modules/webcal/user-app-drupal-1.0.x.php

<?php
/* $Id$ */

if ( empty ( $PHP_SELF ) && ! empty ( $_SERVER ) &&
  ! empty ( $_SERVER['PHP_SELF'] ) ) {
  $PHP_SELF = $_SERVER['PHP_SELF'];
}
if ( ! empty ( $PHP_SELF ) && preg_match ( "/\/includes\//", $PHP_SELF ) ) {
    die ( "You can't access this file directly!" );
}

// This file contains all the functions for getting information
// about users from Drupal 5.0

// This plugin file for WebCalendar 1.0.x uses the Drupal user number as
// the login id because Drupal usernames can be changed.
// User administration is done through Drupal.

// The following functions from this file are called by WebCalendar:
// user_logged_in()
// user_get_users()
// user_load_variables()
// app_login_screen()
// user_delete_user()
// user_update_user()
// user_update_user_password()
// user_add_user()

// The following functions are default functions:
// user_delete_user()
// user_update_user()
// user_update_user_password()
// user_add_user()

/************************* Config ***********************************/

// Full URL to Drupal (including http:// or https:// and a trailing slash)
$app_url = 'http://www.yoursite.com/drupal/';

// Is WebCalendar going to be loaded in an iframe?
$app_in_iframe = true;

// Name of database containing Drupal's tables
$app_db = 'drupal';

// Host that Drupal's db is on
$app_host = 'localhost';

// Login/Password to access Drupal's database
$app_login = 'username';
$app_pass  = 'password';

// Drupal's database prefix
$app_db_prefix = '';

/*************************** End Config *****************************/

$app_user_table = $app_db_prefix . 'users';
$app_session_table = $app_db_prefix . 'sessions';
$app_permission_table = $app_db_prefix . 'permission';
$app_users_roles_table = $app_db_prefix . 'users_roles';

/* Add a slash to the end if its not there
if (substr($app_url, -1, 1) != '/') {
  $app_url .= '/';
}
*/

if ($app_in_iframe) {
  $app_login_page = "javascript:parent.document.location='" . $app_url . "user?destination=webcal'";
  $app_logout_page = "javascript:parent.document.location='" . $app_url . "logout'";
}
else {
  $app_login_page = $app_url . "?destination=" . substr($_SERVER['REQUEST_URI'],1);
  $app_logout_page = $app_url . "logout";
}

// Are Drupal's tables in the same database as WebCalendar's?
$app_same_db = (($db_database == $app_db) && ($app_host == $db_host)) ? '1' : '0';

// User administration should be done through Drupal's interface
$user_can_update_password = false;
$admin_can_add_user = false;

// Allow admin to delete user from webcal tables (not from Drupal)
$admin_can_delete_user = true;

// Checks to see if the user is logged into Drupal & has permission
// Returns: login id (i.e. the user id of the logged in Drupal user, if they
// have permission to log into WebCalendar)
function user_logged_in() {
  global $PUBLIC_ACCESS;
  global $app_user_table, $app_session_table;
  global $app_host, $app_login, $app_pass, $app_db, $app_same_db;
  global $c, $db_host, $db_login, $db_password, $db_database;
  
  $sid = $_COOKIE['PHPSESSID'];
  
  if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
  
  if (!empty($sid)) {
    $sql = "SELECT u.uid FROM $app_session_table s, $app_user_table u WHERE s.sid = '$sid' AND s.uid=u.uid";
    $res = dbi_query($sql);
    if ($res) {
      if ($row = dbi_fetch_row($res)) {
        $uid = $row[0];
      }
      dbi_free_result($res);
    }
    
    //update last access times for sessions and users
    $sql = "UPDATE $app_session_table SET timestamp = '".time()."' WHERE sid = '$sid' ";
    dbi_query ( $sql );
    $sql = "UPDATE $app_user_table u, $app_session_table s SET u.access = '".time()."' WHERE s.sid = '$sid' AND u.uid = s.uid AND s.uid <> 0";
    dbi_query ( $sql );
  }
  
  if (!isset($uid)) {
    $uid = 0;
  }
  
  $login = false;
  
  if (check_permissions($uid, "access webcal") && $PUBLIC_ACCESS == 'Y') {
    $login = '__public__';
  }
  
  if (check_permissions($uid, "login to webcal")) {
    $login = $uid;
  }
  
  if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);

/* Prints debug information
  print "<pre>";
  print_r( 'uid='.$uid."\nlogin=".$login."\n");
  global $cached_users;
  print_r ($cached_users);
  print "</pre>";
  exit;
*/
  
  return $login;
}

// Checks a given Drupal user id to see if they have a certain permission
// Precondition: Assumes that the database is already connected
// Returns: true if the user has the permission, false if they dont
function check_permissions($uid, $permission) {
  global $cached_users;
  global $app_permission_table, $app_users_roles_table;
  
  if ($uid == 1) {
    return true;
  }
  
  if (empty ($cached_users[$permission])) {
    $rids = array();
    $res = dbi_query("SELECT rid, perm FROM $app_permission_table");
    if ($res) {
      while ($row = dbi_fetch_row($res)) {
        if (strpos($row[1], $permission) !== FALSE) {
          $rids[] = $row[0];
        }
      }
      dbi_free_result ( $res );
    }
    
    $cached_users[$permission] = array ();
    
    //echo "role ids for '$permission'= ";
    //print_r ($rids);
    
    // check if anonymous users or all authenticated users have the permission
    if (in_array(1, $rids) || (in_array(2, $rids) && $uid != 0)) {
      $cached_users[$permission][] = "*";
    }
    else {
      // Get all the user ids that have the permission and add them to the cached users array
      $rid_string = implode(',', $rids);
      if ($rid_string) {
        $res = dbi_query("SELECT uid FROM $app_users_roles_table WHERE rid IN ($rid_string)");
        if ($res) {
          while ($row = dbi_fetch_row($res)) {
            $cached_users[$permission][] = $row[0];
          }
          dbi_free_result ( $res );
        }
      }
    }
  }
  
  foreach ($cached_users[$permission] as $certain_user) {
    if ($certain_user == $uid || $certain_user == "*")
      return true;
  }
  
  return false;
}

// Gets a list of Drupal users with permission to login to WebCalendar
// Returns: An array containing information about all Drupal users who have
// permission to login to WebCalendar
function user_get_users () {
  global $PUBLIC_ACCESS, $PUBLIC_ACCESS_FULLNAME, $app_user_table, $app_session_table;
  global $app_host, $app_login, $app_pass, $app_db, $app_same_db;
  global $c, $db_host, $db_login, $db_password, $db_database;

  $count = 0;
  $ret = array ();
  
  if ( $PUBLIC_ACCESS == 'Y' )
    $ret[$count++] = array (
       'cal_login' => '__public__',
       'cal_lastname' => '',
       'cal_firstname' => '',
       'cal_is_admin' => 'N',
       'cal_email' => '',
       'cal_password' => '',
       'cal_fullname' => $PUBLIC_ACCESS_FULLNAME
    );
  
  // if application is in a separate db, we have to connect to it
  if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
  
  $sql = "SELECT uid, name, mail FROM $app_user_table WHERE uid <> '0' ORDER BY uid";
  $res = dbi_query ( $sql );
  if ( $res ) {
    while ( $row = dbi_fetch_row ( $res ) ) {
      list($fname, $lname) = split (" ",$row[1]);
      if (check_permissions($row[0], 'login to webcal')) {
        $ret[$count++] = array (
          "cal_login" => $row[0],
          "cal_lastname" => $lname,
          "cal_firstname" => $fname,
          "cal_is_admin" => check_permissions($row[0], 'webcal admin'),
          "cal_email" => $row[2],
          "cal_fullname" => $row[1]
        );
      }
    }
    dbi_free_result ( $res );
  }
  
  // if application is in a separate db, we have to connect back to the webcal db
  if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);
  
  return $ret;
}

// Load info about a user (first name, last name, admin) and set globally.
// params:
//   $user - user login
//   $prefix - variable prefix to use
// Returns: true if no errors occured, false if db errors occured
function user_load_variables ($login, $prefix) {
  global $PUBLIC_ACCESS_FULLNAME, $NONUSER_PREFIX;
  global $app_host, $app_login, $app_pass, $app_db, $app_user_table;
  global $c, $db_host, $db_login, $db_password, $db_database, $app_same_db;
  
  if ($NONUSER_PREFIX && substr($login, 0, strlen($NONUSER_PREFIX)) == $NONUSER_PREFIX) {
    nonuser_load_variables ($login, $prefix);
    return true;
  }
  
  if ( $login == '__public__' ) {
    $GLOBALS[$prefix . 'login'] = $login;
    $GLOBALS[$prefix . 'firstname'] = '';
    $GLOBALS[$prefix . 'lastname'] = '';
    $GLOBALS[$prefix . 'is_admin'] = 'N';
    $GLOBALS[$prefix . 'email'] = '';
    $GLOBALS[$prefix . 'fullname'] = $PUBLIC_ACCESS_FULLNAME;
    $GLOBALS[$prefix . 'password'] = '';
    return true;
  }

  // if application is in a separate db, we have to connect to it
  if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
  
  $res = dbi_query ("SELECT uid, name, mail FROM $app_user_table WHERE uid = $login");
  if ($res) {
    if ($row = dbi_fetch_row($res)) {
      list($fname, $lname) = split (" ",$row[1]);
      $GLOBALS[$prefix . 'login'] = $login;
      $GLOBALS[$prefix . 'firstname'] = $fname;
      $GLOBALS[$prefix . 'lastname'] = $lname;
      $GLOBALS[$prefix . 'is_admin'] = check_permissions($row[0], 'webcal admin');
      $GLOBALS[$prefix . 'email'] = $row[2];
      $GLOBALS[$prefix . 'fullname'] = $row[1];
    }
    dbi_free_result($res);
  } else {
    $error = db_error();
    return false;
  }
  
  // if application is in a separate db, we have to connect back to the webcal db
  if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);

  return true;
}

// Redirect the user to the application's login screen
function app_login_screen($return = '') {
  global $app_url, $app_in_iframe;
  
  if (empty($return) && $app_in_iframe) {
    $return = "webcal";
  }
  if (!empty($return)) {
    $return = "?destination=$return";
  }
  
  $login_page = $app_url . "user" . $return;
  
  if ($app_in_iframe) {
    echo "<html><body onload=\"parent.document.location='$login_page'\"></body></html>";
    exit;
  }
  
  header("Location: $login_page");
  exit;
}

/********************************************************************* 
 *
 *      Functions that are unchanged from other user-app files
 *
 ********************************************************************/

// Delete a user from the webcalendar tables. (NOT from the application)
// We assume that we've already checked to make sure this user doesn't
// have events still in the database.
// params:
//   $user - user to delete
function user_delete_user ( $user ) {
  // Get event ids for all events this user is a participant
  $events = array ();
  $res = dbi_query ( "SELECT webcal_entry.cal_id " .
    "FROM webcal_entry, webcal_entry_user " .
    "WHERE webcal_entry.cal_id = webcal_entry_user.cal_id " .
    "AND webcal_entry_user.cal_login = '$user'" );
  if ( $res ) {
    while ( $row = dbi_fetch_row ( $res ) ) {
      $events[] = $row[0];
    }
  }

  // Now count number of participants in each event...
  // If just 1, then save id to be deleted
  $delete_em = array ();
  for ( $i = 0; $i < count ( $events ); $i++ ) {
    $res = dbi_query ( "SELECT COUNT(*) FROM webcal_entry_user " .
      "WHERE cal_id = " . $events[$i] );
    if ( $res ) {
      if ( $row = dbi_fetch_row ( $res ) ) {
        if ( $row[0] == 1 )
    $delete_em[] = $events[$i];
      }
      dbi_free_result ( $res );
    }
  }
  // Now delete events that were just for this user
  for ( $i = 0; $i < count ( $delete_em ); $i++ ) {
    dbi_query ( "DELETE FROM webcal_entry WHERE cal_id = " . $delete_em[$i] );
  }

  // Delete user participation from events
  dbi_query ( "DELETE FROM webcal_entry_user WHERE cal_login = '$user'" );

  // Delete preferences
  dbi_query ( "DELETE FROM webcal_user_pref WHERE cal_login = '$user'" );

  // Delete from groups
  dbi_query ( "DELETE FROM webcal_group_user WHERE cal_login = '$user'" );

  // Delete bosses & assistants
  dbi_query ( "DELETE FROM webcal_asst WHERE cal_boss = '$user'" );
  dbi_query ( "DELETE FROM webcal_asst WHERE cal_assistant = '$user'" );

  // Delete user's views
  $delete_em = array ();
  $res = dbi_query ( "SELECT cal_view_id FROM webcal_view " .
    "WHERE cal_owner = '$user'" );
  if ( $res ) {
    while ( $row = dbi_fetch_row ( $res ) ) {
      $delete_em[] = $row[0];
    }
    dbi_free_result ( $res );
  }
  for ( $i = 0; $i < count ( $delete_em ); $i++ ) {
    dbi_query ( "DELETE FROM webcal_view_user WHERE cal_view_id = " .
      $delete_em[$i] );
  }
  dbi_query ( "DELETE FROM webcal_view WHERE cal_owner = '$user'" );

  // Delete layers
  dbi_query ( "DELETE FROM webcal_user_layers WHERE cal_login = '$user'" );

  // Delete any layers other users may have that point to this user.
  dbi_query ( "DELETE FROM webcal_user_layers WHERE cal_layeruser = '$user'" );
}

// Functions we don't use with this file:
function user_update_user ( $user, $firstname, $lastname, $email, $admin ) {
  global $error;
  $error = 'User admin not supported.'; return false;
}
function user_update_user_password ( $user, $password ) {
  global $error;
  $error = 'User admin not supported.'; return false;
}
function user_add_user ( $user, $password, $firstname, $lastname, $email, $admin ) {
  global $error;
  $error = 'User admin not supported.'; return false;
}
?>
1	<?php
2	/* $Id$ */
3
4	if ( empty ( $PHP_SELF ) && ! empty ( $_SERVER ) &&
5	! empty ( $_SERVER['PHP_SELF'] ) ) {
6	$PHP_SELF = $_SERVER['PHP_SELF'];
7	}
8	if ( ! empty ( $PHP_SELF ) && preg_match ( "/\/includes\//", $PHP_SELF ) ) {
9	die ( "You can't access this file directly!" );
10	}
11
12	// This file contains all the functions for getting information
13	// about users from Drupal 5.0
14
15	// This plugin file for WebCalendar 1.0.x uses the Drupal user number as
16	// the login id because Drupal usernames can be changed.
17	// User administration is done through Drupal.
18
19	// The following functions from this file are called by WebCalendar:
20	// user_logged_in()
21	// user_get_users()
22	// user_load_variables()
23	// app_login_screen()
24	// user_delete_user()
25	// user_update_user()
26	// user_update_user_password()
27	// user_add_user()
28
29	// The following functions are default functions:
30	// user_delete_user()
31	// user_update_user()
32	// user_update_user_password()
33	// user_add_user()
34
35	/*********************** Config *********************************/
36
37	// Full URL to Drupal (including http:// or https:// and a trailing slash)
38	$app_url = 'http://www.yoursite.com/drupal/';
39
40	// Is WebCalendar going to be loaded in an iframe?
41	$app_in_iframe = true;
42
43	// Name of database containing Drupal's tables
44	$app_db = 'drupal';
45
46	// Host that Drupal's db is on
47	$app_host = 'localhost';
48
49	// Login/Password to access Drupal's database
50	$app_login = 'username';
51	$app_pass = 'password';
52
53	// Drupal's database prefix
54	$app_db_prefix = '';
55
56	/************************* End Config ***************************/
57
58	$app_user_table = $app_db_prefix . 'users';
59	$app_session_table = $app_db_prefix . 'sessions';
60	$app_permission_table = $app_db_prefix . 'permission';
61	$app_users_roles_table = $app_db_prefix . 'users_roles';
62
63	/* Add a slash to the end if its not there
64	if (substr($app_url, -1, 1) != '/') {
65	$app_url .= '/';
66	}
67	*/
68
69	if ($app_in_iframe) {
70	$app_login_page = "javascript:parent.document.location='" . $app_url . "user?destination=webcal'";
71	$app_logout_page = "javascript:parent.document.location='" . $app_url . "logout'";
72	}
73	else {
74	$app_login_page = $app_url . "?destination=" . substr($_SERVER['REQUEST_URI'],1);
75	$app_logout_page = $app_url . "logout";
76	}
77
78	// Are Drupal's tables in the same database as WebCalendar's?
79	$app_same_db = (($db_database == $app_db) && ($app_host == $db_host)) ? '1' : '0';
80
81	// User administration should be done through Drupal's interface
82	$user_can_update_password = false;
83	$admin_can_add_user = false;
84
85	// Allow admin to delete user from webcal tables (not from Drupal)
86	$admin_can_delete_user = true;
87
88	// Checks to see if the user is logged into Drupal & has permission
89	// Returns: login id (i.e. the user id of the logged in Drupal user, if they
90	// have permission to log into WebCalendar)
91	function user_logged_in() {
92	global $PUBLIC_ACCESS;
93	global $app_user_table, $app_session_table;
94	global $app_host, $app_login, $app_pass, $app_db, $app_same_db;
95	global $c, $db_host, $db_login, $db_password, $db_database;
96
97	$sid = $_COOKIE['PHPSESSID'];
98
99	if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
100
101	if (!empty($sid)) {
102	$sql = "SELECT u.uid FROM $app_session_table s, $app_user_table u WHERE s.sid = '$sid' AND s.uid=u.uid";
103	$res = dbi_query($sql);
104	if ($res) {
105	if ($row = dbi_fetch_row($res)) {
106	$uid = $row[0];
107	}
108	dbi_free_result($res);
109	}
110
111	//update last access times for sessions and users
112	$sql = "UPDATE $app_session_table SET timestamp = '".time()."' WHERE sid = '$sid' ";
113	dbi_query ( $sql );
114	$sql = "UPDATE $app_user_table u, $app_session_table s SET u.access = '".time()."' WHERE s.sid = '$sid' AND u.uid = s.uid AND s.uid <> 0";
115	dbi_query ( $sql );
116	}
117
118	if (!isset($uid)) {
119	$uid = 0;
120	}
121
122	$login = false;
123
124	if (check_permissions($uid, "access webcal") && $PUBLIC_ACCESS == 'Y') {
125	$login = '__public__';
126	}
127
128	if (check_permissions($uid, "login to webcal")) {
129	$login = $uid;
130	}
131
132	if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);
133
134	/* Prints debug information
135	print "<pre>";
136	print_r( 'uid='.$uid."\nlogin=".$login."\n");
137	global $cached_users;
138	print_r ($cached_users);
139	print "</pre>";
140	exit;
141	*/
142
143	return $login;
144	}
145
146	// Checks a given Drupal user id to see if they have a certain permission
147	// Precondition: Assumes that the database is already connected
148	// Returns: true if the user has the permission, false if they dont
149	function check_permissions($uid, $permission) {
150	global $cached_users;
151	global $app_permission_table, $app_users_roles_table;
152
153	if ($uid == 1) {
154	return true;
155	}
156
157	if (empty ($cached_users[$permission])) {
158	$rids = array();
159	$res = dbi_query("SELECT rid, perm FROM $app_permission_table");
160	if ($res) {
161	while ($row = dbi_fetch_row($res)) {
162	if (strpos($row[1], $permission) !== FALSE) {
163	$rids[] = $row[0];
164	}
165	}
166	dbi_free_result ( $res );
167	}
168
169	$cached_users[$permission] = array ();
170
171	//echo "role ids for '$permission'= ";
172	//print_r ($rids);
173
174	// check if anonymous users or all authenticated users have the permission
175	if (in_array(1, $rids) \|\| (in_array(2, $rids) && $uid != 0)) {
176	$cached_users[$permission][] = "*";
177	}
178	else {
179	// Get all the user ids that have the permission and add them to the cached users array
180	$rid_string = implode(',', $rids);
181	if ($rid_string) {
182	$res = dbi_query("SELECT uid FROM $app_users_roles_table WHERE rid IN ($rid_string)");
183	if ($res) {
184	while ($row = dbi_fetch_row($res)) {
185	$cached_users[$permission][] = $row[0];
186	}
187	dbi_free_result ( $res );
188	}
189	}
190	}
191	}
192
193	foreach ($cached_users[$permission] as $certain_user) {
194	if ($certain_user == $uid \|\| $certain_user == "*")
195	return true;
196	}
197
198	return false;
199	}
200
201	// Gets a list of Drupal users with permission to login to WebCalendar
202	// Returns: An array containing information about all Drupal users who have
203	// permission to login to WebCalendar
204	function user_get_users () {
205	global $PUBLIC_ACCESS, $PUBLIC_ACCESS_FULLNAME, $app_user_table, $app_session_table;
206	global $app_host, $app_login, $app_pass, $app_db, $app_same_db;
207	global $c, $db_host, $db_login, $db_password, $db_database;
208
209	$count = 0;
210	$ret = array ();
211
212	if ( $PUBLIC_ACCESS == 'Y' )
213	$ret[$count++] = array (
214	'cal_login' => '__public__',
215	'cal_lastname' => '',
216	'cal_firstname' => '',
217	'cal_is_admin' => 'N',
218	'cal_email' => '',
219	'cal_password' => '',
220	'cal_fullname' => $PUBLIC_ACCESS_FULLNAME
221	);
222
223	// if application is in a separate db, we have to connect to it
224	if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
225
226	$sql = "SELECT uid, name, mail FROM $app_user_table WHERE uid <> '0' ORDER BY uid";
227	$res = dbi_query ( $sql );
228	if ( $res ) {
229	while ( $row = dbi_fetch_row ( $res ) ) {
230	list($fname, $lname) = split (" ",$row[1]);
231	if (check_permissions($row[0], 'login to webcal')) {
232	$ret[$count++] = array (
233	"cal_login" => $row[0],
234	"cal_lastname" => $lname,
235	"cal_firstname" => $fname,
236	"cal_is_admin" => check_permissions($row[0], 'webcal admin'),
237	"cal_email" => $row[2],
238	"cal_fullname" => $row[1]
239	);
240	}
241	}
242	dbi_free_result ( $res );
243	}
244
245	// if application is in a separate db, we have to connect back to the webcal db
246	if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);
247
248	return $ret;
249	}
250
251	// Load info about a user (first name, last name, admin) and set globally.
252	// params:
253	// $user - user login
254	// $prefix - variable prefix to use
255	// Returns: true if no errors occured, false if db errors occured
256	function user_load_variables ($login, $prefix) {
257	global $PUBLIC_ACCESS_FULLNAME, $NONUSER_PREFIX;
258	global $app_host, $app_login, $app_pass, $app_db, $app_user_table;
259	global $c, $db_host, $db_login, $db_password, $db_database, $app_same_db;
260
261	if ($NONUSER_PREFIX && substr($login, 0, strlen($NONUSER_PREFIX)) == $NONUSER_PREFIX) {
262	nonuser_load_variables ($login, $prefix);
263	return true;
264	}
265
266	if ( $login == '__public__' ) {
267	$GLOBALS[$prefix . 'login'] = $login;
268	$GLOBALS[$prefix . 'firstname'] = '';
269	$GLOBALS[$prefix . 'lastname'] = '';
270	$GLOBALS[$prefix . 'is_admin'] = 'N';
271	$GLOBALS[$prefix . 'email'] = '';
272	$GLOBALS[$prefix . 'fullname'] = $PUBLIC_ACCESS_FULLNAME;
273	$GLOBALS[$prefix . 'password'] = '';
274	return true;
275	}
276
277	// if application is in a separate db, we have to connect to it
278	if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
279
280	$res = dbi_query ("SELECT uid, name, mail FROM $app_user_table WHERE uid = $login");
281	if ($res) {
282	if ($row = dbi_fetch_row($res)) {
283	list($fname, $lname) = split (" ",$row[1]);
284	$GLOBALS[$prefix . 'login'] = $login;
285	$GLOBALS[$prefix . 'firstname'] = $fname;
286	$GLOBALS[$prefix . 'lastname'] = $lname;
287	$GLOBALS[$prefix . 'is_admin'] = check_permissions($row[0], 'webcal admin');
288	$GLOBALS[$prefix . 'email'] = $row[2];
289	$GLOBALS[$prefix . 'fullname'] = $row[1];
290	}
291	dbi_free_result($res);
292	} else {
293	$error = db_error();
294	return false;
295	}
296
297	// if application is in a separate db, we have to connect back to the webcal db
298	if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);
299
300	return true;
301	}
302
303	// Redirect the user to the application's login screen
304	function app_login_screen($return = '') {
305	global $app_url, $app_in_iframe;
306
307	if (empty($return) && $app_in_iframe) {
308	$return = "webcal";
309	}
310	if (!empty($return)) {
311	$return = "?destination=$return";
312	}
313
314	$login_page = $app_url . "user" . $return;
315
316	if ($app_in_iframe) {
317	echo "<html><body onload=\"parent.document.location='$login_page'\"></body></html>";
318	exit;
319	}
320
321	header("Location: $login_page");
322	exit;
323	}
324
325	/*********************************************************************
326	*
327	* Functions that are unchanged from other user-app files
328	*
329	********************************************************************/
330
331	// Delete a user from the webcalendar tables. (NOT from the application)
332	// We assume that we've already checked to make sure this user doesn't
333	// have events still in the database.
334	// params:
335	// $user - user to delete
336	function user_delete_user ( $user ) {
337	// Get event ids for all events this user is a participant
338	$events = array ();
339	$res = dbi_query ( "SELECT webcal_entry.cal_id " .
340	"FROM webcal_entry, webcal_entry_user " .
341	"WHERE webcal_entry.cal_id = webcal_entry_user.cal_id " .
342	"AND webcal_entry_user.cal_login = '$user'" );
343	if ( $res ) {
344	while ( $row = dbi_fetch_row ( $res ) ) {
345	$events[] = $row[0];
346	}
347	}
348
349	// Now count number of participants in each event...
350	// If just 1, then save id to be deleted
351	$delete_em = array ();
352	for ( $i = 0; $i < count ( $events ); $i++ ) {
353	$res = dbi_query ( "SELECT COUNT(*) FROM webcal_entry_user " .
354	"WHERE cal_id = " . $events[$i] );
355	if ( $res ) {
356	if ( $row = dbi_fetch_row ( $res ) ) {
357	if ( $row[0] == 1 )
358	$delete_em[] = $events[$i];
359	}
360	dbi_free_result ( $res );
361	}
362	}
363	// Now delete events that were just for this user
364	for ( $i = 0; $i < count ( $delete_em ); $i++ ) {
365	dbi_query ( "DELETE FROM webcal_entry WHERE cal_id = " . $delete_em[$i] );
366	}
367
368	// Delete user participation from events
369	dbi_query ( "DELETE FROM webcal_entry_user WHERE cal_login = '$user'" );
370
371	// Delete preferences
372	dbi_query ( "DELETE FROM webcal_user_pref WHERE cal_login = '$user'" );
373
374	// Delete from groups
375	dbi_query ( "DELETE FROM webcal_group_user WHERE cal_login = '$user'" );
376
377	// Delete bosses & assistants
378	dbi_query ( "DELETE FROM webcal_asst WHERE cal_boss = '$user'" );
379	dbi_query ( "DELETE FROM webcal_asst WHERE cal_assistant = '$user'" );
380
381	// Delete user's views
382	$delete_em = array ();
383	$res = dbi_query ( "SELECT cal_view_id FROM webcal_view " .
384	"WHERE cal_owner = '$user'" );
385	if ( $res ) {
386	while ( $row = dbi_fetch_row ( $res ) ) {
387	$delete_em[] = $row[0];
388	}
389	dbi_free_result ( $res );
390	}
391	for ( $i = 0; $i < count ( $delete_em ); $i++ ) {
392	dbi_query ( "DELETE FROM webcal_view_user WHERE cal_view_id = " .
393	$delete_em[$i] );
394	}
395	dbi_query ( "DELETE FROM webcal_view WHERE cal_owner = '$user'" );
396
397	// Delete layers
398	dbi_query ( "DELETE FROM webcal_user_layers WHERE cal_login = '$user'" );
399
400	// Delete any layers other users may have that point to this user.
401	dbi_query ( "DELETE FROM webcal_user_layers WHERE cal_layeruser = '$user'" );
402	}
403
404	// Functions we don't use with this file:
405	function user_update_user ( $user, $firstname, $lastname, $email, $admin ) {
406	global $error;
407	$error = 'User admin not supported.'; return false;
408	}
409	function user_update_user_password ( $user, $password ) {
410	global $error;
411	$error = 'User admin not supported.'; return false;
412	}
413	function user_add_user ( $user, $password, $firstname, $lastname, $email, $admin ) {
414	global $error;
415	$error = 'User admin not supported.'; return false;
416	}
417	?>