PHP getAuthForPerson Examples

Example #1

File: churchdb_ajax.php Project: toXel/churchtools_basic

/**
 * get person data to search for
 *
 * @return array with persons, key = id
 */
function getSearchableData()
{
    $persons = churchdb_getAllowedPersonData('', 'person_id p_id, person_id id, familienstand_no, geschlecht_no, hochzeitsdatum, nationalitaet_id,
              erstkontakt, zugehoerig, eintrittsdatum, austrittsdatum, taufdatum, plz, geburtsort, imageurl, cmsuserid, lastlogin');
    foreach ($persons as $arr) {
        unset($persons[$arr->id]->p_id);
        $persons[$arr->id]->auth = getAuthForPerson($arr->id);
    }
    return $persons;
}

Example #2

File: churchdb_ajax.php Project: lhaselauer/churchtools_basic

/**
 * get person data to search for
 *
 * @return array with persons, key = id
 */
function getSearchableData()
{
    $persons = db_query('SELECT person_id id, geburtsdatum, familienstand_no, geschlecht_no, hochzeitsdatum, nationalitaet_id,  
                  erstkontakt, zugehoerig, eintrittsdatum, austrittsdatum, taufdatum, plz, geburtsort, imageurl, cmsuserid
           FROM {cdb_person} p, {cdb_gemeindeperson} gp 
                  WHERE p.id=gp.person_id');
    foreach ($persons as $arr) {
        $arr->auth = getAuthForPerson($arr->id);
        $arrs[$arr->id] = $arr;
    }
    return $arrs;
}

Example #3

File: churchdb_db.php Project: lhaselauer/churchtools_basic

/**
 * get person details
 * TODO: create a class for persons
 *
 * @param int $id          
 * @param bool $withComments          
 *
 * @return person object
 */
function churchdb_getPersonDetails($id, $withComments = true)
{
    global $user;
    $allowed = $user->id == $id;
    $iAmLeader = false;
    $iAmSuperLeader = false;
    // the export right give the permission to see everything!
    if (user_access("export data", "churchdb")) {
        $allowed = true;
        $iAmLeader = true;
        $iAmSuperLeader = true;
    } else {
        // user is super leader of person?
        if (churchdb_isPersonSuperLeaderOfPerson($user->id, $id)) {
            $iAmSuperLeader = true;
            $iAmLeader = true;
            $allowed = true;
        }
        // user is leader of person?
        if (churchdb_isPersonLeaderOfPerson($user->id, $id)) {
            $iAmLeader = true;
            $allowed = true;
        }
        // user is in group with person?
        if (!$allowed) {
            $myGroups = churchdb_getMyGroups($user->id, true, false);
            if (count($myGroups) > 0) {
                $res = db_query("SELECT COUNT(*) c\n                 FROM {cdb_person} p, {cdb_gemeindeperson} gp, {cdb_gemeindeperson_gruppe} gpg\n                 WHERE p.id=gp.person_id AND gpg.gemeindeperson_id=gp.id AND p.id=:id\n                   AND gpg.gruppe_id in (" . implode(",", $myGroups) . ") ", array(':id' => $id))->fetch();
                if ($res->c > 0) {
                    $allowed = true;
                }
            }
        }
        if (!$allowed) {
            // TODO: maybe shorten next 2 lines to: if ($allowedDeps=user_access("view alldata", "churchdb")) {
            $allowedDeps = user_access("view alldata", "churchdb");
            if ($allowedDeps != null) {
                $res = db_query('SELECT COUNT(*) as c FROM {cdb_bereich_person}
            WHERE person_id=:p_id AND bereich_id in (' . implode(',', $allowedDeps) . ')', array(':p_id' => $id), false)->fetch();
                if ($res->c > 0) {
                    $allowed = true;
                }
            }
        }
        if (!$allowed) {
            return "no access";
        }
    }
    $res = db_query("SELECT f.*, fk.intern_code FROM {cdb_feld} f, {cdb_feldkategorie} fk WHERE f.feldkategorie_id=fk.id\n              AND fk.intern_code IN ('f_address', 'f_church', 'f_category') AND aktiv_yn=1");
    $sqlFields = array();
    $sqlFields[] = "p.id id";
    $sqlFields[] = "gp.id gp_id";
    $sqlFields[] = "geolat as lat";
    $sqlFields[] = "imageurl";
    $sqlFields[] = "geolng as lng";
    $sqlFields[] = "cmsuserid";
    foreach ($res as $res2) {
        if ($res2->autorisierung == null || _checkPersonAuthorisation($res2->autorisierung, $iAmLeader, $iAmSuperLeader)) {
            if ($res2->intern_code == "f_address" || $iAmLeader || user_access('view alldetails', "churchdb")) {
                $sqlFields[] = $res2->db_spalte;
            }
        }
    }
    $sql = "SELECT " . join($sqlFields, ",");
    if ($iAmLeader || user_access('view alldetails', "churchdb") || user_access('administer persons', "churchcore")) {
        $sql .= ', p.letzteaenderung, p.aenderunguser, p.createdate, if (loginstr IS NULL , 0 , 1) AS einladung, p.active_yn, p.lastlogin';
    }
    $sql .= ' FROM {cdb_person} p, {cdb_gemeindeperson} gp WHERE p.id=gp.person_id AND p.id=:pid';
    $person = db_query($sql, array(':pid' => $id))->fetch();
    if ($withComments) {
        $comments = db_query("SELECT id, text, person_id, datum, comment_viewer_id, relation_name \n                          FROM {cdb_comment}\n                          WHERE relation_id=:relid AND relation_name like 'person%'\n                          ORDER BY datum desc", array(':relid' => $id));
        $auth = user_access("view comments", "churchdb");
        if ($comments && $auth != null) {
            // TODO: test for auth before DB query? if ($withComments &&
            // $auth=user_access("view comments","churchdb"))
            $arrs = null;
            foreach ($comments as $arr) {
                if (isset($auth[$arr->comment_viewer_id]) && $auth[$arr->comment_viewer_id] == $arr->comment_viewer_id) {
                    $arrs[] = $arr;
                }
            }
            $person->comments = $arrs;
        }
    }
    $person->auth = getAuthForPerson($id);
    return $person;
}