public function getFavoriteUsers($user_id)
{
$user_id = (int) $user_id;
$favoriteArray = $this->dbFetchArray(" " . USERS_FAVORITES . ".user_id={$user_id} AND " . USERS_FAVORITES . ".enabled = 1");
$userData = array();
foreach ($favoriteArray as $favorite) {
$user = new User();
$user->findUserById($favorite['favorite_user_id']);
$userData[] = $user->getId();
}
return $userData;
}
function getUserList()
{
$limit = 30;
$page = isset($_REQUEST["page"]) ? intval($_REQUEST["page"]) : 1;
$letter = isset($_REQUEST["letter"]) ? mysql_real_escape_string(trim($_REQUEST["letter"])) : "";
$order = !empty($_REQUEST["order"]) ? mysql_real_escape_string(trim($_REQUEST["order"])) : "earnings30";
$order_dir = isset($_REQUEST["order_dir"]) ? mysql_real_escape_string(trim($_REQUEST["order_dir"])) : "DESC";
$active = isset($_REQUEST['active']) && $_REQUEST['active'] == 'TRUE' ? 'TRUE' : 'FALSE';
$myfavorite = isset($_REQUEST['myfavorite']) && $_REQUEST['myfavorite'] == 'TRUE' ? 'TRUE' : 'FALSE';
$sfilter = $_REQUEST['sfilter'];
if ($letter == "all") {
$letter = ".*";
}
if ($letter == "0-9") {
//numbers
$letter = "[^A-Za-z]";
}
$userid = $_SESSION['userid'];
$myfavorite_cond = '';
if ($userid > 0 && $myfavorite == 'TRUE') {
$myfavorite_cond = 'AND (SELECT COUNT(*) FROM `' . USERS_FAVORITES . "` uf WHERE uf.`user_id`={$userid} AND uf.`favorite_user_id`=`" . USERS . "`.`id` AND uf.`enabled` = 1) > 0";
}
if ($active == 'FALSE') {
$rt = mysql_query("SELECT COUNT(*) FROM `" . USERS . "` WHERE `nickname` REGEXP '^{$letter}' AND `is_active` = 1 {$myfavorite_cond}");
$row = mysql_fetch_row($rt);
$users = intval($row[0]);
} else {
if ($active == 'TRUE') {
$rt = mysql_query("\n SELECT COUNT(*) FROM `" . USERS . "`\n LEFT JOIN (SELECT `user_id`,MAX(`paid_date`) AS `date` FROM `" . FEES . "` WHERE `paid_date` IS NOT NULL AND `paid` = 1 AND `withdrawn` != 1 GROUP BY `user_id`) AS `dates` ON `" . USERS . "`.id = `dates`.user_id\n WHERE `date` > DATE_SUB(NOW(), INTERVAL {$sfilter} DAY) AND `is_active` = 1 AND `nickname` REGEXP '^{$letter}' {$myfavorite_cond}");
$row = mysql_fetch_row($rt);
$users = intval($row[0]);
}
}
//SELECT `id`, `nickname`,DATE_FORMAT(`added`, '%m/%d/%Y') AS `joined`, `budget`,
$cPages = ceil($users / $limit);
if ($active == 'FALSE') {
$query = "\n SELECT `id`, `nickname`,`added` AS `joined`, `budget`,\n IFNULL(`creators`.`count`,0) + IFNULL(`mechanics`.`count`,0) AS `jobs_count`,\n IFNULL(`earnings`.`sum`,0) AS `earnings`,\n IFNULL(`earnings30`.`sum`,0) AS `earnings30`,\n IFNULL(`rewarder`.`sum`,0)AS `rewarder`\n FROM `" . USERS . "`\n LEFT JOIN (SELECT `mechanic_id`, COUNT(`mechanic_id`) AS `count` FROM `" . WORKLIST . "` WHERE (`status` IN ('In Progress', 'QA Ready', 'Review', 'Merged', 'Done')) GROUP BY `mechanic_id`) AS `mechanics` ON `" . USERS . "`.`id` = `mechanics`.`mechanic_id`\n LEFT JOIN (SELECT `creator_id`, COUNT(`creator_id`) AS `count` FROM `" . WORKLIST . "` WHERE (`status` IN ('In Progress', 'QA Ready', 'Review', 'Merged', 'Done')) AND `creator_id` != `mechanic_id` GROUP BY `creator_id`) AS `creators` ON `" . USERS . "`.`id` = `creators`.`creator_id`\n LEFT JOIN (SELECT `user_id`, SUM(amount) AS `sum` FROM `" . FEES . "` WHERE {$sfilter} AND `paid` = 1 AND `withdrawn`=0 AND (`rewarder`=1 OR `bonus`=1) GROUP BY `user_id`) AS `rewarder` ON `" . USERS . "`.`id` = `rewarder`.`user_id`\n LEFT JOIN (SELECT `user_id`, SUM(amount) AS `sum` FROM `" . FEES . "` WHERE {$sfilter} AND `withdrawn`=0 AND `expense`=0 AND `paid` = 1 AND `paid_date` IS NOT NULL GROUP BY `user_id`) AS `earnings` ON `" . USERS . "`.`id` = `earnings`.`user_id`\n LEFT JOIN (SELECT `user_id`, SUM(amount) AS `sum` FROM `" . FEES . "` WHERE `withdrawn`=0 AND `paid` = 1 AND `paid_date` IS NOT NULL AND `paid_date` > DATE_SUB(NOW(), INTERVAL 30 DAY) AND `expense`=0 GROUP BY `user_id`) AS `earnings30` ON `" . USERS . "`.`id` = `earnings30`.`user_id`\n LEFT JOIN (SELECT `user_id`, SUM(amount) AS `sum` FROM `" . FEES . "` WHERE ({$sfilter} AND `withdrawn`=0 AND `paid` = 1) AND `expense`=1 GROUP BY `user_id`) AS `expenses_billed` ON `" . USERS . "`.`id` = `expenses_billed`.`user_id`\n WHERE `nickname` REGEXP '^{$letter}' AND `is_active` = 1 {$myfavorite_cond} ORDER BY `{$order}` {$order_dir} LIMIT " . ($page - 1) * $limit . ",{$limit}";
} else {
if ($active == 'TRUE') {
$query = "\n SELECT `id`, `nickname`,`added` AS `joined`, `budget`,\n IFNULL(`creators`.`count`,0) + IFNULL(`mechanics`.`count`,0) AS `jobs_count`,\n IFNULL(`earnings`.`sum`,0) AS `earnings`,\n IFNULL(`earnings30`.`sum`,0) AS `earnings30`,\n IFNULL(`rewarder`.`sum`,0)AS `rewarder`\n FROM `" . USERS . "`\n LEFT JOIN (SELECT `user_id`,MAX(`date`) AS `date` FROM `" . FEES . "` WHERE `paid` = 1 AND `amount` != 0 AND `withdrawn` = 0 AND `expense` = 0 GROUP BY `user_id`) AS `dates` ON `" . USERS . "`.id = `dates`.user_id\n LEFT JOIN (SELECT `mechanic_id`, COUNT(`mechanic_id`) AS `count` FROM `" . WORKLIST . "` WHERE (`status` IN ('In Progress', 'QA Ready', 'Review', 'Merged', 'Done')) GROUP BY `mechanic_id`) AS `mechanics` ON `" . USERS . "`.`id` = `mechanics`.`mechanic_id`\n LEFT JOIN (SELECT `creator_id`, COUNT(`creator_id`) AS `count` FROM `" . WORKLIST . "` WHERE (`status` IN ('In Progress', 'QA Ready', 'Review', 'Merged', 'Done')) AND `creator_id` != `mechanic_id` GROUP BY `creator_id`) AS `creators` ON `" . USERS . "`.`id` = `creators`.`creator_id`\n LEFT JOIN (SELECT `user_id`, SUM(amount) AS `sum` FROM `" . FEES . "` WHERE {$sfilter} AND `paid` = 1 AND `withdrawn`=0 AND (`rewarder`=1 OR `bonus`= 1) GROUP BY `user_id`) AS `rewarder` ON `" . USERS . "`.`id` = `rewarder`.`user_id`\n LEFT JOIN (SELECT `user_id`, SUM(amount) AS `sum` FROM `" . FEES . "` WHERE {$sfilter} AND `withdrawn`=0 AND `expense`=0 AND `paid` = 1 AND `paid_date` IS NOT NULL GROUP BY `user_id`) AS `earnings` ON `" . USERS . "`.`id` = `earnings`.`user_id`\n LEFT JOIN (SELECT `user_id`, SUM(amount) AS `sum` FROM `" . FEES . "` WHERE `withdrawn`=0 AND `paid` = 1 AND `paid_date` IS NOT NULL AND `paid_date` > DATE_SUB(NOW(), INTERVAL 30 DAY) AND `expense`=0 GROUP BY `user_id`) AS `earnings30` ON `" . USERS . "`.`id` = `earnings30`.`user_id`\n LEFT JOIN (SELECT `user_id`, SUM(amount) AS `sum` FROM `" . FEES . "` WHERE ({$sfilter} AND `withdrawn`=0 AND `paid` = 1) AND `expense`=1 GROUP BY `user_id`) AS `expenses_billed` ON `" . USERS . "`.`id` = `expenses_billed`.`user_id`\n WHERE `date` > DATE_SUB(NOW(), INTERVAL {$sfilter} DAY) AND `nickname` REGEXP '^{$letter}' AND `is_active` = 1 {$myfavorite_cond} ORDER BY `{$order}` {$order_dir} LIMIT " . ($page - 1) * $limit . ",{$limit}";
}
}
$rt = mysql_query($query);
// Construct json for pagination
$userlist = array(array($users, $page, $cPages));
while ($row = mysql_fetch_assoc($rt)) {
$user = new User();
$user->findUserById($row['id']);
if ($row['budget'] < 1) {
$row['budget'] = 'NONE';
} else {
$row['budget'] = '$' . number_format($user->getRemainingFunds(), 0);
}
$row['earnings'] = $user->totalEarnings();
$diffseconds = strtotime($row['joined']);
$row['joined'] = Utils::formatableRelativeTime($diffseconds, 2);
$userlist[] = $row;
}
$json = json_encode($userlist);
echo $json;
}
public function view($id)
{
try {
$project = Project::find($id);
} catch (Exception $e) {
$error = $e->getMessage();
die($error);
}
$is_runner = !empty($_SESSION['is_runner']) ? 1 : 0;
$is_payer = !empty($_SESSION['is_payer']) ? 1 : 0;
//get the project owner
$project_user = new User();
$project_user->findUserById($project->getOwnerId());
$this->write('project_user', $project_user);
$userId = Session::uid();
if ($userId > 0) {
Utils::initUserById($userId);
$user = new User();
$user->findUserById($userId);
// @TODO: this is overwritten below.. -- lithium
$nick = $user->getNickname();
$userbudget = $user->getBudget();
$budget = number_format($userbudget);
$is_owner = $project->isOwner($user->getId());
$is_admin = $user->getIs_admin();
} else {
$is_owner = false;
$is_admin = false;
}
$runners = $project->getRunners();
if (isset($_REQUEST['save_project']) && ($is_runner || $is_payer || $is_owner)) {
$project->setDescription($_REQUEST['description'])->setShortDescription($_REQUEST['short_description']);
$project->setWebsite($_REQUEST['website']);
$cr_anyone = $_REQUEST['cr_anyone'] ? 1 : 0;
$cr_3_favorites = $_REQUEST['cr_3_favorites'] ? 1 : 0;
$cr_project_admin = isset($_REQUEST['cr_project_admin']) ? 1 : 0;
$cr_users_specified = isset($_REQUEST['cr_users_specified']) ? 1 : 0;
$cr_job_runner = isset($_REQUEST['cr_job_runner']) ? 1 : 0;
$internal = isset($_REQUEST['internal']) ? 1 : 0;
$require_sandbox = isset($_REQUEST['require_sandbox']) ? 1 : 0;
$hipchat_enabled = isset($_REQUEST['hipchat_enabled']) ? 1 : 0;
$project->setCrAnyone($cr_anyone);
$project->setCrFav($cr_3_favorites);
$project->setCrAdmin($cr_project_admin);
$project->setCrRunner($cr_job_runner);
$project->setCrUsersSpecified($cr_users_specified);
$project->setHipchatEnabled($hipchat_enabled);
$project->setHipchatNotificationToken($_REQUEST['hipchat_notification_token']);
$project->setHipchatRoom($_REQUEST['hipchat_room']);
$project->setHipchatColor($_REQUEST['hipchat_color']);
if ($user->getIs_admin()) {
$project->setInternal($internal);
}
if ($user->getIs_admin()) {
$project->setRequireSandbox($require_sandbox);
}
if ($_REQUEST['logoProject'] != "") {
$project->setLogo(basename($_REQUEST['logoProject']));
}
$project->save();
// we clear post to prevent the page from redirecting
$_POST = array();
}
$project_id = $project->getProjectId();
$hide_project_column = true;
// save,edit,delete roles <mikewasmie 16-jun-2011>
if ($is_runner || $is_payer || $project->isOwner($userId)) {
if (isset($_POST['save_role'])) {
$args = array('role_title', 'percentage', 'min_amount');
foreach ($args as $arg) {
${$arg} = mysql_real_escape_string($_POST[$arg]);
}
$role_id = $project->addRole($project_id, $role_title, $percentage, $min_amount);
}
if (isset($_POST['edit_role'])) {
$args = array('role_id', 'role_title', 'percentage', 'min_amount');
foreach ($args as $arg) {
${$arg} = mysql_real_escape_string($_POST[$arg]);
}
$res = $project->editRole($role_id, $role_title, $percentage, $min_amount);
}
if (isset($_POST['delete_role'])) {
$role_id = mysql_real_escape_string($_POST['role_id']);
$res = $project->deleteRole($role_id);
}
}
/* Prevent reposts on refresh */
if (!empty($_POST)) {
unset($_POST);
header('Location: ' . $projectName);
exit;
}
$edit_mode = false;
if (isset($_REQUEST['action']) && $_REQUEST['action'] == 'edit' && ($is_admin || $is_owner)) {
$edit_mode = true;
}
$this->write('project', $project);
$this->write('edit_mode', $edit_mode);
$this->write('is_owner', $is_owner);
parent::run();
}
public static function sendReviewNotification($reviewee_id, $type, $oReview)
{
$review = $oReview[0]['feeRange'] . " " . $oReview[0]['review'];
$reviewee = new User();
$reviewee->findUserById($reviewee_id);
$worklist_link = WORKLIST_URL;
$to = $reviewee->getNickname() . ' <' . $reviewee->getUsername() . '>';
$body = "<p>" . $review . "</p>";
$nickname = $reviewee->getNickname();
$headers = array();
if ($type == "new") {
$userinfo_link = WORKLIST_URL . 'user/?id=' . $reviewee->getId();
$headers['From'] = 'worklist<*****@*****.**>';
$subject = 'New Peer Review';
$journal = '@' . $nickname . " received a new review: " . $review;
$body = '<p>Hello ' . $nickname . ',</p><br />';
$body .= '<p>You have received a review from one of your peers in the Worklist.</p><br />';
$body .= '<p>To see your current user reviews, click <a href="' . $userinfo_link . '">here</a>.</p>';
$body .= '<p><a href="' . $userinfo_link . '">' . $userinfo_link . '</a></p><br />';
$body .= '<p><a href="' . WORKLIST_URL . '"jobs>worklist' . '</a></p>';
} else {
if ($type == "update") {
$subject = "A review of you has been updated";
$journal = "A review of @" . $nickname . " has been updated: " . $review;
} else {
$subject = "One of your reviews has been deleted";
$journal = "One review of @" . $nickname . " has been deleted: " . $review;
}
}
if (!Utils::send_email($to, $subject, $body, null, $headers)) {
error_log("Utils::sendReviewNotification: Utils::send_email failed");
}
Utils::systemNotification($journal);
}
/**
* Get a list of active users.
*
* @param $attributes array Array containing all columns you would like to fetch
* @param $populate int Populate a user by id
* @return array Userlist
*
*/
public static function getUserlist($populate = 0, $order = null)
{
$sql = 'SELECT `id` FROM ' . REVIEW_USERS . ' WHERE `confirmed`= 1 AND `is_active` = 1 ORDER BY `' . (null !== $order && in_array($order, $columns) ? $order : 'nickname') . '` ASC;';
$result = mysql_query($sql);
$i = (int) $populate > 0 ? (int) 1 : 0;
while ($result && ($row = mysql_fetch_assoc($result))) {
$user = new User();
if ($populate != $row['id']) {
$userlist[$i++] = $user->findUserById($row['id']);
} else {
$userlist[0] = $user->findUserById($row['id']);
}
}
ksort($userlist);
return !empty($userlist) ? $userlist : false;
}
/**
* @param $uid the $user to set
*/
public function setUser()
{
$user = new User();
$user->findUserById($this->getUser_id());
$this->user = $user;
return $this;
}
public function setGivenPoints($userId, $points, $percent = 0, $period_id)
{
$user = new User();
$user->findUserById($this->userId);
$givenPoints = $this->getGivenPoints($userId, $period_id);
// this is new user
if ($givenPoints === null) {
// still alowing inserting even if review period is not set (equals 0)
// example: using rewarder apart from Love application
$query = "INSERT INTO `" . REVIEW_REWARDER . "`\n (`giver_id`,`receiver_id`,`rewarder_points`,`rewarded_percentage`, `period_id`)\n VALUES ('{$this->userId}','{$userId}','{$points}','{$percent}', '{$period_id}')";
} else {
$query = "UPDATE `" . REVIEW_REWARDER . "` \n SET `rewarder_points`='{$points}', `rewarded_percentage`='{$percent}'\n WHERE `giver_id`='{$this->userId}' AND `receiver_id`='{$userId}' and `period_id` = '{$period_id}'";
}
mysql_query($query);
}
private function closeOutBudgetSource($remainingFunds, $budget, $budgetReceiver, $budgetGiver)
{
$sources = $budget->loadSources(" ORDER BY s.transfer_date DESC");
if ($sources == null) {
$this->setOutput(array('success' => true, 'message' => 'No source budget found!'));
exit;
}
foreach ($sources as $source) {
$budgetGiver = new User();
if (!$budgetGiver->findUserById($source["giver_id"])) {
$this->setOutput(array('success' => true, 'message' => 'Invalid giver id.'));
exit;
}
if ($remainingFunds < 0) {
if ($budget->seed != 1) {
$budget->updateSources($source["source_id"], -$remainingFunds);
$budgetGiver->updateBudget($remainingFunds, $source["budget_id"]);
}
$this->sendBudgetcloseOutEmail(array("budget_id" => $budget->id, "reason" => $budget->reason, "giver_id" => $source["giver_id"], "receiver_id" => $budget->receiver_id, "receiver_nickname" => $budgetReceiver->getNickname(), "receiver_email" => $budgetReceiver->getUsername(), "giver_nickname" => $budgetGiver->getNickname(), "giver_email" => $budgetGiver->getUsername(), "remainingFunds" => $remainingFunds, "original_amount" => $budget->original_amount, "amount" => $budget->amount, "seed" => $budget->seed));
return;
} else {
if ($remainingFunds > $source["amount_granted"]) {
$remainingFundsToGiveBack = $source["amount_granted"];
$remainingFunds = $remainingFunds - $source["amount_granted"];
} else {
$remainingFundsToGiveBack = $remainingFunds;
$remainingFunds = 0;
}
if ($budget->seed != 1) {
$budget->updateSources($source["source_id"], -$remainingFundsToGiveBack);
$budgetGiver->updateBudget($remainingFundsToGiveBack, $source["budget_id"]);
}
$this->sendBudgetcloseOutEmail(array("budget_id" => $budget->id, "reason" => $budget->reason, "giver_id" => $source["giver_id"], "receiver_id" => $budget->receiver_id, "receiver_nickname" => $budgetReceiver->getNickname(), "receiver_email" => $budgetReceiver->getUsername(), "giver_nickname" => $budgetGiver->getNickname(), "giver_email" => $budgetGiver->getUsername(), "remainingFunds" => $remainingFundsToGiveBack, "original_amount" => $budget->original_amount, "amount" => $budget->amount, "seed" => $budget->seed));
if ($remainingFunds == 0) {
return;
}
}
}
if ($remainingFunds != 0) {
error_log("closeOutBudgetSource, remainingFunds not equal to 0, budget id: " . $budget->id);
}
}
break;
case 'get-audit-list':
$rewarderList = $rewarder->getRewarderAuditList();
$json = json_encode($rewarderList);
echo $json;
break;
case 'get-rewarder-user-detail':
$detailUser = new User();
$detailUser->findUserById($_REQUEST['id']);
$rewarderList = $rewarder->getRewarderUserDetail($_REQUEST['id']);
$json = json_encode(array($detailUser->getNickname(), $rewarderList));
echo $json;
break;
case 'update-rewarder-auditor':
$auditorUser = new User();
$auditorUser->findUserById($_REQUEST['id']);
$toggledAuditor = $auditorUser->getIs_auditor() ? 0 : 1;
$auditorUser->getIs_auditor($toggledAuditor);
$auditorUser->save();
break;
case 'update-rewarder-user':
$period_id = $_REQUEST['period_id'];
$rewardeeId = intval($_REQUEST["id"]);
$points_val = isset($_REQUEST["points_val"]) ? max(0, intval($_REQUEST["points_val"])) : 0;
$points_perc = isset($_REQUEST["points_perc"]) ? max(0, floatval($_REQUEST["points_perc"])) : 0;
$delete = isset($_REQUEST["delete"]) ? intval($_REQUEST["delete"]) : 0;
if ($rewardeeId != 0) {
if ($delete) {
$rewarder->removeUser($rewardeeId, $period_id);
} else {
$remainingPoints = $rewarder->setGivenPoints($rewardeeId, $points_val, $points_perc, $period_id);
/**
* This method gets the active user
*/
protected function setUser()
{
$user = new User();
$user->findUserById($_SESSION['userid']);
$this->user = $user;
}
public function notifySeedBudget($amount, $reason, $source, $giver, $receiver)
{
if (!$amount || $amount < 0.01 || !$giver || !$receiver) {
return false;
}
$subject = "Seed Budget Granted";
$html = "<html><head><title>Seed Budget Granted</title></head><body>";
$html .= "<h2>Seed Budget Granted by " . $giver->getNickname() . "</h2>";
$html .= "<p>To: " . $receiver->getNickname() . "<br />From: " . $giver->getNickname() . "<br />Amount: \$" . number_format($amount, 2) . "<br />For: " . $reason . "<br />Source: " . $source . "</p>";
$html .= "</body></html>";
$emailReceiver = new User();
$emailReceiverArray = explode(",", BUDGET_AUTHORIZED_USERS);
for ($i = 1; $i < sizeof($emailReceiverArray) - 1; $i++) {
if ($emailReceiver->findUserById($emailReceiverArray[$i])) {
if (!Utils::send_email($emailReceiver->getUsername(), $subject, $html)) {
error_log("Notification:workitem: Utils::send_email failed " . json_encode(error_get_last()));
}
} else {
error_log("Notification:workitem: Utils::send_email failed, invalid receiver id " . $emailReceiverArray[$i]);
}
}
}
public function run()
{
Utils::checkLogin();
$userId = Session::uid();
$user = new User();
if ($userId) {
$user->findUserById($userId);
}
$this->write('user', $user);
$userSystem = new UserSystemModel();
$this->write('userSystems', $userSystem->getUserSystemsWithPlaceholder($userId));
$msg = "";
$company = "";
$saveArgs = array();
$messages = array();
$errors = 0;
$error = new Error();
$settings_link = SECURE_SERVER_URL . "settings";
$worklist_link = SECURE_SERVER_URL . "jobs";
$returned_json = array();
// process updates to user's settings
if (isset($_POST['save']) && $_POST['save']) {
$bidding_notif = $_POST['bidding_notif'];
if ($bidding_notif != $user->getBidding_notif()) {
$saveArgs['bidding_notif'] = 1;
}
$review_notif = $_POST['review_notif'];
if ($review_notif != $user->getReview_notif()) {
$saveArgs['review_notif'] = 1;
}
$self_notif = $_POST['self_notif'];
if ($self_notif != $user->getSelf_notif()) {
$saveArgs['self_notif'] = 1;
}
if (isset($_POST['timezone'])) {
$timezone = mysql_real_escape_string(trim($_POST['timezone']));
$saveArgs['timezone'] = 0;
}
$country = trim($_POST['country']);
if ($country != $user->getCountry()) {
$messages[] = "Your country has been updated.";
$saveArgs['country'] = 1;
}
if ($user->getTimezone() != $_POST['timezone']) {
$messages[] = "Your timezone has been updated.";
}
$about = isset($_POST['about']) ? strip_tags(substr($_POST['about'], 0, 150)) : "";
if ($about != $user->getAbout()) {
$saveArgs['about'] = 1;
$messages[] = "Your personal information (about) has been updated.";
}
$userSystem->storeUsersSystemsSettings($userId, $_POST['system_id'], $_POST['system_operating_systems'], $_POST['system_hardware'], $_POST['system_delete']);
$paypal = 0;
$paypal_email = '';
// defaulting to paypal at this stage
$payway = 'paypal';
$paypal = 1;
$paypal_email = isset($_POST['paypal_email']) ? mysql_real_escape_string($_POST['paypal_email']) : "";
if ($paypal_email != $user->getPaypal_email()) {
$saveArgs = array_merge($saveArgs, array('paypal' => 0, 'paypal_email' => 0, 'payway' => 1));
$messages[] = "Your payment information has been updated.";
}
if (!$user->getW9_accepted() && $user->getCountry() == 'US') {
$w9_accepted = 'NOW()';
$saveArgs['w9_accepted'] = 0;
}
$paypalPrevious = $user->getPaypal_email();
// user deleted paypal email, deactivate
if (empty($paypal_email)) {
$user->setPaypal_verified(false);
$user->setPaypal_email('');
$user->save();
// user changed paypal address
} else {
if ($paypalPrevious != $paypal_email) {
$paypal_hash = md5(date('r', time()));
// generate email
$subject = "Your payment details have changed";
$link = SECURE_SERVER_URL . "confirmation?pp=" . $paypal_hash . "&ppstr=" . base64_encode($paypal_email);
$body = '<p>Dear ' . $user->getNickname() . ',</p>';
$body .= '<p>Please confirm your payment email address to activate payments on your account and enable you to start placing bids in the <a href="' . $worklist_link . '">Worklist</a>.</p>';
$body .= '<p><a href="' . $link . '">Click here to confirm your payment address</a></p>';
$plain = 'Dear ' . $user->getNickname() . ',' . "\n\n";
$plain .= 'Please confirm your payment email address to activate payments on your accounts and enable you to start placing bids in the Worklist.' . "\n\n";
$plain .= $link . "\n\n";
$confirm_txt = "An email containing a confirmation link was sent to your payment email address. Please click on that link to verify your payment email address and activate your account.";
if (!Utils::send_email($paypal_email, $subject, $body, $plain)) {
error_log("SettingsController: Utils::send_email failed");
$confirm_txt = 'There was an issue sending email. Please try again or notify ' . SUPPORT_EMAIL;
}
$user->setPaypal_verified(false);
$user->setPaypal_hash($paypal_hash);
$user->setPaypal_email($paypal_email);
$user->save();
}
}
// do we have data to update?
if (!empty($saveArgs)) {
$sql = "UPDATE `" . USERS . "` SET ";
foreach ($saveArgs as $arg => $esc) {
if ($esc) {
${$arg} = mysql_real_escape_string(htmlspecialchars(${$arg}));
}
if (is_int(${$arg}) || $arg == "w9_accepted" && ${$arg} == 'NOW()') {
$sql .= "`{$arg}` = " . ${$arg} . ",";
} else {
$sql .= "`{$arg}` = '" . ${$arg} . "',";
}
}
$sql = rtrim($sql, ',');
$sql .= " WHERE id = {$_SESSION['userid']}";
$res = mysql_query($sql);
if (!$res) {
error_log("Error in saving settings: " . mysql_error() . ':' . $sql);
die("Error in saving settings. ");
}
// Email user
if (!empty($messages)) {
$to = $_SESSION['username'];
$subject = "Settings";
$body = '<p>Congratulations!</p>' . '<p>You have successfully updated your settings with Worklist: <ul>';
foreach ($messages as $msg) {
$body .= '<li>' . $msg . '</li>';
}
$body .= '</ul>' . '<p><br/>You can view your settings <a href=' . $settings_link . '>here</a></p>' . '<p><a href=' . $worklist_link . '>www.worklist.net</a></p>';
if (!Utils::send_email($to, $subject, $body)) {
error_log("SettingsController: Utils::send_email failed");
}
$msg = "Account updated successfully!";
}
if (isset($_POST['timezone'])) {
$_SESSION['timezone'] = trim($_POST['timezone']);
}
if (isset($confirm_txt) && !empty($confirm_txt)) {
echo $confirm_txt;
exit;
}
$this->view = null;
// reset session data
$user->findUserById($userId);
$id = $user->getId();
$username = $user->getUsername();
$nickname = $user->getNickname();
Utils::setUserSession($user->getId(), $user->getUsername(), $user->getNickname(), $user->getIs_admin());
$returned_json['user_systems'] = $userSystem->getUserSystemsJSON($userId);
echo json_encode($returned_json);
// exit on ajax post - if we experience issues with a blank settings page, need to look at the ajax submit functions
die;
}
}
// getting userInfo to prepopulate fields
$userInfo = array();
$qry = "SELECT * FROM " . USERS . " WHERE id='" . $_SESSION['userid'] . "'";
$rs = mysql_query($qry);
if ($rs) {
$userInfo = mysql_fetch_array($rs);
}
$userInfo['avatar'] = $user->getAvatar();
$this->write('userInfo', $userInfo);
parent::run();
}
public function info($id)
{
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : false;
$this->write('tab', isset($_REQUEST['tab']) ? $_REQUEST['tab'] : "");
$reqUserId = Session::uid();
$this->write('reqUserId', $reqUserId);
$reqUser = new User();
if ($reqUserId > 0) {
$reqUser->findUserById($reqUserId);
$budget = $reqUser->getBudget();
}
$this->write('reqUser', $reqUser);
$is_runner = isset($_SESSION['is_runner']) ? $_SESSION['is_runner'] : 0;
$is_payer = isset($_SESSION['is_payer']) ? $_SESSION['is_payer'] : 0;
// admin posting data
if (!empty($_POST) && ($is_runner || $is_payer) && !$action) {
$user_id = (int) $_POST['user_id'];
if (!empty($_POST['save-salary'])) {
$field = 'salary';
$value = mysql_real_escape_string($_POST['value']);
} else {
$field = $_POST['field'];
$value = (int) $_POST['value'];
}
$updateUser = new User();
if ($updateUser->findUserById($user_id)) {
switch ($field) {
case 'salary':
$updateUser->setAnnual_salary($value);
Utils::systemNotification("A new salary has been set for @" . $updateUser->getNickname());
break;
case 'ispayer':
$updateUser->setIs_payer($value);
break;
case 'isrunner':
$updateUser->setIs_runner($value);
break;
case 'isinternal':
$updateUser->setIs_internal($value);
break;
case 'ispaypalverified':
$updateUser->setPaypal_verified($value);
if ($value) {
$updateUser->setHas_w2(false);
}
break;
case 'isw2employee':
$updateUser->setHas_w2($value);
if ($value) {
$updateUser->setPaypal_verified(false);
$updateUser->setw9_status('not-applicable');
}
break;
case 'manager':
$updateUser->setManager($value);
if ($value) {
$manager = new User();
$manager->findUserById($value);
// Send journal notification
Utils::systemNotification("The manager for @" . $updateUser->getNickname() . " is now set to @" . $manager->getNickname());
} else {
Utils::systemNotification("The manager for @" . $updateUser->getNickname() . " has been removed");
}
break;
case 'referrer':
$updateUser->setReferred_by($value);
if ($value) {
$referrer = new User();
$referrer->findUserById($value);
// Send journal notification
Utils::systemNotification("The referrer for @" . $updateUser->getNickname() . " is now set to @" . $referrer->getNickname());
} else {
Utils::systemNotification("The referrer for @" . $updateUser->getNickname() . " has been removed");
}
break;
case 'isactive':
$updateUser->setIs_active($value);
break;
default:
break;
}
$updateUser->save();
$response = array('succeeded' => true, 'message' => 'User details updated successfully');
echo json_encode($response);
exit(0);
} else {
die(json_encode(array('succeeded' => false, 'message' => 'Error: Could not determine the user_id')));
}
}
$user = new User();
$user = User::find($id ? $id : Session::uid());
$userId = $user->getId();
/**
* If we couldn't find a valid User, return an ErrorView
*/
if (!$user->getId()) {
$this->write('msg', 'That user doesn\'t exist.');
$this->write('link', WORKLIST_URL);
$this->view = new ErrorView();
parent::run();
}
$this->write('userId', $userId);
$this->write('user', $user);
$this->write('Annual_Salary', $user->getAnnual_salary() > 0 ? $user->getAnnual_salary() : '');
$this->write('manager', $user->getManager());
$this->write('referred_by', $user->getReferred_by());
if ($action == 'create-sandbox') {
$result = array();
try {
if (!$is_runner) {
throw new Exception("Access Denied");
}
$args = array('unixusername', 'projects');
foreach ($args as $arg) {
${$arg} = mysql_real_escape_string($_REQUEST[$arg]);
}
$projectList = explode(",", str_replace(" ", "", $projects));
// Create sandbox for user
$sandboxUtil = new SandBoxUtil();
$sandboxUtil->createSandbox($user->getUsername(), $user->getNickname(), $unixusername, $projectList);
// If sb creation was successful, update users table
$user->setHas_sandbox(1);
$user->setUnixusername($unixusername);
$user->setProjects_checkedout($projects);
$user->save();
// add to project_users table
foreach ($projectList as $project) {
$project_id = Project::getIdFromRepo($project);
$user->checkoutProject($project_id);
}
} catch (Exception $e) {
$result["error"] = $e->getMessage();
}
echo json_encode($result);
die;
}
$reviewee_id = (int) $userId;
$review = new Review();
$this->write('reviewsList', $review->getReviews($reviewee_id, $reqUserId));
$this->write('projects', $this->getProjectList());
$user_projects = $user->getProjects_checkedout();
$this->write('has_sandbox', count($user_projects) > 0);
$users_favorite = new Users_Favorite();
$favorite_enabled = 1;
$favorite = $users_favorite->getMyFavoriteForUser($reqUserId, $userId);
if (isset($favorite['favorite'])) {
$favorite_enabled = $favorite['favorite'];
}
$favorite_count = $users_favorite->getUserFavoriteCount($userId);
$this->write('favorite_count', $favorite_count);
$this->write('favorite_enabled', $favorite_enabled);
parent::run();
}
public function listView($projectName = null, $filterName = null)
{
$this->view = new JobsView();
// $nick is setup above.. and then overwritten here -- lithium
$nick = '';
$userId = Session::uid();
if ($userId > 0) {
Utils::initUserById($userId);
$user = new User();
$user->findUserById($userId);
// @TODO: this is overwritten below.. -- lithium
$nick = $user->getNickname();
$userbudget = $user->getBudget();
$budget = number_format($userbudget);
$this->is_internal = $user->isInternal();
}
$this->is_runner = !empty($_SESSION['is_runner']) ? 1 : 0;
$is_payer = !empty($_SESSION['is_payer']) ? 1 : 0;
$is_admin = !empty($_SESSION['is_admin']) ? 1 : 0;
$workitem = new WorkItem();
$queryFilter = empty($_REQUEST['query']) ? '' : $_REQUEST['query'];
$this->write('queryFilter', $queryFilter);
$this->write('followingFilter', $filterName != null && $filterName == "following" ? true : false);
if ($projectName != null && $projectName != "all") {
$project = Project::find($projectName);
$this->write('projectFilter', $project ? $project->getProjectId() : 0);
} else {
$this->write('projectFilter', 0);
}
if ($filterName != null && $filterName != "following") {
$this->write('statusFilter', $filterName);
} else {
$this->write('statusFilter', empty($queryFilter) ? 'Active' : 'All');
}
$this->write('labelsFilter', array_slice(func_get_args(), 2));
// Prevent reposts on refresh
if (!empty($_POST)) {
unset($_POST);
$this->view = null;
Utils::redirect('./jobs');
exit;
}
$worklist_id = isset($_REQUEST['job_id']) ? intval($_REQUEST['job_id']) : 0;
$this->write('req_status', isset($_GET['status']) ? $_GET['status'] : '');
$this->write('review_only', isset($_GET['status']) && $_GET['status'] == 'needs-review' ? 'true' : 'false');
parent::run();
}
function getRewardedPoints()
{
$giverId = intval($_REQUEST['giver_id']);
$receiverId = intval($_REQUEST['receiver_id']);
$giverUser = new User();
$giverUser->findUserById($giverId);
$rewarder = new Rewarder($giverId);
$totalRewarded = intval($rewarder->getGivenPoints($receiverId));
$availablePoints = $giverUser->getRewarder_points();
$percentRewarded = round(($totalRewarded / $totalRewarded + $availablePoints) * 100);
$rsp['data'] = array('rewarded' => $totalRewarded, 'available' => $availablePoints, 'percent' => $percentRewarded);
$rsp['status'] = SL_OK;
respond($rsp);
}
public function addFeesToCompletedJob($include_review = false)
{
// workitem is DONE, calculate the creator fee based on project roles
// and accepted bid
if ($this->hasAcceptedBids()) {
$reviewer_fee = 0;
$reviewer_fee_desc = '/^Code Review - comment/';
$reviewer_fee_added = false;
$fees = $this->getFees($this->getId());
foreach ($fees as $fee) {
// find the accepted bid amount
if ($fee['desc'] == 'Accepted Bid') {
$accepted_bid_amount = $fee['amount'];
}
if (preg_match($reviewer_fee_desc, $fee['desc'])) {
$reviewer_fee_added = true;
}
}
if (!$reviewer_fee_added && $include_review) {
$project = new Project();
$project_roles = $project->getRoles($this->getProjectId(), "role_title = 'Reviewer'");
if (count($project_roles) != 0) {
error_log("[FEES] we have a role for reviewer");
$reviewer_role = $project_roles[0];
if ($reviewer_role['percentage'] !== null && $reviewer_role['min_amount'] !== null) {
$reviewer_fee = $reviewer_role['percentage'] / 100 * $accepted_bid_amount;
if ((double) $reviewer_fee < $reviewer_role['min_amount']) {
$reviewer_fee = $reviewer_role['min_amount'];
}
// add the fee
$reviewer_fee_detail = 'Code Review - comment';
Fee::add($this->getId(), $reviewer_fee, $fee_category, $reviewer_fee_detail, $this->getCReviewerId(), $is_expense, $is_rewarder);
// and reduce the runners budget
$myRunner = new User();
$myRunner->findUserById($this->getRunnerId());
$myRunner->updateBudget(-$runner_fee, $this->getBudget_id());
}
}
}
}
}
public static function getPayerList()
{
$payerlist = array();
$sql = 'SELECT `' . USERS . '`.`id` FROM `' . USERS . '` WHERE `' . USERS . '`.`is_payer` = 1;';
$result = mysql_query($sql);
while ($result && ($row = mysql_fetch_assoc($result))) {
$user = new User();
$payerlist[] = $user->findUserById($row['id']);
}
return !empty($payerlist) ? $payerlist : false;
}
// AJAX request to get love sent to an user
include "../config.php";
include "../class.session_handler.php";
include "helper/check_session.php";
include "../functions.php";
$con = mysql_connect(DB_SERVER, DB_USER, DB_PASSWORD);
mysql_select_db(DB_NAME, $con);
if (empty($_REQUEST['id'])) {
echo 'error: args';
return;
}
if (empty($_REQUEST['period_id'])) {
echo 'error: args';
return;
}
// From user
$fromUser = new User();
$fromUser->findUserById($_SESSION['userid']);
$fromUsername = mysql_real_escape_string($fromUser->getUsername());
// Sent to user
$user = new User();
$user->findUserById($_REQUEST['id']);
$username = mysql_real_escape_string($user->getUsername());
//Get review period start date and end date
$rewarder = new Rewarder();
$period = $rewarder->getPeriod($_REQUEST['period_id']);
$start_date = $period['start_date'];
$end_date = $period['end_date'];
$love = getUserLove($username, $fromUsername, $start_date, $end_date);
$total_love = getUserLove($username, "", $start_date, $end_date);
echo json_encode(array($love, $total_love));
if (isset($_REQUEST['loadFirstTime'])) {
if ($_REQUEST['loadFirstTime'] == 'true') {
$loadFirstTime = true;
}
} else {
$loadFirstTime = true;
}
/* End of modular initialization */
$showTab = 0;
if (!empty($_REQUEST['view'])) {
if ($_REQUEST['view'] == 'history') {
$showTab = 1;
}
}
$user = new User();
$user->findUserById($_SESSION['userid']);
$rewarder = new Rewarder($user->getId());
$audit_mode = $user->getIs_auditor() && !empty($_REQUEST['audit']) ? 1 : 0;
// THIS IS TEMPORARY UNTIL LOGIN MODULE IS IN PLACE!!!
$is_admin = $user->getIs_admin() ? 1 : 0;
/***
if ($audit_mode) {
$userList = GetUserList($_SESSION['userid'], $_SESSION['nickname'], true, array('is_auditor'));
} else {
$userList = GetUserList($_SESSION['userid'], $_SESSION['nickname'], true);
// Strip users already in the rewarderList
$rewarderList = $rewarder->getRewarderUserList($_SESSION['userid']);
foreach ($rewarderList as $info) {
unset($userList[$info['id']]);
}
