fix calendarid in eventform and validation of calendarid

diff --git a/apps/calendar/ajax/event/edit.form.php b/apps/calendar/ajax/event/edit.form.php
index 6783462eaf166aa04b0657a62ee2c3abbc82dbed..8db0ba79406ad49b0dfd0723b22a65b8e4c0cdf1 100644 (file)
--- a/apps/calendar/ajax/event/edit.form.php
+++ b/apps/calendar/ajax/event/edit.form.php
@@ -195,6 +195,8 @@ if($data['repeating'] == 1){
 }
 if($access == 'owner'){
        $calendar_options = OC_Calendar_Calendar::allCalendars(OC_User::getUser());
+}else{
+       $calendar_options = array(OC_Calendar_App::getCalendar($data['calendarid'], false));
 }
 $category_options = OC_Calendar_App::getCategoryOptions();
 $repeat_options = OC_Calendar_App::getRepeatOptions();

diff --git a/apps/calendar/lib/object.php b/apps/calendar/lib/object.php
index 8cd25bca00c6e71d3c3a20a7d2a2c636892f823c..ab005bd4a4aed197be8482595c4d1e06abb8821e 100644 (file)
--- a/apps/calendar/lib/object.php
+++ b/apps/calendar/lib/object.php
@@ -451,11 +451,6 @@ class OC_Calendar_Object{
                        $errarr['title'] = 'true';
                        $errnum++;
                }
-               $calendar = OC_Calendar_App::getCalendar($request['calendar'], true, true);
-               if(!$calendar){
-                       $errarr['cal'] = 'true';
-                       $errnum++;
-               }
 
                if(isset($request['categories']) && !is_array($request['categories'])){
                        $errarr['categories'] = $l10n->t('Not an array');

diff --git a/apps/calendar/lib/share.php b/apps/calendar/lib/share.php
index 40f220fcaab20fb92748ec65deceff577c0ebfa9..0c656f2d6eecdf1a92d4ff77a7755e13d0d5a7e4 100644 (file)
--- a/apps/calendar/lib/share.php
+++ b/apps/calendar/lib/share.php
@@ -211,17 +211,17 @@ class OC_Calendar_Share{
         */
        public static function check_access($share, $id, $type){
                $group_where = self::group_sql(OC_Group::getUserGroups($share));
-               $stmt = OC_DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE ((share = ? AND sharetype = "user") ' . $group_where . ')');
-               $result = $stmt->execute(array($share));
+               $stmt = OC_DB::prepare('SELECT * FROM *PREFIX*calendar_share_' . $type . ' WHERE (' . $type . 'id = ? AND (share = ? AND sharetype = "user") ' . $group_where . ')');
+               $result = $stmt->execute(array($id,$share));
                $rows =  $result->numRows();
                if($rows > 0){
                        return true;
-               }
-               if($type == self::EVENT){
+               }elseif($type == self::EVENT){
                        $event = OC_Calendar_App::getEventObject($id, false, false);
                        return self::check_access($share, $event['calendarid'], self::CALENDAR);
+               }else{
+                       return false;
                }
-               return false;
        }
         /*
          * @brief: returns the calendardata of an event or a calendar

diff --git a/apps/calendar/templates/part.eventform.php b/apps/calendar/templates/part.eventform.php
index 36c741b3a3967bb0ad19591060ba4405d1425b6c..05e37243a19f10da63066c9155fd69732a181a3e 100644 (file)
--- a/apps/calendar/templates/part.eventform.php
+++ b/apps/calendar/templates/part.eventform.php
@@ -44,7 +44,7 @@ echo 'Calendar.UI.Share.idtype = "event";' . "\n" . 'Calendar.UI.Share.currentid
                        <?php } else { ?>
                        <th width="75px">&nbsp;</th>
                        <td>
-                               <input type="hidden" name="calendar" value="<?php echo $_['calendar']; ?>">
+                               <input type="hidden" name="calendar" value="<?php echo $_['calendar_options'][0]['id']; ?>">
                        </td>
                        <?php } ?>
                </tr>