public function Object()
{
if (!$this->ObjectID) {
return null;
}
if ($this->ObjectType == 'Calling') {
return Calling::Load($this->ObjectID);
} elseif ($this->ObjectType == 'Member') {
return Member::Load($this->ObjectID);
} else {
return null;
}
}
public function Callings()
{
$q = "SELECT CallingID FROM MembersCallings WHERE MemberID='{$this->ID}' ORDER BY ID ASC";
$r = DB::Run($q);
$callings = array();
while ($row = mysql_fetch_array($r)) {
$callings[] = Calling::Load($row['CallingID']);
}
return $callings;
}
<?php
require_once "../../lib/init.php";
protectPage(11);
@($id = DB::Safe($_GET['id']));
$c = Calling::Load($id);
if (!is_object($c)) {
fail("Bad calling ID.");
}
if ($c->Preset()) {
fail("Can't delete a pre-defined calling.");
}
if ($c->WardID() != $MEMBER->WardID) {
Response::Send(403, "Can't delete a calling which does not belong to your ward.");
}
if ($c->Delete(true)) {
Response::Send(200);
} else {
fail("Oops, something went wrong. Please report this error.");
}
public function Delete($sure = false, $hardDelete = false)
{
if ($sure !== true) {
fail("Cannot delete ward; please pass boolean true as a second argument.");
}
if (!$this->ID) {
return false;
}
$wid = $this->ID;
// convenience
// FHE groups
DB::Run("DELETE FROM FheGroups WHERE WardID={$wid}");
// Residences
$res = $ward->Residences(true);
foreach ($res as $residence) {
$res->Delete(true);
}
// SurveyQuestions, SurveyAnswers, SurveyAnswerOptions, Permissions
$r = DB::Run("SELECT ID FROM SurveyQuestions WHERE WardID={$wid}");
while ($row = mysql_fetch_array($r)) {
$sq = SurveyQuestion::Load($row['ID']);
$sq->Delete(true);
}
// Callings, MembersCallings, and any remaining calling Permissions (shouldn't be any...)
$r = DB::Run("SELECT ID FROM Callings WHERE WardID={$wid}");
while ($row = mysql_fetch_array($r)) {
$c = Calling::Load($row['ID']);
$c->Delete(true);
}
// Members, Credentials, GrantedPrivileges, remaining Callings, PwdResetTokens,
// profile pic, and remaining member Permissions (shouldn't be any...)
// (Everything else except the ward itself)
$r = DB::Run("SELECT ID FROM Members WHERE WardID={$wid}");
while ($row = mysql_fetch_array($r)) {
$m = Member::Load($row['ID']);
$m->Delete(true);
}
// Ward itself
if ($hardDelete) {
DB::Run("DELETE FROM Wards WHERE ID={$wid} LIMIT 1");
// Unset this object so it can't inadvertently be saved again
$this->ID = null;
$this->Name = null;
} else {
$this->Deleted = true;
$this->Save();
}
return true;
}
<?php
require_once "lib/init.php";
protectPage();
// Build list of callings and members who hold those callings
// to render it below.
$list = '';
$r = DB::Run("SELECT ID FROM Callings WHERE WardID={$MEMBER->WardID} ORDER BY Name ASC");
if (!$r) {
fail("ERROR > Could not request callings. Please report this: " . mysql_error());
}
$callings = array();
while ($row = mysql_fetch_array($r)) {
$c = Calling::Load($row['ID']);
if (!$c) {
continue;
}
$r2 = DB::Run("SELECT MemberID FROM MembersCallings WHERE CallingID={$c->ID()}");
if (!$r2) {
fail("ERROR > Can't list members' callings. Please report this: " . mysql_error());
}
if (mysql_num_rows($r2) > 0) {
$callings[$c->Name] = array();
// Get a list of members with this calling
while ($row2 = mysql_fetch_array($r2)) {
$m = Member::Load($row2['MemberID']);
if (!$m) {
continue;
}
$callings[$c->Name][] = $m;
}
</form>
<br>
<h2 id="by-calling">Privileges granted to callings</h2>
<table class="privList">
<tr>
<th>Calling</th>
<th>Privilege</th>
<th>Options</th>
</tr>
<?php
$rm = DB::Run("SELECT CallingID, PrivilegeID FROM GrantedPrivileges INNER JOIN Callings ON Callings.ID = CallingID INNER JOIN Privileges ON Privileges.ID = GrantedPrivileges.PrivilegeID WHERE CallingID > 0 AND Callings.WardID={$MEMBER->WardID} ORDER BY Callings.Name ASC, Privileges.Privilege ASC");
while ($row = mysql_fetch_array($rm)) {
$priv = Privilege::Load($row['PrivilegeID']);
$call = Calling::Load($row['CallingID']);
?>
<tr>
<td>
<b><?php
echo $call->Name;
?>
</b>
</td>
<td>
<span title="<?php
echo $priv->HelpText();
?>
"><?php
echo $priv->Privilege();
?>
fail("Nothing to do; don't forget to choose at least one question for which to grant permission.");
}
// If they chose a wildcard, make sure the selection of a member
// or calling is not set (as a safety)
if ($allMembers && $memberID) {
fail("You selected to set this permission for ALL members but chose a specific member. Which one? Please go back and try again.");
}
if ($allCallings && $callingID) {
fail("You selected to set this permission for ALL callings but chose a specific calling. Which one? Please go back and try again.");
}
if ($allMembers && $callingID || $allCallings && $memberID) {
fail("You chose a wildcard permission across all callings or members but also chose a specific member or calling. Please select only one or the other.");
}
// Make sure the selected member or calling is in this ward
if ($callingID) {
$c = Calling::Load($callingID);
if ($c->WardID() != $MEMBER->WardID) {
fail("The calling you chose is not in your ward.");
}
} else {
if ($memberID) {
$m = Member::Load($memberID);
if ($m->WardID != $MEMBER->WardID) {
fail("The member you chose is not in your ward.");
}
}
}
$objID = $callingID ? $callingID : $memberID;
$objType = $callingID ? "Calling" : "Member";
$n = count($questionID);
for ($i = 0; $i < $n; $i++) {
// 10 is Manage Site Privileges; at least one member or calling from the ward should always have this.
// This query gets a list of unique privileges.
$epicQuery = "SELECT GrantedPrivileges.ID, Members.WardID FROM GrantedPrivileges\n\t\t\t\t\t\tINNER JOIN Members ON Members.ID = GrantedPrivileges.MemberID\n\t\t\t\t\t\tWHERE WardID = {$MEMBER->WardID} AND GrantedPrivileges.PrivilegeID = 10\n\t\t\t\t\t\tUNION\n\t\t\t\t\t\tSELECT GrantedPrivileges.ID, Callings.WardID FROM GrantedPrivileges\n\t\t\t\t\t\tINNER JOIN Callings ON Callings.ID = GrantedPrivileges.CallingID\n\t\t\t\t\t\tWHERE WardID = {$MEMBER->WardID} AND GrantedPrivileges.PrivilegeID = 10;";
if (mysql_num_rows(DB::Run($epicQuery)) == 1) {
fail("At least one member or calling of your ward must be able to manage the site privileges. This was the last one; could not revoke.");
}
}
if ($m) {
$mem = Member::Load($m);
if ($mem->WardID != $MEMBER->WardID) {
fail("You can only revoke privileges from members of your ward.");
} else {
$priv->RevokeFromMember($m);
}
$redirectAppend = "?revoked#by-member";
} else {
$call = Calling::Load($c);
if ($call->WardID() != $MEMBER->WardID) {
fail("You can only revoke privileges of callings in your ward.");
} else {
$priv->RevokeFromCalling($c);
}
$redirectAppend = "?revoked#by-calling";
}
} else {
fail("Bad request");
}
} else {
fail("Bad request; no input found");
}
header("Location: ../privileges.php" . $redirectAppend);