X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=plugins%2Fcalendar%2Fcalendar_data.php;h=3a267abae43144d509d935d0d89bab4f73dfd66d;hb=c4faef335b2362c81b8ebf026d4066c12d70536c;hp=1441f513b401ddfd3ac57592075426aa922a9726;hpb=91e0dccca7b2452d8b450791cae3aa4125e8889e;p=squirrelmail.git
diff --git a/plugins/calendar/calendar_data.php b/plugins/calendar/calendar_data.php
index 1441f513..3a267aba 100644
--- a/plugins/calendar/calendar_data.php
+++ b/plugins/calendar/calendar_data.php
@@ -1,32 +1,69 @@
- *
* functions to operate on calendar data files.
*
- * $Id$
+ * @copyright 2002-2020 The SquirrelMail Project Team
+ * @license http://opensource.org/licenses/gpl-license.php GNU Public License
+ * @version $Id$
* @package plugins
* @subpackage calendar
*/
-/** this is array that contains all events
- * it is three dimensional array with fallowing structure
- * $calendardata[date][time] = array(length,priority,title,message); */
+/**
+ * this is array that contains all events
+ * it is three dimensional array with fallowing structure
+ * $calendardata[date][time] = array(length,priority,title,message,reminder);
+ */
$calendardata = array();
+/**
+ * Reads multilined calendar data
+ *
+ * Plugin stores multiline texts converted to single line with PHP nl2br().
+ * Function undoes nl2br() conversion and html encoding of ASCII vertical bar.
+ *
+ * Older plugin versions sanitized data with sm_encode_html_special_chars. Since 1.5.1 calendar
+ * data is not sanitized. Output functions must make sure that data is correctly
+ * encoded and sanitized.
+ * @param string $string calendar string
+ * @return string calendar string converted to multiline text
+ * @access private
+ * @since 1.5.1
+ */
+function calendar_readmultiline($string) {
+ /**
+ * replace html line breaks with ASCII line feeds
+ * replace htmlencoded | with ASCII vertical bar
+ */
+ $string = str_replace(array('
','
','|'),array("\n","\n",'|'),$string);
+ return $string;
+}
+
+/**
+ * Callback function used to sanitize calendar data before saving it to file
+ * @param string $sValue array value
+ * @param string $sKey array key
+ * @access private
+ * @since 1.5.1
+ */
+function calendar_encodedata(&$sValue, $sKey) {
+ /**
+ * add html line breaks
+ * remove original ASCII line feeds and carriage returns
+ * replace ASCII vertical bar with html code in order to sanitize field delimiter
+ */
+ $sValue = str_replace(array("\n","\r",'|'),array('','','|'),nl2br($sValue));
+}
+
/**
* read events into array
*
* data is | delimited, just like addressbook
* files are structured like this:
* date|time|length|priority|title|message
- * files are divided by year for performance increase */
+ * files are divided by year for performance increase
+ */
function readcalendardata() {
global $calendardata, $username, $data_dir, $year;
@@ -37,11 +74,11 @@ function readcalendardata() {
if ($fp){
while ($fdata = fgetcsv ($fp, 4096, '|')) {
- $calendardata[$fdata[0]][$fdata[1]] = array( 'length' => $fdata[2],
- 'priority' => $fdata[3],
- 'title' => htmlspecialchars($fdata[4],ENT_NOQUOTES),
- 'message' => htmlspecialchars($fdata[5],ENT_NOQUOTES),
- 'reminder' => $fdata[6] );
+ $calendardata[$fdata[0]][$fdata[1]] = array( 'length' => $fdata[2],
+ 'priority' => $fdata[3],
+ 'title' => str_replace("\n",' ',calendar_readmultiline($fdata[4])),
+ 'message' => calendar_readmultiline($fdata[5]),
+ 'reminder' => $fdata[6] );
}
fclose ($fp);
// this is to sort the events within a day on starttime
@@ -55,7 +92,11 @@ function readcalendardata() {
}
}
-//makes events persistant
+/**
+ * Saves calendar data
+ * @return void
+ * @access private
+ */
function writecalendardata() {
global $calendardata, $username, $data_dir, $year, $color;
@@ -66,9 +107,16 @@ function writecalendardata() {
while ( $calfoo = each ($calendardata)) {
while ( $calbar = each ($calfoo['value'])) {
$calfoobar = $calendardata[$calfoo['key']][$calbar['key']];
+ array_walk($calfoobar,'calendar_encodedata');
+ /**
+ * Make sure that reminder field is set. Calendar forms don't implement it,
+ * but it is still used for calendar data. Backwards compatibility.
+ */
+ if (!isset($calfoobar['reminder'])) $calfoobar['reminder']='';
+
$calstr = "$calfoo[key]|$calbar[key]|$calfoobar[length]|$calfoobar[priority]|$calfoobar[title]|$calfoobar[message]|$calfoobar[reminder]\n";
if(sq_fwrite($fp, $calstr, 4096) === FALSE) {
- error_box(_("Could not write calendar file %s", "$username.$year.cal.tmp"), $color);
+ error_box(_("Could not write calendar file %s", "$username.$year.cal.tmp"));
}
}
@@ -79,7 +127,11 @@ function writecalendardata() {
}
}
-//deletes event from file
+/**
+ * deletes event from file
+ * @return void
+ * @access private
+ */
function delete_event($date, $time) {
global $calendardata, $username, $data_dir, $year;
@@ -88,23 +140,27 @@ function delete_event($date, $time) {
if ($fp){
while ($fdata = fgetcsv ($fp, 4096, "|")) {
if (($fdata[0]==$date) && ($fdata[1]==$time)){
- // do nothing
+ // do nothing
} else {
- $calendardata[$fdata[0]][$fdata[1]] = array( 'length' => $fdata[2],
+ $calendardata[$fdata[0]][$fdata[1]] = array( 'length' => $fdata[2],
'priority' => $fdata[3],
- 'title' => $fdata[4],
- 'message' => $fdata[5],
+ 'title' => $fdata[4],
+ 'message' => $fdata[5],
'reminder' => $fdata[6] );
}
}
fclose ($fp);
}
writecalendardata();
-
}
-// same as delete but not saves calendar
-// saving is done inside event_edit.php
+/**
+ * same as delete but does not save calendar
+ * saving is done inside event_edit.php
+ * @return void
+ * @access private
+ * @todo code reuse
+ */
function update_event($date, $time) {
global $calendardata, $username, $data_dir, $year;
@@ -113,18 +169,15 @@ function update_event($date, $time) {
if ($fp){
while ($fdata = fgetcsv ($fp, 4096, '|')) {
if (($fdata[0]==$date) && ($fdata[1]==$time)){
- // do nothing
+ // do nothing
} else {
- $calendardata[$fdata[0]][$fdata[1]] = array( 'length' => $fdata[2],
+ $calendardata[$fdata[0]][$fdata[1]] = array( 'length' => $fdata[2],
'priority' => $fdata[3],
- 'title' => $fdata[4],
- 'message' => $fdata[5],
+ 'title' => $fdata[4],
+ 'message' => $fdata[5],
'reminder' => $fdata[6] );
}
}
fclose ($fp);
}
}
-
-
-?>
\ No newline at end of file