function churchreport__ajax()
{
$module = new CTChurchReportModule("churchreport");
$ajax = new CTAjaxHandler($module);
$res = $ajax->call();
drupal_json_output($res);
}
/**
*
*/
function churchresource__ajax()
{
include_once "churchresource_db.php";
$module = new CTChurchResourceModule("churchresource");
$ajax = new CTAjaxHandler($module);
$ajax->addFunction("delException", "administer bookings");
$ajax->addFunction("delBooking", "edit masterdata");
drupal_json_output($ajax->call());
}
function logout_main()
{
logout_current_user();
// When called per tool (api), then offer a JSEND-answer
if (isset($_POST['directtool'])) {
include_once CHURCHCORE . '/churchcore_db.php';
drupal_json_output(jsend()->success());
} else {
header("Location: ?q=" . getConf("site_startpage", "home"));
}
}
public function photos_access_multiple_users_autocomplete($string = '') {
$array = drupal_explode_tags($string);
$last_string = trim(array_pop($array));
$matches = [];
if ($last_string != '') {
$result = db_select('users')
->fields('users', ['name'])
->condition('name', db_like($last_string) . '%', 'LIKE')
->range(0, 10)
->execute();
$prefix = count($array) ? implode(', ', $array) . ', ' : '';
foreach ($result as $user) {
$n = $user->name;
$matches[$prefix . $n] = $user->name;
}
}
drupal_json_output($matches);
}
public function processRequest($apikey, $getParams, $postParams)
{
$this->apikey = $apikey;
if ($apikey == null && isset($postParams['apikey'])) {
$this->apikey = $postParams['apikey'];
}
$this->getParams = $getParams;
$this->postParams = $postParams;
$result = array('success' => 1);
if (!$this->checkApiKey()) {
$result = Nl2go_ResponseHelper::generateErrorResponse('Invalid or missing API key!', Nl2go_ResponseHelper::ERRNO_PLUGIN_CREDENTIALS_WRONG);
} else {
switch ($this->postParams['action']) {
case 'test':
$result['message'] = $this->test();
break;
case 'getPost':
$post = $this->getPost();
if (!$post) {
$result = Nl2go_ResponseHelper::generateErrorResponse('Post with given id not found!', Nl2go_ResponseHelper::ERRNO_PLUGIN_OTHER);
} else {
$result = Nl2go_ResponseHelper::generateSuccessResponse(array('post' => $post));
}
break;
case 'getPluginVersion':
$version = $this->getPluginVersion();
$result = Nl2go_ResponseHelper::generateSuccessResponse(array('version' => $version));
break;
default:
$result = Nl2go_ResponseHelper::generateErrorResponse('Invalid action!', Nl2go_ResponseHelper::ERRNO_PLUGIN_OTHER);
break;
}
}
drupal_json_output($result);
drupal_exit();
}
/**
* churchdb ajax
*/
function churchdb_ajax()
{
include_once "churchdb_db.php";
$module = new CTChurchDBModule("churchdb");
$ajax = new CTAjaxHandler($module);
// $t=microtime(true);
// $timer="start:".round(microtime(true)-$t,3)." ";
drupal_json_output($ajax->call());
}
$params['facet.sort'] = array('count');
$params['facet.mincount'] = 1;
$params['facet.field'] = array('{!ex=bundle}bundle');
$params['f.bundle.facet.limit'] = array(50);
$params['f.bundle.facet.mincount'] = array(1);
$params["start"] = 0;
$params["rows"] = 10;
$query = apachesolr_drupal_query('apachesolr', $params);
apachesolr_search_add_boost_params($query);
$response = $query->search();
$results = $response->response->docs;
if (!empty($_REQUEST['format']) && strcasecmp('csv', $_REQUEST['format']) !== FALSE) {
ob_clean();
$out = fopen('php://output', 'w');
header('Content-Type: text/csv');
header('Content-Disposition: inline');
// Print the results
$header_done = FALSE;
foreach ($results as $result_object) {
$result = (array) $result_object;
if (!$header_done) {
$header = array_keys($result);
fputcsv($out, $header);
$header_done = TRUE;
}
fputcsv($out, $result);
}
fclose($out);
} else {
drupal_json_output($results);
}
/**
* calls churchservice => churchservice_main or churchservice/ajax => churchservice_ajax
*
* @param $q - Complete request URL inkl. suburl e.g. churchservice/ajax
*
* TODO: should completely rewritten, using some classes
*/
function churchtools_processRequest($_q)
{
global $mapping, $config, $q;
$content = "";
// include mapped file
if (isset($mapping[$_q])) {
include_once SYSTEM . "/" . $mapping[$_q];
$param = "main";
if (strpos($_q, "/") > 0) {
$param = "_" . substr($_q, strpos($_q, "/") + 1, 99);
$_q = substr($_q, 0, strpos($_q, "/"));
}
if (!user_access("view", $_q) && !in_array($_q, $mapping["page_with_noauth"]) && $_q != "login" && !in_array($_q, isset($config["page_with_noauth"]) ? $config["page_with_noauth"] : array())) {
if (!userLoggedIn()) {
// only show login
if (strrpos($q, "ajax") === false) {
$q = "login";
return churchtools_processRequest("login");
} else {
drupal_json_output(jsend()->error("Session expired!"));
die;
}
} else {
$name = $_q;
if (isset($config[$_q . "_name"])) {
$name = $config[$_q . "_name"];
}
addInfoMessage(t("no.permission.for", $name));
return "";
}
}
// does the main work?
$content .= call_user_func($_q . "_" . $param);
if ($content == null) {
die;
}
} else {
addErrorMessage(t("mapping.not.found", "<i>{$_q}</i>"));
}
return $content;
}
/**
* view external map (ajax)
*/
function externmapview__ajax()
{
global $user;
$func = $_GET["func"];
if ($func == 'loadMasterData') {
$res["home_lat"] = variable_get('churchdb_home_lat', '53.568537');
$res["home_lng"] = variable_get('churchdb_home_lng', '10.03656');
$res["districts"] = churchcore_getTableData("cdb_distrikt", "bezeichnung");
$res["groups"] = getExternalGroupData();
$res["modulespath"] = CHURCHDB;
$res["user_pid"] = $user->id;
$res["vorname"] = $user->vorname;
$res = jsend()->success($res);
} else {
if ($func == 'addPersonGroupRelation') {
include_once CHURCHDB . '/churchdb_ajax.php';
$res = churchdb_addPersonGroupRelation($user->id, $_GET["g_id"], -2, null, null, null, t("request.by.external.mapview"));
sendConfirmationMail($user->email, $user->vorname, $_GET["g_id"]);
$res = jsend()->success($res);
} else {
if ($func == 'editPersonGroupRelation') {
include_once CHURCHDB . '/churchdb_ajax.php';
$res = _churchdb_editPersonGroupRelation($user->id, $_GET["g_id"], -2, null, "null", t("request.changed.by.external.mapview"));
sendConfirmationMail($user->email, $user->vorname, $_GET["g_id"]);
$res = jsend()->success($res);
} else {
if ($func == 'sendEMail') {
$db = db_query('select * from {cdb_person} where upper(email) like upper(:email) and upper(vorname) like upper(:vorname) and upper(name) like upper(:name)', array(':email' => $_GET["E-Mail-Adresse"], ':vorname' => $_GET["Vorname"], ':name' => $_GET["Nachname"]))->fetch();
$txt = "";
if ($db != false) {
include_once CHURCHDB . '/churchdb_ajax.php';
churchdb_addPersonGroupRelation($db->id, $_GET["g_id"], -2, null, null, null, t("request.by.external.mapview") . ": " . $_GET["Kommentar"]);
sendConfirmationMail($_GET["E-Mail-Adresse"], $_GET["Vorname"], $_GET["g_id"]);
$txt = t("person.found.and.request.sent");
} else {
$res = db_query("select vorname, p.id id, g.bezeichnung from {cdb_gemeindeperson_gruppe} gpg, {cdb_gemeindeperson} gp, \n {cdb_person} p, {cdb_gruppe} g\n where gpg.gemeindeperson_id=gp.id and gp.person_id=p.id and g.id=:gruppe_id \n and gpg.gruppe_id=g.id and status_no>=1 and status_no!=4", array(":gruppe_id" => $_GET["g_id"]));
$rec = array();
foreach ($res as $p) {
$rec[] = $p->vorname;
$content = "<h4>" . t('request.to.group', $p->bezeichnung) . "<h4/>";
$content .= "<ul><li>" . t('surname') . ": " . $_GET["Vorname"];
$content .= "<li>" . t('name') . ": " . $_GET["Nachname"];
$content .= "<li>" . t('email') . ": " . $_GET["E-Mail-Adresse"];
$content .= "<li>" . t('phone') . ": " . $_GET["Telefon"];
$content .= "<li>" . t('comment') . ": " . $_GET["Kommentar"];
$content .= "</ul>";
$res = churchcore_sendEMailToPersonIds($p->id, "[" . variable_get('site_name', 'ChurchTools') . "] " . t('form.request.to.group', $p->bezeichnung), $content, variable_get('site_mail'), true, true);
}
if (count($rec) == 0) {
$txt = t("could.not.find.group.leader.please.try.other.ways");
} else {
$txt = t("email.send.to", implode($rec, ", "));
sendConfirmationMail($_GET["E-Mail-Adresse"], $_GET["Vorname"], $_GET["g_id"]);
}
}
$res = jsend()->success($txt);
} else {
$res = jsend()->fail(t("unknown.call", $func));
}
}
}
}
drupal_json_output($res);
}
function login_main()
{
global $q, $config;
$txt = "";
if (isset($config["admin_message"]) && $config["admin_message"] != "") {
addErrorMessage($config["admin_message"]);
}
if (isset($_GET["message"]) && $_GET["message"] != "") {
addInfoMessage($_GET["message"]);
}
// Sicherstellen, dass keiner eingelogt ist!
if (!userLoggedIn()) {
if (isset($config["login_message"])) {
addInfoMessage($config["login_message"], true);
}
$model = new CTForm("LoginForm", "prooveLogin", "Login");
$model->setHeader(t("login.headline"), t("please.fill.following.fields"));
$model->addField("email", "", "INPUT_REQUIRED", t("email.or.username"), true);
$model->addField("password", "", "PASSWORD", t("password"));
if (!isset($config["show_remember_me"]) || $config["show_remember_me"] == 1) {
$model->addField("rememberMe", "", "CHECKBOX", t("remember.me"));
}
$model->addButton(t("login"), "ok");
if (isset($_GET["newpwd"])) {
$res = db_query("select count(*) c from {cdb_person} where email='" . $_GET["email"] . "' and archiv_yn=0")->fetch();
if ($_GET["email"] == "" || $res->c == 0) {
$txt .= '<div class="alert alert-error"><p>Bitte ein gültige EMail-Adresse angeben,
an die das neue Passwort gesendet werden kann!
Diese Adresse muss im System schon eingerichtet sein.
<p>Falls die E-Mail-Adresse schon eingerichtet sein sollte,
wende Dich bitte an <a href="' . variable_get("site_mail") . '">' . variable_get("site_mail") . '</a>.</div>';
} else {
$newpwd = random_string(8);
$scrambled_password = scramble_password($newpwd);
db_query("update {cdb_person} set password='******' where email='" . $_GET["email"] . "'");
$content = "<h3>Hallo!</h3><p>Ein neues Passwort wurde für die E-Mail-Adresse <i>" . $_GET["email"] . "</i> angefordert: {$newpwd}";
churchcore_systemmail($_GET["email"], "[" . variable_get('site_name') . "] Neues Passwort", $content, true, 1);
churchcore_sendMails(1);
$txt .= '<div class="alert alert-info">Hinweis: Ein neues Passwort wurde nun an <i>' . $_GET["email"] . '</i> gesendet.</div>';
ct_log("Neues Passwort angefordert " . $_GET["email"], 2, "-1", "login");
}
} else {
if (isset($_POST["email"]) && isset($_POST["password"]) && isset($_POST["directtool"])) {
include_once CHURCHCORE . "/churchcore_db.php";
$sql = "select * from {cdb_person} where email=:email and active_yn=1 and archiv_yn=0";
$res = db_query($sql, array(":email" => $_POST["email"]))->fetch();
if ($res == false) {
drupal_json_output(jsend()->fail("Unbekannte E-Mail-Adresse"));
} else {
if (user_check_password($_POST["password"], $res)) {
login_user($res);
ct_log("Login durch Direct-Tool " . $_POST["directtool"] . " mit " . $_POST["email"], 2, "-1", "login");
drupal_json_output(jsend()->success());
} else {
drupal_json_output(jsend()->fail("Falsches Passwort"));
}
}
return;
} else {
if (isset($_GET["loginstr"]) && $_GET["loginstr"] != "" && isset($_GET["id"])) {
// L�sche alte cc_loginurrls die �lter sind als 14 tage
db_query("delete from {cc_loginstr} where DATEDIFF( current_date, create_date ) > 13");
$sql = "select * from {cc_loginstr} where loginstr=:loginstr and person_id=:id";
$res = db_query($sql, array(":loginstr" => $_GET["loginstr"], ":id" => $_GET["id"]))->fetch();
if ($res == false) {
$txt .= '<div class="alert alert-info">Fehler: Der verwendete Login-Link ist nicht mehr aktuell und kann deshalb nicht mehr verwendet werden. Bitte mit E-Mail-Adresse und Passwort anmelden!</div>';
} else {
// Nehme den LoginStr heraus, damit er nicht mi�braucht werden kann.
$sql = "delete from {cc_loginstr} where loginstr=:loginstr and person_id=:id";
$res = db_query($sql, array(":loginstr" => $_GET["loginstr"], ":id" => $_GET["id"]));
ct_log("Login User " . $_GET["id"] . " erfolgreich mit loginstr ", 2, "-1", "login");
$res = churchcore_getPersonById($_GET["id"]);
login_user($res);
}
}
}
}
$txt .= $model->render();
$txt .= '<script>jQuery("#newpwd").click(function(k,a) {
if (confirm("' . t('want.to.receive.new.password') . '")) {
window.location.href="?newpwd=true&email="+jQuery("#LoginForm_email").val()+"&q=' . $q . '";
}
});</script>';
} else {
// Wenn man sich ummelden m�chte und zur Familie geh�rt (also gleiche E-Mail-Adresse)
if (isset($_GET["family_id"])) {
if (isset($_SESSION["family"][$_GET["family_id"]])) {
//logout_current_user();
login_user($_SESSION["family"][$_GET["family_id"]]);
$txt .= '<div class="alert alert-info">Ummelden erfolgreich! Du arbeitest nun mit der Berechtigung von ' . $_SESSION["user"]->vorname . ' ' . $_SESSION["user"]->name . '.</div>';
} else {
$txt .= '<div class="alert alert-info">Ummelden zu Id:' . $_GET["family_id"] . ' hat nicht funktioniert, Session ist leer!</div>';
}
} else {
$txt .= '<div class="alert alert-info"><i>Hinweis:</i> Du bist angemeldet als ' . $_SESSION["user"]->vorname . ', weiter geht es <a href="?q=home">hier</a>!</div>';
}
}
return $txt;
}
/**
* churchservice ajax
*/
function churchservice_ajax()
{
include_once "churchservice_db.php";
$module = new CTChurchServiceModule("churchservice");
$ajax = new CTAjaxHandler($module);
$ajax->addFunction("pollForNews", "view");
$ajax->addFunction("getNewEventData", "view");
$ajax->addFunction("getAllEventData", "view");
$ajax->addFunction("getPersonByGroupIds", "view");
$ajax->addFunction("saveEvent", "edit events");
$ajax->addFunction("deleteEvent", "edit events");
// Facts
$ajax->addFunction("getAllFacts", "view facts || edit facts");
$ajax->addFunction("saveFact", "edit facts");
$ajax->addFunction("deleteService");
$ajax->addFunction("editService");
$ajax->addFunction("addOrRemoveServiceToEvent");
drupal_json_output($ajax->call());
}
function churchcal__ajax()
{
include_once CHURCHCAL . "/churchcal_db.php";
$module = new CTChurchCalModule("churchcal");
$ajax = new CTAjaxHandler($module);
$ajax->addFunction("getCalEvents", "view");
$ajax->addFunction("getCalPerCategory", "view");
$ajax->addFunction("getAbsents", "view");
$ajax->addFunction("getMyServices", "view", "churchservice");
$ajax->addFunction("getBirthdays", "view");
$ajax->addFunction("deleteCategory", "view");
$ajax->addFunction("updateEvent", "view");
$ajax->addFunction("createEvent", "view");
$ajax->addFunction("getShares", "view");
$ajax->addFunction("saveShares", "view");
$ajax->addFunction("getResource", "view", "churchresource");
$ajax->addFunction("getAllowedGroups", "view", "churchdb");
$ajax->addFunction("getAllowedPersons", "view", "churchdb");
$ajax->addFunction("saveCategory", "view");
$ajax->addFunction("delAddition", "view");
$ajax->addFunction("deleteEvent", "view");
// not ready
$ajax->addFunction("moveCSEvent");
drupal_json_output($ajax->call());
}
/**
* Process a chunk of items form the queue and respond in JSON.
*
* @return string
* Statistics array encoded as JSON, including a 'widget' HTML snippet.
*/
public static function pathCallback()
{
$service = _acquia_purge_service();
$stats = $service->stats();
$stats['error'] = FALSE;
$stats['widget'] = ' ';
// Deny access when the current user didn't initiate queue processing.
if (!self::isUserOwningTheQueue($service)) {
$stats['running'] = FALSE;
return drupal_json_output($stats);
}
// Test for blocking diagnostic issues and report any if found.
if (!_acquia_purge_are_we_allowed_to_purge()) {
$err = current(_acquia_purge_get_diagnosis(ACQUIA_PURGE_SEVLEVEL_ERROR));
_acquia_purge_get_diagnosis_logged($err);
$stats['error'] = $err['description'];
return drupal_json_output($stats);
}
// Attempt to process a chunk from the queue.
if ($service->lockAcquire()) {
$service->process();
foreach ($service->stats() as $key => $value) {
$stats[$key] = $value;
}
// When processing stalled, the history breadcrumb often stays empty and
// this is a clear indication that errors occurred.
if (empty($stats['purgehistory'])) {
$stats['error'] = t("The system seems to be having difficulties\r\n refreshing recent content changes. Your work won't be lost, but please\r\n do ask your technical administrator to check the logs.");
}
$service->lockRelease();
} else {
$stats['locked'] = TRUE;
}
// Render the status widget and render as JSON response.
if (!$stats['error']) {
$stats['widget'] = theme('acquia_purge_status_bar_widget', $stats);
}
return drupal_json_output($stats);
}
/**
* view external map (ajax)
*/
function externmapview__ajax()
{
global $user;
$func = getVar("func");
$groupId = getVar("g_id");
$surname = getVar("Vorname");
$name = getVar("Nachname");
$groupId = getVar("g_id");
$email = getVar("E-Mail-Adresse");
$fon = getVar("Telefon");
$comment = getVar("Kommentar");
if ($func == 'loadMasterData') {
$res["home_lat"] = getConf('churchdb_home_lat', '53.568537');
$res["home_lng"] = getConf('churchdb_home_lng', '10.03656');
$res["districts"] = churchcore_getTableData("cdb_distrikt", "bezeichnung");
$res["groups"] = getExternalGroupData();
$res["modulespath"] = CHURCHDB;
$res["user_pid"] = $user->id;
$res["vorname"] = $user->vorname;
$res = jsend()->success($res);
} else {
if ($func == 'addPersonGroupRelation') {
include_once CHURCHDB . '/churchdb_ajax.php';
$res = churchdb_addPersonGroupRelation($user->id, $groupId, -2, null, null, null, t("request.by.external.mapview"));
sendConfirmationMail($user->email, $user->vorname, $groupId);
$res = jsend()->success($res);
} else {
if ($func == 'editPersonGroupRelation') {
include_once CHURCHDB . '/churchdb_ajax.php';
$res = _churchdb_editPersonGroupRelation($user->id, $groupId, -2, null, "null", t("request.changed.by.external.mapview"));
sendConfirmationMail($user->email, $user->vorname, $groupId);
$res = jsend()->success($res);
} else {
if ($func == 'sendEMail') {
$db = db_query('SELECT * FROM {cdb_person}
WHERE UPPER(email) LIKE UPPER(:email) AND UPPER(vorname) LIKE UPPER(:vorname) AND UPPER(name) LIKE UPPER(:name)', array(':email' => $email, ':vorname' => $surname, ':name' => $name))->fetch();
$txt = "";
if ($db) {
include_once CHURCHDB . '/churchdb_ajax.php';
churchdb_addPersonGroupRelation($db->id, $groupId, -2, null, null, null, t("request.by.external.mapview") . ": {$comment}");
sendConfirmationMail($email, $surname, $groupId);
$txt = t("person.found.and.request.sent");
} else {
$res = db_query("SELECT vorname, p.id id, g.bezeichnung\n FROM {cdb_gemeindeperson_gruppe} gpg, {cdb_gemeindeperson} gp, {cdb_person} p, {cdb_gruppe} g\n WHERE gpg.gemeindeperson_id = gp.id AND gp.person_id = p.id AND g.id = :gruppe_id\n AND gpg.gruppe_id = g.id AND email!='' AND gpg.status_no BETWEEN 1 AND 3 ", array(":gruppe_id" => $groupId));
$rec = array();
foreach ($res as $p) {
$rec[] = $p->vorname;
$data = array('title' => t('request.to.group', $p->bezeichnung), 'request' => array('surname' => $surname, 'name' => $name, 'email' => $email, 'phone' => $fon, 'comment' => $comment));
$lang = getUserLanguage($p->id);
$content = getTemplateContent('email/groupRequest', 'churchdb', $data, null, $lang);
$res = churchcore_sendEMailToPersonIDs($p->id, "[" . getConf('site_name') . "] " . t2($lang, 'form.request.to.group', $p->bezeichnung), $content, getConf('site_mail'), true, true);
}
if (!count($rec)) {
$txt = t("could.not.find.group.leader.please.try.other.ways");
} else {
$txt = t2($lang, "email.send.to", implode($rec, ", "));
sendConfirmationMail($email, $surname, $groupId);
}
}
$res = jsend()->success($txt);
} else {
$res = jsend()->fail(t("unknown.call", $func));
}
}
}
}
drupal_json_output($res);
}
/**
* function for ajax calls
*/
function churchauth__ajax()
{
$module = new CTAuthModule("churchauth");
$ajax = new CTAjaxHandler($module);
drupal_json_output($ajax->call());
}
function admin__ajax()
{
$module = new CTAdminModule("admin");
$ajax = new CTAjaxHandler($module);
drupal_json_output($ajax->call());
}
function about__ajax()
{
global $config, $user;
$params = $_POST;
if ($params["func"] == "sendEmailToAdmin") {
churchcore_systemmail(variable_get("admin_mail", $config["site_mail"]), $params["subject"], $params["text"], true, 1);
$res = jsend()->success();
} else {
if ($params["func"] == "amILoggedIn") {
if ($user == null) {
$res = jsend()->success(false);
} else {
$res = jsend()->success($user->id != -1);
}
} else {
$res = jsend()->error("Unkown call: " . $params["func"]);
}
}
drupal_json_output($res);
}
function churchwiki__ajax()
{
global $user, $files_dir, $base_url, $mapping, $config;
$auth = churchwiki_getAuthForAjax();
if (!user_access("view", "churchwiki") && !in_array("churchwiki", $mapping["page_with_noauth"]) && !in_array("churchwiki", $config["page_with_noauth"])) {
throw new CTNoPermission("view", "churchwiki");
}
$module = new CTChurchWikiModule("churchwiki");
$ajax = new CTAjaxHandler($module);
$res = $ajax->call();
drupal_json_output($res);
}
function home__ajax()
{
$module = new CTHomeModule("home");
$ajax = new CTAjaxHandler($module);
drupal_json_output($ajax->call());
}
/**
* For footer e-mail function
*/
function about__ajax()
{
global $config, $user;
$params = $_POST;
if ($params["func"] == "sendEmailToAdmin") {
if (getConf("mail_enabled")) {
$recipients = explode(",", getConf("admin_mail", $config["site_mail"]));
foreach ($recipients as $recipient) {
churchcore_mail("{$user->vorname} {$user->name} <{$user->email}>", trim($recipient), $params["subject"], $params["text"], true, true, 0);
}
$res = jsend()->success();
} else {
$res = jsend()->fail("EMails sind deaktivert!");
}
} else {
if ($params["func"] == "amILoggedIn") {
if ($user == null) {
$res = jsend()->success(false);
} else {
$res = jsend()->success($user->id != -1);
}
} else {
$res = jsend()->error("Unkown call: " . $params["func"]);
}
}
drupal_json_output($res);
}
*/
// Do basic bootstrap to make sure the database can be accessed.
drupal_bootstrap(DRUPAL_BOOTSTRAP_DATABASE);
// Prevent Devel from hi-jacking our output in any case.
$GLOBALS['devel_shutdown'] = FALSE;
$return = js_execute_callback();
// Menu status constants are integers; page content is a string.
if (is_int($return)) {
// Make sure the full bootstrap has ran.
drupal_bootstrap(DRUPAL_BOOTSTRAP_FULL);
// Deliver error page.
drupal_deliver_page($return);
} elseif (isset($return)) {
// If JavaScript callback did not exit, print any value (including an empty
// string) except NULL or undefined.
drupal_json_output($return);
}
/**
* Loads the requested module and executes the requested callback.
*
* @return
* The callback function's return value or one of the JS_* constants.
*/
function js_execute_callback()
{
$args = explode('/', $_GET['q']);
// If i18n is enabled and therefore the js module should boot
// to DRUPAL_BOOTSTRAP_LANGUAGE.
$i18n = FALSE;
// Validate if there is a language prefix in the path.
if (!empty($args[0]) && !empty($args[1]) && $args[1] == 'js_callback') {
/**
* main function for login
* @return string
*/
function login_main()
{
global $q, $config, $user;
$txt = "";
if ($t = getConf("admin_message")) {
addErrorMessage($t);
}
if ($t = getVar("message")) {
addInfoMessage($t);
}
// Sicherstellen, dass keiner eingelogt ist!
if (!userLoggedIn()) {
if ($t = getVar("login_message")) {
addInfoMessage($t, true);
}
$form = new CTForm("LoginForm", "validateLogin", "Login");
$form->setHeader(t("login.headline"), t("please.fill.following.fields"));
$form->addField("email", "", "INPUT_REQUIRED", t("email.or.username"), true);
if (getVar("email")) {
$form->fields["email"]->setValue(getVar("email"));
}
$form->addField("password", "", "PASSWORD", t("password"));
// TODO: when is this false?
if (getConf("show_remember_me", 1) == 1) {
$form->addField("rememberMe", "", "CHECKBOX", t("remember.me"));
}
$form->addButton(t("login"), "ok");
// access through externale tools through GET and additional direct
// POST so no GET is used , so it is not visible in the URL
if (getVar("email", false, $_POST) && getVar("password", false, $_POST) && getVar("directtool", false, $_POST)) {
include_once CHURCHCORE . "/churchcore_db.php";
$email = getVar("email", false, $_POST);
$password = getVar("password", false, $_POST);
$directTool = getVar("directtool", false, $_POST);
$res = db_query("SELECT * FROM {cdb_person}\n WHERE email=:email AND active_yn=1 AND archiv_yn=0", array(":email" => $email))->fetch();
if (!$res) {
drupal_json_output(jsend()->fail(t('email.unknown')));
} else {
if (user_check_password($password, $res)) {
login_user($res, null, false);
ct_log("Login by Direct-Tool {$directTool} with {$email}", 2, "-1", "login");
drupal_json_output(jsend()->success());
} else {
drupal_json_output(jsend()->fail(t('wrong.password')));
}
}
return;
} else {
if (($loginstr = getVar("loginstr")) && ($id = getVar('id'))) {
// delete login strings older then 14 days
db_query("DELETE FROM {cc_loginstr}\n WHERE DATEDIFF( current_date, create_date ) > 13");
$res = db_query("SELECT * FROM {cc_loginstr}\n WHERE loginstr=:loginstr AND person_id=:id", array(":loginstr" => $loginstr, ":id" => $id))->fetch();
if (!$res) {
$txt .= '<div class="alert alert-info">' . t('login.string.too.old') . '</div>';
} else {
// delete current loginKey to prevent misuse
$res = db_query("DELETE FROM {cc_loginstr}\n WHERE loginstr=:loginstr AND person_id=:id", array(":loginstr" => $loginstr, ":id" => $id));
ct_log("Login User {$id} erfolgreich mit loginstr ", 2, "-1", "login");
$res = churchcore_getPersonById($id);
login_user($res);
}
}
}
$txt .= $form->render();
$txt .= '<script>jQuery("#newpwd").click(function(k,a) {
if (confirm("' . t('want.to.receive.new.password') . '")) {
window.location.href="?q=login/newpwd&email="+jQuery("#LoginForm_email").val();
}
});</script>';
} else {
// switch to another family user (same email)
if ($familyId = getVar("family_id")) {
if (isset($_SESSION["family"][$familyId])) {
// logout_current_user();
login_user($_SESSION["family"][$familyId]);
$txt .= '<div class="alert alert-info">' . t('user.succesfully.changed.now.you.work.with.permissions.of.x', $_SESSION["user"]->vorname . ' ' . $_SESSION["user"]->name) . '</div>';
} else {
$txt .= "<div class='alert alert-info'>" . t('user.change.to.familyX.failed.session.is.empty', $familyId) . "</div>";
}
} else {
if (getVar("directtool", false, $_POST)) {
drupal_json_output(jsend()->success("Already logged in"));
} else {
$txt .= '<div class="alert alert-info">' . t('you.are.logged.in.as.x.click.y.to.continue', $_SESSION["user"]->vorname, '<a href="?q=home">' . t('home') . '</a>') . '</div>';
}
}
}
return $txt;
}
