private function informSuggestionTeam($suggestion)
{
// get all team members
$query = "\r\n SELECT\r\n username\r\n FROM\r\n members, rights, rightsvolunteers\r\n WHERE\r\n members.Status = 'Active'\r\n AND members.id = rightsvolunteers.IdMember\r\n AND rights.`Name` = 'Suggestions'\r\n AND rightsvolunteers.IdRight = rights.id\r\n AND rightsvolunteers.Level > 0\r\n ORDER BY\r\n username\r\n ";
$res = $this->dao->query($query);
if (!$res) {
return false;
}
$receivers = array();
while ($row = $res->fetch(PDB::FETCH_OBJ)) {
$member = $this->createEntity('Member')->findByUsername($row->username);
$email = MOD_crypt::AdminReadCrypted($member->Email);
$receivers[$email] = "BW " . $row->username;
}
//Create the Transport
$transport = Swift_SmtpTransport::newInstance('localhost', 25);
//Create the Mailer using your created Transport
$mailer = Swift_Mailer::newInstance($transport);
$purifier = MOD_htmlpure::getSuggestionsHtmlPurifier();
$plain = 'Please check the suggestion and take the necessary <a href="' . PVars::getObj('env')->baseuri . 'suggestions/' . $suggestion->id . '/approve">action</a>.';
$html = $purifier->purify($suggestion->description) . '<br/>' . $plain;
try {
$creator = $this->createEntity('Member')->findById($suggestion->createdby);
$message = Swift_Message::newInstance();
$message->setSubject("New suggestion added by " . $creator->Username . ": " . $suggestion->summary);
$message->setFrom("*****@*****.**");
$message->setBcc($receivers);
$message->addPart($html, 'text/html', 'utf-8');
$message->addPart($plain, 'text/plain', 'utf-8');
$message->setBody($plain);
} catch (Exception $e) {
$this->logWrite("In suggestions model creating mail message threw exception.", "suggestions");
return false;
}
//Now check if Swift actually sends it
try {
$sendResult = $mailer->send($message);
} catch (Exception $e) {
$this->logWrite("Exception when executing Swift_Mailer::send()", "suggestions");
$sendResult = false;
}
if ($sendResult) {
return true;
} else {
$this->logWrite("In suggestions model swift::send: Failed to send mail.", "suggestions");
return false;
}
}
/**
* This needs to go someplace else,
* pending architectural attention
*/
protected function get_crypted($crypted_id, $return_value = "")
{
if ($crypted_id == "" or $crypted_id == 0) {
return "";
}
// check for Admin
$right = new MOD_right();
if ($right->hasRight('Admin') || $right->hasRight('SafetyTeam')) {
return urldecode(strip_tags(MOD_crypt::AdminReadCrypted($crypted_id)));
}
// check for Member's own data
if ($this->edit_mode) {
if (($mCrypt = MOD_crypt::MemberReadCrypted($crypted_id)) != "cryptedhidden") {
return urldecode(strip_tags($mCrypt));
}
}
return urldecode(MOD_crypt::get_crypted($crypted_id, $return_value));
}
/**
* Resend the confirmation mail in case the user clicked on the link in the
* login error message
*
* @param string $username
*/
public function resendConfirmationMail($username)
{
// fetch ID for member $username
$vars = array();
$MembersModel = new MembersModel();
$member = $MembersModel->getMemberWithUsername($username);
if ($member) {
if ($member->Status == 'MailToConfirm') {
$vars['firstname'] = MOD_crypt::AdminReadCrypted($member->Firstname);
$vars['secondname'] = MOD_crypt::AdminReadCrypted($member->Secondname);
$vars['lastname'] = MOD_crypt::AdminReadCrypted($member->Lastname);
$vars['email'] = MOD_crypt::AdminReadCrypted($member->Email);
$userId = APP_User::userId($username);
if (!$userId) {
return 'NoSuchMember';
} else {
$View = new SignupView($this);
define('DOMAIN_MESSAGE_ID', 'bewelcome.org');
// TODO: config
$View->registerMail($vars, $member->id, $userId);
}
} else {
return 'NoMailToConfirm';
}
} else {
return 'NoSuchMember';
}
return true;
}
/**
* Update Member's Profile
*
* @param unknown_type $vars
* @return unknown
*/
public function updateProfile(&$vars)
{
$IdMember = (int) $vars['memberid'];
$words = new MOD_words();
$rights = new MOD_right();
$m = $vars['member'];
// fantastic ... love the implementation. Fake
$CanTranslate = false;
// $CanTranslate = CanTranslate($vars["memberid"], $_SESSION['IdMember']);
$ReadCrypted = "MemberReadCrypted";
// This might be changed in the future
if ($rights->hasRight('Admin') || $rights->hasRight('SafetyTeam')) {
// admin or CanTranslate can alter other profiles
$ReadCrypted = "AdminReadCrypted";
// In this case the AdminReadCrypted will be used
}
$m->removeLanguages();
foreach ($vars['languages_selected'] as $lang) {
if ($language = $this->createEntity('Language')->findById($lang->IdLanguage)) {
$ml = $this->createEntity('MemberLanguage');
$ml->setSpokenLanguage($m, $language, $lang->Level);
}
}
// Set the language that ReplaceinMTrad uses for writing
$words->setlangWrite($vars['profile_language']);
// refactoring to use member entity
// $m->LastLogin = '******' ? 'Never' : $layoutbits->ago(strtotime($TM->LastLogin)); // Members lastlogin is no to be updated here
if (isset($vars['Status']) && !empty($vars['Status'])) {
// this can only happen when an admin or the safety team edits a profile
$m->Status = $vars['Status'];
}
$m->Gender = $vars['gender'];
$m->HideGender = $vars['HideGender'];
$m->BirthDate = $vars['BirthYear'] . '-' . $vars['BirthMonth'] . '-' . $vars['BirthDay'];
$m->bday = $vars['BirthDay'];
$m->bmonth = $vars['BirthMonth'];
$m->byear = $vars['BirthYear'];
$m->HideBirthDate = $vars['HideBirthDate'];
$m->HideGender = $vars['HideGender'];
$m->ProfileSummary = $words->ReplaceInMTrad($vars['ProfileSummary'], "members.ProfileSummary", $IdMember, $m->ProfileSummary, $IdMember);
$m->WebSite = strip_tags($vars['WebSite']);
$m->Accomodation = $vars['Accomodation'];
$m->Organizations = $words->ReplaceInMTrad($vars['Organizations'], "members.Organizations", $IdMember, $m->Organizations, $IdMember);
$m->Occupation = $words->ReplaceInMTrad(strip_tags($vars['Occupation']), "members.Occupation", $IdMember, $m->Occupation, $IdMember);
$m->ILiveWith = $words->ReplaceInMTrad($vars['ILiveWith'], "members.ILiveWith", $IdMember, $m->ILiveWith, $IdMember);
$m->MaxGuest = strip_tags($vars['MaxGuest']);
$m->MaxLenghtOfStay = $words->ReplaceInMTrad($vars['MaxLenghtOfStay'], "members.MaxLenghtOfStay", $IdMember, $m->MaxLenghtOfStay, $IdMember);
$m->AdditionalAccomodationInfo = $words->ReplaceInMTrad($vars['AdditionalAccomodationInfo'], "members.AdditionalAccomodationInfo", $IdMember, $m->AdditionalAccomodationInfo, $IdMember);
$m->TypicOffer = strip_tags($vars['TypicOffer']);
$m->Restrictions = strip_tags($vars['Restrictions']);
$m->OtherRestrictions = $words->ReplaceInMTrad($vars['OtherRestrictions'], "members.OtherRestrictions", $IdMember, $m->OtherRestrictions, $IdMember);
$m->Hobbies = $words->ReplaceInMTrad($vars['Hobbies'], "members.Hobbies", $IdMember, $m->Hobbies, $IdMember);
$m->Books = $words->ReplaceInMTrad($vars['Books'], "members.Books", $IdMember, $m->Books, $IdMember);
$m->Music = $words->ReplaceInMTrad($vars['Music'], "members.Music", $IdMember, $m->Music, $IdMember);
$m->Movies = $words->ReplaceInMTrad($vars['Movies'], "members.Movies", $IdMember, $m->Movies, $IdMember);
$m->PastTrips = $words->ReplaceInMTrad($vars['PastTrips'], "members.PastTrips", $IdMember, $m->PastTrips, $IdMember);
$m->PlannedTrips = $words->ReplaceInMTrad($vars['PlannedTrips'], "members.PlannedTrips", $IdMember, $m->PlannedTrips, $IdMember);
$m->PleaseBring = $words->ReplaceInMTrad($vars['PleaseBring'], "members.PleaseBring", $IdMember, $m->PleaseBring, $IdMember);
$m->OfferGuests = $words->ReplaceInMTrad($vars['OfferGuests'], "members.OfferGuests", $IdMember, $m->OfferGuests, $IdMember);
$m->OfferHosts = $words->ReplaceInMTrad($vars['OfferHosts'], "members.OfferHosts", $IdMember, $m->OfferHosts, $IdMember);
$m->PublicTransport = $words->ReplaceInMTrad($vars['PublicTransport'], "members.PublicTransport", $IdMember, $m->PublicTransport, $IdMember);
// as $CanTranslate is set explicitly above, this is disabled
// if (!$CanTranslate) { // a volunteer translator will not be allowed to update crypted data
if ($vars["HouseNumber"] != $m->get_housenumber()) {
$this->logWrite("Housenumber updated", "Address Update");
}
if ($vars["Street"] != $m->get_street()) {
$this->logWrite("Street updated", "Address Update");
}
if ($vars["Zip"] != $m->get_zip()) {
$this->logWrite("Zip updated", "Address Update");
}
if ($vars["Email"] == "cryptedhidden") {
$this->logWrite("members.model updateprofile email keeps previous value (cryptedhidden detected)", "Debug");
} else {
if ($vars["Email"] != $m->email) {
$this->logWrite("Email updated (previous was " . $m->email . ")", "Email Update");
// Sticking to old BW, the previous email is stored in logs,
// this might be discussed, but if the member fills a bad email,
// there is no more way to retrieve him
// Todo : get rid with this, but implement a confimmation mail
$m->Email = MOD_crypt::NewReplaceInCrypted(strip_tags($vars['Email']), "members.Email", $IdMember, $m->Email, $IdMember, $this->ShallICrypt($vars, "Email"));
}
}
if ($vars["HomePhoneNumber"] != "cryptedhidden") {
$m->HomePhoneNumber = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['HomePhoneNumber'])), "members.HomePhoneNumber", $IdMember, $m->HomePhoneNumber, $IdMember, $this->ShallICrypt($vars, "HomePhoneNumber"));
}
if ($vars["CellPhoneNumber"] != "cryptedhidden") {
$m->CellPhoneNumber = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['CellPhoneNumber'])), "members.CellPhoneNumber", $IdMember, $m->CellPhoneNumber, $IdMember, $this->ShallICrypt($vars, "CellPhoneNumber"));
}
if ($vars["WorkPhoneNumber"] != "cryptedhidden") {
$m->WorkPhoneNumber = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['WorkPhoneNumber'])), "members.WorkPhoneNumber", $IdMember, $m->WorkPhoneNumber, $IdMember, $this->ShallICrypt($vars, "WorkPhoneNumber"));
}
if ($vars["chat_SKYPE"] != "cryptedhidden") {
$m->chat_SKYPE = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_SKYPE'])), "members.chat_SKYPE", $IdMember, $m->chat_SKYPE, $IdMember, $this->ShallICrypt($vars, "chat_SKYPE"));
}
if ($vars["chat_AOL"] != "cryptedhidden") {
$m->chat_AOL = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_AOL'])), "members.chat_AOL", $IdMember, $m->chat_AOL, $IdMember, $this->ShallICrypt($vars, "chat_AOL"));
}
if ($vars["chat_YAHOO"] != "cryptedhidden") {
$m->chat_YAHOO = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_YAHOO'])), "members.chat_YAHOO", $IdMember, $m->chat_YAHOO, $IdMember, $this->ShallICrypt($vars, "chat_YAHOO"));
}
if ($vars["chat_ICQ"] != "cryptedhidden") {
$m->chat_ICQ = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_ICQ'])), "members.chat_ICQ", $IdMember, $m->chat_ICQ, $IdMember, $this->ShallICrypt($vars, "chat_ICQ"));
}
if ($vars["chat_Others"] != "cryptedhidden") {
$m->chat_Others = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_Others'])), "members.chat_Others", $IdMember, $m->chat_Others, $IdMember, $this->ShallICrypt($vars, "chat_Others"));
}
if ($vars["chat_GOOGLE"] != "cryptedhidden") {
$m->chat_GOOGLE = MOD_crypt::NewReplaceInCrypted(addslashes(strip_tags($vars['chat_GOOGLE'])), "members.chat_GOOGLE", $IdMember, $m->chat_GOOGLE, $IdMember, $this->ShallICrypt($vars, "chat_GOOGLE"));
}
$firstname = MOD_crypt::AdminReadCrypted($m->FirstName);
$secondname = MOD_crypt::AdminReadCrypted($m->SecondName);
$lastname = MOD_crypt::AdminReadCrypted($m->LastName);
if ($firstname != strip_tags($vars['FirstName']) || $secondname != strip_tags($vars['SecondName']) || $lastname != strip_tags($vars['LastName'])) {
$this->logWrite("{$m->Username} changed name. Firstname: {$firstname} -> " . strip_tags($vars['FirstName']) . ", second name: {$secondname} -> " . strip_tags($vars['SecondName']) . ", second name: {$lastname} -> " . strip_tags($vars['LastName']), 'Profile update');
}
if ($vars["FirstName"] != "cryptedhidden") {
MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['FirstName'])), "members.FirstName", $IdMember, $m->FirstName, $IdMember, $this->ShallICrypt($vars, "FirstName"));
}
if ($vars["SecondName"] != "cryptedhidden") {
$cryptId = MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['SecondName'])), "members.SecondName", $IdMember, $m->SecondName, $IdMember, $this->ShallICrypt($vars, "SecondName"));
// Update member if a new crypted SecondName value was added
if ($cryptId != $m->SecondName) {
$m->SecondName = $cryptId;
}
}
if ($vars["LastName"] != "cryptedhidden") {
MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['LastName'])), "members.LastName", $IdMember, $m->LastName, $IdMember, $this->ShallICrypt($vars, "LastName"));
}
if ($vars["Zip"] != "cryptedhidden") {
$this->logWrite("in members.model updateprofile() Before Zip update addresss.Zip=" . $m->address->Zip, "Debug");
$cryptId = MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['Zip'])), "addresses.Zip", $m->IdAddress, $m->address->Zip, $IdMember, $this->ShallICrypt($vars, "Zip"));
// Update addresses table if a new crypted zip value was added
if ($cryptId != $m->address->Zip) {
$m->setCryptedZip($cryptId);
}
$this->logWrite("in members.model updateprofile() After Zip update addresss.Zip=" . $m->address->Zip . " \$cryptId=" . $cryptId, "Debug");
}
if ($vars["HouseNumber"] != "cryptedhidden") {
$cryptId = MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['HouseNumber'])), "addresses.HouseNumber", $m->IdAddress, $m->address->HouseNumber, $IdMember, $this->ShallICrypt($vars, "Address"));
// Update addresses table if a new crypted HouseNumber value was added
if ($cryptId != $m->address->HouseNumber) {
$m->setCryptedHouseNumber($cryptId);
}
}
if ($vars["Street"] != "cryptedhidden") {
$cryptId = MOD_crypt::NewReplaceInCrypted($this->dao->escape(strip_tags($vars['Street'])), "addresses.StreetName", $m->IdAddress, $m->address->StreetName, $IdMember, $this->ShallICrypt($vars, "Address"));
// Update addresses table if a new crypted StreetName value was added
if ($cryptId != $m->address->StreetName) {
$m->setCryptedStreetName($cryptId);
}
}
// Check relations, and update them if they have changed
$Relations = $m->get_all_relations();
foreach ($Relations as $Relation) {
if ($words->mInTrad($Relation->Comment, $vars['profile_language']) != $vars["RelationComment_" . $Relation->id] and !empty($vars["RelationComment_" . $Relation->id])) {
// echo "Relation #".$Relation->id,"<br />", $words->mInTrad($Relation->Comment,$vars['profile_language']),"<br />",$vars['RelationComment_'.$Relation->id],"<br />" ;
$IdTrad = $words->ReplaceInMTrad(strip_tags($vars["RelationComment_" . $Relation->id]), "specialrelations.Comment", $Relation->id, $Relation->Comment, $IdMember);
// Empty comments have trad id 0. Causing ReplaceInMTrad to create
// a new trad id and returning the new number.
if ($IdTrad != $Relation->id) {
$m->update_relation($Relation->id, $IdTrad);
}
$this->logWrite("updating relation #" . $Relation->id . " Relation Confirmed=" . $Relation->Confirmed, "Profile update");
}
}
// Check groups membership description, and update them if they have changed
// Tod od with Peter: check if there is other feature to update a group membership (a groupmembership model for example, or entity)
/* group membership should not be present here, disabled for now
$Groups=$m->getGroups() ;
for ($i = 0; $i < count($Groups) ; $i++) {
$group=$Groups[$i] ;
$group_id = $group->getPKValue() ;
$group_name_translated = $words->get("Group_".$group->Name);
$group_comment_translated = htmlspecialchars($words->mInTrad($m->getGroupMembership($group)->Comment,$vars['profile_language']), ENT_QUOTES);
$IdMemberShip=$m->getGroupMembership($group)->id ;
if (($words->mInTrad($m->getGroupMembership($group)->Comment,$vars['profile_language'])!=$vars["GroupMembership_".$IdMemberShip])
and (!empty($vars["GroupMembership_".$IdMemberShip]))) {
echo "Group #".$group_id,"<br />",$words->mInTrad($m->getGroupMembership($group)->Comment,$vars['profile_language']),"<br />",$vars["GroupMembership_".$IdMemberShip],"<br />" ;
$words->ReplaceInMTrad(strip_tags($vars["GroupMembership_".$IdMemberShip]),"membersgroups.Comment", $IdMemberShip, $m->getGroupMembership($group)->Comment, $IdMember);
$this->logWrite("updating membership description in group #".$group_id." Group name=".$group->name, "Profil update");
}
}
*/
// if a member with status NeedMore updates her/his profile, moving them back to pending
if ($m->Status == 'NeedMore') {
$m->Status = 'Pending';
}
$status = $m->update();
if (!empty($_FILES['profile_picture']) && !empty($_FILES['profile_picture']['tmp_name'])) {
if (isset($_FILES['profile_picture']) && $_FILES['profile_picture']['error'] == 0) {
$this->avatarMake($vars['memberid'], $_FILES['profile_picture']['tmp_name']);
}
}
if ($IdMember == $_SESSION['IdMember']) {
$this->logWrite("Profile update by member himself [Status={$m->Status}]", "Profile update");
} else {
$this->logWrite("update of another profile <b>" . $m->Username . "</b>", "Profile update");
// It can be an admin update or a delegated translation update
}
return $status;
}
/**
* This function loads the private data of member IdMember
* @cid can be an id or a username of the member.
* @given_password is the password sent with the form.
* @return a structure with the data, or false if password/Username dont match
**/
public function LoadPrivateData($cid, $given_password)
{
// comment by lemon-head: I think we should encrypt the pw on PHP side, not in SQL.
// It is said in MySQL documentation
// that the PASSWORD() function is not recommended to be used by applications.
// - correct, but as long as we're stuck with the mysql password function (and for now
// we are, then we either have to replicate the password function [it doesn't exist in php]
// or rely on mysql. Sucks to be us.
$data = new stdClass();
if (!($m = $this->checkPassword($cid, $given_password))) {
// user not found! explain something?
return array();
// Returns empty array if no value found
}
// Password has been verified, load the encrypted data
foreach (array('FirstName', 'SecondName', 'LastName') as $key) {
$data->{$key} = MOD_crypt::AdminReadCrypted($m->{$key});
}
foreach (array('HouseNumber', 'StreetName', 'Zip') as $key) {
if (!isset($m->address)) {
$housenumber = $m->get_housenumber();
}
$data->{$key} = MOD_crypt::AdminReadCrypted($m->address->{$key});
}
$data->CityName = $m->get_city();
return $data;
}