<?php

require_once "../../lib/init.php";
protectPage(11);
@($id = DB::Safe($_GET['id']));
$c = Calling::Load($id);
if (!is_object($c)) {
    fail("Bad calling ID.");
}
if ($c->Preset()) {
    fail("Can't delete a pre-defined calling.");
}
if ($c->WardID() != $MEMBER->WardID) {
    Response::Send(403, "Can't delete a calling which does not belong to your ward.");
}
if ($c->Delete(true)) {
    Response::Send(200);
} else {
    fail("Oops, something went wrong. Please report this error.");
}
Exemple #2
0
 public function Object()
 {
     if (!$this->ObjectID) {
         return null;
     }
     if ($this->ObjectType == 'Calling') {
         return Calling::Load($this->ObjectID);
     } elseif ($this->ObjectType == 'Member') {
         return Member::Load($this->ObjectID);
     } else {
         return null;
     }
 }
Exemple #3
0
 public function Delete($sure = false, $hardDelete = false)
 {
     if ($sure !== true) {
         fail("Cannot delete ward; please pass boolean true as a second argument.");
     }
     if (!$this->ID) {
         return false;
     }
     $wid = $this->ID;
     // convenience
     // FHE groups
     DB::Run("DELETE FROM FheGroups WHERE WardID={$wid}");
     // Residences
     $res = $ward->Residences(true);
     foreach ($res as $residence) {
         $res->Delete(true);
     }
     // SurveyQuestions, SurveyAnswers, SurveyAnswerOptions, Permissions
     $r = DB::Run("SELECT ID FROM SurveyQuestions WHERE WardID={$wid}");
     while ($row = mysql_fetch_array($r)) {
         $sq = SurveyQuestion::Load($row['ID']);
         $sq->Delete(true);
     }
     // Callings, MembersCallings, and any remaining calling Permissions (shouldn't be any...)
     $r = DB::Run("SELECT ID FROM Callings WHERE WardID={$wid}");
     while ($row = mysql_fetch_array($r)) {
         $c = Calling::Load($row['ID']);
         $c->Delete(true);
     }
     // Members, Credentials, GrantedPrivileges, remaining Callings, PwdResetTokens,
     // profile pic, and remaining member Permissions (shouldn't be any...)
     // (Everything else except the ward itself)
     $r = DB::Run("SELECT ID FROM Members WHERE WardID={$wid}");
     while ($row = mysql_fetch_array($r)) {
         $m = Member::Load($row['ID']);
         $m->Delete(true);
     }
     // Ward itself
     if ($hardDelete) {
         DB::Run("DELETE FROM Wards WHERE ID={$wid} LIMIT 1");
         // Unset this object so it can't inadvertently be saved again
         $this->ID = null;
         $this->Name = null;
     } else {
         $this->Deleted = true;
         $this->Save();
     }
     return true;
 }
Exemple #4
0
 public function Callings()
 {
     $q = "SELECT CallingID FROM MembersCallings WHERE MemberID='{$this->ID}' ORDER BY ID ASC";
     $r = DB::Run($q);
     $callings = array();
     while ($row = mysql_fetch_array($r)) {
         $callings[] = Calling::Load($row['CallingID']);
     }
     return $callings;
 }
Exemple #5
0
<?php

require_once "lib/init.php";
protectPage();
// Build list of callings and members who hold those callings
// to render it below.
$list = '';
$r = DB::Run("SELECT ID FROM Callings WHERE WardID={$MEMBER->WardID} ORDER BY Name ASC");
if (!$r) {
    fail("ERROR > Could not request callings. Please report this: " . mysql_error());
}
$callings = array();
while ($row = mysql_fetch_array($r)) {
    $c = Calling::Load($row['ID']);
    if (!$c) {
        continue;
    }
    $r2 = DB::Run("SELECT MemberID FROM MembersCallings WHERE CallingID={$c->ID()}");
    if (!$r2) {
        fail("ERROR > Can't list members' callings. Please report this: " . mysql_error());
    }
    if (mysql_num_rows($r2) > 0) {
        $callings[$c->Name] = array();
        // Get a list of members with this calling
        while ($row2 = mysql_fetch_array($r2)) {
            $m = Member::Load($row2['MemberID']);
            if (!$m) {
                continue;
            }
            $callings[$c->Name][] = $m;
        }
Exemple #6
0
					</form>
					<br>

					<h2 id="by-calling">Privileges granted to callings</h2>

					<table class="privList">
						<tr>
							<th>Calling</th>
							<th>Privilege</th>
							<th>Options</th>
						</tr>
					<?php 
$rm = DB::Run("SELECT CallingID, PrivilegeID FROM GrantedPrivileges INNER JOIN Callings ON Callings.ID = CallingID INNER JOIN Privileges ON Privileges.ID = GrantedPrivileges.PrivilegeID WHERE CallingID > 0 AND Callings.WardID={$MEMBER->WardID} ORDER BY Callings.Name ASC, Privileges.Privilege ASC");
while ($row = mysql_fetch_array($rm)) {
    $priv = Privilege::Load($row['PrivilegeID']);
    $call = Calling::Load($row['CallingID']);
    ?>
						<tr>
							<td>
								<b><?php 
    echo $call->Name;
    ?>
</b>
							</td>
							<td>
								<span title="<?php 
    echo $priv->HelpText();
    ?>
"><?php 
    echo $priv->Privilege();
    ?>
    fail("Nothing to do; don't forget to choose at least one question for which to grant permission.");
}
// If they chose a wildcard, make sure the selection of a member
// or calling is not set (as a safety)
if ($allMembers && $memberID) {
    fail("You selected to set this permission for ALL members but chose a specific member. Which one? Please go back and try again.");
}
if ($allCallings && $callingID) {
    fail("You selected to set this permission for ALL callings but chose a specific calling. Which one? Please go back and try again.");
}
if ($allMembers && $callingID || $allCallings && $memberID) {
    fail("You chose a wildcard permission across all callings or members but also chose a specific member or calling. Please select only one or the other.");
}
// Make sure the selected member or calling is in this ward
if ($callingID) {
    $c = Calling::Load($callingID);
    if ($c->WardID() != $MEMBER->WardID) {
        fail("The calling you chose is not in your ward.");
    }
} else {
    if ($memberID) {
        $m = Member::Load($memberID);
        if ($m->WardID != $MEMBER->WardID) {
            fail("The member you chose is not in your ward.");
        }
    }
}
$objID = $callingID ? $callingID : $memberID;
$objType = $callingID ? "Calling" : "Member";
$n = count($questionID);
for ($i = 0; $i < $n; $i++) {
Exemple #8
0
<?php

require_once "../../lib/init.php";
protectPage(11);
@($name = $_POST['name']);
if (!$name || strlen(trim($name)) < 2) {
    fail("Please submit a valid name for this calling.");
}
$c = new Calling($name, $MEMBER->WardID);
if ($c->Save()) {
    Response::Send(200, $c->ID());
} else {
    fail("Something bad happened... hmm...");
}
Exemple #9
0
            // 10 is Manage Site Privileges; at least one member or calling from the ward should always have this.
            // This query gets a list of unique privileges.
            $epicQuery = "SELECT GrantedPrivileges.ID, Members.WardID FROM GrantedPrivileges\n\t\t\t\t\t\tINNER JOIN Members ON Members.ID = GrantedPrivileges.MemberID\n\t\t\t\t\t\tWHERE WardID = {$MEMBER->WardID} AND GrantedPrivileges.PrivilegeID = 10\n\t\t\t\t\t\tUNION\n\t\t\t\t\t\tSELECT GrantedPrivileges.ID, Callings.WardID FROM GrantedPrivileges\n\t\t\t\t\t\tINNER JOIN Callings ON Callings.ID = GrantedPrivileges.CallingID\n\t\t\t\t\t\tWHERE WardID = {$MEMBER->WardID} AND GrantedPrivileges.PrivilegeID = 10;";
            if (mysql_num_rows(DB::Run($epicQuery)) == 1) {
                fail("At least one member or calling of your ward must be able to manage the site privileges. This was the last one; could not revoke.");
            }
        }
        if ($m) {
            $mem = Member::Load($m);
            if ($mem->WardID != $MEMBER->WardID) {
                fail("You can only revoke privileges from members of your ward.");
            } else {
                $priv->RevokeFromMember($m);
            }
            $redirectAppend = "?revoked#by-member";
        } else {
            $call = Calling::Load($c);
            if ($call->WardID() != $MEMBER->WardID) {
                fail("You can only revoke privileges of callings in your ward.");
            } else {
                $priv->RevokeFromCalling($c);
            }
            $redirectAppend = "?revoked#by-calling";
        }
    } else {
        fail("Bad request");
    }
} else {
    fail("Bad request; no input found");
}
header("Location: ../privileges.php" . $redirectAppend);