Example #1
0
 public function __construct($user_input, $style_sd = false, $form_id = 'customp', $self_ignore = false)
 {
     global $user;
     parent::View($style_sd);
     $this->user = false;
     if (!is_numeric($user_input) and !is_object($user_input)) {
         return false;
     }
     $this->user = is_numeric($user_input) ? new User((int) $user_input) : $user_input;
     if (!$this->user->Exist()) {
         unset($this->user);
         $this->user = false;
         return false;
     }
     $this->admin_mode = false;
     $this->id = $form_id;
     if (!empty($user) and $user->lvl() >= 15) {
         $this->admin_mode = true;
     }
     if ($self_ignore and !empty($user) and $user->id() === $this->user->id()) {
         $this->self_ignore = true;
     } else {
         $this->self_ignore = false;
     }
 }
Example #2
0
 public function __construct($parent, $work_script, $style_sd = false)
 {
     global $bd_names, $config;
     $this->parent_obj = false;
     if (!$parent->Exist()) {
         return false;
     }
     $this->parent_obj = $parent;
     parent::View($style_sd);
     $this->work_script = $work_script;
     $this->per_page = $config['comm_by_page'];
     $this->revers = $config['comm_revers'];
     $this->db = $bd_names['comments'];
 }
 public function SkinManager($style_sd = false, $base_url = 'index.php?mode=skinposer', $url_params = false)
 {
     global $bd_names;
     parent::View($style_sd);
     if (isset($bd_names['sp_skins'])) {
         $this->db = $bd_names['sp_skins'];
         $this->db_ratio = $bd_names['sp_skins_ratio'];
     } else {
         $this->db = false;
     }
     $this->type = ItemType::Skin;
     $this->db_likes = $bd_names['likes'];
     $this->base_url = $base_url;
     $this->url_params = !$url_params ? '' : $url_params;
     $this->answer = '';
 }
Example #4
0
 public function ControlManager($style_sd = false, $work_skript = '?mode=control')
 {
     /*	Show subdirs used: /admin */
     parent::View($style_sd);
     $this->work_skript = $work_skript;
 }
 public function SkinManager($style_sd = false, $base_url = 'index.php?mode=skinposer', $url_params = false)
 {
     global $bd_names, $config;
     parent::View($style_sd);
     if (!$this->st_subdir) {
         $this->st_subdir = $style_sd;
     }
     if (isset($bd_names['sp_skins'])) {
         $this->db = $bd_names['sp_skins'];
         $this->db_ratio = $bd_names['sp_skins_ratio'];
         $this->download = $config['sp_download'];
         $this->discus = $config['sp_comments'];
     } else {
         $this->db = false;
     }
     $this->type = ItemType::Skin;
     $this->db_likes = $bd_names['likes'];
     $this->base_url = $base_url;
     $this->url_params = !$url_params ? '' : $url_params;
     $this->answer = '';
     Group::$permissions = array_merge(Group::$permissions, self::$permissions);
 }
Example #6
0
 <div>
   Tutorial Goes here!
 </div>
 <?php View::View("home"); ?>
Example #7
0
 function AppView($templateFile)
 {
     parent::View($templateFile);
 }
Example #8
0
 /**
  * Handles control for all administrative functions
  */
 public function controlHandler($getvars)
 {
     //first authorize the user
     $ac = new AccessController($getvars);
     if (!$ac->isAuthorized()) {
         return;
     }
     View::View();
     $this->displayAdminHMenu();
     global $dao;
     switch ($getvars['vm_action']) {
         case 'display_acl_situations':
             $this->displayAdminACL($dao->getAccessRequestsForDisplay());
             break;
         case 'display_acl_modify':
             if (empty($getvars['request'])) {
                 add_error(SHN_ERR_VM_NO_REQUEST);
                 $this->displayAdminACL($dao->getAccessRequestsForDisplay());
             } else {
                 $split = preg_split("/&/", $getvars['request']);
                 $act = $split[0];
                 $vm_action = $split[1];
                 $this->displayAdminACLModify($act, $vm_action, $dao->getAccessRequestDescription($act, $vm_action), $dao->getSpecificAccessRequestConstraints($act, $vm_action), $dao->getPossibleAccessConstraints(), $dao->getDBTables());
             }
             break;
         case 'process_update_phonetics':
             $dao->updatePhonetics();
             add_confirmation(_('The Search Registry has been updated.'));
             $this->displayDefaultAdminPage();
             break;
         case 'process_acl_modifications':
             $dao->removeConstraints($getvars['acl_act'], $getvars['acl_vm_action']);
             //first update the special constraints
             $possible_constraints = $dao->getPossibleAccessConstraints();
             foreach ($possible_constraints as $code => $description) {
                 if ($getvars["constraint_{$code}_req"] == 'on') {
                     $dao->addConstraint($getvars['acl_act'], $getvars['acl_vm_action'], $code);
                 }
             }
             //now update the data classification constraints
             $tables = array();
             foreach ($getvars as $name => $value) {
                 $matches = array();
                 if ($value == 'on' && preg_match("/table_(\\w+|_)_req_(\\w)/", $name, $matches)) {
                     //arrange the permissions into the 'crud' format
                     $table_name = $matches[1];
                     $permission = $matches[2];
                     if (!isset($tables[$table_name])) {
                         $tables[$table_name] = $permission;
                     } else {
                         $current_permissions = $tables[$table_name];
                         if ($permission == 'c') {
                             $tables[$table_name] = 'c' . $current_permissions;
                         } else {
                             if ($permission == 'r') {
                                 if (substr_count($tables[$table_name], 'c') > 0) {
                                     $tables[$table_name] = 'cr' . substr($current_permissions, 1);
                                 } else {
                                     $tables[$table_name] = 'r' . $current_permissions;
                                 }
                             } else {
                                 if ($permission == 'u') {
                                     if (substr_count($tables[$table_name], 'd') > 0) {
                                         $tables[$table_name] = substr($current_permissions, 0, strlen($current_permissions) - 1) . 'ud';
                                     } else {
                                         $tables[$table_name] = $current_permissions . 'u';
                                     }
                                 } else {
                                     //($permission == 'd')
                                     $tables[$table_name] = $current_permissions . 'd';
                                 }
                             }
                         }
                     }
                 }
             }
             $dao->updateClassificationConstraints($getvars['acl_act'], $getvars['acl_vm_action'], $tables);
             add_confirmation(_('Access control modifications have been saved'));
             $this->displayAdminACL($dao->getAccessRequestsForDisplay());
             break;
         case 'process_clear_cache':
             $this->engine->clear_cache();
             add_confirmation(_('Template cache has been cleared'));
             $this->displayDefaultAdminPage();
             break;
         case 'process_audit_acl':
             global $global;
             //first process any changes if necessary
             if ($getvars['process_action'] != '') {
                 if ($getvars['process_action'] == 'add_request') {
                     $dao->addAccessRequest($getvars['request_act'], $getvars['request_vm_action'], $getvars['request_desc']);
                 } else {
                     if ($getvars['process_action'] == 'remove_request') {
                         $dao->removeAccessRequest($getvars['request_act'], $getvars['request_vm_action']);
                     } else {
                         $dao->classifyTable($getvars['table_to_classify'], $getvars['classification_level']);
                     }
                 }
                 add_confirmation(_('ACL settings have been updated.'));
             }
             $path = $global['approot'] . 'mod/vm/controller/';
             //an array for all controller files to test with each key being the 'act' URL parameter associated with it
             $files = array('adm_default' => 'AdminController.php', 'project' => 'ProjectController.php', 'volunteer' => 'VolunteerController.php');
             //an array to store all act and vm_action combinations that are not in the database
             $bad_requests = array();
             $current_requests = $dao->getAccessRequests();
             foreach ($files as $act => $file_name) {
                 $handle = fopen($path . $file_name, 'r');
                 $contents = fread($handle, filesize($path . $file_name));
                 //temporary, should restrict results to within controlHandler() function
                 preg_match_all("/case\\s+('|\")(\\w+)('|\")\\s*?:/", $contents, $cases);
                 foreach ($cases[2] as $vm_action) {
                     if (isset($current_requests[$act])) {
                         if (isset($current_requests[$act][$vm_action])) {
                             unset($current_requests[$act][$vm_action]);
                         } else {
                             $bad_requests[] = array('act' => $act, 'vm_action' => $vm_action);
                         }
                     } else {
                         $bad_requests[] = array('act' => $act, 'vm_action' => $vm_action);
                     }
                 }
                 //ignore default cases that aren't referenced because they will get picked up by the controller's default action
                 unset($current_requests[$act]['default']);
                 if (empty($current_requests[$act])) {
                     unset($current_requests[$act]);
                 }
                 fclose($handle);
             }
             //now look for any unclassified tables/views
             $tables = $dao->getDBTables();
             $unclassified_tables = array();
             foreach ($tables as $table) {
                 if (substr($table, 0, 3) == 'vm_') {
                     if (!$dao->isClassified($table)) {
                         $unclassified_tables[] = $table;
                     }
                 }
             }
             //display the information
             $this->displayACLAudit($bad_requests, $current_requests, $unclassified_tables, $dao->getDataClassificationLevels());
             break;
         default:
             $this->displayDefaultAdminPage();
             break;
     }
 }
Example #9
0
 /**
  * The function that decides what to do and which page to view.
  *
  * @param $getvars an associative array, representing the GET variables
  *                 from the URL
  * @return void
  */
 function controlHandler($getvars)
 {
     global $dao;
     //first authorize the user
     $ac = new AccessController($getvars);
     if (!$ac->isAuthorized()) {
         return;
     }
     //if authorized, move on to displaying the correct page
     switch ($getvars['vm_action']) {
         case 'process_add':
             global $dao;
             /*
              * First set up a Volunteer object to store all of the
              * POST data
              */
             if ($_SESSION['logged_in'] && !$dao->isVolunteer($_SESSION['user_id'])) {
                 $v = new Volunteer();
                 $v->info['ids'] = array();
                 $v->p_uuid = $_SESSION['user_id'];
                 $shn_user = true;
             } else {
                 if (isset($getvars['p_uuid'])) {
                     $v = new Volunteer($getvars['p_uuid']);
                     $shn_user = false;
                 } else {
                     $v = new Volunteer();
                     $v->info['ids'] = array();
                     $shn_user = false;
                 }
             }
             $v->info['full_name'] = $getvars['full_name'];
             $v->info['ids'][$getvars['id_type']] = trim($getvars['serial']);
             $v->info['gender'] = $getvars['gender'];
             $v->info['dob'] = $getvars['dob'];
             $v->info['date_start'] = $getvars['start_date'];
             $v->info['date_end'] = $getvars['end_date'];
             $v->info['hour_start'] = $getvars['hrs_avail_start'];
             $v->info['hour_end'] = $getvars['hrs_avail_end'];
             $v->info['occupation'] = $getvars['occupation'];
             $v->info['affiliation'] = $getvars['affiliation'];
             $v->info['special_needs'] = $getvars['special_needs'];
             $v->info['locations'] = array();
             shn_get_parents(shn_location_get_form_submit_loc(), $v->info['locations']);
             $v->info['contact'] = array();
             // put every input that begins with 'contact_' into the contact array
             foreach ($getvars as $key => $value) {
                 if (substr($key, 0, strlen('contact_')) == 'contact_') {
                     $v->info['contact'][substr($key, strlen('contact_'))] = $value;
                 }
             }
             $v->info['contact_prefer'] = $getvars['prefered_confirm_medium'];
             //add skills information
             $v_skills = array();
             $skill_ids = $dao->getSkillIDs();
             foreach ($skill_ids as $skill) {
                 if ($getvars["SKILL_{$skill}"] == 'on') {
                     $v_skills[] = $skill;
                 }
             }
             $v->info['skills'] = $v_skills;
             //add Sahana account information if necessary
             if ($getvars['reg_account'] == 'true') {
                 $v->info['account_info'] = array('account_name' => $getvars['full_name'], 'user_name' => $getvars['user_name'], 'pass' => $getvars['pass1']);
                 $v->p_uuid = $getvars['existing_puuid'];
             }
             View::View($v);
             /*
              * Check to see if the POST data is valid and act accordingly
              */
             if ($this->validateAddForm($getvars = array_merge($_REQUEST, $_FILES))) {
                 $v->save($shn_user);
                 // picture
                 $p = $_FILES['picture'];
                 if (!empty($p['tmp_name'])) {
                     $pic = new VMPicture();
                     $pic->original = file_get_contents($p['tmp_name']);
                     $pic->name = $p['name'];
                     $pic->type = $p['type'];
                     $pic->size = $p['size'];
                     $pic->p_uuid = $v->p_uuid;
                     if ($pic->resize()) {
                         $pic->save();
                     } else {
                         add_error(_("The image file is invalid, or is not of a supported type."));
                     }
                 }
                 add_confirmation(_('Changes saved.'));
                 //if we just created a Sahana account, direct the user to log in
                 if (!$_SESSION['logged_in']) {
                     $this->displayPleaseLogin();
                 } else {
                     $this->displayVolunteer($v->p_uuid);
                 }
             } else {
                 if (!empty($getvars['p_uuid'])) {
                     $this->addVolunteer(new Volunteer($getvars['p_uuid']));
                 } else {
                     $this->addVolunteer();
                 }
             }
             break;
         case 'display_add':
             View::View();
             if ($dao->isVolunteer($_SESSION['user_id'])) {
                 //if this user is a volunteer already, display the edit form
                 $this->addVolunteer(new Volunteer($_SESSION['user_id']));
             } else {
                 //otherwise display the add form
                 $this->addVolunteer();
             }
             break;
         case 'display_edit':
             View::View();
             $this->addVolunteer(new Volunteer($getvars['p_uuid']));
             break;
         case 'display_confirm_delete':
             View::View();
             $this->confirmDelete($getvars['p_uuid']);
             break;
         case 'display_change_pass':
             View::View();
             $this->changePass($_SESSION['user_id']);
             break;
         case 'process_change_pass':
             global $global;
             require_once $global['approot'] . 'inc/lib_security/lib_auth.inc';
             if ($this->validateChangePassForm($getvars = $_REQUEST)) {
                 if (shn_change_password($getvars['p_uuid'], $getvars['cur_pass'], $getvars['pass1']) === true) {
                     add_error(SHN_ERR_VM_PASSWORD_NOT_MATCH);
                     $this->changePass($getvars['p_uuid']);
                 } else {
                     add_confirmation(_("Your Password has been updated"));
                 }
             } else {
                 $this->changePass($getvars['p_uuid']);
             }
             break;
         case 'process_delete':
             $v = new Volunteer();
             $v->delete($getvars['p_uuid']);
             View::View();
             $this->displayConfirmation('The requested user was deleted.');
             $extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true);
             $this->listVolunteers($dao->getVolunteers(), $extra_opts);
             break;
         case 'display_list_all':
             View::View();
             $extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true);
             $this->listVolunteers($dao->getVolunteers(), $extra_opts);
             $this->showPagingNavigation("index.php?mod=vm&amp;act=volunteer&amp;vm_action=display_list_all");
             break;
         case 'display_list_assigned':
             View::View();
             $extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true);
             $this->listVolunteers($dao->getVolunteers(null, VM_SHOW_ALL_VOLUNTEERS_ASSIGNED), $extra_opts);
             $this->showPagingNavigation("index.php?mod=vm&amp;act=volunteer&amp;vm_action=display_list_assigned");
             break;
         case 'display_mailbox':
             View::View(new Volunteer($_SESSION['user_id']));
             $this->displayMailbox($getvars['box']);
             break;
         case 'display_message':
             /*
              * Since we are passing $_SESSION['user_id'] as the p_uuid of the user here,
              * we can only view the message (i.e., the query will only succeed) if it belongs
              * to the current logged in user. Therefore, there is no need for extra access
              * control checks on displaying a message here.
              */
             View::View();
             $this->displayMessage($_SESSION['user_id'], $getvars['msg_id'], $getvars['box']);
             break;
         case 'process_delete_message':
             global $dao;
             $dao->deleteMessage($_SESSION['user_id'], $getvars['msg_id'], $getvars['box'] != 'outbox');
             //add_confirmation('_(Message has been deleted'));
             View::View(new Volunteer($_SESSION['user_id']));
             $this->displayMailbox($getvars['box']);
             break;
         case 'display_send_message':
             $this->displaySendMessageForm();
             break;
         case 'process_send_message':
             global $dao;
             if ($this->validateSendMessageForm($getvars = $_REQUEST)) {
                 $message = stripslashes($getvars['message']);
                 $message = strtr($message, array("'" => "\\'"));
                 //have to escape any single quotes otherwise querying won't work
                 $dao->sendMessage($_SESSION['user_id'], $getvars['to'], $message);
                 add_confirmation(_("Message Sent"));
             } else {
                 $to_list = array();
                 $to = $getvars['to'];
                 if (isset($to)) {
                     foreach ($to as $person) {
                         $to_list[$person] = $dao->getPersonName($person);
                     }
                 }
                 $this->displaySendMessageForm($to_list);
             }
             break;
         case 'display_search':
             $advanced = $getvars['advanced'] == 'true';
             $this->openSearchForm();
             $this->displaySearchForm($advanced);
             break;
         case 'process_search':
             global $dao, $global;
             include_once $global['approot'] . 'mod/vm/lib/vm_validate.inc';
             View::View();
             //print_r($getvars);
             $vol_name = $getvars['vol_name'];
             //name to search by
             $vol_id = $getvars['vol_iden'];
             //Identification number to search by
             $loose = false;
             $soundslike = false;
             $start_date = $getvars['start_date'];
             //availability start
             $end_date = $getvars['end_date'];
             //availability end
             $skills_matching = $getvars['skills_matching'] == 'and_skills' ? VM_SKILLS_ALL : VM_SKILLS_ANY;
             //search for all or any of the skills present
             $unassigned = $getvars['unassigned'] == 'true';
             //true to search for only unassigned volunteers
             $assigning = $getvars['assigning'];
             //true if we are using the search to assign volunteers
             $advanced = $getvars['advanced'] == 'true';
             //true if we are using an advanced search
             $just_assigned_vol = $getvars['p_uuid'] != '' && $assigning;
             //true if we just assigned a volunteer to a project (nice to know if no results are found to not display an error)
             $date_constraint = $getvars['date_constraint'] == 'full_date';
             //true if we must check for availability for the entire date range specified, false to check for any portion of the data range
             $positions = $getvars['positions'];
             if ($assigning) {
                 $assigning_proj = $getvars['proj_id'];
             } else {
                 $assigning_proj = null;
             }
             $location = '';
             if (shn_vm_location_selected()) {
                 $location = shn_location_get_form_submit_loc();
             }
             $skills = array();
             $skill_ids = $dao->getSkillIDs();
             foreach ($skill_ids as $sk) {
                 if ($getvars["SKILL_{$sk}"] == 'on') {
                     $skills[] = $sk;
                 }
             }
             //if we're not using the search results to do assigning, open the form here so that all of our paging navigation
             //will also be part of the form
             if (!$assigning) {
                 $this->openSearchForm();
             }
             //Validate the fields
             if ($this->validateSearchForm($getvars)) {
                 //get the search results and display them
                 $results = $dao->getVolSearchResults($vol_id, $vol_name, $skills, $skills_matching, $start_date, $end_date, $location, $date_constraint, $unassigned, $loose, $soundslike, $assigning_proj);
                 $this->displaySearchResults($results, $assigning, $assigning_proj, $advanced, $just_assigned_vol, $positions);
             }
             if (!$assigning) {
                 $this->displaySearchForm($advanced, false);
             } else {
                 $this->displaySearchForm(true, true);
             }
             break;
         case 'display_single':
             $v = new Volunteer($getvars['p_uuid']);
             View::View($v);
             $this->displayVolunteer($getvars['p_uuid']);
             break;
         case 'process_remove_picture':
             $dao->deletePicture($dao->getPictureID($_GET['id']));
             View::View();
             if (empty($getvars['p_uuid'])) {
                 $this->addVolunteer();
             } else {
                 $this->addVolunteer(new Volunteer($getvars['p_uuid']));
             }
             break;
         case 'display_portal':
             View::View(new Volunteer($_SESSION['user_id']));
             $this->displayPortal();
             break;
         case 'display_report_all':
             View::View();
             $this->displayVolunteerReport($dao->getVolunteersForReport());
             break;
         case 'display_custom_report_select_for_mgrs':
             $this->displayCustomReportFilterForMgrs($dao->listProjects($_SESSION['user_id'], true, true));
             break;
         case 'display_custom_report_select':
             View::View();
             $projects = array('ALL_PROJECTS' => '(all)') + $dao->listProjects(null, false, true);
             $orgs = array('ALL_ORGS' => '(all)') + $dao->getOrganizations(true);
             $this->displayCustomReportFilter($projects, $orgs, $dao->getVolunteerNames(true));
             break;
         case 'display_custom_report':
             View::View();
             $extra_opts = array();
             $proj_id = null;
             $org_id = null;
             $vols = array();
             if (isset($getvars['proj_id']) && $getvars['proj_id'] != 'ALL_PROJECTS') {
                 $proj_id = $getvars['proj_id'];
                 $extra_opts['reportProjName'] = $dao->getProjectName($proj_id);
             }
             if (isset($getvars['org_id']) && $getvars['org_id'] != 'ALL_ORGS') {
                 $org_id = $getvars['org_id'];
                 $temp = $dao->getOrganizationInfo($org_id);
                 $extra_opts['reportOrgName'] = $temp['name'];
             }
             if (!empty($getvars['vols']) && is_array($getvars['vols'])) {
                 $extra_opts['reportingSpecificVolunteers'] = true;
                 $vols = $getvars['vols'];
             }
             $this->displayVolunteerReport($dao->getVolunteersForReport($proj_id, $org_id, $vols), $extra_opts);
             break;
         case 'display_modify_skills':
             $this->displayModifySkills();
             break;
         case 'process_add_skill':
             global $global;
             require_once $global['approot'] . 'mod/vm/lib/vm_validate.inc';
             if (empty($getvars['skill_desc']) || empty($getvars['skill_code'])) {
                 add_error(_('Please specify both a skill description and skill code'));
             } else {
                 //validate skill code length
                 if (strlen(trim($getvars['skill_code'])) < 4 || strlen(trim($getvars['skill_code'])) > 5) {
                     add_error(_('Skill code should be 4 - 5 letters'));
                 } else {
                     $find = array("/ *" . VM_SKILLS_DELIMETER . " */", "/^ +/", "/ +\$/");
                     $replace = array("-", '', '');
                     $description = preg_replace($find, $replace, $getvars['skill_desc']);
                     if (!$dao->addSkill($getvars['skill_code'], $description)) {
                         add_error(_('The specified skill code already exists. Please choose another'));
                     } else {
                         add_confirmation("Skill '{$description}' added");
                         unset($_POST);
                     }
                 }
             }
             $this->displayModifySkills();
             break;
         case 'process_remove_skill':
             if (!empty($_REQUEST['skills'])) {
                 foreach ($_REQUEST['skills'] as $code) {
                     $dao->removeSkill($code);
                     add_confirmation("Deleted {$code}");
                 }
             }
             $this->displayModifySkills();
             break;
         case 'display_approval_management':
             //currently only site manager approval is allowed, later credential approval will be added
             $this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR'));
             break;
         case 'process_approval_modifications':
             //currently only site manager approval is allowed, later credential approval will be added
             $dao->updateAbilityStatus($getvars['vol_id'], 'MGR', isset($getvars['approve']));
             add_confirmation(_('Approval information has been updated'));
             $this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR'));
             break;
         case 'process_approval_upgrades':
             //currently only site manager approval is allowed, later credential approval will be added
             $dao->updateAbilityStatus($getvars['vol_id'], 'MGR', true);
             add_confirmation(_('Approval information has been updated'));
             $this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR'));
             break;
         case 'process_log_time':
             $start = strtotime($getvars['startDate'] . ' ' . $getvars['startTime']);
             if (empty($getvars['numHours'])) {
                 $end = strtotime($getvars['endDate'] . ' ' . $getvars['endTime']);
             } else {
                 $end = $start + $getvars['numHours'] * 60 * 60;
             }
             if (($e = validateShiftTimes($start, $end)) === VM_OK) {
                 if ($dao->logShift($getvars['p_uuid'], $getvars['pos_id'], $start, $end)) {
                     $this->displayConfirmation('Your time was logged successfully.');
                     $v = new Volunteer($getvars['p_uuid']);
                     View::View($v);
                     $this->displayVolunteer($getvars['p_uuid']);
                 } else {
                     add_error(_("There was a problem logging your time. Please go back and try again."));
                 }
             } else {
                 add_error(_("Error logging time:") . $e);
                 $this->showLogTime($getvars['p_uuid'], $getvars['pos_id']);
             }
             break;
         case 'review_hours':
             if (empty($getvars['proj_id'])) {
                 $this->displaySelectReviewHours();
             } else {
                 $this->displayReviewHours($getvars['proj_id']);
             }
             break;
         case 'process_review_hours':
             $this->dao->reviewShift($getvars['shift_id'], $getvars['status']);
             $this->displayReviewHours($getvars['p_uuid'], $getvars['pos_id']);
             break;
         default:
             if ($_SESSION['logged_in']) {
                 View::View(new Volunteer($_SESSION['user_id']));
                 $this->displayPortal();
             }
     }
 }
Example #10
0
 public function NewsManager($category = 1, $style_sd = false, $work_link = 'index.php?')
 {
     // category = -1 -- all last news
     parent::View($style_sd);
     if ((int) $category <= 0) {
         $category = 0;
     }
     $this->category_id = (int) $category;
     $this->work_link = $work_link;
 }
Example #11
0
 public function __construct($style_sd = false)
 {
     global $site_ways;
     parent::View($style_sd);
 }
Example #12
0
 public function FileManager($style_sd = false, $work_skript = 'index.php?mode=control&do=filelist&')
 {
     global $bd_names;
     $this->db = $bd_names['files'];
     $this->work_skript = $work_skript;
     parent::View($style_sd);
 }
Example #13
0
 /**
  * The function that decides what to do and which page to view.
  *
  * @param $getvars an associative array, representing the GET variables
  *                 from the URL
  * @return void
  */
 function controlHandler($getvars)
 {
     global $dao, $global;
     include_once $global['approot'] . 'inc/lib_location.inc';
     //first authorize the user
     $ac = new AccessController($getvars);
     if (!$ac->isAuthorized()) {
         return;
     }
     // temporary, to support older 'action' instead of 'vm_action'
     $vm_action = $getvars['vm_action'] ? $getvars['vm_action'] : $getvars['action'];
     switch ($vm_action) {
         case 'display_single':
             $p = new Project($getvars['proj_id']);
             $this->displayProject($p);
             break;
         case 'display_add':
             $this->addProject();
             break;
         case 'display_edit':
             $this->addProject(new Project($getvars['proj_id']));
             break;
         case 'display_closure_edit':
             if ($dao->isSiteManagerForProject($_SESSION['user_id'], $getvars['proj_id'])) {
                 if (!empty($_POST)) {
                     $dao->saveClosureReport($getvars['proj_id'], $_POST);
                     $this->displayConfirmation(_('Changes Saved.'));
                     echo '<script type="text/javascript">';
                     echo 'setTimeout(\'location.href="?mod=vm&act=project&vm_action=display_closure_report&proj_id=' . $getvars['proj_id'] . '"\',1500);';
                     echo '</script>';
                 } else {
                     $this->editClosure($getvars['proj_id']);
                 }
             }
             break;
         case 'display_closure_report':
             $this->viewClosure($getvars['proj_id']);
             break;
         case 'display_closure_reports':
             $this->listClosureReports();
             $this->showPagingNavigation("index.php?mod=vm&amp;act=project&amp;vm_action=display_closure_reports");
             break;
         case 'process_add':
             $p = new Project($getvars['proj_id']);
             $p->info['name'] = $getvars['name'];
             $p->info['description'] = $getvars['description'];
             $p->info['start_date'] = $getvars['start_date'];
             $p->info['end_date'] = $getvars['end_date'];
             $p->info['mgr_id'] = $getvars['manager'];
             $p->info['locations'] = array();
             shn_get_parents(shn_location_get_form_submit_loc(), $p->info['locations']);
             if ($this->validateAddForm($getvars)) {
                 $p->save();
                 $this->displayConfirmation(_('Changes Saved.'));
                 $this->displayProject($p);
             } else {
                 $this->addProject();
             }
             break;
         case 'process_delete':
             $p = new Project();
             $p->delete($getvars['proj_id']);
             View::View();
             $this->displayConfirmation('The requested Project was deleted.');
             $this->listProjects();
             $this->showPagingNavigation("index.php?mod=vm&amp;act=project&amp;vm_action=default");
             break;
         case 'display_confirm_delete':
             View::View();
             $this->confirmDelete($getvars['proj_id']);
             break;
         case 'display_select_project':
             View::View();
             if ($dao->isSiteManager($_SESSION['user_id']) && !$ac->dataAccessIsAuthorized(array('vm_proj_vol' => 'ru'), false)) {
                 $projects = $dao->listProjects($_SESSION['user_id'], true);
             } else {
                 $projects = $dao->listProjects();
             }
             $this->displaySelectProjectForAssignmentForm($projects);
             break;
         case 'display_assign':
             View::View();
             if ($getvars['proj_id'] == '') {
                 add_error(SHN_ERR_VM_NO_PROJECT);
                 //if the user is just a site manager who got here due to overriding access control, only display his projects, otherwise display all
                 if ($dao->isSiteManager($_SESSION['user_id']) && !$ac->dataAccessIsAuthorized(array('vm_vol_position' => 'ru'), false)) {
                     $projects = $dao->listProjects($_SESSION['user_id'], true);
                 } else {
                     $projects = $dao->listProjects();
                 }
                 $this->displaySelectProjectForAssignmentForm($projects);
             } else {
                 if ($this->validateAssignForm($getvars)) {
                     $p_uuid = $this->getAssigningVolId($getvars);
                     $dao->assignVolunteerToPosition($p_uuid, $getvars['pos_id_' . $p_uuid]);
                     add_confirmation(_('Volunteer has been successfully assigned'));
                 }
                 $p = new Project($getvars['proj_id']);
                 $this->assignVol($getvars['proj_id'], $p->positions);
             }
             break;
         case 'process_remove_from_project':
             $dao->deleteFromProject($getvars['p_uuid'], $getvars['proj_id']);
             $p = new Project($getvars['proj_id']);
             $this->displayProject($p);
             break;
         case 'display_my_list':
             $this->listProjects($_SESSION['user_id']);
             $this->showPagingNavigation("index.php?mod=vm&amp;act=project&amp;vm_action=display_my_list");
             break;
         case 'display_coming_list':
             echo _('The items listed below are projects that will start from today or after today.');
             echo '<div align="right"><a href="?mod=vm&amp;act=project">' . _('View all projects') . '</a></div>';
             $this->listComingProjects();
             $this->showPagingNavigation("index.php?mod=vm&amp;act=project&amp;vm_action=display_coming_list");
             break;
         case 'process_add_position':
             if ($getvars['pos_id'] != null) {
                 $p = new Position($getvars['pos_id']);
             } else {
                 $p = new Position();
             }
             $p->proj_id = $getvars['proj_id'];
             $p->ptype_id = $getvars['ptype_id'];
             $p->description = $getvars['description'];
             $p->title = $getvars['title'];
             $p->numSlots = $getvars['numSlots'];
             $p->payrate = $getvars['payrate'];
             if ($this->validateAddPosition($getvars)) {
                 $dao->savePosition($p);
                 //$this->displayConfirmation("Position assignment has been added to {$p->position_title}");
                 $this->controlHandler(array('vm_action' => 'display_single', 'proj_id' => $p->proj_id));
             } else {
                 $this->addPosition($p);
             }
             break;
         case 'add_position':
             //this case only displays the form to add/edit a position
             if ($getvars['pos_id']) {
                 $p = new Position($getvars['pos_id']);
             } else {
                 $p = new Position();
             }
             if (isset($getvars['proj_id'])) {
                 $p->proj_id = $getvars['proj_id'];
             }
             $this->addPosition($p);
             break;
         case 'remove_position':
             $dao->removePosition($getvars['pos_id']);
             $this->controlHandler(array('vm_action' => 'display_single', 'proj_id' => $getvars['proj_id']));
             break;
         default:
             echo '<div align="right"><a href="?mod=vm&amp;act=project&amp;vm_action=display_coming_list">' . _('View coming projects') . '</a></div>';
             $this->listProjects();
             $this->showPagingNavigation("index.php?mod=vm&amp;act=project&amp;vm_action=default");
             break;
     }
 }
Example #14
0
 public function Menu($style_sd = false, $auto_load = true, $mfile = 'instruments/menu_items.php')
 {
     global $config;
     parent::View($style_sd);
     $this->menu_fname = $mfile;
     if ($auto_load) {
         require MCR_ROOT . $this->menu_fname;
         $this->menu_items = $menu_items;
     } else {
         $this->menu_items = array(0 => array(), 1 => array());
     }
 }