modules/webcal/user-app-drupal-1.1.x.php

<?php
/* $Id$ */

defined( '_ISVALID' ) or die( "You can't access this file directly!" );

// This file contains all the functions for getting information
// about users from Drupal 5.0

// This plugin file for WebCalendar 1.1.x uses the Drupal user number as
// the login id because Drupal usernames can be changed.
// User administration is done through Drupal.

// The following functions from this file are called by WebCalendar:
// user_logged_in()
// user_get_users()
// user_load_variables()
// app_login_screen()
// user_delete_user()
// user_update_user()
// user_update_user_password()
// user_add_user()

// The following functions are default functions:
// user_delete_user()
// user_update_user()
// user_update_user_password()
// user_add_user()

/************************* Config ***********************************/

// Full URL to Drupal (including http:// or https:// and a trailing slash)
$app_url = 'http://www.yoursite.com/drupal/';

// Is WebCalendar going to be loaded in an iframe?
$app_in_iframe = true;

// Name of database containing Drupal's tables
$app_db = 'drupal';

// Host that Drupal's db is on
$app_host = 'localhost';

// Login/Password to access Drupal's database
$app_login = 'username';
$app_pass  = 'password';

// Drupal's database prefix
$app_db_prefix = '';

/*************************** End Config *****************************/

$app_user_table = $app_db_prefix . 'users';
$app_session_table = $app_db_prefix . 'sessions';
$app_permission_table = $app_db_prefix . 'permission';
$app_users_roles_table = $app_db_prefix . 'users_roles';

/* Add a slash to the end if its not there
if (substr($app_url, -1, 1) != '/') {
  $app_url .= '/';
}
*/

if ($app_in_iframe) {
  $app_logout_page = "javascript:parent.document.location='" . $app_url . "logout'";
}
else {
  $app_logout_page = $app_url . "logout";
}

// Are Drupal's tables in the same database as WebCalendar's?
$app_same_db = (($db_database == $app_db) && ($app_host == $db_host)) ? '1' : '0';

// User administration should be done through Drupal's interface
$user_can_update_password = false;
$admin_can_add_user = false;

// Allow admin to delete user from webcal tables (not from Drupal)
$admin_can_delete_user = true;

// Checks to see if the user is logged into Drupal & has permission
// Returns: login id (i.e. the user id of the logged in Drupal user, if they
// have permission to log into WebCalendar)
function user_logged_in() {
  global $PUBLIC_ACCESS;
  global $app_user_table, $app_session_table;
  global $app_host, $app_login, $app_pass, $app_db, $app_same_db;
  global $c, $db_host, $db_login, $db_password, $db_database;
  
  $sid = $_COOKIE['PHPSESSID'];
  
  if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
  
  if (!empty($sid)) {
    $sql = "SELECT u.uid FROM $app_session_table s, $app_user_table u WHERE s.sid = '$sid' AND s.uid=u.uid";
    $res = dbi_query($sql);
    if ($res) {
      if ($row = dbi_fetch_row($res)) {
        $uid = $row[0];
      }
      dbi_free_result($res);
    }
    
    //update last access times for sessions and users
    $sql = "UPDATE $app_session_table SET timestamp = '".time()."' WHERE sid = '$sid' ";
    dbi_query ( $sql );
    $sql = "UPDATE $app_user_table u, $app_session_table s SET u.access = '".time()."' WHERE s.sid = '$sid' AND u.uid = s.uid AND s.uid <> 0";
    dbi_query ( $sql );
  }
  
  if (!isset($uid)) {
    $uid = 0;
  }
  
  $login = false;
  
  if (check_permissions($uid, "access webcal") && $PUBLIC_ACCESS == 'Y') {
    $login = '__public__';
  }
  
  if (check_permissions($uid, "login to webcal")) {
    $login = $uid;
  }
  
  if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);

/* Prints debug information
  print "<pre>";
  print_r( 'uid='.$uid."\nlogin=".$login."\n");
  global $cached_users;
  print_r ($cached_users);
  print "</pre>";
  exit;
*/
  
  return $login;
}

// Checks a given Drupal user id to see if they have a certain permission
// Precondition: Assumes that the database is already connected
// Returns: true if the user has the permission, false if they dont
function check_permissions($uid, $permission) {
  global $cached_users;
  global $app_permission_table, $app_users_roles_table;
  
  if ($uid == 1) {
    return true;
  }
  
  if (empty ($cached_users[$permission])) {
    $rids = array();
    $res = dbi_query("SELECT rid, perm FROM $app_permission_table");
    if ($res) {
      while ($row = dbi_fetch_row($res)) {
        if (strpos($row[1], $permission) !== FALSE) {
          $rids[] = $row[0];
        }
      }
      dbi_free_result ( $res );
    }
    
    $cached_users[$permission] = array ();
    
    //echo "role ids for '$permission'= ";
    //print_r ($rids);
    
    // check if anonymous users or all authenticated users have the permission
    if (in_array(1, $rids) || (in_array(2, $rids) && $uid != 0)) {
      $cached_users[$permission][] = "*";
    }
    else {
      // Get all the user ids that have the permission and add them to the cached users array
      $rid_string = implode(',', $rids);
      if ($rid_string) {
        $res = dbi_query("SELECT uid FROM $app_users_roles_table WHERE rid IN ($rid_string)");
        if ($res) {
          while ($row = dbi_fetch_row($res)) {
            $cached_users[$permission][] = $row[0];
          }
          dbi_free_result ( $res );
        }
      }
    }
  }
  
  foreach ($cached_users[$permission] as $certain_user) {
    if ($certain_user == $uid || $certain_user == "*")
      return true;
  }
  
  return false;
}

// Gets a list of Drupal users with permission to login to WebCalendar
// Returns: An array containing information about all Drupal users who have
// permission to login to WebCalendar
function user_get_users () {
  global $PUBLIC_ACCESS, $PUBLIC_ACCESS_FULLNAME, $app_user_table, $app_session_table;
  global $app_host, $app_login, $app_pass, $app_db, $app_same_db;
  global $c, $db_host, $db_login, $db_password, $db_database;

  $count = 0;
  $ret = array ();
  
  if ( $PUBLIC_ACCESS == 'Y' )
    $ret[$count++] = array (
       'cal_login' => '__public__',
       'cal_lastname' => '',
       'cal_firstname' => '',
       'cal_is_admin' => 'N',
       'cal_email' => '',
       'cal_password' => '',
       'cal_fullname' => $PUBLIC_ACCESS_FULLNAME
    );
  
  // if application is in a separate db, we have to connect to it
  if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
  
  $sql = "SELECT uid, name, mail FROM $app_user_table WHERE uid <> '0' ORDER BY uid";
  $res = dbi_query ( $sql );
  if ( $res ) {
    while ( $row = dbi_fetch_row ( $res ) ) {
      list($fname, $lname) = split (" ",$row[1]);
      if (check_permissions($row[0], 'login to webcal')) {
        $ret[$count++] = array (
          "cal_login" => $row[0],
          "cal_lastname" => $lname,
          "cal_firstname" => $fname,
          "cal_is_admin" => check_permissions($row[0], 'webcal admin'),
          "cal_email" => $row[2],
          "cal_fullname" => $row[1]
        );
      }
    }
    dbi_free_result ( $res );
  }
  
  // if application is in a separate db, we have to connect back to the webcal db
  if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);
  
  return $ret;
}

// Load info about a user (first name, last name, admin) and set globally.
// params:
//   $user - user login
//   $prefix - variable prefix to use
// Returns: true if no errors occured, false if db errors occured
function user_load_variables ($login, $prefix) {
  global $PUBLIC_ACCESS_FULLNAME, $NONUSER_PREFIX;
  global $app_host, $app_login, $app_pass, $app_db, $app_user_table;
  global $c, $db_host, $db_login, $db_password, $db_database, $app_same_db;
  
  if ($NONUSER_PREFIX && substr($login, 0, strlen($NONUSER_PREFIX)) == $NONUSER_PREFIX) {
    nonuser_load_variables ($login, $prefix);
    return true;
  }
  
  if ( $login == '__public__' ) {
    $GLOBALS[$prefix . 'login'] = $login;
    $GLOBALS[$prefix . 'firstname'] = '';
    $GLOBALS[$prefix . 'lastname'] = '';
    $GLOBALS[$prefix . 'is_admin'] = 'N';
    $GLOBALS[$prefix . 'email'] = '';
    $GLOBALS[$prefix . 'fullname'] = $PUBLIC_ACCESS_FULLNAME;
    $GLOBALS[$prefix . 'password'] = '';
    return true;
  }

  // if application is in a separate db, we have to connect to it
  if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
  
  $res = dbi_query ("SELECT uid, name, mail FROM $app_user_table WHERE uid = $login");
  if ($res) {
    if ($row = dbi_fetch_row($res)) {
      list($fname, $lname) = split (" ",$row[1]);
      $GLOBALS[$prefix . 'login'] = $login;
      $GLOBALS[$prefix . 'firstname'] = $fname;
      $GLOBALS[$prefix . 'lastname'] = $lname;
      $GLOBALS[$prefix . 'is_admin'] = check_permissions($row[0], 'webcal admin');
      $GLOBALS[$prefix . 'email'] = $row[2];
      $GLOBALS[$prefix . 'fullname'] = $row[1];
    }
    dbi_free_result($res);
  } else {
    $error = db_error();
    return false;
  }
  
  // if application is in a separate db, we have to connect back to the webcal db
  if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);

  return true;
}

// Redirect the user to the application's login screen
function app_login_screen($return = '') {
  global $app_url, $app_in_iframe;
  
  if (empty($return) && $app_in_iframe) {
    $return = "webcal";
  }
  if (!empty($return)) {
    $return = "?destination=$return";
  }
  
  $login_page = $app_url . "user" . $return;
  
  if ($app_in_iframe) {
    echo "<html><body onload=\"parent.document.location='$login_page'\"></body></html>";
    exit;
  }
  
  header("Location: $login_page");
  exit;
}

/********************************************************************* 
 *
 *      Functions that are unchanged from other user-app files
 *
 ********************************************************************/

/**
 * Delete a user from the WebCalendar tables (Not from Drupal)
 *
 * This will also delete any of the user's events in the system that have
 * no other participants.  Any layers that point to this user
 * will be deleted.  Any views that include this user will be updated.
 *
 * @param string $user User to delete
 */
function user_delete_user ( $user ) {
  // Get event ids for all events this user is a participant
  $events = array ();
  $res = dbi_execute ( 'SELECT webcal_entry.cal_id ' .
    'FROM webcal_entry, webcal_entry_user ' .
    'WHERE webcal_entry.cal_id = webcal_entry_user.cal_id ' .
    'AND webcal_entry_user.cal_login = ?' , array ( $user ) );
  if ( $res ) {
    while ( $row = dbi_fetch_row ( $res ) ) {
      $events[] = $row[0];
    }
  }

  // Now count number of participants in each event...
  // If just 1, then save id to be deleted
  $delete_em = array ();
  $evcnt = count ( $events );
  for ( $i = 0; $i < $evcnt; $i++ ) {
    $res = dbi_execute ( 'SELECT COUNT(*) FROM webcal_entry_user ' .
      'WHERE cal_id = ?' , array ( $events[$i] ) );
    if ( $res ) {
      if ( $row = dbi_fetch_row ( $res ) ) {
        if ( $row[0] == 1 )
          $delete_em[] = $events[$i];
      }
      dbi_free_result ( $res );
    }
  }
  $delete_emcnt = count ( $delete_em );
  // Now delete events that were just for this user
  for ( $i = 0; $i < $delete_emcnt; $i++ ) {
    dbi_execute ( 'DELETE FROM webcal_entry_repeats WHERE cal_id = ?' , 
      array ( $delete_em[$i] ) );
    dbi_execute ( 'DELETE FROM webcal_entry_repeats_not WHERE cal_id = ?' ,
      array ( $delete_em[$i] ) );
    dbi_execute ( 'DELETE FROM webcal_entry_log WHERE cal_entry_id = ?' , 
      array ( $delete_em[$i] )  );
    dbi_execute ( 'DELETE FROM webcal_import_data WHERE cal_id = ?' , 
      array ( $delete_em[$i] )  );
    dbi_execute ( 'DELETE FROM webcal_site_extras WHERE cal_id = ?' , 
      array ( $delete_em[$i] )  );
    dbi_execute ( 'DELETE FROM webcal_entry_ext_user WHERE cal_id = ?' , 
      array ( $delete_em[$i] )  );
    dbi_execute ( 'DELETE FROM webcal_reminders WHERE cal_id = ?' , 
      array ( $delete_em[$i] )  );
    dbi_execute ( 'DELETE FROM webcal_blob WHERE cal_id = ?' , 
      array ( $delete_em[$i] )  );
    dbi_execute ( 'DELETE FROM webcal_entry WHERE cal_id = ?' , 
      array ( $delete_em[$i] )  );
  }

  // Delete user participation from events
  dbi_execute ( 'DELETE FROM webcal_entry_user WHERE cal_login = ?' , 
    array ( $user ) );
  // Delete preferences
  dbi_execute ( 'DELETE FROM webcal_user_pref WHERE cal_login = ?' , 
    array ( $user ) );
  // Delete from groups
  dbi_execute ( 'DELETE FROM webcal_group_user WHERE cal_login = ?' , 
    array ( $user ) );
  // Delete bosses & assistants
  dbi_execute ( 'DELETE FROM webcal_asst WHERE cal_boss = ?' , 
    array ( $user ) );
  dbi_execute ( 'DELETE FROM webcal_asst WHERE cal_assistant = ?' , 
    array ( $user ) );
  // Delete user's views
  $delete_em = array ();
  $res = dbi_execute ( 'SELECT cal_view_id FROM webcal_view WHERE cal_owner = ?' , 
    array ( $user ) );
  if ( $res ) {
    while ( $row = dbi_fetch_row ( $res ) ) {
      $delete_em[] = $row[0];
    }
    dbi_free_result ( $res );
  }
  $delete_emcnt = count ( $delete_em );
  for ( $i = 0; $i < $delete_emcnt; $i++ ) {
    dbi_execute ( 'DELETE FROM webcal_view_user WHERE cal_view_id = ?' , 
      array ( $delete_em[$i] ) );
  }
  dbi_execute ( 'DELETE FROM webcal_view WHERE cal_owner = ?' , 
    array ( $user ) );
  //Delete them from any other user's views
  dbi_execute ( 'DELETE FROM webcal_view_user WHERE cal_login = ?' , 
    array ( $user ) );
  // Delete layers
  dbi_execute ( 'DELETE FROM webcal_user_layers WHERE cal_login = ?' , 
    array ( $user ) );
  // Delete any layers other users may have that point to this user.
  dbi_execute ( 'DELETE FROM webcal_user_layers WHERE cal_layeruser = ?' , 
    array ( $user ) );
  // Delete function access
  dbi_execute ( 'DELETE FROM webcal_access_function WHERE cal_login = ?' , 
    array ( $user ) );
  // Delete user access
  dbi_execute ( 'DELETE FROM webcal_access_user WHERE cal_login = ?' ,
    array ( $user ) );
  dbi_execute ( 'DELETE FROM webcal_access_user WHERE cal_other_user = ?' ,
    array ( $user ) );
  // Delete user's categories
  dbi_execute ( 'DELETE FROM webcal_categories WHERE cat_owner = ?' ,
    array ( $user ) );
  dbi_execute ( 'DELETE FROM webcal_entry_categories WHERE cat_owner = ?' ,
    array ( $user ) );
  // Delete user's reports
  $delete_em = array ();
  $res = dbi_execute ( 'SELECT cal_report_id FROM webcal_report WHERE cal_login = ?' , 
    array ( $user ) );
  if ( $res ) {
    while ( $row = dbi_fetch_row ( $res ) ) {
      $delete_em[] = $row[0];
    }
    dbi_free_result ( $res );
  }
  $delete_emcnt = count ( $delete_em );
  for ( $i = 0; $i < $delete_emcnt; $i++ ) {
    dbi_execute ( 'DELETE FROM webcal_report_template WHERE cal_report_id = ?' ,
      array ( $delete_em[$i] ) );  
  }
  dbi_execute ( 'DELETE FROM webcal_report WHERE cal_login = ?' ,
    array ( $user ) );
    //not sure about this one???
  dbi_execute ( 'DELETE FROM webcal_report WHERE cal_user = ?' ,
    array ( $user ) );  
  // Delete user templates
  dbi_execute ( 'DELETE FROM webcal_user_template WHERE cal_login = ?' , 
    array ( $user ) );  
}

// Functions we don't use with this file:
function user_update_user ( $user, $firstname, $lastname, $email, $admin ) {
  global $error;
  $error = 'User admin not supported.'; return false;
}
function user_update_user_password ( $user, $password ) {
  global $error;
  $error = 'User admin not supported.'; return false;
}
function user_add_user ( $user, $password, $firstname, $lastname, $email, $admin ) {
  global $error;
  $error = 'User admin not supported.'; return false;
}
?>
1	<?php
2	/* $Id$ */
3
4	defined( '_ISVALID' ) or die( "You can't access this file directly!" );
5
6	// This file contains all the functions for getting information
7	// about users from Drupal 5.0
8
9	// This plugin file for WebCalendar 1.1.x uses the Drupal user number as
10	// the login id because Drupal usernames can be changed.
11	// User administration is done through Drupal.
12
13	// The following functions from this file are called by WebCalendar:
14	// user_logged_in()
15	// user_get_users()
16	// user_load_variables()
17	// app_login_screen()
18	// user_delete_user()
19	// user_update_user()
20	// user_update_user_password()
21	// user_add_user()
22
23	// The following functions are default functions:
24	// user_delete_user()
25	// user_update_user()
26	// user_update_user_password()
27	// user_add_user()
28
29	/*********************** Config *********************************/
30
31	// Full URL to Drupal (including http:// or https:// and a trailing slash)
32	$app_url = 'http://www.yoursite.com/drupal/';
33
34	// Is WebCalendar going to be loaded in an iframe?
35	$app_in_iframe = true;
36
37	// Name of database containing Drupal's tables
38	$app_db = 'drupal';
39
40	// Host that Drupal's db is on
41	$app_host = 'localhost';
42
43	// Login/Password to access Drupal's database
44	$app_login = 'username';
45	$app_pass = 'password';
46
47	// Drupal's database prefix
48	$app_db_prefix = '';
49
50	/************************* End Config ***************************/
51
52	$app_user_table = $app_db_prefix . 'users';
53	$app_session_table = $app_db_prefix . 'sessions';
54	$app_permission_table = $app_db_prefix . 'permission';
55	$app_users_roles_table = $app_db_prefix . 'users_roles';
56
57	/* Add a slash to the end if its not there
58	if (substr($app_url, -1, 1) != '/') {
59	$app_url .= '/';
60	}
61	*/
62
63	if ($app_in_iframe) {
64	$app_logout_page = "javascript:parent.document.location='" . $app_url . "logout'";
65	}
66	else {
67	$app_logout_page = $app_url . "logout";
68	}
69
70	// Are Drupal's tables in the same database as WebCalendar's?
71	$app_same_db = (($db_database == $app_db) && ($app_host == $db_host)) ? '1' : '0';
72
73	// User administration should be done through Drupal's interface
74	$user_can_update_password = false;
75	$admin_can_add_user = false;
76
77	// Allow admin to delete user from webcal tables (not from Drupal)
78	$admin_can_delete_user = true;
79
80	// Checks to see if the user is logged into Drupal & has permission
81	// Returns: login id (i.e. the user id of the logged in Drupal user, if they
82	// have permission to log into WebCalendar)
83	function user_logged_in() {
84	global $PUBLIC_ACCESS;
85	global $app_user_table, $app_session_table;
86	global $app_host, $app_login, $app_pass, $app_db, $app_same_db;
87	global $c, $db_host, $db_login, $db_password, $db_database;
88
89	$sid = $_COOKIE['PHPSESSID'];
90
91	if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
92
93	if (!empty($sid)) {
94	$sql = "SELECT u.uid FROM $app_session_table s, $app_user_table u WHERE s.sid = '$sid' AND s.uid=u.uid";
95	$res = dbi_query($sql);
96	if ($res) {
97	if ($row = dbi_fetch_row($res)) {
98	$uid = $row[0];
99	}
100	dbi_free_result($res);
101	}
102
103	//update last access times for sessions and users
104	$sql = "UPDATE $app_session_table SET timestamp = '".time()."' WHERE sid = '$sid' ";
105	dbi_query ( $sql );
106	$sql = "UPDATE $app_user_table u, $app_session_table s SET u.access = '".time()."' WHERE s.sid = '$sid' AND u.uid = s.uid AND s.uid <> 0";
107	dbi_query ( $sql );
108	}
109
110	if (!isset($uid)) {
111	$uid = 0;
112	}
113
114	$login = false;
115
116	if (check_permissions($uid, "access webcal") && $PUBLIC_ACCESS == 'Y') {
117	$login = '__public__';
118	}
119
120	if (check_permissions($uid, "login to webcal")) {
121	$login = $uid;
122	}
123
124	if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);
125
126	/* Prints debug information
127	print "<pre>";
128	print_r( 'uid='.$uid."\nlogin=".$login."\n");
129	global $cached_users;
130	print_r ($cached_users);
131	print "</pre>";
132	exit;
133	*/
134
135	return $login;
136	}
137
138	// Checks a given Drupal user id to see if they have a certain permission
139	// Precondition: Assumes that the database is already connected
140	// Returns: true if the user has the permission, false if they dont
141	function check_permissions($uid, $permission) {
142	global $cached_users;
143	global $app_permission_table, $app_users_roles_table;
144
145	if ($uid == 1) {
146	return true;
147	}
148
149	if (empty ($cached_users[$permission])) {
150	$rids = array();
151	$res = dbi_query("SELECT rid, perm FROM $app_permission_table");
152	if ($res) {
153	while ($row = dbi_fetch_row($res)) {
154	if (strpos($row[1], $permission) !== FALSE) {
155	$rids[] = $row[0];
156	}
157	}
158	dbi_free_result ( $res );
159	}
160
161	$cached_users[$permission] = array ();
162
163	//echo "role ids for '$permission'= ";
164	//print_r ($rids);
165
166	// check if anonymous users or all authenticated users have the permission
167	if (in_array(1, $rids) \|\| (in_array(2, $rids) && $uid != 0)) {
168	$cached_users[$permission][] = "*";
169	}
170	else {
171	// Get all the user ids that have the permission and add them to the cached users array
172	$rid_string = implode(',', $rids);
173	if ($rid_string) {
174	$res = dbi_query("SELECT uid FROM $app_users_roles_table WHERE rid IN ($rid_string)");
175	if ($res) {
176	while ($row = dbi_fetch_row($res)) {
177	$cached_users[$permission][] = $row[0];
178	}
179	dbi_free_result ( $res );
180	}
181	}
182	}
183	}
184
185	foreach ($cached_users[$permission] as $certain_user) {
186	if ($certain_user == $uid \|\| $certain_user == "*")
187	return true;
188	}
189
190	return false;
191	}
192
193	// Gets a list of Drupal users with permission to login to WebCalendar
194	// Returns: An array containing information about all Drupal users who have
195	// permission to login to WebCalendar
196	function user_get_users () {
197	global $PUBLIC_ACCESS, $PUBLIC_ACCESS_FULLNAME, $app_user_table, $app_session_table;
198	global $app_host, $app_login, $app_pass, $app_db, $app_same_db;
199	global $c, $db_host, $db_login, $db_password, $db_database;
200
201	$count = 0;
202	$ret = array ();
203
204	if ( $PUBLIC_ACCESS == 'Y' )
205	$ret[$count++] = array (
206	'cal_login' => '__public__',
207	'cal_lastname' => '',
208	'cal_firstname' => '',
209	'cal_is_admin' => 'N',
210	'cal_email' => '',
211	'cal_password' => '',
212	'cal_fullname' => $PUBLIC_ACCESS_FULLNAME
213	);
214
215	// if application is in a separate db, we have to connect to it
216	if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
217
218	$sql = "SELECT uid, name, mail FROM $app_user_table WHERE uid <> '0' ORDER BY uid";
219	$res = dbi_query ( $sql );
220	if ( $res ) {
221	while ( $row = dbi_fetch_row ( $res ) ) {
222	list($fname, $lname) = split (" ",$row[1]);
223	if (check_permissions($row[0], 'login to webcal')) {
224	$ret[$count++] = array (
225	"cal_login" => $row[0],
226	"cal_lastname" => $lname,
227	"cal_firstname" => $fname,
228	"cal_is_admin" => check_permissions($row[0], 'webcal admin'),
229	"cal_email" => $row[2],
230	"cal_fullname" => $row[1]
231	);
232	}
233	}
234	dbi_free_result ( $res );
235	}
236
237	// if application is in a separate db, we have to connect back to the webcal db
238	if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);
239
240	return $ret;
241	}
242
243	// Load info about a user (first name, last name, admin) and set globally.
244	// params:
245	// $user - user login
246	// $prefix - variable prefix to use
247	// Returns: true if no errors occured, false if db errors occured
248	function user_load_variables ($login, $prefix) {
249	global $PUBLIC_ACCESS_FULLNAME, $NONUSER_PREFIX;
250	global $app_host, $app_login, $app_pass, $app_db, $app_user_table;
251	global $c, $db_host, $db_login, $db_password, $db_database, $app_same_db;
252
253	if ($NONUSER_PREFIX && substr($login, 0, strlen($NONUSER_PREFIX)) == $NONUSER_PREFIX) {
254	nonuser_load_variables ($login, $prefix);
255	return true;
256	}
257
258	if ( $login == '__public__' ) {
259	$GLOBALS[$prefix . 'login'] = $login;
260	$GLOBALS[$prefix . 'firstname'] = '';
261	$GLOBALS[$prefix . 'lastname'] = '';
262	$GLOBALS[$prefix . 'is_admin'] = 'N';
263	$GLOBALS[$prefix . 'email'] = '';
264	$GLOBALS[$prefix . 'fullname'] = $PUBLIC_ACCESS_FULLNAME;
265	$GLOBALS[$prefix . 'password'] = '';
266	return true;
267	}
268
269	// if application is in a separate db, we have to connect to it
270	if ($app_same_db != '1') $c = dbi_connect($app_host, $app_login, $app_pass, $app_db);
271
272	$res = dbi_query ("SELECT uid, name, mail FROM $app_user_table WHERE uid = $login");
273	if ($res) {
274	if ($row = dbi_fetch_row($res)) {
275	list($fname, $lname) = split (" ",$row[1]);
276	$GLOBALS[$prefix . 'login'] = $login;
277	$GLOBALS[$prefix . 'firstname'] = $fname;
278	$GLOBALS[$prefix . 'lastname'] = $lname;
279	$GLOBALS[$prefix . 'is_admin'] = check_permissions($row[0], 'webcal admin');
280	$GLOBALS[$prefix . 'email'] = $row[2];
281	$GLOBALS[$prefix . 'fullname'] = $row[1];
282	}
283	dbi_free_result($res);
284	} else {
285	$error = db_error();
286	return false;
287	}
288
289	// if application is in a separate db, we have to connect back to the webcal db
290	if ($app_same_db != '1') $c = dbi_connect($db_host, $db_login, $db_password, $db_database);
291
292	return true;
293	}
294
295	// Redirect the user to the application's login screen
296	function app_login_screen($return = '') {
297	global $app_url, $app_in_iframe;
298
299	if (empty($return) && $app_in_iframe) {
300	$return = "webcal";
301	}
302	if (!empty($return)) {
303	$return = "?destination=$return";
304	}
305
306	$login_page = $app_url . "user" . $return;
307
308	if ($app_in_iframe) {
309	echo "<html><body onload=\"parent.document.location='$login_page'\"></body></html>";
310	exit;
311	}
312
313	header("Location: $login_page");
314	exit;
315	}
316
317	/*********************************************************************
318	*
319	* Functions that are unchanged from other user-app files
320	*
321	********************************************************************/
322
323	/**
324	* Delete a user from the WebCalendar tables (Not from Drupal)
325	*
326	* This will also delete any of the user's events in the system that have
327	* no other participants. Any layers that point to this user
328	* will be deleted. Any views that include this user will be updated.
329	*
330	* @param string $user User to delete
331	*/
332	function user_delete_user ( $user ) {
333	// Get event ids for all events this user is a participant
334	$events = array ();
335	$res = dbi_execute ( 'SELECT webcal_entry.cal_id ' .
336	'FROM webcal_entry, webcal_entry_user ' .
337	'WHERE webcal_entry.cal_id = webcal_entry_user.cal_id ' .
338	'AND webcal_entry_user.cal_login = ?' , array ( $user ) );
339	if ( $res ) {
340	while ( $row = dbi_fetch_row ( $res ) ) {
341	$events[] = $row[0];
342	}
343	}
344
345	// Now count number of participants in each event...
346	// If just 1, then save id to be deleted
347	$delete_em = array ();
348	$evcnt = count ( $events );
349	for ( $i = 0; $i < $evcnt; $i++ ) {
350	$res = dbi_execute ( 'SELECT COUNT(*) FROM webcal_entry_user ' .
351	'WHERE cal_id = ?' , array ( $events[$i] ) );
352	if ( $res ) {
353	if ( $row = dbi_fetch_row ( $res ) ) {
354	if ( $row[0] == 1 )
355	$delete_em[] = $events[$i];
356	}
357	dbi_free_result ( $res );
358	}
359	}
360	$delete_emcnt = count ( $delete_em );
361	// Now delete events that were just for this user
362	for ( $i = 0; $i < $delete_emcnt; $i++ ) {
363	dbi_execute ( 'DELETE FROM webcal_entry_repeats WHERE cal_id = ?' ,
364	array ( $delete_em[$i] ) );
365	dbi_execute ( 'DELETE FROM webcal_entry_repeats_not WHERE cal_id = ?' ,
366	array ( $delete_em[$i] ) );
367	dbi_execute ( 'DELETE FROM webcal_entry_log WHERE cal_entry_id = ?' ,
368	array ( $delete_em[$i] ) );
369	dbi_execute ( 'DELETE FROM webcal_import_data WHERE cal_id = ?' ,
370	array ( $delete_em[$i] ) );
371	dbi_execute ( 'DELETE FROM webcal_site_extras WHERE cal_id = ?' ,
372	array ( $delete_em[$i] ) );
373	dbi_execute ( 'DELETE FROM webcal_entry_ext_user WHERE cal_id = ?' ,
374	array ( $delete_em[$i] ) );
375	dbi_execute ( 'DELETE FROM webcal_reminders WHERE cal_id = ?' ,
376	array ( $delete_em[$i] ) );
377	dbi_execute ( 'DELETE FROM webcal_blob WHERE cal_id = ?' ,
378	array ( $delete_em[$i] ) );
379	dbi_execute ( 'DELETE FROM webcal_entry WHERE cal_id = ?' ,
380	array ( $delete_em[$i] ) );
381	}
382
383	// Delete user participation from events
384	dbi_execute ( 'DELETE FROM webcal_entry_user WHERE cal_login = ?' ,
385	array ( $user ) );
386	// Delete preferences
387	dbi_execute ( 'DELETE FROM webcal_user_pref WHERE cal_login = ?' ,
388	array ( $user ) );
389	// Delete from groups
390	dbi_execute ( 'DELETE FROM webcal_group_user WHERE cal_login = ?' ,
391	array ( $user ) );
392	// Delete bosses & assistants
393	dbi_execute ( 'DELETE FROM webcal_asst WHERE cal_boss = ?' ,
394	array ( $user ) );
395	dbi_execute ( 'DELETE FROM webcal_asst WHERE cal_assistant = ?' ,
396	array ( $user ) );
397	// Delete user's views
398	$delete_em = array ();
399	$res = dbi_execute ( 'SELECT cal_view_id FROM webcal_view WHERE cal_owner = ?' ,
400	array ( $user ) );
401	if ( $res ) {
402	while ( $row = dbi_fetch_row ( $res ) ) {
403	$delete_em[] = $row[0];
404	}
405	dbi_free_result ( $res );
406	}
407	$delete_emcnt = count ( $delete_em );
408	for ( $i = 0; $i < $delete_emcnt; $i++ ) {
409	dbi_execute ( 'DELETE FROM webcal_view_user WHERE cal_view_id = ?' ,
410	array ( $delete_em[$i] ) );
411	}
412	dbi_execute ( 'DELETE FROM webcal_view WHERE cal_owner = ?' ,
413	array ( $user ) );
414	//Delete them from any other user's views
415	dbi_execute ( 'DELETE FROM webcal_view_user WHERE cal_login = ?' ,
416	array ( $user ) );
417	// Delete layers
418	dbi_execute ( 'DELETE FROM webcal_user_layers WHERE cal_login = ?' ,
419	array ( $user ) );
420	// Delete any layers other users may have that point to this user.
421	dbi_execute ( 'DELETE FROM webcal_user_layers WHERE cal_layeruser = ?' ,
422	array ( $user ) );
423	// Delete function access
424	dbi_execute ( 'DELETE FROM webcal_access_function WHERE cal_login = ?' ,
425	array ( $user ) );
426	// Delete user access
427	dbi_execute ( 'DELETE FROM webcal_access_user WHERE cal_login = ?' ,
428	array ( $user ) );
429	dbi_execute ( 'DELETE FROM webcal_access_user WHERE cal_other_user = ?' ,
430	array ( $user ) );
431	// Delete user's categories
432	dbi_execute ( 'DELETE FROM webcal_categories WHERE cat_owner = ?' ,
433	array ( $user ) );
434	dbi_execute ( 'DELETE FROM webcal_entry_categories WHERE cat_owner = ?' ,
435	array ( $user ) );
436	// Delete user's reports
437	$delete_em = array ();
438	$res = dbi_execute ( 'SELECT cal_report_id FROM webcal_report WHERE cal_login = ?' ,
439	array ( $user ) );
440	if ( $res ) {
441	while ( $row = dbi_fetch_row ( $res ) ) {
442	$delete_em[] = $row[0];
443	}
444	dbi_free_result ( $res );
445	}
446	$delete_emcnt = count ( $delete_em );
447	for ( $i = 0; $i < $delete_emcnt; $i++ ) {
448	dbi_execute ( 'DELETE FROM webcal_report_template WHERE cal_report_id = ?' ,
449	array ( $delete_em[$i] ) );
450	}
451	dbi_execute ( 'DELETE FROM webcal_report WHERE cal_login = ?' ,
452	array ( $user ) );
453	//not sure about this one???
454	dbi_execute ( 'DELETE FROM webcal_report WHERE cal_user = ?' ,
455	array ( $user ) );
456	// Delete user templates
457	dbi_execute ( 'DELETE FROM webcal_user_template WHERE cal_login = ?' ,
458	array ( $user ) );
459	}
460
461	// Functions we don't use with this file:
462	function user_update_user ( $user, $firstname, $lastname, $email, $admin ) {
463	global $error;
464	$error = 'User admin not supported.'; return false;
465	}
466	function user_update_user_password ( $user, $password ) {
467	global $error;
468	$error = 'User admin not supported.'; return false;
469	}
470	function user_add_user ( $user, $password, $firstname, $lastname, $email, $admin ) {
471	global $error;
472	$error = 'User admin not supported.'; return false;
473	}
474	?>