// Returns whether an email address has signed up to a TWFY alert for an MP.
// Uses shared secret for authentication.
//
// Copyright (c) 2006 UK Citizens Online Democracy. All rights reserved.
// Email: matthew@mysociety.org. WWW: http://www.mysociety.org
//
// $Id: authed.php,v 1.1 2006/05/26 08:44:46 matthew Exp $
include_once "../../includes/easyparliament/init.php";
include_once INCLUDESPATH . '../../../phplib/auth.php';
header("Content-Type: text/plain");
$email = get_http_var('email');
$sign = get_http_var('sign');
$pid = get_http_var('pid');
if (!$pid || !ctype_digit($pid)) {
print 'not valid';
} else {
$authed = auth_verify_with_shared_secret($email, OPTION_AUTH_SHARED_SECRET, $sign);
if ($authed) {
$db = new ParlDB();
$email = mysql_escape_string($email);
$q = $db->query('select alert_id from alerts where email="' . $email . '" and criteria="speaker:' . $pid . '" and confirmed and not deleted');
$already_signed = $q->rows();
if ($already_signed) {
print "already signed";
} else {
print "not signed";
}
} else {
print "not authed";
}
}
function add_alert($details)
{
global $ALERT, $PAGE, $THEUSER, $this_page;
$extra = null;
// Instantiate an instance of ALERT
$ALERT = new ALERT();
$external_auth = auth_verify_with_shared_secret($details['email'], OPTION_AUTH_SHARED_SECRET, get_http_var('sign'));
if ($external_auth) {
$site = get_http_var('site');
if ($site != 'wtt' && $site != 'hfymp') {
$site = 'unknown';
}
$extra = 'from_' . $site . '=1';
$confirm = false;
} elseif ($THEUSER->loggedin()) {
$confirm = false;
} else {
$confirm = true;
}
// If this goes well, the alert will be added to the database and a confirmation email
// will be sent to them.
$success = $ALERT->add($details, $confirm);
// Display results message on blank page for both success and failure
$this_page = 'alertwelcome';
$URL = new URL('alertwelcome');
$backlink = $URL->generate();
$PAGE->page_start();
$PAGE->stripe_start();
$advert = false;
if ($success > 0 && !$confirm) {
if ($details['pid']) {
$MEMBER = new MEMBER(array('person_id' => $details['pid']));
$criteria = $MEMBER->full_name();
if ($details['keyword']) {
$criteria .= ' mentions \'' . $details['keyword'] . '\'';
} else {
$criteria .= ' contributes';
}
} elseif ($details['keyword']) {
$criteria = '\'' . $details['keyword'] . '\' is mentioned';
}
$message = array('title' => 'Your alert has been added', 'text' => 'You will now receive email alerts on any day when ' . $criteria . ' in parliament.');
$advert = true;
} elseif ($success > 0) {
$message = array('title' => "We're nearly done...", 'text' => "You should receive an email shortly which will contain a link. You will need to follow that link to confirm your email address to receive the alert. Thanks.");
} elseif ($success == -2) {
$message = array('title' => 'You already have this alert', 'text' => 'You already appear to be subscribed to this email alert, so we have not signed you up to it again.');
$advert = true;
} else {
$message = array('title' => "This alert has not been accepted", 'text' => "Sorry, we were unable to create this alert. Please <a href=\"mailto:" . CONTACTEMAIL . "\">let us know</a>. Thanks.");
}
$PAGE->message($message);
if ($advert) {
$advert_shown = alert_confirmation_advert($details);
if ($extra) {
$extra .= "; ";
}
$extra .= "advert={$advert_shown}";
}
suggest_alerts($details['email'], $details['pid'], 5);
$PAGE->stripe_end();
$PAGE->page_end($extra);
}
private function addAlert()
{
$external_auth = auth_verify_with_shared_secret($this->data['email'], OPTION_AUTH_SHARED_SECRET, get_http_var('sign'));
if ($external_auth) {
$confirm = false;
} elseif ($this->data['email_verified']) {
$confirm = false;
} else {
$confirm = true;
}
// If this goes well, the alert will be added to the database and a confirmation email
// will be sent to them.
$success = $this->alert->add($this->data, $confirm);
if ($success > 0 && !$confirm) {
$result = 'alert-added';
} elseif ($success > 0) {
$result = 'alert-confirmation';
} elseif ($success == -2) {
// we need to make sure we know that the person attempting to sign up
// for the alert has that email address to stop people trying to work
// out what alerts they are signed up to
if ($this->data['email_verified'] || $this->user->loggedin && $this->user->email() == $this->data['email']) {
$result = 'alert-exists';
} else {
// don't throw an error message as that implies that they have already signed
// up for the alert but instead pretend all is normal but send an email saying
// that someone tried to sign them up for an existing alert
$result = 'alert-already-signed';
$this->alert->send_already_signedup_email($this->data);
}
} else {
$result = 'alert-fail';
}
// don't need these anymore so get rid of them
$this->data['keyword'] = '';
$this->data['pid'] = '';
$this->data['alertsearch'] = '';
$this->data['pc'] = '';
$this->data['results'] = $result;
$this->data['criteria'] = $this->prettifyCriteria($this->alert->criteria);
}
function add_alert($details)
{
global $THEUSER, $ALERT, $extra;
$external_auth = auth_verify_with_shared_secret($details['email'], OPTION_AUTH_SHARED_SECRET, get_http_var('sign'));
if ($external_auth) {
$site = get_http_var('site');
$extra = 'from_' . $site . '=1';
$confirm = false;
} elseif ($details['email_verified']) {
$confirm = false;
} else {
$confirm = true;
}
// If this goes well, the alert will be added to the database and a confirmation email
// will be sent to them.
$success = $ALERT->add($details, $confirm);
$advert = false;
if ($success > 0 && !$confirm) {
if ($details['pid']) {
$MEMBER = new MEMBER(array('person_id' => $details['pid']));
$criteria = $MEMBER->full_name();
if ($details['keyword']) {
$criteria .= ' mentions \'' . $details['keyword'] . '\'';
} else {
$criteria .= ' contributes';
}
} elseif ($details['keyword']) {
$criteria = '\'' . $details['keyword'] . '\' is mentioned';
}
$message = array('title' => 'Your alert has been added', 'text' => 'You will now receive email alerts on any day when ' . $criteria . ' in parliament.');
$advert = true;
} elseif ($success > 0) {
$message = array('title' => "We're nearly done...", 'text' => "You should receive an email shortly which will contain a link. You will need to follow that link to confirm your email address to receive the alert. Thanks.");
} elseif ($success == -2) {
// we need to make sure we know that the person attempting to sign up
// for the alert has that email address to stop people trying to work
// out what alerts they are signed up to
if ($details['email_verified'] || $THEUSER->loggedin && $THEUSER->email() == $details['email']) {
$message = array('title' => 'You already have this alert', 'text' => 'You already appear to be subscribed to this email alert, so we have not signed you up to it again.');
} else {
// don't throw an error message as that implies that they have already signed
// up for the alert but instead pretend all is normal but send an email saying
// that someone tried to sign them up for an existing alert
$ALERT->send_already_signedup_email($details);
$message = array('title' => "We're nearly done...", 'text' => "You should receive an email shortly which will contain a link. You will need to follow that link to confirm your email address to receive the alert. Thanks.");
}
$advert = true;
} else {
$message = array('title' => "This alert has not been accepted", 'text' => "Sorry, we were unable to create this alert. Please <a href=\"mailto:" . str_replace('@', '@', CONTACTEMAIL) . "\">let us know</a>. Thanks.");
}
return $message['text'];
}
function add_alert ($details) {
global $ALERT, $extra;
$external_auth = auth_verify_with_shared_secret($details['email'], OPTION_AUTH_SHARED_SECRET, get_http_var('sign'));
if ($external_auth) {
$site = get_http_var('site');
$extra = 'from_' . $site . '=1';
$confirm = false;
} elseif ($details['email_verified']) {
$confirm = false;
} else {
$confirm = true;
}
// If this goes well, the alert will be added to the database and a confirmation email
// will be sent to them.
$success = $ALERT->add ( $details, $confirm );
$advert = false;
if ($success>0 && !$confirm) {
if ($details['pid']) {
$MEMBER = new MEMBER(array('person_id'=>$details['pid']));
$criteria = $MEMBER->full_name();
if ($details['keyword']) {
$criteria .= ' mentions \'' . $details['keyword'] . '\'';
} else {
$criteria .= ' contributes';
}
} elseif ($details['keyword']) {
$criteria = '\'' . $details['keyword'] . '\' is mentioned';
}
$message = array(
'title' => 'Your alert has been added',
'text' => 'You will now receive email alerts on any day when ' . $criteria . ' in parliament.'
);
$advert = true;
} elseif ($success>0) {
$message = array(
'title' => "We're nearly done...",
'text' => "You should receive an email shortly which will contain a link. You will need to follow that link to confirm your email address to receive the alert. Thanks."
);
} elseif ($success == -2) {
$message = array('title' => 'You already have this alert',
'text' => 'You already appear to be subscribed to this email alert, so we have not signed you up to it again.'
);
$advert = true;
} else {
$message = array ('title' => "This alert has not been accepted",
'text' => "Sorry, we were unable to create this alert. Please <a href=\"mailto:". CONTACTEMAIL . "\">let us know</a>. Thanks."
);
}
return $message['text'];
}
