private function informSuggestionTeam($suggestion)
 {
     // get all team members
     $query = "\r\n            SELECT\r\n                username\r\n            FROM\r\n                members, rights, rightsvolunteers\r\n            WHERE\r\n                members.Status = 'Active'\r\n                AND members.id = rightsvolunteers.IdMember\r\n                AND rights.`Name` = 'Suggestions'\r\n                AND rightsvolunteers.IdRight = rights.id\r\n                AND rightsvolunteers.Level > 0\r\n            ORDER BY\r\n                username\r\n                ";
     $res = $this->dao->query($query);
     if (!$res) {
         return false;
     }
     $receivers = array();
     while ($row = $res->fetch(PDB::FETCH_OBJ)) {
         $member = $this->createEntity('Member')->findByUsername($row->username);
         $email = MOD_crypt::AdminReadCrypted($member->Email);
         $receivers[$email] = "BW " . $row->username;
     }
     //Create the Transport
     $transport = Swift_SmtpTransport::newInstance('localhost', 25);
     //Create the Mailer using your created Transport
     $mailer = Swift_Mailer::newInstance($transport);
     $purifier = MOD_htmlpure::getSuggestionsHtmlPurifier();
     $plain = 'Please check the suggestion and take the necessary <a href="' . PVars::getObj('env')->baseuri . 'suggestions/' . $suggestion->id . '/approve">action</a>.';
     $html = $purifier->purify($suggestion->description) . '<br/>' . $plain;
     try {
         $creator = $this->createEntity('Member')->findById($suggestion->createdby);
         $message = Swift_Message::newInstance();
         $message->setSubject("New suggestion added by " . $creator->Username . ": " . $suggestion->summary);
         $message->setFrom("*****@*****.**");
         $message->setBcc($receivers);
         $message->addPart($html, 'text/html', 'utf-8');
         $message->addPart($plain, 'text/plain', 'utf-8');
         $message->setBody($plain);
     } catch (Exception $e) {
         $this->logWrite("In suggestions model creating mail message threw exception.", "suggestions");
         return false;
     }
     //Now check if Swift actually sends it
     try {
         $sendResult = $mailer->send($message);
     } catch (Exception $e) {
         $this->logWrite("Exception when executing Swift_Mailer::send()", "suggestions");
         $sendResult = false;
     }
     if ($sendResult) {
         return true;
     } else {
         $this->logWrite("In suggestions model swift::send: Failed to send mail.", "suggestions");
         return false;
     }
 }
Beispiel #2
0
 /**
  * This needs to go someplace else,
  * pending architectural attention
  */
 protected function get_crypted($crypted_id, $return_value = "")
 {
     if ($crypted_id == "" or $crypted_id == 0) {
         return "";
     }
     // check for Admin
     $right = new MOD_right();
     if ($right->hasRight('Admin') || $right->hasRight('SafetyTeam')) {
         return urldecode(strip_tags(MOD_crypt::AdminReadCrypted($crypted_id)));
     }
     // check for Member's own data
     if ($this->edit_mode) {
         if (($mCrypt = MOD_crypt::MemberReadCrypted($crypted_id)) != "cryptedhidden") {
             return urldecode(strip_tags($mCrypt));
         }
     }
     return urldecode(MOD_crypt::get_crypted($crypted_id, $return_value));
 }
Beispiel #3
0
 /**
  * Resend the confirmation mail in case the user clicked on the link in the
  * login error message
  *
  * @param string $username
  */
 public function resendConfirmationMail($username)
 {
     // fetch ID for member $username
     $vars = array();
     $MembersModel = new MembersModel();
     $member = $MembersModel->getMemberWithUsername($username);
     if ($member) {
         if ($member->Status == 'MailToConfirm') {
             $vars['firstname'] = MOD_crypt::AdminReadCrypted($member->Firstname);
             $vars['secondname'] = MOD_crypt::AdminReadCrypted($member->Secondname);
             $vars['lastname'] = MOD_crypt::AdminReadCrypted($member->Lastname);
             $vars['email'] = MOD_crypt::AdminReadCrypted($member->Email);
             $userId = APP_User::userId($username);
             if (!$userId) {
                 return 'NoSuchMember';
             } else {
                 $View = new SignupView($this);
                 define('DOMAIN_MESSAGE_ID', 'bewelcome.org');
                 // TODO: config
                 $View->registerMail($vars, $member->id, $userId);
             }
         } else {
             return 'NoMailToConfirm';
         }
     } else {
         return 'NoSuchMember';
     }
     return true;
 }
Beispiel #4
0
 /**
  * Update Member's Profile
  *
  * @param unknown_type $vars
  * @return unknown
  */
 public function updateProfile(&$vars)
 {
     $IdMember = (int) $vars['memberid'];
     $words = new MOD_words();
     $rights = new MOD_right();
     $m = $vars['member'];
     // fantastic ... love the implementation. Fake
     $CanTranslate = false;
     // $CanTranslate = CanTranslate($vars["memberid"], $_SESSION['IdMember']);
     $ReadCrypted = "MemberReadCrypted";
     // This might be changed in the future
     if ($rights->hasRight('Admin') || $rights->hasRight('SafetyTeam')) {
         // admin or CanTranslate can alter other profiles
         $ReadCrypted = "AdminReadCrypted";
         // In this case the AdminReadCrypted will be used
     }
     $m->removeLanguages();
     foreach ($vars['languages_selected'] as $lang) {
         if ($language = $this->createEntity('Language')->findById($lang->IdLanguage)) {
             $ml = $this->createEntity('MemberLanguage');
             $ml->setSpokenLanguage($m, $language, $lang->Level);
         }
     }
     // Set the language that ReplaceinMTrad uses for writing
     $words->setlangWrite($vars['profile_language']);
     // refactoring to use member entity
     //        $m->LastLogin = '******' ? 'Never' : $layoutbits->ago(strtotime($TM->LastLogin)); // Members lastlogin is no to be updated here
     if (isset($vars['Status']) && !empty($vars['Status'])) {
         // this can only happen when an admin or the safety team edits a profile
         $m->Status = $vars['Status'];
     }
     $m->Gender = $vars['gender'];
     $m->HideGender = $vars['HideGender'];
     $m->BirthDate = $vars['BirthYear'] . '-' . $vars['BirthMonth'] . '-' . $vars['BirthDay'];
     $m->bday = $vars['BirthDay'];
     $m->bmonth = $vars['BirthMonth'];
     $m->byear = $vars['BirthYear'];
     $m->HideBirthDate = $vars['HideBirthDate'];
     $m->HideGender = $vars['HideGender'];
     $m->ProfileSummary = $words->ReplaceInMTrad($vars['ProfileSummary'], "members.ProfileSummary", $IdMember, $m->ProfileSummary, $IdMember);
     $m->WebSite = strip_tags($vars['WebSite']);
     $m->Accomodation = $vars['Accomodation'];
     $m->Organizations = $words->ReplaceInMTrad($vars['Organizations'], "members.Organizations", $IdMember, $m->Organizations, $IdMember);
     $m->Occupation = $words->ReplaceInMTrad(strip_tags($vars['Occupation']), "members.Occupation", $IdMember, $m->Occupation, $IdMember);
     $m->ILiveWith = $words->ReplaceInMTrad($vars['ILiveWith'], "members.ILiveWith", $IdMember, $m->ILiveWith, $IdMember);
     $m->MaxGuest = strip_tags($vars['MaxGuest']);
     $m->MaxLenghtOfStay = $words->ReplaceInMTrad($vars['MaxLenghtOfStay'], "members.MaxLenghtOfStay", $IdMember, $m->MaxLenghtOfStay, $IdMember);
     $m->AdditionalAccomodationInfo = $words->ReplaceInMTrad($vars['AdditionalAccomodationInfo'], "members.AdditionalAccomodationInfo", $IdMember, $m->AdditionalAccomodationInfo, $IdMember);
     $m->TypicOffer = strip_tags($vars['TypicOffer']);
     $m->Restrictions = strip_tags($vars['Restrictions']);
     $m->OtherRestrictions = $words->ReplaceInMTrad($vars['OtherRestrictions'], "members.OtherRestrictions", $IdMember, $m->OtherRestrictions, $IdMember);
     $m->Hobbies = $words->ReplaceInMTrad($vars['Hobbies'], "members.Hobbies", $IdMember, $m->Hobbies, $IdMember);
     $m->Books = $words->ReplaceInMTrad($vars['Books'], "members.Books", $IdMember, $m->Books, $IdMember);
     $m->Music = $words->ReplaceInMTrad($vars['Music'], "members.Music", $IdMember, $m->Music, $IdMember);
     $m->Movies = $words->ReplaceInMTrad($vars['Movies'], "members.Movies", $IdMember, $m->Movies, $IdMember);
     $m->PastTrips = $words->ReplaceInMTrad($vars['PastTrips'], "members.PastTrips", $IdMember, $m->PastTrips, $IdMember);
     $m->PlannedTrips = $words->ReplaceInMTrad($vars['PlannedTrips'], "members.PlannedTrips", $IdMember, $m->PlannedTrips, $IdMember);
     $m->PleaseBring = $words->ReplaceInMTrad($vars['PleaseBring'], "members.PleaseBring", $IdMember, $m->PleaseBring, $IdMember);
     $m->OfferGuests = $words->ReplaceInMTrad($vars['OfferGuests'], "members.OfferGuests", $IdMember, $m->OfferGuests, $IdMember);
     $m->OfferHosts = $words->ReplaceInMTrad($vars['OfferHosts'], "members.OfferHosts", $IdMember, $m->OfferHosts, $IdMember);
     $m->PublicTransport = $words->ReplaceInMTrad($vars['PublicTransport'], "members.PublicTransport", $IdMember, $m->PublicTransport, $IdMember);
     // as $CanTranslate is set explicitly above, this is disabled
     // if (!$CanTranslate) { // a volunteer translator will not be allowed to update crypted data
     if ($vars["HouseNumber"] != $m->get_housenumber()) {
         $this->logWrite("Housenumber updated", "Address Update");
     }
     if ($vars["Street"] != $m->get_street()) {
         $this->logWrite("Street updated", "Address Update");
     }
     if ($vars["Zip"] != $m->get_zip()) {
         $this->logWrite("Zip updated", "Address Update");
     }
     if ($vars["Email"] == "cryptedhidden") {
         $this->logWrite("members.model updateprofile email keeps previous value (cryptedhidden detected)", "Debug");
     } else {
         if ($vars["Email"] != $m->email) {
             $this->logWrite("Email updated (previous was " . $m->email . ")", "Email Update");
             // Sticking to old BW, the previous email is stored in logs,
             // this might be discussed, but if the member fills a bad email,
             // there is no more way to retrieve him
             // Todo : get rid with this, but implement a confimmation mail
             $m->Email = MOD_crypt::NewReplaceInCrypted(strip_tags($vars['Email']), "members.Email", $IdMember, $m->Email, $IdMember, $this->ShallICrypt($vars, "Email"));
         }
     }
     if ($vars["HomePhoneNumber"] != "cryptedhidden") {
         $m->HomePhoneNumber = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['HomePhoneNumber'])), "members.HomePhoneNumber", $IdMember, $m->HomePhoneNumber, $IdMember, $this->ShallICrypt($vars, "HomePhoneNumber"));
     }
     if ($vars["CellPhoneNumber"] != "cryptedhidden") {
         $m->CellPhoneNumber = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['CellPhoneNumber'])), "members.CellPhoneNumber", $IdMember, $m->CellPhoneNumber, $IdMember, $this->ShallICrypt($vars, "CellPhoneNumber"));
     }
     if ($vars["WorkPhoneNumber"] != "cryptedhidden") {
         $m->WorkPhoneNumber = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['WorkPhoneNumber'])), "members.WorkPhoneNumber", $IdMember, $m->WorkPhoneNumber, $IdMember, $this->ShallICrypt($vars, "WorkPhoneNumber"));
     }
     if ($vars["chat_SKYPE"] != "cryptedhidden") {
         $m->chat_SKYPE = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_SKYPE'])), "members.chat_SKYPE", $IdMember, $m->chat_SKYPE, $IdMember, $this->ShallICrypt($vars, "chat_SKYPE"));
     }
     if ($vars["chat_AOL"] != "cryptedhidden") {
         $m->chat_AOL = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_AOL'])), "members.chat_AOL", $IdMember, $m->chat_AOL, $IdMember, $this->ShallICrypt($vars, "chat_AOL"));
     }
     if ($vars["chat_YAHOO"] != "cryptedhidden") {
         $m->chat_YAHOO = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_YAHOO'])), "members.chat_YAHOO", $IdMember, $m->chat_YAHOO, $IdMember, $this->ShallICrypt($vars, "chat_YAHOO"));
     }
     if ($vars["chat_ICQ"] != "cryptedhidden") {
         $m->chat_ICQ = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_ICQ'])), "members.chat_ICQ", $IdMember, $m->chat_ICQ, $IdMember, $this->ShallICrypt($vars, "chat_ICQ"));
     }
     if ($vars["chat_Others"] != "cryptedhidden") {
         $m->chat_Others = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_Others'])), "members.chat_Others", $IdMember, $m->chat_Others, $IdMember, $this->ShallICrypt($vars, "chat_Others"));
     }
     if ($vars["chat_GOOGLE"] != "cryptedhidden") {
         $m->chat_GOOGLE = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_GOOGLE'])), "members.chat_GOOGLE", $IdMember, $m->chat_GOOGLE, $IdMember, $this->ShallICrypt($vars, "chat_GOOGLE"));
     }
     $firstname = MOD_crypt::AdminReadCrypted($m->FirstName);
     $secondname = MOD_crypt::AdminReadCrypted($m->SecondName);
     $lastname = MOD_crypt::AdminReadCrypted($m->LastName);
     if ($firstname != strip_tags($vars['FirstName']) || $secondname != strip_tags($vars['SecondName']) || $lastname != strip_tags($vars['LastName'])) {
         $this->logWrite("{$m->Username} changed name. Firstname: {$firstname} -> " . strip_tags($vars['FirstName']) . ", second name: {$secondname} -> " . strip_tags($vars['SecondName']) . ", second name: {$lastname} -> " . strip_tags($vars['LastName']), 'Profile update');
     }
     if ($vars["FirstName"] != "cryptedhidden") {
         MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['FirstName'])), "members.FirstName", $IdMember, $m->FirstName, $IdMember, $this->ShallICrypt($vars, "FirstName"));
     }
     if ($vars["SecondName"] != "cryptedhidden") {
         $cryptId = MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['SecondName'])), "members.SecondName", $IdMember, $m->SecondName, $IdMember, $this->ShallICrypt($vars, "SecondName"));
         // Update member if a new crypted SecondName value was added
         if ($cryptId != $m->SecondName) {
             $m->SecondName = $cryptId;
         }
     }
     if ($vars["LastName"] != "cryptedhidden") {
         MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['LastName'])), "members.LastName", $IdMember, $m->LastName, $IdMember, $this->ShallICrypt($vars, "LastName"));
     }
     if ($vars["Zip"] != "cryptedhidden") {
         $this->logWrite("in members.model updateprofile() Before Zip update addresss.Zip=" . $m->address->Zip, "Debug");
         $cryptId = MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['Zip'])), "addresses.Zip", $m->IdAddress, $m->address->Zip, $IdMember, $this->ShallICrypt($vars, "Zip"));
         // Update addresses table if a new crypted zip value was added
         if ($cryptId != $m->address->Zip) {
             $m->setCryptedZip($cryptId);
         }
         $this->logWrite("in members.model updateprofile() After Zip update addresss.Zip=" . $m->address->Zip . " \$cryptId=" . $cryptId, "Debug");
     }
     if ($vars["HouseNumber"] != "cryptedhidden") {
         $cryptId = MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['HouseNumber'])), "addresses.HouseNumber", $m->IdAddress, $m->address->HouseNumber, $IdMember, $this->ShallICrypt($vars, "Address"));
         // Update addresses table if a new crypted HouseNumber value was added
         if ($cryptId != $m->address->HouseNumber) {
             $m->setCryptedHouseNumber($cryptId);
         }
     }
     if ($vars["Street"] != "cryptedhidden") {
         $cryptId = MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['Street'])), "addresses.StreetName", $m->IdAddress, $m->address->StreetName, $IdMember, $this->ShallICrypt($vars, "Address"));
         // Update addresses table if a new crypted StreetName value was added
         if ($cryptId != $m->address->StreetName) {
             $m->setCryptedStreetName($cryptId);
         }
     }
     // Check relations, and update them if they have changed
     $Relations = $m->get_all_relations();
     foreach ($Relations as $Relation) {
         if ($words->mInTrad($Relation->Comment, $vars['profile_language']) != $vars["RelationComment_" . $Relation->id] and !empty($vars["RelationComment_" . $Relation->id])) {
             //              echo "Relation #".$Relation->id,"<br />", $words->mInTrad($Relation->Comment,$vars['profile_language']),"<br />",$vars['RelationComment_'.$Relation->id],"<br />" ;
             $IdTrad = $words->ReplaceInMTrad(strip_tags($vars["RelationComment_" . $Relation->id]), "specialrelations.Comment", $Relation->id, $Relation->Comment, $IdMember);
             // Empty comments have trad id 0. Causing ReplaceInMTrad to create
             // a new trad id and returning the new number.
             if ($IdTrad != $Relation->id) {
                 $m->update_relation($Relation->id, $IdTrad);
             }
             $this->logWrite("updating relation #" . $Relation->id . " Relation Confirmed=" . $Relation->Confirmed, "Profile update");
         }
     }
     // Check groups membership description, and update them if they have changed
     // Tod od with Peter: check if there is other feature to update a group membership (a groupmembership model for example, or entity)
     /* group membership should not be present here, disabled for now
        $Groups=$m->getGroups() ;
        for ($i = 0; $i < count($Groups) ; $i++) {
            $group=$Groups[$i] ;
            $group_id = $group->getPKValue() ;
            $group_name_translated = $words->get("Group_".$group->Name);
            $group_comment_translated = htmlspecialchars($words->mInTrad($m->getGroupMembership($group)->Comment,$vars['profile_language']), ENT_QUOTES);
            $IdMemberShip=$m->getGroupMembership($group)->id ;
            if (($words->mInTrad($m->getGroupMembership($group)->Comment,$vars['profile_language'])!=$vars["GroupMembership_".$IdMemberShip])
                and (!empty($vars["GroupMembership_".$IdMemberShip])))  {
                echo "Group #".$group_id,"<br />",$words->mInTrad($m->getGroupMembership($group)->Comment,$vars['profile_language']),"<br />",$vars["GroupMembership_".$IdMemberShip],"<br />" ;
                $words->ReplaceInMTrad(strip_tags($vars["GroupMembership_".$IdMemberShip]),"membersgroups.Comment", $IdMemberShip, $m->getGroupMembership($group)->Comment, $IdMember);
                $this->logWrite("updating membership description in group #".$group_id." Group name=".$group->name, "Profil update");
            }
        }
        */
     // if a member with status NeedMore updates her/his profile, moving them back to pending
     if ($m->Status == 'NeedMore') {
         $m->Status = 'Pending';
     }
     $status = $m->update();
     if (!empty($_FILES['profile_picture']) && !empty($_FILES['profile_picture']['tmp_name'])) {
         if (isset($_FILES['profile_picture']) && $_FILES['profile_picture']['error'] == 0) {
             $this->avatarMake($vars['memberid'], $_FILES['profile_picture']['tmp_name']);
         }
     }
     if ($IdMember == $_SESSION['IdMember']) {
         $this->logWrite("Profile update by member himself [Status={$m->Status}]", "Profile update");
     } else {
         $this->logWrite("update of another profile <b>" . $m->Username . "</b>", "Profile update");
         // It can be an admin update or a delegated translation update
     }
     return $status;
 }
 /**
  * This function loads the private data of member IdMember
  * @cid can be an id or a username of the member.
  * @given_password is the password sent with the form.
  * @return a structure with the data, or false if password/Username dont match
  **/
 public function LoadPrivateData($cid, $given_password)
 {
     // comment by lemon-head: I think we should encrypt the pw on PHP side, not in SQL.
     // It is said in MySQL documentation
     // that the PASSWORD() function is not recommended to be used by applications.
     // - correct, but as long as we're stuck with the mysql password function (and for now
     //   we are, then we either have to replicate the password function [it doesn't exist in php]
     //   or rely on mysql. Sucks to be us.
     $data = new stdClass();
     if (!($m = $this->checkPassword($cid, $given_password))) {
         // user not found! explain something?
         return array();
         // Returns empty array if no value found
     }
     // Password has been verified, load the encrypted data
     foreach (array('FirstName', 'SecondName', 'LastName') as $key) {
         $data->{$key} = MOD_crypt::AdminReadCrypted($m->{$key});
     }
     foreach (array('HouseNumber', 'StreetName', 'Zip') as $key) {
         if (!isset($m->address)) {
             $housenumber = $m->get_housenumber();
         }
         $data->{$key} = MOD_crypt::AdminReadCrypted($m->address->{$key});
     }
     $data->CityName = $m->get_city();
     return $data;
 }