diff --git a/addressbook/inc/class.addressbook_vcal.inc.php b/addressbook/inc/class.addressbook_vcal.inc.php
index c8f9bd0589..812466a1f4 100644
--- a/addressbook/inc/class.addressbook_vcal.inc.php
+++ b/addressbook/inc/class.addressbook_vcal.inc.php
@@ -401,6 +401,15 @@ class addressbook_vcal extends addressbook_bo
}
break;
+ case 'freebusy_uri':
+ // fix Freebusy URL for users
+ if (!empty($entry['account_id']) && ($user = Api\Accounts::id2name($entry['account_id'])))
+ {
+ $value = Api\Header\Http::fullUrl(Api\Framework::link('/calendar/freebusy.php', ['user' => $user]));
+ }
+ if (!empty($value)) $hasdata++;
+ break;
+
case 'n_fn':
case 'fileas_type':
// mark entries with fileas_type == 'org_name' as X-ABSHOWAS:COMPANY (Apple AB specific)
diff --git a/calendar/freebusy.php b/calendar/freebusy.php
index 9cb0ab6312..08a15a7e11 100644
--- a/calendar/freebusy.php
+++ b/calendar/freebusy.php
@@ -19,11 +19,21 @@ $GLOBALS['egw_info'] = array(
'nofooter' => True,
),
);
-// check if we are loged in, by checking sessionid and kp3, as the sessionid get set automaticaly by php for php4-sessions
-if (!($loged_in = !empty($_COOKIE['sessionid'])))
+// check if we are already logged in
+require_once __DIR__.'/../api/src/autoload.php';
+if (!($logged_in = !empty(Api\Session::get_sessionid())))
{
- $GLOBALS['egw_info']['flags']['currentapp'] = 'login';
- $GLOBALS['egw_info']['flags']['noapi'] = True;
+ // support basic auth for regular user-credentials
+ if (!empty($_SERVER['PHP_AUTH_PW']) || !empty($_SERVER['REDIRECT_HTTP_AUTHORIZATION']))
+ {
+ $GLOBALS['egw_info']['flags']['autocreate_session_callback'] = Api\Header\Authenticate::class.'::autocreate_session_callback';
+ $logged_in = true; // header sends 401, if not authenticated
+ }
+ else
+ {
+ $GLOBALS['egw_info']['flags']['currentapp'] = 'login';
+ $GLOBALS['egw_info']['flags']['noapi'] = True;
+ }
}
include ('../header.inc.php');
@@ -32,10 +42,11 @@ function fail_exit($msg)
echo "\n\n$msg\n\n\n$msg
\n\n\n";
- exit();
+ http_response_code(401);
+ exit;
}
-if (!$loged_in)
+if (!$logged_in)
{
include ('../api/src/loader.php');
$GLOBALS['egw_info']['flags']['currentapp'] = 'calendar';
@@ -59,7 +70,7 @@ if ($user === false || !($username = $GLOBALS['egw']->accounts->id2name($user)))
{
fail_exit(lang("freebusy: unknown user '%1', wrong password or not available to not logged in users !!!"." $username($user)",$_GET['user']));
}
-if (!$loged_in)
+if (!$logged_in)
{
if (empty($_GET['cred']))
{
@@ -68,7 +79,7 @@ if (!$loged_in)
$GLOBALS['egw']->preferences->account_id = $user;
$GLOBALS['egw_info']['user']['preferences'] = $GLOBALS['egw']->preferences->read_repository();
$cal_prefs = &$GLOBALS['egw_info']['user']['preferences']['calendar'];
- $loged_in = !empty($cal_prefs['freebusy']) &&
+ $logged_in = !empty($cal_prefs['freebusy']) &&
(empty($cal_prefs['freebusy_pw']) || $cal_prefs['freebusy_pw'] == $_GET['password']);
}
else
@@ -86,18 +97,18 @@ if (!$loged_in)
}
if (array_key_exists($domain, $GLOBALS['egw_domain']))
{
- $_POST['login'] = $authname;
+ $_POST['login'] = $authuser;
$_REQUEST['domain'] = $domain;
$GLOBALS['egw_info']['server']['default_domain'] = $domain;
$GLOBALS['egw_info']['user']['domain'] = $domain;
$GLOBALS['egw_info']['flags']['currentapp'] = 'login';
$GLOBALS['egw_info']['flags']['noapi'] = false;
- $loged_in = $GLOBALS['egw']->session->create($authuser, $password, 'text');
+ $logged_in = $GLOBALS['egw']->session->create($authuser, $password, 'text');
session_unset();
session_destroy();
}
}
- if (!$loged_in)
+ if (!$logged_in)
{
fail_exit(lang("freebusy: unknown user '%1', or not available for unauthenticated users!", $_GET['user']));
}
diff --git a/calendar/inc/class.calendar_so.inc.php b/calendar/inc/class.calendar_so.inc.php
index c8da9cbeeb..6595a608d6 100644
--- a/calendar/inc/class.calendar_so.inc.php
+++ b/calendar/inc/class.calendar_so.inc.php
@@ -1204,7 +1204,7 @@ class calendar_so
*/
private static function get_union_selects(array &$selects,$start,$end,$users,$cat_id,$filter,$query,$users_raw)
{
- if (in_array(basename($_SERVER['SCRIPT_FILENAME']),array('groupdav.php','rpc.php','xmlrpc.php','/activesync/index.php')) ||
+ if (in_array(basename($_SERVER['SCRIPT_FILENAME']),array('groupdav.php','freebusy.php','/activesync/index.php')) ||
!in_array($GLOBALS['egw_info']['flags']['currentapp'],array('calendar','home')))
{
return; // disable integration for GroupDAV, SyncML, ...