X-Git-Url: https://vcs.fsf.org/?a=blobdiff_plain;f=plugins%2Fcalendar%2Fevent_create.php;h=febd8375867dee08e32b4c20a598c6da964b2407;hb=a6d3eff675f7ace3d69f6d9788489ca930333315;hp=f021220f69a090752d93817adcc9989cddf5e2fd;hpb=8d6a115b0ef06dbcf9b149ba2509208f09b3a2ab;p=squirrelmail.git diff --git a/plugins/calendar/event_create.php b/plugins/calendar/event_create.php index f021220f..febd8375 100644 --- a/plugins/calendar/event_create.php +++ b/plugins/calendar/event_create.php @@ -3,7 +3,7 @@ /** * event_create.php * - * Copyright (c) 2002 The SquirrelMail Project Team + * Copyright (c) 2002-2005 The SquirrelMail Project Team * Licensed under the GNU GPL. For full terms see the file COPYING. * * Originally contrubuted by Michal Szczotka @@ -11,8 +11,14 @@ * functions to create a event for calendar. * * $Id$ + * @package plugins + * @subpackage calendar */ -define('SM_PATH','../'); + +/** + * @ignore + */ +define('SM_PATH','../../'); /* Calender plugin required files. */ require_once(SM_PATH . 'plugins/calendar/calendar_data.php'); @@ -27,56 +33,118 @@ require_once(SM_PATH . 'functions/page_header.php'); require_once(SM_PATH . 'include/load_prefs.php'); require_once(SM_PATH . 'functions/html.php'); +/* get globals */ + +// undo rg = on effects +if (isset($month)) unset($month); +if (isset($year)) unset($year); +if (isset($day)) unset($day); +if (isset($hour)) unset($hour); +if (isset($minute)) unset($minute); +if (isset($event_hour)) unset($event_hour); +if (isset($event_minute)) unset($event_minute); +if (isset($event_length)) unset($event_length); +if (isset($event_priority)) unset($event_priority); + + +if (isset($_GET['year']) && is_numeric($_GET['year'])) { + $year = $_GET['year']; +} +elseif (isset($_POST['year']) && is_numeric($_POST['year'])) { + $year = $_POST['year']; +} +if (isset($_GET['month']) && is_numeric($_GET['month'])) { + $month = $_GET['month']; +} +elseif (isset($_POST['month']) && is_numeric($_POST['month'])) { + $month = $_POST['month']; +} +if (isset($_GET['day']) && is_numeric($_GET['day'])) { + $day = $_GET['day']; +} +elseif (isset($_POST['day']) && is_numeric($_POST['day'])) { + $day = $_POST['day']; +} + +if (isset($_POST['hour']) && is_numeric($_POST['hour'])) { + $hour = $_POST['hour']; +} +elseif (isset($_GET['hour']) && is_numeric($_GET['hour'])) { + $hour = $_GET['hour']; +} +if (isset($_POST['event_hour']) && is_numeric($_POST['event_hour'])) { + $event_hour = $_POST['event_hour']; +} +if (isset($_POST['event_minute']) && is_numeric($_POST['event_minute'])) { + $event_minute = $_POST['event_minute']; +} +if (isset($_POST['event_length']) && is_numeric($_POST['event_length'])) { + $event_length = $_POST['event_length']; +} +if (isset($_POST['event_priority']) && is_numeric($_POST['event_priority'])) { + $event_priority = $_POST['event_priority']; +} +if (isset($_POST['event_title'])) { + $event_title = $_POST['event_title']; +} +if (isset($_POST['event_text'])) { + $event_text = $_POST['event_text']; +} +if (isset($_POST['send'])) { + $send = $_POST['send']; +} +/* got 'em */ + //main form to gather event info function show_event_form() { global $color, $editor_size, $year, $day, $month, $hour; - echo "\n
\n". - " \n". - " \n". - " \n". + echo "\n\n". + " \n". + " \n". + " \n". html_tag( 'tr' ) . html_tag( 'td', _("Start time:"), 'right', $color[4] ) . "\n" . html_tag( 'td', '', 'left', $color[4] ) . "\n" . - " \n"; select_option_hour($hour); - echo " \n" . + echo " \n" . "  : \n" . - " \n"; select_option_minute("00"); - echo " \n". + echo " \n". " \n". html_tag( 'tr' ) . html_tag( 'td', _("Length:"), 'right', $color[4] ) . "\n" . html_tag( 'td', '', 'left', $color[4] ) . "\n" . - " \n"; select_option_length("0"); - echo " \n". + echo " \n". " \n". html_tag( 'tr' ) . html_tag( 'td', _("Priority:"), 'right', $color[4] ) . "\n" . html_tag( 'td', '', 'left', $color[4] ) . "\n" . - " \n"; select_option_priority("0"); - echo " \n". + echo " \n". " \n". html_tag( 'tr' ) . html_tag( 'td', _("Title:"), 'right', $color[4] ) . "\n" . html_tag( 'td', '', 'left', $color[4] ) . "\n" . - "
\n". + "
\n". " \n". html_tag( 'tr', html_tag( 'td', - "" , + "" , 'left', $color[4], 'colspan="2"' ) ) ."\n" . html_tag( 'tr', html_tag( 'td', - "" , + '' , 'left', $color[4], 'colspan="2"' ) ) ."\n"; - echo "
\n"; + echo "\n"; } @@ -125,7 +193,7 @@ if(!isset($event_text)){ writecalendardata(); echo html_tag( 'table', html_tag( 'tr', - html_tag( 'th', _("Event Has been added!") . "
\n", '', $color[4], 'colspan="2"' ) + html_tag( 'th', _("Event Has been added!") . "
\n", '', $color[4], 'colspan="2"' ) ) . html_tag( 'tr', html_tag( 'td', _("Date:"), 'right', $color[4] ) . "\n" . @@ -137,15 +205,15 @@ if(!isset($event_text)){ ) . html_tag( 'tr', html_tag( 'td', _("Title:"), 'right', $color[4] ) . "\n" . - html_tag( 'td', $event_title, 'left', $color[4] ) . "\n" + html_tag( 'td', htmlspecialchars($event_title,ENT_NOQUOTES), 'left', $color[4] ) . "\n" ) . html_tag( 'tr', html_tag( 'td', _("Message:"), 'right', $color[4] ) . "\n" . - html_tag( 'td', $event_text, 'left', $color[4] ) . "\n" + html_tag( 'td', htmlspecialchars($event_text,ENT_NOQUOTES), 'left', $color[4] ) . "\n" ) . html_tag( 'tr', html_tag( 'td', - "" . _("Day View") . "\n" , + "" . _("Day View") . "\n" , 'left', $color[4], 'colspan="2"' ) . "\n" ) , '', $color[0], 'width="100%" border="0" cellpadding="2" cellspacing="1"' ) ."\n"; @@ -153,4 +221,4 @@ if(!isset($event_text)){ ?> - + \ No newline at end of file