/** * Get a form, allowing modules to alter it. */ function crm_get_form() { if (func_num_args() < 1) { return array(); } $args = func_get_args(); $form_id = array_shift($args); $hook = "{$form_id}_form"; // Build initial form if (!function_exists($hook)) { error_register("No such hook: {$hook}"); return array(); } $form = call_user_func_array($hook, $args); if (empty($form)) { return $form; } // Allow modules to alter the form foreach (module_list() as $module) { $hook = $module . '_form_alter'; if (function_exists($hook)) { $form = $hook($form, $form_id); if (empty($form)) { error_register('Empty form returned by ' . $hook); } } } return $form; }
/** * Get an array of data structures from the database, and allow all modules * to extend them. This function will call hook_data() to get the data and * hook_data_alter() to allow modules to alter the data. * @param $type The type of data. * @param $opts An associative array of options. * @return An array of data structures. */ function crm_get_data($type, $opts = array()) { // Get the base data $hook = "{$type}_data"; if (!function_exists($hook)) { error_register('No such data type: ' . $type); die; } $data = call_user_func($hook, $opts); if (!empty($data)) { // Let other modules extend the data foreach (module_list() as $module) { // Make sure module is really installed $rev_hook = "{$module}_revision"; $hook = "{$module}_data_alter"; if (function_exists($hook)) { if (module_get_schema_revision($module) != call_user_func($rev_hook)) { error_register("Database schema needs to be upgraded for module {$module}."); continue; } $data = call_user_func($hook, $type, $data, $opts); // Make sure the hook actually returned data if (is_null($data)) { error_register('Hook returned null: ' . $hook); } } } } return $data; }
/** * Get a table, allowing modules to alter it. * @param $table_id The name of the table. * @param $opts Associative array of options. */ function crm_get_table($table_id, $opts = array()) { // Get base table $table = call_user_func("{$table_id}_table", $opts); // Allow modules to alter the table foreach (module_list() as $module) { $hook = $module . '_table_alter'; if (function_exists($hook)) { $table = call_user_func($hook, $table, $table_id, $opts); if (is_null($table)) { error_register('Null table returned by ' . $hook); } } } return $table; }
/** * @return The form structure for adding a member. */ function member_add_form() { // Ensure user is allowed to add members if (!user_access('member_add')) { error_register('Permission denied: member_add'); return NULL; } // Start with contact form $form = crm_get_form('contact'); // Generate default start date, first of current month $start = date("Y-m-d"); // Change form command $form['command'] = 'member_add'; // Add member data $form['fields'][] = array('type' => 'fieldset', 'label' => 'User Info', 'fields' => array(array('type' => 'text', 'label' => 'Username', 'name' => 'username'))); $form['fields'][] = array('type' => 'fieldset', 'label' => 'Membership Info', 'fields' => array(array('type' => 'select', 'label' => 'Plan', 'name' => 'pid', 'selected' => '', 'options' => member_plan_options(array('filter' => array('active' => true)))), array('type' => 'text', 'label' => 'Start Date', 'name' => 'start', 'value' => $start, 'class' => 'date'))); return $form; }
/** * Process a command and redirect. * @param $command The name of the command to process * @return The url to redirect to. */ function command($command) { // Initialize url and parameters $url = ''; $params = array(); // Call legacy handler if it exists $handler = "command_{$command}"; if (function_exists($handler)) { $res = call_user_func($handler); // Split result into file and params $parts = explode('?', $res); $url = $parts[0]; if (sizeof($parts) > 0) { $clauses = explode('&', $parts[1]); foreach ($clauses as $clause) { $keyvalue = explode('=', $clause); if (sizeof($keyvalue) > 1) { $params[$keyvalue[0]] = $keyvalue[1]; } } } } // Call the handler for each module if it exists foreach (module_list() as $module) { $handler = "{$module}_command"; if (function_exists($handler)) { $handler($command, $url, $params); } } // Error if the url is still empty if (empty($url)) { error_register('No such command: ' . $command); $url = crm_url(); } $url .= '?'; $parts = array(); foreach ($params as $key => $value) { $parts[] = $key . '=' . $value; } return $url . implode('&', $parts); }
/** * Handle secret delete request. * * @return The url to display on completion. */ function command_secrets_delete() { global $esc_post; // Verify permissions if (!user_access('secrets_delete')) { error_register('Permission denied: secrets_delete'); return crm_url('secrets'); } secrets_delete($_POST); return crm_url('secrets'); }
/** * Handle key delete request. * * @return The url to display on completion. */ function command_key_delete() { global $esc_post; // Verify permissions if (!user_access('key_delete')) { error_register('Permission denied: key_delete'); return crm_url('key&kid=' . $esc_post['kid']); } key_delete($_POST); return crm_url('members'); }
/** * Handle plan import request. * * @return The url to display on completion. */ function command_member_plan_import() { if (!user_access('member_plan_edit')) { error_register('User does not have permission: member_plan_edit'); return crm_url('members'); } if (!array_key_exists('plan-file', $_FILES)) { error_register('No plan file uploaded'); return crm_url('plans&tab=import'); } $csv = file_get_contents($_FILES['plan-file']['tmp_name']); $data = csv_parse($csv); foreach ($data as $row) { // Convert row keys to lowercase and remove spaces foreach ($row as $key => $value) { $new_key = str_replace(' ', '', strtolower($key)); unset($row[$key]); $row[$new_key] = $value; } // Add plan $name = mysql_real_escape_string($row['planname']); $price = mysql_real_escape_string($row['price']); $active = mysql_real_escape_string($row['active']); $voting = mysql_real_escape_string($row['voting']); $sql = "\n INSERT INTO `plan`\n (`name`,`price`,`active`,`voting`)\n VALUES\n ('{$name}','{$price}','{$active}','{$voting}')"; $res = mysql_query($sql); if (!$res) { crm_error(mysql_error()); } $pid = mysql_insert_id(); } return crm_url('plans'); }
/** * Handle mentor delete request. * * @return The url to display on completion. */ function command_mentor_delete() { global $esc_post; // Verify permissions if (!user_access('mentor_delete')) { error_register('Permission denied: mentor_delete'); return crm_url(''); } // Query database $sql = "\r\n DELETE FROM `mentor`\r\n WHERE `cid`='{$esc_post['cid']}' AND `mentor_cid`='{$esc_post['mentor_cid']}'"; $res = mysql_query($sql); if (!$res) { die(mysql_error()); } return crm_url('members'); }
/** * Handle user permissions update request. * * @return The url to display on completion. */ function command_user_permissions_update() { global $esc_post; // Check permissions if (!user_access('user_edit')) { error_register('Current user does not have permission: user_edit'); return crm_url('permissions'); } // Check status of each permission for each role $perms = user_permissions_list(); $roles = user_role_data(); foreach ($perms as $perm) { $esc_perm = mysql_real_escape_string($perm); foreach ($roles as $role) { $key = "{$perm}-{$role['name']}"; $esc_rid = mysql_real_escape_string($role['rid']); if ($_POST[$key]) { // Ensure the role has this permission $sql = "\n SELECT * FROM `role_permission`\n WHERE `rid`='{$esc_rid}' AND `permission`='{$esc_perm}'\n "; $res = mysql_query($sql); if (!$res) { die(mysql_error()); } if (mysql_numrows($res) === 0) { $sql = "\n INSERT INTO `role_permission`\n (`rid`, `permission`)\n VALUES\n ('{$esc_rid}', '{$esc_perm}')\n "; } $res = mysql_query($sql); if (!$res) { die(mysql_error()); } } else { // Delete the permission for this role $sql = "\n DELETE FROM `role_permission`\n WHERE `rid`='{$esc_rid}' AND `permission`='{$esc_perm}'\n "; $res = mysql_query($sql); if (!$res) { die(mysql_error()); } } } } return crm_url('permissions'); }
/** * Return themed html for an amazon payment button. * @param $cid The cid to create a button for. * @param $params Options for the button. * @return A string containing the themed html. */ function theme_amazon_payment_button($cid, $params = array()) { global $config_amazon_payment_access_key_id; global $config_amazon_payment_secret; global $config_host; if (empty($config_amazon_payment_access_key_id)) { error_register('Missing Amazon Access Key ID'); return ''; } if (empty($config_amazon_payment_secret)) { error_register('Missing Amazon Secret Key'); return ''; } $defaults = array('immediateReturn' => '0', 'collectShippingAddress' => '0', 'referenceId' => 'YourReferenceId', 'amount' => 'USD 1.1', 'cobrandingStyle' => 'logo', 'description' => 'Test Widget', 'ipnUrl' => 'http://' . $config_host . base_path() . 'modules/amazon_payment/ipn.php', 'returnUrl' => 'http://' . $config_host . crm_url('contact', array('query' => array('cid' => $cid, 'tab' => 'account'))), 'processImmediate' => '1', 'cobrandingStyle' => 'logo', 'abandonUrl' => 'http://' . $config_host . crm_url('contact', array('query' => array('cid' => $cid, 'tab' => 'account')))); // Use defaults for parameters not specified foreach ($defaults as $key => $value) { if (!isset($params[$key])) { $params[$key] = $value; } } // Always use AWS Signatures v2 with SHA256 HMAC // http://docs.aws.amazon.com/general/latest/gr/signature-version-2.html $params['accessKey'] = $config_amazon_payment_access_key_id; $params['signatureVersion'] = '2'; $params['signatureMethod'] = 'HmacSHA256'; $host = 'authorize.payments.amazon.com'; $path = '/pba/paypipeline'; $params['signature'] = amazon_payment_signature($params, $host, $path, 'POST'); $html = <<<EOF <form action ="https://authorize.payments.amazon.com/pba/paypipeline" method="POST"/> <input type="image" src="https://authorize.payments.amazon.com/pba/images/SLPayNowWithLogo.png" border="0"/> <input type="hidden" name="accessKey" value="{$params['accessKey']}"/> <input type="hidden" name="amount" value="{$params['amount']}"/> <input type="hidden" name="collectShippingAddress" value="{$params['collectShippingAddress']}"/> <input type="hidden" name="description" value="{$params['description']}"/> <input type="hidden" name="signatureMethod" value="{$params['signatureMethod']}"/> <input type="hidden" name="referenceId" value="{$params['referenceId']}"/> <input type="hidden" name="immediateReturn" value="{$params['immediateReturn']}"/> <input type="hidden" name="returnUrl" value="{$params['returnUrl']}"/> <input type="hidden" name="abandonUrl" value="{$params['abandonUrl']}"/> <input type="hidden" name="processImmediate" value="{$params['processImmediate']}"/> <input type="hidden" name="ipnUrl" value="{$params['ipnUrl']}"/> <input type="hidden" name="cobrandingStyle" value="{$params['cobrandingStyle']}"/> <input type="hidden" name="signatureVersion" value="{$params['signatureVersion']}"/> <input type="hidden" name="signature" value="{$params['signature']}"/> </form> EOF; return $html; }
/** * Upgrade all configured modules. */ function module_upgrade() { // Make sure core is installed if (!module_core_installed()) { error_register('Please run the install script'); return false; } foreach (module_list() as $module) { // Get current schema and code revisions $old_revision = module_get_schema_revision($module); $new_revision = module_get_code_revision($module); // Upgrade the module to the current revision $installer = $module . '_install'; if (function_exists($installer)) { call_user_func($installer, $old_revision); } // Update the revision number in the database module_set_schema_revision($module, $new_revision); } return true; }
/** * Handle payment edit request. * * @return The url to display on completion. */ function command_payment_edit() { // Verify permissions if (!user_access('payment_edit')) { error_register('Permission denied: payment_edit'); return crm_url('payments'); } // Parse and save payment $payment = $_POST; $value = payment_parse_currency($_POST['value'], $_POST['code']); $payment['code'] = $value['code']; $payment['value'] = $value['value']; payment_save($payment); message_register('1 payment updated.'); return crm_url('payments'); }
/** * Handle paypal payment import request. * * @return The url to display on completion. */ function command_paypal_payment_import() { if (!user_access('payment_edit')) { error_register('User does not have permission: payment_edit'); return crm_url('payments'); } if (!array_key_exists('payment-file', $_FILES)) { error_register('No payment file uploaded'); return crm_url('payments&tab=import'); } $csv = file_get_contents($_FILES['payment-file']['tmp_name']); $data = csv_parse($csv); $count = 0; foreach ($data as $row) { // Skip transactions that have already been imported $payment_opts = array('filter' => array('confirmation' => $row['Transaction ID'])); $data = payment_data($payment_opts); if (count($data) > 0) { continue; } // Parse value $value = payment_parse_currency($row['Gross']); // Create payment object $payment = array('date' => date('Y-m-d', strtotime($row['Date'])), 'code' => $value['code'], 'value' => $value['value'], 'description' => $row['Name'] . ' Paypal Payment', 'method' => 'paypal', 'confirmation' => $row['Transaction ID'], 'notes' => $row['Item Title'], 'paypal_email' => $row['From Email Address']); // Check if the paypal email is linked to a contact $opts = array('filter' => array('paypal_email' => $row['From Email Address'])); $contact_data = paypal_payment_contact_data($opts); if (count($contact_data) > 0) { $payment['credit_cid'] = $contact_data[0]['cid']; } // Save the payment $payment = payment_save($payment); $count++; } message_register("Successfully imported {$count} payment(s)"); return crm_url('payments'); }
/** * Page hook. Adds contact module content to a page before it is rendered. * * @param &$page_data Reference to data about the page being rendered. * @param $page_name The name of the page being rendered. */ function contact_page(&$page_data, $page_name) { switch ($page_name) { case 'contacts': // Set page title page_set_title($page_data, 'Contacts'); // Add view tab if (user_access('contact_view')) { $opts = array('show_export' => true, 'exclude' => array('emergencyName', 'emergencyPhone')); $view = theme('table', 'contact', $opts); page_add_content_top($page_data, $view, 'View'); } // Add add tab if (user_access('contact_add')) { page_add_content_top($page_data, theme('form', crm_get_form('contact')), 'Add'); } break; case 'contact': // Capture contact id $cid = $_GET['cid']; if (empty($cid)) { return; } if (!user_access('contact_view') && $cid !== user_id()) { error_register('Permission denied: contact_view'); return; } $contact_data = crm_get_data('contact', array('cid' => $cid)); $contact = $contact_data[0]; // Set page title page_set_title($page_data, theme('contact_name', $contact)); // Add view tab $view_content = ''; if (user_access('contact_view')) { $view_content .= '<h3>Contact Info</h3>'; $opts = array('cid' => $cid, 'ops' => false); $view_content .= theme('table_vertical', 'contact', array('cid' => $cid)); } if (!empty($view_content)) { page_add_content_top($page_data, $view_content, 'View'); } // Add edit tab if (user_access('contact_edit') || $cid == user_id()) { $opts = array('cid' => $cid); $form = crm_get_form('contact', $opts); page_add_content_top($page_data, theme('form', $form), 'Edit'); } break; } }