Example #1
0
 /** static stuff */
 public static function link_generate($customer_id = false, $options = array(), $link_options = array())
 {
     // link generation can be cached and save a few db calls.
     $link_cache_key = 'customer_link_' . md5(module_security::get_loggedin_id() . '_' . serialize(func_get_args()) . '_' . (isset($_REQUEST['customer_id']) ? $_REQUEST['customer_id'] : false));
     $link_cache_timeout = module_config::c('cache_link_timeout', 3600);
     if ($cached_link = module_cache::get('customer', $link_cache_key)) {
         return $cached_link;
     }
     // we accept link options from a bubbled link call.
     // so we have to prepent our options to the start of the link_options array incase
     // anything bubbled up to this method.
     // build our options into the $options variable and array_unshift this onto the link_options at the end.
     $key = 'customer_id';
     // the key we look for in data arrays, on in _REQUEST variables. for sub link building.
     $customer_data = false;
     // we check if we're bubbling from a sub link, and find the item id from a sub link
     if (${$key} === false && $link_options) {
         foreach ($link_options as $link_option) {
             if (isset($link_option['data']) && isset($link_option['data'][$key])) {
                 ${$key} = $link_option['data'][$key];
                 break;
             }
         }
         if (!${$key} && isset($_REQUEST[$key])) {
             ${$key} = $_REQUEST[$key];
         }
         // check if this still exists.
         // this is a hack incase the customer is deleted, the invoices are still left behind.
         if (${$key} && $link_options) {
             $customer_data = self::get_customer(${$key}, true, true);
             if (!$customer_data || !isset($customer_data[$key]) || $customer_data[$key] != ${$key}) {
                 $link = link_generate($link_options);
                 module_cache::put('customer', $link_cache_key, $link, $link_cache_timeout);
                 return $link;
             }
         }
     }
     // grab the data for this particular link, so that any parent bubbled link_generate() methods
     // can access data from a sub item (eg: an id)
     //$options['text'] = isset($options['text']) ? htmlspecialchars($options['text']) : '';
     // generate the arguments for this link
     if (!isset($options['type'])) {
         $options['type'] = 'customer';
     }
     if (!isset($options['page'])) {
         $options['page'] = 'customer_admin_' . ($customer_id || $customer_id == 'new' ? 'open' : 'list');
     }
     if (!isset($options['arguments'])) {
         $options['arguments'] = array();
     }
     $options['arguments']['customer_id'] = $customer_id;
     if (!isset($options['arguments']['customer_type_id'])) {
         $options['arguments']['customer_type_id'] = self::get_current_customer_type_id();
     }
     // generate the path (module & page) for this link
     $options['module'] = 'customer';
     if ($options['page'] == 'customer_settings_types') {
         if (empty($options['data'])) {
             $data = self::get_customer_type($customer_id);
             $options['data'] = $data;
         }
         $options['text'] = isset($options['data']['type_name_plural']) ? $options['data']['type_name_plural'] : '';
         array_unshift($link_options, $options);
         $options['page'] = 'customer_settings';
         // bubble back onto ourselves for the link.
         return self::link_generate(0, $options, $link_options);
     }
     if (isset($options['full']) && $options['full']) {
         // only hit database if we need to print a full link with the name in it.
         if (!isset($options['data']) || !$options['data']) {
             if ((int) $customer_id > 0) {
                 $data = $customer_data ? $customer_data : self::get_customer($customer_id, true, true);
             } else {
                 $data = array();
             }
             $options['data'] = $data;
         } else {
             $data = $options['data'];
         }
         // what text should we display in this link?
         $options['text'] = !empty($options['text']) ? $options['text'] : (!isset($data['customer_name']) || !trim($data['customer_name']) ? _l('N/A') : $data['customer_name']);
         if (!$data || !$customer_id && $options['page'] != 'customer_settings' || !$customer_id && $options['page'] == 'customer_settings' && !$options['arguments']['customer_type_id'] || isset($data['_no_access'])) {
             $link = $options['text'];
             module_cache::put('customer', $link_cache_key, $link, $link_cache_timeout);
             return $link;
         }
     }
     // append this to our link options array, which is eventually passed to the
     // global link generate function which takes all these arguments and builds a link out of them.
     // $options['skip_permissions'] is used in password reset, otherwise we get # in url
     $page_type = 'Active Leads';
     if ($options['arguments']['customer_type_id'] > 0) {
         $customer_type = module_customer::get_customer_type($options['arguments']['customer_type_id']);
         if ($customer_type && !empty($customer_type['type_name'])) {
             $page_type = $customer_type['type_name_plural'];
         }
     }
     if (!self::can_i('view', $page_type) && (!isset($options['skip_permissions']) || !$options['skip_permissions'])) {
         if (!isset($options['full']) || !$options['full']) {
             $link = '#';
         } else {
             $link = isset($options['text']) ? $options['text'] : 'N/A';
         }
         module_cache::put('customer', $link_cache_key, $link, $link_cache_timeout);
         return $link;
     }
     if (isset($data['customer_status'])) {
         switch ($data['customer_status']) {
             case _CUSTOMER_STATUS_OVERDUE:
                 $link_options['class'] = 'customer_overdue error_text';
                 break;
             case _CUSTOMER_STATUS_OWING:
                 $link_options['class'] = 'customer_owing';
                 break;
             case _CUSTOMER_STATUS_PAID:
                 $link_options['class'] = 'customer_paid success_text';
                 break;
         }
     }
     // optionally bubble this link up to a parent link_generate() method, so we can nest modules easily
     // change this variable to the one we are going to bubble up to:
     $bubble_to_module = false;
     if ($options['page'] == 'customer_settings') {
         $link_options[0]['arguments']['customer_id'] = false;
         $bubble_to_module = array('module' => 'config');
     }
     /*$bubble_to_module = array(
           'module' => 'people',
           'argument' => 'people_id',
       );*/
     array_unshift($link_options, $options);
     if ($bubble_to_module) {
         global $plugins;
         $link = $plugins[$bubble_to_module['module']]->link_generate(false, array(), $link_options);
     } else {
         // return the link as-is, no more bubbling or anything.
         // pass this off to the global link_generate() function
         $link = link_generate($link_options);
     }
     module_cache::put('customer', $link_cache_key, $link, $link_cache_timeout);
     return $link;
 }
if (!$use_master_key) {
    throw new Exception('Sorry no Customer or Vendor selected');
} else {
    if (isset($_REQUEST[$use_master_key])) {
        $search[$use_master_key] = $_REQUEST[$use_master_key];
    }
}
switch ($use_master_key) {
    case 'customer_id':
        $contact_type = 'Customer';
        $contact_type_permission = 'Customer';
        $contact_module_name = 'customer';
        // is this a customer or a lead?
        $current_customer_type_id = module_customer::get_current_customer_type_id();
        if ($current_customer_type_id > 0) {
            $customer_type = module_customer::get_customer_type($current_customer_type_id);
            if ($customer_type && !empty($customer_type['type_name'])) {
                $contact_type_permission = $customer_type['type_name'];
            }
        }
        break;
    case 'vendor_id':
        $contact_type = 'Vendor';
        $contact_type_permission = 'Vendor';
        $contact_module_name = 'vendor';
        break;
    default:
        die('Unsupported type');
}
$module->page_title = _l($contact_type_permission . ' Contacts');
if (!isset($search[$use_master_key]) || !$search[$use_master_key]) {
Example #3
0
 public static function get_contacts($search = array(), $new_security_check = false, $as_array = true)
 {
     // limit based on customer id
     // build up a custom search sql query based on the provided search fields
     $sql = "SELECT u.*,u.user_id AS id ";
     $sql .= ", u.name AS name ";
     $from = " FROM `" . _DB_PREFIX . "user` u ";
     $where = " WHERE (u.customer_id > 0 OR u.vendor_id > 0) ";
     if (isset($search['generic']) && $search['generic']) {
         $str = mysql_real_escape_string($search['generic']);
         $where .= " AND ( ";
         $where .= " u.name LIKE '%{$str}%' OR ";
         $where .= " u.email LIKE '%{$str}%' OR ";
         $where .= " u.phone LIKE '%{$str}%' OR ";
         $where .= " u.mobile LIKE '%{$str}%' ";
         $where .= ' ) ';
     }
     if (isset($search['customer_id'])) {
         $sql .= ", c.* ";
         $sql .= " , c.primary_user_id AS is_primary ";
         $from .= " LEFT JOIN `" . _DB_PREFIX . "customer` c ON u.customer_id = c.customer_id ";
         $str = (int) $search['customer_id'];
         if ($str > 0) {
             $where .= " AND u.customer_id = '{$str}'";
         } else {
             // searching all customers
             $where .= " AND u.customer_id > 0 ";
         }
     } else {
         if (isset($search['vendor_id'])) {
             //$search['vendor_id']
             $sql .= ", c.* ";
             $sql .= " , c.primary_user_id AS is_primary ";
             $from .= " LEFT JOIN `" . _DB_PREFIX . "vendor` c ON u.vendor_id = c.vendor_id ";
             $str = (int) $search['vendor_id'];
             if ($str > 0) {
                 $where .= " AND u.vendor_id = '{$str}'";
             } else {
                 // searching all vendors
                 $where .= " AND u.vendor_id > 0 ";
             }
         }
     }
     foreach (array('is_staff', 'split_hours') as $key) {
         if (isset($search[$key]) && $search[$key] !== '' && $search[$key] !== false) {
             $str = mysql_real_escape_string($search[$key]);
             $where .= " AND u.`{$key}` = '{$str}'";
         }
     }
     if (isset($search['security_role_id']) && (int) $search['security_role_id'] > 0) {
         $str = (int) $search['security_role_id'];
         $from .= " LEFT JOIN `" . _DB_PREFIX . "user_role` ur ON u.user_id = ur.user_id";
         $where .= " AND ur.security_role_id = {$str}";
     }
     foreach (array('email') as $key) {
         if (isset($search[$key]) && $search[$key] !== '' && $search[$key] !== false) {
             $str = mysql_real_escape_string($search[$key]);
             $where .= " AND u.`{$key}` LIKE '{$str}'";
         }
     }
     if (class_exists('module_customer', false)) {
         switch (module_user::get_user_data_access()) {
             case _USER_ACCESS_ALL:
                 // all user accounts.
                 break;
             case _USER_ACCESS_ME:
                 $where .= " AND u.`user_id` = " . (int) module_security::get_loggedin_id();
                 break;
             case _USER_ACCESS_CONTACTS:
                 $where .= " AND (u.`customer_id` > 0 OR u.`vendor_id` > 0) ";
                 break;
         }
         switch (module_customer::get_customer_data_access()) {
             case _CUSTOMER_ACCESS_ALL:
                 // all customers! so this means all jobs!
                 break;
             case _CUSTOMER_ACCESS_ALL_COMPANY:
             case _CUSTOMER_ACCESS_CONTACTS:
             case _CUSTOMER_ACCESS_TASKS:
             case _CUSTOMER_ACCESS_STAFF:
                 $valid_customer_ids = module_security::get_customer_restrictions();
                 if (count($valid_customer_ids)) {
                     $where .= " AND u.customer_id IN ( ";
                     foreach ($valid_customer_ids as $valid_customer_id) {
                         $where .= (int) $valid_customer_id . ", ";
                     }
                     $where = rtrim($where, ', ');
                     $where .= " )";
                 }
         }
         if (class_exists('module_vendor', false)) {
             switch (module_vendor::get_vendor_data_access()) {
                 case _VENDOR_ACCESS_ALL:
                     // all vendors! so this means all jobs!
                     break;
                 case _VENDOR_ACCESS_ALL_COMPANY:
                 case _VENDOR_ACCESS_CONTACTS:
                 case _VENDOR_ACCESS_TASKS:
                     $valid_vendor_ids = module_vendor::get_vendors(array(), array('columns', 'c.vendor_id AS id'));
                     if (count($valid_vendor_ids)) {
                         $where .= " AND u.vendor_id IN ( ";
                         foreach ($valid_vendor_ids as $valid_vendor_id => $v) {
                             $where .= (int) $valid_vendor_id . ", ";
                         }
                         $where = rtrim($where, ', ');
                         $where .= " )";
                     }
             }
         }
     }
     if ($new_security_check) {
         // addition for the 'all customer contacts' permission
         // if user doesn't' have this permission then we only show ourselves in this list.
         $current_customer_type_id = module_customer::get_current_customer_type_id();
         $permission_check_string = 'Customer';
         if ($current_customer_type_id > 0) {
             $customer_type = module_customer::get_customer_type($current_customer_type_id);
             if ($customer_type && !empty($customer_type['type_name'])) {
                 $permission_check_string = $customer_type['type_name'];
             }
         }
         if (isset($search['customer_id']) && $search['customer_id'] && !module_user::can_i('view', 'All ' . $permission_check_string . ' Contacts', 'Customer', 'customer')) {
             $where .= " AND u.user_id = " . (int) module_security::get_loggedin_id();
             /*foreach($result as $key=>$val){
                   if($val['user_id']!=module_security::get_loggedin_id())unset($result[$key]);
               }*/
         } else {
             if (isset($search['vendor_id']) && $search['vendor_id'] && !module_user::can_i('view', 'All Vendor Contacts', 'Vendor', 'vendor')) {
                 $where .= " AND u.user_id = " . (int) module_security::get_loggedin_id();
             }
         }
     }
     $group_order = ' GROUP BY u.user_id  ';
     if (isset($search['customer_id']) && $search['customer_id']) {
         $group_order .= 'ORDER BY c.customer_name, u.name';
         // stop when multiple company sites have same region
     } else {
         if (isset($search['vendor_id']) && $search['vendor_id']) {
             $group_order .= 'ORDER BY c.vendor_name, u.name';
             // stop when multiple company sites have same region
         }
     }
     $sql = $sql . $from . $where . $group_order;
     if ($as_array) {
         $result = qa($sql);
     } else {
         $result = query($sql);
     }
     //module_security::filter_data_set("user",$result);
     return $result;
     //		return get_multiple("user",$search,"user_id","fuzzy","name");
 }