public function getSearchableData($params)
{
$res["searchable"] = getSearchableData();
$res["oldGroupRelations"] = getOldGroupRelations();
$res["tagRelations"] = getTagRelations();
return $res;
}
/**
* get person details
* TODO: create a class for persons
*
* @param int $id
* @param bool $withComments
*
* @return person object
*/
function churchdb_getPersonDetails($id, $withComments = true)
{
global $user, $config;
$allowed = $user->id == $id;
$userIsLeader = false;
$userIsSuperLeader = false;
// the export right give the permission to see everything!
if (user_access("export data", "churchdb")) {
$allowed = true;
$userIsLeader = true;
$userIsSuperLeader = true;
} else {
// user is super leader of person?
if (churchdb_isPersonSuperLeaderOfPerson($user->id, $id)) {
$userIsSuperLeader = true;
$userIsLeader = true;
$allowed = true;
}
// user is leader of person?
if (churchdb_isPersonLeaderOfPerson($user->id, $id)) {
$userIsLeader = true;
$allowed = true;
}
// user is in group with person?
if (!$allowed) {
$myGroups = churchdb_getMyGroups($user->id, true, false);
if (count($myGroups) > 0) {
$res = db_query("\n SELECT COUNT(*) c\n FROM {cdb_person} p, {cdb_gemeindeperson} gp, {cdb_gemeindeperson_gruppe} gpg\n WHERE p.id=gp.person_id AND gpg.gemeindeperson_id=gp.id AND p.id=:id\n AND gpg.gruppe_id in (" . db_implode($myGroups) . ") ", array(':id' => $id))->fetch();
if ($res->c > 0) {
$allowed = true;
}
}
}
if (!$allowed) {
$allowedDeps = user_access("view alldata", "churchdb");
if ($allowedDeps != null) {
$res = db_query('
SELECT COUNT(*) as c FROM {cdb_bereich_person}
WHERE person_id=:p_id AND bereich_id in (' . db_implode($allowedDeps) . ')', array(':p_id' => $id), false)->fetch();
if ($res->c > 0) {
$allowed = true;
}
}
}
if (!$allowed) {
return "no access";
}
}
$res = db_query("SELECT f.*, fk.intern_code\n FROM {cdb_feld} f, {cdb_feldkategorie} fk\n WHERE f.feldkategorie_id=fk.id AND fk.intern_code IN ('f_address', 'f_church', 'f_category') AND aktiv_yn=1");
$sqlFields = array();
$sqlFields[] = "p.id id";
$sqlFields[] = "gp.id gp_id";
$sqlFields[] = "geolat as lat";
$sqlFields[] = "imageurl";
$sqlFields[] = "geolng as lng";
$sqlFields[] = "cmsuserid";
$allowedToEditMyself = $id == $user->id && isset($config["churchdb_changeownaddress"]) && $config["churchdb_changeownaddress"] == 1;
foreach ($res as $res2) {
if ($res2->autorisierung == null || _checkPersonAuthorisation($res2->autorisierung, $userIsLeader, $userIsSuperLeader, $id)) {
if ($res2->intern_code == "f_address" || $res2->db_spalte == "status_id" || $userIsLeader || $allowedToEditMyself || user_access('view alldetails', "churchdb")) {
$sqlFields[] = $res2->db_spalte;
}
}
}
$sql = "SELECT " . join($sqlFields, ",");
if ($userIsLeader || user_access('view alldetails', "churchdb") || user_access('administer persons', "churchcore")) {
$sql .= ', p.letzteaenderung, p.aenderunguser, p.createdate, if (loginstr IS NULL , 0 , 1) AS einladung, p.active_yn, p.lastlogin';
}
$sql .= '
FROM {cdb_person} p, {cdb_gemeindeperson} gp
WHERE p.id=gp.person_id AND p.id=:pid';
$person = db_query($sql, array(':pid' => $id))->fetch();
if ($person !== false) {
if ($withComments) {
$auth = user_access("view comments", "churchdb");
if ($auth != null) {
$comments = db_query("SELECT id, text, person_id, datum, comment_viewer_id, relation_name\n FROM {cdb_comment}\n WHERE relation_id=:relid AND relation_name like 'person%'\n ORDER BY datum DESC", array(':relid' => $id));
if ($comments) {
$arrs = null;
foreach ($comments as $arr) {
if (isset($auth[$arr->comment_viewer_id]) && $auth[$arr->comment_viewer_id] == $arr->comment_viewer_id) {
$arrs[] = $arr;
}
}
$person->comments = $arrs;
}
}
}
$person->auth = getAuthForPerson($id);
if (($oldGroups = getOldGroupRelations($id)) && isset($oldGroups[$id])) {
$person->oldGroups = $oldGroups[$id];
}
}
return $person;
}
