1
zite83
Hack allows Extcal users to edit their own events
  • 2006/8/8 2:42

  • zite83

  • Just popping in

  • Posts: 41

  • Since: 2004/10/5


This hack allows users to edit their own events with out having to be an admin of the Extcal module.

This code works in conjuction with Extcal, so there is really no hacking, just copy the file into Extcal's directory.

Known problems:

(1) The edit button will always show up even if you are not allowed to edit the event.

(2)If auto approve is turned off for a group, re-editing an event by a user in that group will not set the event back to zero requiring the admin to reapprove.

(3) Users can not delete their own event

Add this line of code somewhere in (extcal_event.html) Do not replace the original edit button!
<a href="event_edit.php?op=modify&event_id=<{$event.event_id}>"><img src="images/edit.gif" />a>


Save this file as (event_edit.php) in Extcal's main folder

include "../../mainfile.php";
include 
'../../class/xoopsformloader.php';
include_once 
'class/perm.php';

$extcalPerm ExtcalPerm::getHandler();
// If the user is allowed to submit an event in this category then pass on to next statment
if(count($extcalPerm->getAuthorizedCat($xoopsUser'extcal_cat_submit')) > 0) {

// At the moment this is the only way I know how to grab the events submitter ID
$event_ID $_REQUEST['event_id'];
$sql 'SELECT event_submitter FROM '.$xoopsDB->prefix('extcal_event').' WHERE event_id='.$event_ID;
$query mysql_query($sql);
while (
$row mysql_fetch_array($query)) { 
 
$event_submitter $row['event_submitter'];
}

// Does the user editing event = the events submitter? If so then move on
$user_uid $xoopsUser->getVar('uid');
if (
$event_submitter == $user_uid){



if(isset(
$_GET['op'])) {
    
$op $_GET['op'];
} else {
    
$op 'default';
}
$fct = isset($_POST['fct']) ? $_POST['fct'] : '';
if(!isset(
$_POST['form_submit']) && $fct == 'modify') {
    
$op 'modify';
} else if(!isset(
$_POST['form_submit']) && $fct == 'create') {
    
$op 'default';
}

if(isset(
$_GET['start'])) {
    
$start $_GET['start'];
} else {
    
$start 0;
}

switch(
$op) {
    
    case 
'enreg':
 
        
// Event edited
        
if($_POST['fct'] == 'modify') {
            
$catHandler xoops_getmodulehandler('cat''extcal');
            
$eventHandler xoops_getmodulehandler('event''extcal');
            if(!
preg_match('`[0-9]{4}-[01][0-9]-[0123][0-9]`'$_POST['event_start']['date'])) {
                
redirect_header('event_edit.php'3_MD_EXTCAL_WRONG_DATE_FORMAT."".implode(''$GLOBALS['xoopsSecurity']->getErrors()));
                exit;
            }
            list(
$year,$month,$day) = explode("-",$_POST['event_start']['date']);
            
$start mktime(0,0,0,$month,$day,$year) + $_POST['event_start']['time'];
            if(
$_POST['event_end_ok'] == 1) {
                if(
preg_match('`[0-9]{4}-[01][0-9]-[0123][0-9]`'$_POST['event_end']['date'])) {
                    list(
$year,$month,$day) = explode("-",$_POST['event_end']['date']);
                    
$end mktime(0,0,0,$month,$day,$year) + $_POST['event_end']['time'];
                } else {
                    
$end $start;
                }
            } else {
                
$end $start;
            }
            
$eventId = isset($_GET['event_id']) ? $_GET['event_id'] : $_POST['event_id'];
            
$dohtml = ($xoopsModuleConfig['dohtml_type'] != 0) ? 0;
            
$var_arr = array(
                
'event_title'=>$_POST['event_title'],
                
'cat_id'=>$_POST['cat_id'],
                
'event_desc'=>$_POST['event_desc'],
                
'event_contact'=>$_POST['event_contact'],
                
'event_url'=>$_POST['event_url'],
                
'event_email'=>$_POST['event_email'],
                
'event_address'=>$_POST['event_address'],
                
'event_approved'=>1,
                
'event_start'=>$start,
                
'event_end'=>$end,
                
'dohtml'=>$dohtml
            
);
            
$eventHandler->modifyEvent($_POST['event_id'], $var_arr);
            
redirect_header('event.php?event='.$eventId.''3'Event Edited'false);
        
        }
    
        break;
        
    case 
'modify':
    

        include 
XOOPS_ROOT_PATH.'/header.php';
        
$eventId = isset($_GET['event_id']) ? $_GET['event_id'] : $_POST['event_id'];
        
$eventHandler xoops_getmodulehandler('event''extcal');
        echo 
'
'.'Event Edited'.'';
        
$formSubmit $eventHandler->getSubmitFormDisplay($xoopsUser'event_edit.php?op=enreg''modify'$eventId);
        
$formSubmit->display();
        echo 
'
'
;
        include 
XOOPS_ROOT_PATH.'/footer.php';
        
        break;
        
            }
        }
        
// Does the user editing event = the events submitter? If no, then redirect
        
else {redirect_header('index.php'3'Sorry, you can not edit this event'."".implode(''$GLOBALS['xoopsSecurity']->getErrors()));}
    }
else {
redirect_header('index.php'3_NOPERM."".implode(''$GLOBALS['xoopsSecurity']->getErrors()));}
?>


Thats it!

2
zite83
Re: Hack allows Extcal users to edit their own events
  • 2006/9/5 20:40

  • zite83

  • Just popping in

  • Posts: 41

  • Since: 2004/10/5


The final version of this hack can be found Here

Login

Who's Online

199 user(s) are online (107 user(s) are browsing Support Forums)


Members: 0


Guests: 199


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Nov 30
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits