xref: /plugin/davcal/action/ajax.php (revision 1bb22c2b6e155479aed3dc0255abebfbc91daa46)
1<?php
2
3/**
4 * DokuWiki DAVCal PlugIn - Ajax component
5 */
6
7if(!defined('DOKU_INC')) die();
8
9class action_plugin_davcal_ajax extends DokuWiki_Action_Plugin {
10
11    /**
12     * @var helper_plugin_davcal
13     */
14    private $hlp = null;
15
16    function __construct() {
17        $this->hlp =& plugin_load('helper','davcal');
18    }
19
20    function register(Doku_Event_Handler $controller) {
21        $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'handle_ajax_call_unknown');
22    }
23
24    function handle_ajax_call_unknown(&$event, $param) {
25      if($event->data != 'plugin_davcal') return;
26
27      $event->preventDefault();
28      $event->stopPropagation();
29      global $INPUT;
30
31      $action = trim($INPUT->post->str('action'));
32      $id = trim($INPUT->post->str('id'));
33      $page = trim($INPUT->post->str('page'));
34      $params = $INPUT->post->arr('params');
35      if(isset($_SERVER['REMOTE_USER']) && !is_null($_SERVER['REMOTE_USER']))
36        $user = $_SERVER['REMOTE_USER'];
37      else
38        $user = null;
39      $write = false;
40      $multi = false;
41
42      if(!checkSecurityToken())
43      {
44          echo "CSRF Attack.";
45          return;
46      }
47
48      $data = array();
49
50      $data['result'] = false;
51      $data['html'] = $this->getLang('unknown_error');
52
53      // Check if we have access to the calendar ($id is given by parameters,
54      // that's not necessarily the page we come from)
55      $acl = auth_quickaclcheck($id);
56      if($acl > AUTH_READ)
57      {
58          $write = true;
59      }
60      elseif($acl < AUTH_READ)
61      {
62          $data['result'] = false;
63          $data['html'] = $this->getLang('no_permission');
64          // Set to an invalid action in order to just return the result
65          $action = 'invalid';
66      }
67
68      // Retrieve the calendar pages based on the meta data
69      $calendarPages = $this->hlp->getCalendarPagesByMeta($page);
70      if($calendarPages === false)
71      {
72          $calendarPages = array($page => null);
73      }
74      if(count($calendarPages) > 1)
75        $multi = true;
76
77      // Parse the requested action
78      switch($action)
79      {
80          // Add a new Event
81          case 'newEvent':
82              if($write)
83              {
84                  $res = $this->hlp->addCalendarEntryToCalendarForPage($id, $user, $params);
85                  if($res === true)
86                  {
87                    $data['result'] = true;
88                    $data['html'] = $this->getLang('event_added');
89                  }
90                  else
91                  {
92                    $data['result'] = false;
93                    $data['html'] = $this->getLang('unknown_error');
94                  }
95              }
96              else
97              {
98                  $data['result'] = false;
99                  $data['html'] = $this->getLang('no_permission');
100              }
101          break;
102          // Retrieve existing Events
103          case 'getEvents':
104              $startDate = $INPUT->post->str('start');
105              $endDate = $INPUT->post->str('end');
106              $timezone = $INPUT->post->str('timezone');
107              $data = array();
108              foreach($calendarPages as $calPage => $color)
109              {
110                  $data = array_merge($data, $this->hlp->getEventsWithinDateRange($calPage,
111                                      $user, $startDate, $endDate, $timezone, $color));
112              }
113          break;
114          // Edit an event
115          case 'editEvent':
116              if($write)
117              {
118                  $res = $this->hlp->editCalendarEntryForPage($id, $user, $params);
119                  if($res === true)
120                  {
121                    $data['result'] = true;
122                    $data['html'] = $this->getLang('event_edited');
123                  }
124                  else
125                  {
126                    $data['result'] = false;
127                    $data['html'] = $this->getLang('unknown_error');
128                  }
129              }
130              else
131              {
132                  $data['result'] = false;
133                  $data['html'] = $this->getLang('no_permission');
134              }
135          break;
136          // Delete an Event
137          case 'deleteEvent':
138              if($write)
139              {
140                  $res = $this->hlp->deleteCalendarEntryForPage($id, $params);
141                  if($res === true)
142                  {
143                    $data['result'] = true;
144                    $data['html'] = $this->getLang('event_deleted');
145                  }
146                  else
147                  {
148                    $data['result'] = false;
149                    $data['html'] = $this->getLang('unknown_error');
150                  }
151              }
152              else
153              {
154                  $data['result'] = false;
155                  $data['html'] = $this->getLang('no_permission');
156              }
157          break;
158          // Get personal settings
159          case 'getSettings':
160              $data['result'] = true;
161              $data['settings'] = $this->hlp->getPersonalSettings($user);
162              $data['settings']['multi'] = $multi;
163              $data['settings']['calids'] = $this->hlp->getCalendarMapForIDs($calendarPages);
164              $data['settings']['readonly'] = !$write;
165              $data['settings']['syncurl'] = $this->hlp->getSyncUrlForPage($page, $user);
166              $data['settings']['privateurl'] = $this->hlp->getPrivateURLForPage($page);
167              $data['settings']['principalurl'] = $this->hlp->getPrincipalUrlForUser($user);
168              $data['settings']['meta'] = $this->hlp->getCalendarMetaForPage($page);
169          break;
170          // Save personal settings
171          case 'saveSettings':
172              $settings = array();
173              $settings['weeknumbers'] = $params['weeknumbers'];
174              $settings['timezone'] = $params['timezone'];
175              $settings['workweek'] = $params['workweek'];
176              $settings['monday'] = $params['monday'];
177              $settings['timeformat'] = $params['timeformat'];
178              if($this->hlp->savePersonalSettings($settings, $user))
179              {
180                  $data['result'] = true;
181                  $data['html'] = $this->getLang('settings_saved');
182              }
183              else
184              {
185                  $data['result'] = false;
186                  $data['html'] = $this->getLang('error_saving');
187              }
188          break;
189      }
190
191      // If we are still here, JSON output is requested
192
193      //json library of DokuWiki
194      require_once DOKU_INC . 'inc/JSON.php';
195      $json = new JSON();
196
197      //set content type
198      header('Content-Type: application/json');
199      echo $json->encode($data);
200    }
201
202}
203