if ($response[0] === "yes") { //if the username received from the request is allowed to login as an admin, // then save their username in the session if (Session::loginUser($response[1])) { //redirect to this page afterwards, should then show way to upload blog post/agenda/roster header("Location: login.php"); exit; } else { //the username received isn't in the whitelist of users, so show them an error $message = urlencode("{$response[1]} does not have permission to view this page."); header("Location: error.php?error={$message}"); exit; } } else { //the response showed an invalid ticket, show an error $message = urlencode("A problem went wrong with logging in."); header("Location: error.php?error={$message}"); exit; } } else { if (Session::userLoggedIn()) { header("Location: index.php"); exit; } else { $message = urlencode("Default case reached in login.php script."); Database::logError("{$message}\n", false); header("Location: error.php?error={$message}"); exit; } } }
// Not all answers can be "No". if ($sweep == 'No' && $trashcans == 'No' && $handpick == 'No') { echo "<action>\n\t\t\t<app>survo</app>\n\t\t\t\t<parameters>\n\t\t\t\t\t<id>412191</id>\n\t\t\t\t\t<p_t>" . $p_t . "</p_t>\n\t\t\t\t</parameters>\n\t\t\t</action>"; // Stop the PHP script before it hits the database; exit; } // Query statement $query = "CALL proc_endSweepJob('{$event_id}', '{$timestamp}', '{$caller_id}', '{$session_id}',\n\t\t\t\t'{$message}', '{$mileage}', '{$sweep}', '{$trashcans}', '{$can_qty}', '{$handpick}', @confirmation)"; // Connect to the database $conn = Database::getDB(); try { $conn->beginTransaction(); $results = $conn->query($query); // Return value is the confirmation code $results = $conn->query("SELECT @confirmation"); $conn->commit(); foreach ($results as $result) { // Process confirmation code to create a digit by digit message. // (e.g., 1 2 3 instead of 123) $conf = IfByPhone_Util::processConfirmationCode($result["@confirmation"]); } // Select the confirmation code survo on the IVR system echo "<action>\n\t\t\t\t\t<app>survo</app>\n\t\t\t\t\t\t<parameters>\n\t\t\t\t\t\t\t<id>362811</id>\n\t\t\t\t\t\t\t<user_parameters>\n\t\t\t\t\t\t\t\t<conf>" . $conf . "</conf>\n\t\t\t\t\t\t\t</user_parameters>\n\t\t\t\t\t\t</parameters>\n\t\t\t\t\t</action>"; } catch (PDOException $e) { // Error handling $conn->rollBack(); Database::logError('sweep', $e); Database::sendToIvrError(); } // Send SMS message notifying job completion $sms = IfByPhone_Util::smsIvrEvent($conn, 'sweeping', 'FINISHED', $job_id, $timestamp, $employee_name, $job_name);
public static function removeNoteFile($id) { $note = self::getNotesByID($id); if (!isset($note['id'])) { return false; } $path = Database::getUploadPath($note['id'], $note['filetype']); if (!file_exists($path)) { //Log the error so that the server knows a file is missing for a valid note Database::logError("File '{$path}' could not be found to be deleted\n", false); return false; } return unlink($path); }
// Not all answers can be "No". if ($plow == 'No' && $shovel == 'No' && $salt == 'No') { echo "<action>\n\t\t\t<app>survo</app>\n\t\t\t\t<parameters>\n\t\t\t\t\t<id>411731</id>\n\t\t\t\t\t<p_t>" . $p_t . "</p_t>\n\t\t\t\t</parameters>\n\t\t\t</action>"; // Stop the PHP script before it hits the database; exit; } // Query statement $query = "CALL proc_endSnowJob('{$event_id}', '{$timestamp}', '{$caller_id}', '{$session_id}', '{$message}',\n\t'{$plow}', '{$shovel}', '{$salt}', @confirmation)"; // Connect to the database $conn = Database::getDB(); try { $conn->beginTransaction(); $results = $conn->query($query); // Return value is the confirmation code $results = $conn->query("SELECT @confirmation"); $conn->commit(); foreach ($results as $result) { // Process confirmation code to create a digit by digit message. // (e.g., 1 2 3 instead of 123) $conf = IfByPhone_Util::processConfirmationCode($result["@confirmation"]); } // Select the confirmation code survo on the IVR system echo "<action>\n\t\t\t<app>survo</app>\n\t\t\t\t<parameters>\n\t\t\t\t\t<id>362811</id>\n\t\t\t\t\t<user_parameters>\n\t\t\t\t\t\t<conf>" . $conf . "</conf>\n\t\t\t\t\t</user_parameters>\n\t\t\t\t</parameters>\n\t\t\t</action>"; } catch (PDOException $e) { // Error handling $conn->rollBack(); Database::logError('snow', $e); Database::sendToIvrError(); } // Send SMS message notifying job completion $sms = IfByPhone_Util::smsIvrEvent($conn, 'snow removal', 'FINISHED', $job_id, $timestamp, $employee_name, $job_name);
require 'com/Database.php'; //require ('com/IfByPhone_Util.php'); $job_id = $_POST['job_id']; $p_t = $_POST['p_t']; // If the job_id was skipped the IVR sends 'NA' and that will generate an error in the database call. // This is caused by a hangup without entering information. Check for this first and exit without logging an error. if ($job_id == 'NA') { Database::logMessage('Hangup without job number with passthrough (' . $p_t . ')'); exit; } try { $conn = Database::getDB(); $results = $conn->query("CALL verify_job('{$job_id}',@job_name,@job_pk_id,@isValid)"); $results = $conn->query("SELECT @job_name,@job_pk_id,@isValid"); foreach ($results as $result) { if (!$result["@isValid"]) { // for invalid combination // 1/29/13 UPDATE: must pass through data because employee information has already been verified echo "<action>\n\t\t\t\t\t<app>survo</app>\n\t\t\t\t\t\t<parameters>\n\t\t\t\t\t\t\t<id>362471</id>\n\t\t\t\t\t\t\t<p_t>" . $p_t . " </p_t>\n\t\t\t\t\t\t</parameters>\n\t\t\t\t\t</action>"; } else { // for valid combination $name_clean = IfByPhone_Util::removeInvalidChar($result["@job_name"]); $job_pk_id = $result["@job_pk_id"]; echo "<action>\n\t\t\t\t\t<app>survo</app>\n\t\t\t\t\t\t<parameters>\n\t\t\t\t\t\t\t<id>362481</id>\n\t\t\t\t\t\t\t<user_parameters>\n\t\t\t\t\t\t\t\t<job_name>" . $name_clean . "</job_name>\n\t\t\t\t\t\t\t</user_parameters>\n\t\t\t\t\t\t\t<p_t>" . $p_t . "||job_id|" . $job_id . "||company|" . $name_clean . "||job_pk_id|" . $job_pk_id . " </p_t>\n\t\t\t\t\t\t</parameters>\n\t\t\t\t\t</action>"; } } } catch (PDOException $e) { Database::logError('verify_job', $e); Database::sendToIvrError(); } $conn = null;
break; default: $result = ''; $query = $db->prepare("CALL proc_smsInbound(:to, :from, :message)"); $query->bindParam(":to", $to, PDO::PARAM_STR); $query->bindParam(":from", $from, PDO::PARAM_STR); $query->bindParam(":message", $message, PDO::PARAM_STR); $query->execute(); break; } try { $call = $db->query($query); if ($message == 'status') { foreach ($call as $a) { switch ($a["allowSMS"]) { case '0': $result = 'Text messages are currently turned OFF'; break; case '1': $result = 'Text messages are currently turned ON'; break; } } } if ($result) { IfByPhone_Util::createSMS($from, $result); } } catch (PDOException $e) { Database::logError('sms_inbound', $e); IfByPhone_Util::createSMS(ADMIN_PHONE_NUM, 'SMS INBOUND ERROR: ' . $from . ': ' . $message); }
echo "<action>\n\t\t\t\t\t<app>survo</app>\n\t\t\t\t\t\t<parameters>\n\t\t\t\t\t\t\t<id>362191</id>\n\t\t\t\t\t\t</parameters>\n\t\t\t\t\t</action>"; } else { if (!$result["@ivrAccess"] || !$result["@isActive"]) { // for IVR access not authorized echo "<action>\n\t\t\t\t\t<app>survo</app>\n\t\t\t\t\t\t<parameters>\n\t\t\t\t\t\t\t<id>397881</id>\n\t\t\t\t\t\t</parameters>\n\t\t\t\t\t</action>"; } else { $employee_id = $result["@employee_pkID"]; $employee_name = $result["@employee_name"]; // for valid combination, check to see if there is an open job $open_event_check = $conn->query("CALL proc_checkForOpenEvent('{$employee_id}', @event_pk_id, @serviceCategory,\n\t\t\t@name, @survo, @job_pk_id)"); $open_event_check = $conn->query("SELECT @event_pk_id, @serviceCategory, @name, @survo, @job_pk_id"); // Create instance of Utility to clean data foreach ($open_event_check as $checks) { if ($checks["@event_pk_id"] != "0") { // this branch reflects a valid employee, with an open job which needs to be closed // Remove invalid characters from the @name field $name_clean = IfByPhone_Util::removeInvalidChar($checks["@name"]); echo "<action>\n\t\t\t\t\t\t<app>survo</app>\n\t\t\t\t\t\t\t<parameters>\n\t\t\t\t\t\t\t\t<id>" . $checks["@survo"] . "</id>\n\t\t\t\t\t\t\t\t<user_parameters>\n\t\t\t\t\t\t\t\t\t<name>" . $name_clean . "</name>\n\t\t\t\t\t\t\t\t</user_parameters>\n\t\t\t\t\t\t\t\t<p_t>employee_id|" . $employee_id . "||event_id|" . $checks["@event_pk_id"] . "||serviceCategory|" . $checks["@serviceCategory"] . "||company|" . $name_clean . "||employee_name|" . $employee_name . "||job_pk_id|" . $checks["@job_pk_id"] . "</p_t>\n\t\t\t\t\t\t\t</parameters>\n\t\t\t\t\t\t</action>"; } else { // this branch reflects a valid employee, with no jobs open echo "<action>\n\t\t\t\t\t\t\t<app>survo</app>\n\t\t\t\t\t\t\t\t<parameters>\n\t\t\t\t\t\t\t\t\t<id>359731</id>\n\t\t\t\t\t\t\t\t\t<p_t>employee_id|" . $employee_id . "||employee_name|" . $employee_name . "</p_t>\n\t\t\t\t\t\t\t\t</parameters>\n\t\t\t\t\t\t\t</action>"; } } } } } } catch (PDOException $e) { Database::logError('verify_employee', $e); Database::sendToIvrError(); } $conn = null;
//get the id provided as a get parameter if (!isset($_GET['id'])) { $message = urlencode("You are missing the file id."); header("Location: error.php?error={$message}"); exit; } //if the id provided is not an actual id of a note in the database, error out $note = Database::getNotesByID($_GET['id']); if (!isset($note['id'])) { $message = urlencode("The file with the id provided does not exist."); header("Location: error.php?error={$message}"); exit; } //if the note with the id provided is not an actual file, error out $path = Database::getUploadPath($note['id'], $note['filetype']); if (!file_exists($path)) { //Log the error so that the server knows a file is missing for a valid note Database::logError("File '{$path}' could not be found\n", false); $message = urlencode("The file could not be found."); header("Location: error.php?error={$message}"); exit; } //tell browser to expect the mime type of whatever type the file is $content = Database::getMimeFromType($note['filetype']); header("Content-type:{$content}"); $fileName = $note['filename']; //"Course_${note['courseID']}_${mysqldate}"; //tell the browser that the downloaded file's name should be the one in the database header("Content-Disposition:attachment;filename=\"{$fileName}.{$note['filetype']}\""); //output the files contents to the browser, allowing user to download file readfile($path);
Database::logMessage('Hangup without servicecategory with passthrough (' . $p_t . ')'); exit; } $caller_id = $_POST['caller_id']; $timestamp = $_POST['timestamp']; $session_id = $_POST['session_id']; $employee_id = ''; $job_id = ''; $job_pk_id = ''; $job_name = ''; $employee_name = ''; $p_t = $_POST['p_t']; // passthrough data = employee_id|value||job_id|value $passthrough_array = IfByPhone_Util::processPassThrough($p_t); $employee_id = $passthrough_array['employee_id']; $job_id = $passthrough_array['job_id']; $job_pk_id = $passthrough_array['job_pk_id']; $job_name = $passthrough_array['company']; $employee_name = $passthrough_array['employee_name']; try { // create connection to DB $conn = Database::getDB(); $query = "CALL start_event('{$servicecategory}','{$caller_id}','{$timestamp}','{$session_id}','{$employee_id}','{$job_id}')"; $conn->query($query); // update successful - play event started message echo "<action>\n\t\t\t<app>survo</app>\n\t\t\t\t<parameters>\n\t\t\t\t\t<id>368911</id>\n\t\t\t\t</parameters>\n\t\t </action>"; } catch (PDOException $e) { Database::logError('start_event', $e); Database::sendToIvrError(); } $sms = IfByPhone_Util::smsIvrEvent($conn, $servicecategory, 'STARTED', $job_pk_id, $timestamp, $employee_name, $job_name);
// Not all answers can be "No". if ($lawn == 'No' && $herbicid == 'No' && $fertilize == 'No' && $prune == 'No') { echo "<action>\n\t\t\t<app>survo</app>\n\t\t\t\t<parameters>\n\t\t\t\t\t<id>412231</id>\n\t\t\t\t\t<p_t>" . $p_t . "</p_t>\n\t\t\t\t</parameters>\n\t\t\t</action>"; // Stop the PHP script before it hits the database; exit; } // Query statement $query = "CALL proc_endLawnJob('{$event_id}', '{$timestamp}', '{$caller_id}', '{$session_id}', '{$message}',\n\t'{$lawn}', '{$herbicide}', '{$fertilize}', '{$prune}', @confirmation)"; // Connect to the database $conn = Database::getDB(); try { $conn->beginTransaction(); $results = $conn->query($query); // Return value is the confirmation code $results = $conn->query("SELECT @confirmation"); $conn->commit(); foreach ($results as $result) { // Process confirmation code to create a digit by digit message. // (e.g., 1 2 3 instead of 123) $conf = IfByPhone_Util::processConfirmationCode($result["@confirmation"]); } // Select the confirmation code survo on the IVR system echo "<action>\n\t\t\t<app>survo</app>\n\t\t\t\t<parameters>\n\t\t\t\t\t<id>362811</id>\n\t\t\t\t\t<user_parameters>\n\t\t\t\t\t\t<conf>" . $conf . "</conf>\n\t\t\t\t\t</user_parameters>\n\t\t\t\t</parameters>\n\t\t\t</action>"; } catch (PDOException $e) { // Error handling $conn->rollBack(); Database::logError('lawn', $e); Database::sendToIvrError(); } // Send SMS message notifying job completion $sms = IfByPhone_Util::smsIvrEvent($conn, 'lawn service', 'FINISHED', $job_id, $timestamp, $employee_name, $job_name);
$p_t_Array = IfByPhone_Util::processPassThrough($p_t); // Create variables from data needed in the passthrough array $event_id = $p_t_Array['event_id']; $job_name = $p_t_Array['company']; $employee_name = $p_t_Array['employee_name']; $job_id = $p_t_Array['job_pk_id']; // Query statement $query = "CALL proc_endPowerWashJob('{$event_id}', '{$timestamp}', '{$caller_id}', '{$session_id}', '{$message}', @confirmation)"; // Connect to the database $conn = Database::getDB(); try { $conn->beginTransaction(); $results = $conn->query($query); // Return value is the confirmation code $results = $conn->query("SELECT @confirmation"); $conn->commit(); foreach ($results as $result) { // Process confirmation code to create a digit by digit message. // (e.g., 1 2 3 instead of 123) $conf = IfByPhone_Util::processConfirmationCode($result["@confirmation"]); } // Select the confirmation code survo on the IVR system echo "<action>\n\t\t\t\t\t<app>survo</app>\n\t\t\t\t\t\t<parameters>\n\t\t\t\t\t\t\t<id>362811</id>\n\t\t\t\t\t\t\t<user_parameters>\n\t\t\t\t\t\t\t\t<conf>" . $conf . "</conf>\n\t\t\t\t\t\t\t</user_parameters>\n\t\t\t\t\t\t</parameters>\n\t\t\t\t\t</action>"; } catch (PDOException $e) { // Error handling $conn->rollBack(); Database::logError('powerwash', $e); Database::sendToIvrError(); } // Send SMS message notifying job completion $sms = IfByPhone_Util::smsIvrEvent($conn, 'power washing', 'FINISHED', $job_id, $timestamp, $employee_name, $job_name);