public function notify_post($post_id = null, $subject = null)
{
// send a notification email to the creator, assigned_to and watchers
$debug = "";
$error = "";
$info = "";
$user_id = $this->template->get_session_value("User_id", 0);
$post = array();
$watchers = array();
is_null($post_id) && ($post_id = 0);
is_null($subject) && ($subject = "");
$post_id < 1 && ($error = "Sorry a post was not specified");
if (strlen($error) < 1) {
$query = "select posts.id, posts.title, posts.post, posts.priority, posts.category_id, posts.status, " . " posts.assigned_to, posts.created_by, priorities.priority, priorities.description, " . " categories.category, " . " creator.email as creator_email, creator.name as creator_name, " . " assigned.email as assigned_email, assigned.name as assigned_name from posts " . " left outer join priorities on posts.priority = priorities.id " . " inner join categories on posts.category_id = categories.id " . " inner join user_details as creator on posts.created_by = creator.user_id " . " left outer join user_details as assigned on posts.assigned_to = assigned.user_id " . " where posts.id = " . $post_id . "; " . " select user_details.name, user_details.email from post_watchers " . " inner join posts on post_watchers.post_id = posts.id " . " inner join user_details on post_watchers.user_id = user_details.user_id " . " where post_watchers.post_id = " . $post_id . " and not post_watchers.user_id in " . " (posts.created_by, posts.assigned_to); ";
$res = $this->query($query);
$error = $this->db_error;
DEBUG > 0 && ($debug = $this->db_debug);
if (strlen($error) < 1) {
isset($res[0][0]) && ($post = $res[0][0]);
count($post) < 1 && ($error = "Sorry the post specified was not found");
isset($res[1]) && ($watchers = $res[1]);
}
}
if (strlen($error) < 1) {
strlen($subject) < 1 && ($subject = $post["title"]);
// only cc if there is an assigned to and/or watchers
// ASSUME valid emails
$cc = array();
$mail_to = null;
if ($post["assigned_to"] < 1) {
$mail_to = $post["creator_email"];
} else {
// assigned to exists
$mail_to = $post["assigned_email"];
$cc[$post["creator_email"]] = $post["creator_name"];
}
if (!is_null($mail_to)) {
foreach ($watchers as $w) {
$cc[$w["email"]] = $w["name"];
#$cc[] = $w["email"];
}
$mailer = new Mailer_Lib();
$url = $this->get_site_url();
$post_url = $url . "/posts/show/" . $post["id"];
$message = $post["post"];
strlen($message) > 100 && ($message = substr($message, 0, 99) . "..");
$message = "Post: <a href='" . $post_url . "'>" . $post["title"] . "</a>\r\n" . "Category: " . $post["category"] . "\r\n" . "Priority: " . $post["priority"] . "\r\n\r\n" . $message . "\r\n\r\n" . "<a href='" . $post_url . "'>" . $post_url . "</a>\r\n\r\n" . "Support\r\nSimple Tracker\r\n" . $url . "\r\n";
$ret = $mailer->swiftmail($this->mail['mandrill'], $mail_to, $subject, $message, $this->mail['support'], $this->mail['support_name'], $this->admin_email, $cc);
if (!$ret) {
$info = "Unable to send notification email";
}
}
// !is_null
}
$result = array('errors' => array(array('message' => $error, 'debug' => $debug)), 'data' => array("post_id" => $post_id), 'info' => $info);
return $result;
}
public function reset()
{
// send a pwd reset msg; only valid for 'self' registrations
$debug = "";
$error = "";
$info = "";
$user = array();
$url = $this->get_site_url();
$u = new User_model($this->template, $this->query_string);
$email = "";
isset($_POST['email']) && ($email = $_POST['email']);
strlen($email) < 1 && ($error = "Please enter your email address");
if (strlen($error) < 1 && !filter_var($email, FILTER_VALIDATE_EMAIL)) {
$error = "Please enter a valid email address";
}
if (strlen($error) < 1) {
$token = $this->codify($email);
$res = $u->find_user(null, 'self', $email);
if (isset($res["data"]) && !is_null($res["data"])) {
$error = $res["errors"][0]["message"];
$user = $res["data"];
DEBUG > 0 && ($debug = $res["errors"][0]["debug"]);
strlen($error) < 1 && count($user) < 1 && ($error = "Sorry the email provided was not found");
} else {
$error = "Your account could not be found.";
}
}
if (strlen($error) < 1) {
// user was found
$res = $u->set_user_token($user["id"], $token, 11);
$error = $res["errors"][0]["message"];
DEBUG > 0 && ($debug = $res["errors"][0]["debug"]);
}
if (strlen($error) < 1) {
// token set - now send email
$verify = $url . "/verify";
// set cookie OR pass token in URL
$this->unset_cookie(null);
$this->set_cookie(null, $token, null) || ($verify .= "/?t=" . urlencode($token));
$subject = "Simple Tracker";
$message = "Thank your for using Simple Tracker\r\n\r\n";
$message .= "Please click on the link below to reset your password. " . "If the link is not clickable copy and paste it directly into your browser.\r\n\r\n";
$message .= "<a href='" . $verify . "'>" . $verify . "</a>";
$message .= "\r\n\r\nNOTE\r\nYou must click the 'verify' link from the SAME device that you requested the password reset email from.\r\n\r\n";
$message .= "Support\r\nSimple Tracker\r\n" . $url . "\r\n";
$mailer = new Mailer_Lib();
$ret = $mailer->swiftmail($this->mail[$this->mailer], $email, $subject, $message, $this->mail['support'], $this->mail['support_name'], $this->admin_email, null);
if ($ret) {
$info = "Thank you. " . "Information has been sent to " . $this->template->escape_string($email) . " on how to reset your password";
} else {
$error = "There was a problem sending an email to " . $this->template->escape_string($email);
}
}
// send email
$result = array("errors" => array(array("message" => $error, "debug" => $debug)), "data" => null, "info" => $info);
strlen($error) < 1 && strlen($info) > 0 && $this->template->flash($info, "alert alert-success");
$this->template->assign("reset_result", $result);
return $result;
}
public function add_user($provider = null, $user_name = null, $password = null, $name = null, $status = null)
{
// add a user - can be from provider 'self' or other (eg facebook)
// returns a result : { data: <user_id just added>, error: <errors object>}
// params assumed validated; meant to be called from other functions
$error = '';
$debug = '';
$user = null;
$info = '';
// these attributes may be available in the form for calling function
is_null($name) && ($name = '');
strlen($name) < 1 && isset($_POST['name']) && ($name = $_POST['name']);
$email = '';
isset($_POST['email']) && ($email = $_POST['email']);
// default email to user name if the user name looks like an email address
strlen($email) < 1 && strpos('@', $user_name) >= 0 && ($email = $user_name);
// default provider to 'self'
is_null($provider) && ($provider = '');
strlen($provider) < 1 && ($provider = 'self');
strlen($user_name) < 1 && ($error = 'Cannot create account - a user ID or an email address is required');
strlen($error) < 1 && strlen($name) < 1 && ($error = 'Please enter your name');
if (strlen($error) < 1 && $provider == 'self') {
strlen($password) < 1 && ($error = "Cannot create account - please supply a valid password");
strlen($error) < 1 && !filter_var($email, FILTER_VALIDATE_EMAIL) && ($errors = "The email address provided does not appear to be valid");
}
if (strlen($error) < 1) {
// no validation errors - attempt to add account
if (is_null($status) || !is_numeric($status) || !array_key_exists($status, array(11 => 1, 10 => 1))) {
$status = 11;
}
$terms = 0;
if ($provider != 'self') {
$terms = 1;
$status = 10;
$password = $user_name;
}
$data = array('provider' => $provider, 'user_name' => $user_name, 'password' => $this->codify($password));
$this->ensure_visit();
$res = $this->insert('users', $data, true, false);
$error = $this->db_error;
DEBUG > 0 && ($debug = $this->db_debug);
if (strlen($error) < 1) {
$id = 0;
isset($res[0]) && count($res[0]) >= 0 && ($id = $res[0][0]['id']);
$id > 0 || ($error = "A technical problem occurred while creating an account - please inform the site administrator");
}
if (strlen($error) < 1) {
// attempt to add user details
$data = array('user_id' => $id, 'name' => $name, 'organisation_id' => $this->template->get_session_value('org_id', 0), 'email' => $email, 'status' => $status);
if ($terms > 0) {
// if not self reg, then they've agreed terms
$data['agreed_terms'] = $terms;
$data['agreed_terms_at'] = $this->iso_datetime_now();
}
$image_url = "";
switch ($provider) {
case 'facebook':
$image_url = "https://graph.facebook.com/" . $user_name . "/picture";
break;
}
strlen($image_url) > 0 && ($data["image_url"] = $image_url);
$res = $this->insert('user_details', $data, false, true, 'user_id');
$error = $this->db_error;
DEBUG > 0 && ($debug .= "; " . $this->db_debug);
if (strlen($error) < 1) {
// success - if email validation needed, send an email
if ($status == 11) {
$info = "We were unable to send an email to the address you supplied.";
// set token to crypt of user_name
$token = $this->codify($user_name . "_" . $id);
$res = $this->set_user_token($id, $token, 10);
$error = $res["errors"][0]["message"];
DEBUG > 0 && ($debug .= $res["errors"][0]["debug"]);
if (strlen($error) < 1) {
// token set ok
$subject = "New [Simple Tracker] account";
$message = $this->make_verify_message($token, $name);
$mailer = new Mailer_Lib();
$ret = $mailer->swiftmail($this->mail[$this->mailer], $email, $subject, $message, $this->mail['support'], $this->mail['support_name'], $this->admin_email, null);
if ($ret) {
$info = "Thank you for registering. An email has been sent to " . $this->template->escape_string($email) . ". Please, click on the link in it to verify your email address and complete your registration. " . "You must be on the SAME device that you used to register for the link to work.";
} else {
$error = "There was a problem sending you a verification email message - so you will be unable to complete the registration. " . "Please check the email address supplied for typos.";
}
} else {
$info = "Programmer error - the verification process failed. Please refresh your browser and click the 'Forgot password' button.";
}
} else {
$info = "Thank you for registering";
$res = $this->find_user($id, null, null, null);
if (isset($res["errors"][0]) && strlen($res["errors"][0]["message"]) > 0) {
$error = $res["errors"][0]["message"] . '; ' . $res["errors"][0]["debug"];
} else {
$user = $res["data"];
}
}
// else - status 10
}
// insert user details
}
// user
}
// validation errors
$result = array("errors" => array(array("message" => $error, "debug" => $debug)), "data" => $user, "info" => $info);
return $result;
}