include_once '../permission.php';
include_once ROOT_DIR . '/database/dbUserProfile.php';
$errors = array();
if (isset($_POST['form_token']) && validateTokenField($_POST)) {
//post data was valid perform the functions
} else {
if (isset($_POST['form_token']) && !validateTokenField($_POST)) {
//invalid token, display error
} else {
if (isset($_GET['view']) && isset($_GET['group']) && isAjax()) {
//if it is a GET ajax request then do the following
$user_profile_id = sanitize($_GET['view']);
$user_category = sanitize($_GET['group']);
switch ($user_category) {
case 'RMH Administrator':
$profileObjArray = retrieve_UserProfile_RMHAdmin($user_profile_id);
$profileObj = is_array($profileObjArray) ? current($profileObjArray) : false;
if ($profileObj) {
$profile = array('Username' => $profileObj->get_usernameId(), 'Category' => $profileObj->get_userCategory(), 'Name' => $profileObj->get_rmhStaffTitle() . ' ' . $profileObj->get_rmhStaffFirstName() . ' ' . $profileObj->get_rmhStaffLastName(), 'Phone' => $profileObj->get_rmhStaffPhone(), 'Email' => $profileObj->get_userEmail());
} else {
$errors['invalid_profile'] = "Could not retrieve profile information";
}
break;
case 'RMH Staff Approver':
$profileObj = retrieve_UserProfile_RMHApprover_OBJ($user_profile_id);
if ($profileObj) {
$profile = array('Username' => $profileObj->get_usernameId(), 'Category' => $profileObj->get_userCategory(), 'Name' => $profileObj->get_rmhStaffTitle() . ' ' . $profileObj->get_rmhStaffFirstName() . ' ' . $profileObj->get_rmhStaffLastName(), 'Phone' => $profileObj->get_rmhStaffPhone(), 'Email' => $profileObj->get_userEmail());
} else {
$errors['invalid_profile'] = "Could not retrieve profile information";
}
break;
function S_WorkerUpdate()
{
$user_profile_id = sanitize($_GET['view']);
if (isset($_POST['go'])) {
$profileObjArray = retrieve_UserProfile_RMHAdmin($user_profile_id);
$profileObj = is_array($profileObjArray) ? current($profileObjArray) : false;
if ($profileObj) {
$profileObj->set_usernameId($_POST["SW_Username"]);
$profileObj->set_userCategory($_POST["SW_Category"]);
$profileObj->set_userEmail($_POST["SW_Email"]);
$ReturnValue = update_UserProfile($user_profile_id);
if ($ReturnValue) {
$profileObj->set_swTitle($_POST["SW_Title"]);
$profileObj->set_swFirstName($_POST["SW_FirstName"]);
$profileObj->set_swLastName($_POST["SW_LastName"]);
$profileObj->set_swPhone($_POST["SW_Phone"]);
$ReturnValue1 = update_SocialWorkerProfile($user_profile_id);
if ($ReturnValue1) {
header('Location: admin/listUsers.php');
} else {
$errors['invalid_profile'] = "Could not complete request";
}
} else {
$errors['invalid_profile'] = "Could not update admin information";
}
} else {
$errors['invalid_profile'] = "Could not update profile information";
}
}
}
function retrieveCurrentUserProfile()
{
//since access level is stored in the session, use that to find the user category
//1 is for social worker
//2 is for staff approver
//3 is for admin
//if there is a db function available for this, this function is not needed
$accessLevel = getUserAccessLevel();
$userProfileId = getUserProfileID();
switch ($accessLevel) {
case 1:
return retrieve_UserProfile_SW_OBJ($userProfileId);
break;
case 2:
return retrieve_UserProfile_RMHApprover_OBJ($userProfileId);
break;
case 3:
$userProfile = retrieve_UserProfile_RMHAdmin($userProfileId);
return is_array($userProfile) ? current($userProfile) : false;
break;
default:
return false;
break;
}
}
