This hack allows users to edit their own events with out having to be an admin of the Extcal module.
This code works in conjuction with Extcal, so there is really no hacking, just copy the file into Extcal's directory.
Known problems:
(1) The edit button will always show up even if you are not allowed to edit the event.
(2)If auto approve is turned off for a group, re-editing an event by a user in that group will not set the event back to zero requiring the admin to reapprove.
(3) Users can not delete their own event
Add this line of code somewhere in (extcal_event.html) Do not replace the original edit button!
<a href="event_edit.php?op=modify&event_id=<{$event.event_id}>"><img src="images/edit.gif" /></a>
Save this file as (event_edit.php) in Extcal's main folder
<?php
include "../../mainfile.php";
include '../../class/xoopsformloader.php';
include_once 'class/perm.php';
$extcalPerm = ExtcalPerm::getHandler();
// If the user is allowed to submit an event in this category then pass on to next statment
if(count($extcalPerm->getAuthorizedCat($xoopsUser, 'extcal_cat_submit')) > 0) {
// At the moment this is the only way I know how to grab the events submitter ID
$event_ID = $_REQUEST['event_id'];
$sql = 'SELECT event_submitter FROM '.$xoopsDB->prefix('extcal_event').' WHERE event_id='.$event_ID;
$query = mysql_query($sql);
while ($row = mysql_fetch_array($query)) {
$event_submitter = $row['event_submitter'];
}
// Does the user editing event = the events submitter? If so then move on
$user_uid = $xoopsUser->getVar('uid');
if ($event_submitter == $user_uid){
if(isset($_GET['op'])) {
$op = $_GET['op'];
} else {
$op = 'default';
}
$fct = isset($_POST['fct']) ? $_POST['fct'] : '';
if(!isset($_POST['form_submit']) && $fct == 'modify') {
$op = 'modify';
} else if(!isset($_POST['form_submit']) && $fct == 'create') {
$op = 'default';
}
if(isset($_GET['start'])) {
$start = $_GET['start'];
} else {
$start = 0;
}
switch($op) {
case 'enreg':
// Event edited
if($_POST['fct'] == 'modify') {
$catHandler = xoops_getmodulehandler('cat', 'extcal');
$eventHandler = xoops_getmodulehandler('event', 'extcal');
if(!preg_match('`[0-9]{4}-[01][0-9]-[0123][0-9]`', $_POST['event_start']['date'])) {
redirect_header('event_edit.php', 3, _MD_EXTCAL_WRONG_DATE_FORMAT."<br />".implode('<br />', $GLOBALS['xoopsSecurity']->getErrors()));
exit;
}
list($year,$month,$day) = explode("-",$_POST['event_start']['date']);
$start = mktime(0,0,0,$month,$day,$year) + $_POST['event_start']['time'];
if($_POST['event_end_ok'] == 1) {
if(preg_match('`[0-9]{4}-[01][0-9]-[0123][0-9]`', $_POST['event_end']['date'])) {
list($year,$month,$day) = explode("-",$_POST['event_end']['date']);
$end = mktime(0,0,0,$month,$day,$year) + $_POST['event_end']['time'];
} else {
$end = $start;
}
} else {
$end = $start;
}
$eventId = isset($_GET['event_id']) ? $_GET['event_id'] : $_POST['event_id'];
$dohtml = ($xoopsModuleConfig['dohtml_type'] != 0) ? 1 : 0;
$var_arr = array(
'event_title'=>$_POST['event_title'],
'cat_id'=>$_POST['cat_id'],
'event_desc'=>$_POST['event_desc'],
'event_contact'=>$_POST['event_contact'],
'event_url'=>$_POST['event_url'],
'event_email'=>$_POST['event_email'],
'event_address'=>$_POST['event_address'],
'event_approved'=>1,
'event_start'=>$start,
'event_end'=>$end,
'dohtml'=>$dohtml
);
$eventHandler->modifyEvent($_POST['event_id'], $var_arr);
redirect_header('event.php?event='.$eventId.'', 3, 'Event Edited', false);
}
break;
case 'modify':
include XOOPS_ROOT_PATH.'/header.php';
$eventId = isset($_GET['event_id']) ? $_GET['event_id'] : $_POST['event_id'];
$eventHandler = xoops_getmodulehandler('event', 'extcal');
echo '<fieldset><legend style="font-weight:bold; color:#990000;">'.'Event Edited'.'</legend>';
$formSubmit = $eventHandler->getSubmitFormDisplay($xoopsUser, 'event_edit.php?op=enreg', 'modify', $eventId);
$formSubmit->display();
echo '</fieldset><br />';
include XOOPS_ROOT_PATH.'/footer.php';
break;
}
}
// Does the user editing event = the events submitter? If no, then redirect
else {redirect_header('index.php', 3, 'Sorry, you can not edit this event'."<br />".implode('<br />', $GLOBALS['xoopsSecurity']->getErrors()));}
}
else {redirect_header('index.php', 3, _NOPERM."<br />".implode('<br />', $GLOBALS['xoopsSecurity']->getErrors()));}
?>
Thats it!
