public function getSearchableData($params) { $res["searchable"] = getSearchableData(); $res["oldGroupRelations"] = getOldGroupRelations(); $res["tagRelations"] = getTagRelations(); return $res; }
/** * get person details * TODO: create a class for persons * * @param int $id * @param bool $withComments * * @return person object */ function churchdb_getPersonDetails($id, $withComments = true) { global $user, $config; $allowed = $user->id == $id; $userIsLeader = false; $userIsSuperLeader = false; // the export right give the permission to see everything! if (user_access("export data", "churchdb")) { $allowed = true; $userIsLeader = true; $userIsSuperLeader = true; } else { // user is super leader of person? if (churchdb_isPersonSuperLeaderOfPerson($user->id, $id)) { $userIsSuperLeader = true; $userIsLeader = true; $allowed = true; } // user is leader of person? if (churchdb_isPersonLeaderOfPerson($user->id, $id)) { $userIsLeader = true; $allowed = true; } // user is in group with person? if (!$allowed) { $myGroups = churchdb_getMyGroups($user->id, true, false); if (count($myGroups) > 0) { $res = db_query("\n SELECT COUNT(*) c\n FROM {cdb_person} p, {cdb_gemeindeperson} gp, {cdb_gemeindeperson_gruppe} gpg\n WHERE p.id=gp.person_id AND gpg.gemeindeperson_id=gp.id AND p.id=:id\n AND gpg.gruppe_id in (" . db_implode($myGroups) . ") ", array(':id' => $id))->fetch(); if ($res->c > 0) { $allowed = true; } } } if (!$allowed) { $allowedDeps = user_access("view alldata", "churchdb"); if ($allowedDeps != null) { $res = db_query(' SELECT COUNT(*) as c FROM {cdb_bereich_person} WHERE person_id=:p_id AND bereich_id in (' . db_implode($allowedDeps) . ')', array(':p_id' => $id), false)->fetch(); if ($res->c > 0) { $allowed = true; } } } if (!$allowed) { return "no access"; } } $res = db_query("SELECT f.*, fk.intern_code\n FROM {cdb_feld} f, {cdb_feldkategorie} fk\n WHERE f.feldkategorie_id=fk.id AND fk.intern_code IN ('f_address', 'f_church', 'f_category') AND aktiv_yn=1"); $sqlFields = array(); $sqlFields[] = "p.id id"; $sqlFields[] = "gp.id gp_id"; $sqlFields[] = "geolat as lat"; $sqlFields[] = "imageurl"; $sqlFields[] = "geolng as lng"; $sqlFields[] = "cmsuserid"; $allowedToEditMyself = $id == $user->id && isset($config["churchdb_changeownaddress"]) && $config["churchdb_changeownaddress"] == 1; foreach ($res as $res2) { if ($res2->autorisierung == null || _checkPersonAuthorisation($res2->autorisierung, $userIsLeader, $userIsSuperLeader, $id)) { if ($res2->intern_code == "f_address" || $res2->db_spalte == "status_id" || $userIsLeader || $allowedToEditMyself || user_access('view alldetails', "churchdb")) { $sqlFields[] = $res2->db_spalte; } } } $sql = "SELECT " . join($sqlFields, ","); if ($userIsLeader || user_access('view alldetails', "churchdb") || user_access('administer persons', "churchcore")) { $sql .= ', p.letzteaenderung, p.aenderunguser, p.createdate, if (loginstr IS NULL , 0 , 1) AS einladung, p.active_yn, p.lastlogin'; } $sql .= ' FROM {cdb_person} p, {cdb_gemeindeperson} gp WHERE p.id=gp.person_id AND p.id=:pid'; $person = db_query($sql, array(':pid' => $id))->fetch(); if ($person !== false) { if ($withComments) { $auth = user_access("view comments", "churchdb"); if ($auth != null) { $comments = db_query("SELECT id, text, person_id, datum, comment_viewer_id, relation_name\n FROM {cdb_comment}\n WHERE relation_id=:relid AND relation_name like 'person%'\n ORDER BY datum DESC", array(':relid' => $id)); if ($comments) { $arrs = null; foreach ($comments as $arr) { if (isset($auth[$arr->comment_viewer_id]) && $auth[$arr->comment_viewer_id] == $arr->comment_viewer_id) { $arrs[] = $arr; } } $person->comments = $arrs; } } } $person->auth = getAuthForPerson($id); if (($oldGroups = getOldGroupRelations($id)) && isset($oldGroups[$id])) { $person->oldGroups = $oldGroups[$id]; } } return $person; }