <td valign="top">
251.             <table border="0" cellspacing="0" cellpadding="4">
252.             <tr>
253.                 <td><?php echo $strName; ?>:</td>
254.                 <td>
255.                 <?php
256.                 if ($write_permissions)
257.                 {
258.                     echo '<input type="text" class="textbox" style="width: 250px;" name="name" value="'.$name.'" maxlength="50" />';
259.                 }else
260.                 {
261.                     echo $note['name'];
262.                 }
263.                 ?>
264.                 </td>
265.             <tr>
266.             <?php
267.             if ($notes->get_catagories() > 0)
268.             {
269.                 echo '<tr><td>'.$no_catagory.':</td><td>';
270.                 $dropbox = new dropbox();
271.                 $dropbox->add_value('', $no_none);
272.                 while($notes->next_record())
273.                 {
274.                     $dropbox->add_value($notes->f('id'), $notes->f('name'));
275.                 }
276.  
277.                 $dropbox->print_dropbox('catagory_id', $catagory_id);
278.                 echo '</td><tr>';
279.  
280.             }else
281.             {
282.                 echo '<input type="hidden" name="catagory_id" value="0" />';
283.             }
284.             echo '<tr><td>'.$no_due_date.':</td><td>';
285.             $datepicker->print_date_picker('due_date', $_SESSION['GO_SESSION']['date_format'], $due_date);
286.             echo '</td></tr>';
287.  
288.             $ab_module = $GO_MODULES->get_module('addressbook');
289.  
290.             require($GO_CONFIG->class_path.'users.class.inc');
291.             $users = new users();
292.  
293.             if ($responsible_user_id > 0 && $user = $users->get_user($responsible_user_id))
294.             {
295.                 $middle_name = $user['middle_name'] == '' ? '' : $user['middle_name'].' ';
296.                 $user_name = $user['first_name'].' '.$middle_name.$user['last_name'];
297.             }else
298.             {
299.                 $user_name = isset($_REQUEST['user_name']) ? $_REQUEST['user_name'] : '';
300.             }
301.             echo '<tr><td><table border="0" cellpadding="0" cellspacing="0"><tr><td><a class="normal" href="javascript:popup(\''.$ab_module['url'].'select.php?show_users=true&multiselect=false&GO_HANDLER='.$GO_MODULES->url.'select_responsible_user.php&pass_value=id\',\'550\',\'400\')"><img src="'.$GO_THEME->images['addressbook_small'].'" width="16" height="16" border="0" /></a> </td><td><a class="normal" href="javascript:popup(\''.$ab_module['url'].'select.php?show_users=true&multiselect=false&GO_HANDLER='.$GO_MODULES->url.'select_responsible_user.php&pass_value=id\',\'550\',\'400\')">'.$no_responsible.'</a>: </td></tr></table></td>';
302.             echo '<td><input type="hidden" value="'.$responsible_user_id.'" name="responsible_user_id" /><input type="hidden" value="'.$user_name.'" name="user_name" /><input type="text" name="user_name_text" class="textbox" style="width: 250px;" value="'.$user_name.'" disabled>';
303.             echo " <a href='javascript:remove_user()' title=\"".$strDeleteItem."\"><img src=\"".$GO_THEME->images['delete']."\" border=\"0\"></a></td></tr>";
304.             echo '</td></tr>';
305.             ?>
306.             </table>
307.             </td>
308.             <td valign="top">
309.             <table border="0" cellspacing="0" cellpadding="4">
310.             <?php
311.             echo '<tr><td>'.$strOwner.':</td><td>'.show_profile($user_id, '', 'normal', $link_back).'</td></tr>';
312.             echo '<tr><td>'.$strCreatedAt.':</td><td>'.$ctime.'</td><tr>';
313.             echo '<tr><td>'.$strModifiedAt.':</td><td>'.$mtime.'</td><tr>';
314.             if ($project_id > 0)
315.             {
316.                 require_once($GO_CONFIG->class_path.'projects.class.inc');
317.                 $projects = new projects();
318.  
319.                 $project = $projects->get_project($project_id);
320.  
321.                 $project_name = $project['description'] == '' ? $project['name'] : $project['name'].' ('.$project['description'].')';
322.                 $projects_module = $GO_MODULES->get_module('projects');
323.  
324.                 if ($projects_module && ($GO_SECURITY->has_permission($GO_SECURITY->user_id, $projects_module['acl_read']) || $GO_SECURITY->has_permission($GO_SECURITY->user_id, $projects_module['acl_write'])))
325.                 {
326.                     echo '<tr><td>'.$no_project.':</td><td><a href="'.$projects_module['url'].'project.php?project_id='.$project_id.'&return_to='.urlencode($_SERVER['REQUEST_URI']).'" class="normal">'.$project_name.'</a></td><tr>';
327.                 }else
328.                 {
329.                     echo '<tr><td>'.$no_project.':</td><td>'.$project_name.'</td><tr>';
330.                 }
331.             }elseif($contact_id > 0)
332.             {
333.                 echo '<tr><td>'.$no_contact.':</td><td>'.show_contact($contact_id, '', $link_back).'</td><tr>';
334.             }elseif($file_path != '' && $fs_module = $GO_MODULES->get_module('filesystem'))
335.             {
336.                 echo '<tr><td>'.$no_file.':</td><td><a class="normal" href="'.$fs_module['url'].'index.php?path='.urlencode($file_path).'">'.$file_path.'</a></td><tr>';
337.             }
338.             ?>
339.             </table>
340.             </td>
341.         </tr>
342.  
343.  
344.  
345.         <tr>
346.             <td colspan="2">
347.             <?php
348.             $htmlarea->print_htmlarea(smartstrip(htmlspecialchars($content)));
349.             ?>
350.             </td>
351.         </tr>
352.         <tr>
353.             <td colspan="2">
354.             <?php
355.             if ($write_permissions)
356.             {
357.                 $button = new button($cmdOk, "javascript:_save('save_note', 'true');");
358.                 echo '  ';
359.                 $button = new button($cmdApply, "javascript:_save('save_note', 'false')");
360.                 echo '  ';
361.             }
362.             $button = new button($cmdClose, "javascript:document.location='".$return_to."';");
363.             ?>
364.             </td>
365.         </tr>
366.         </table>
367.  
368.         <?php
369.     break;
370. }
371.  
372. $tabtable->print_foot();
373. echo '</form>';
374. ?>
375. <script type="text/javascript">
376.  
377. function _save(task, close)
378. {
379.     document.notes_form.task.value = task;
380.     document.notes_form.close.value = close;
381.     document.notes_form.onsubmit();
382.     document.notes_form.submit();
383. }
384.  
385. function remove_user()
386. {
387.     document.notes_form.responsible_user_id.value = 0;
388.     document.notes_form.user_name.value = '';
389.     document.notes_form.user_name_text.value = '';
390. }
391.  
392. </script>
393. <?php
394. require($GO_THEME->theme_path."footer.inc");
395. ?>