/**
* Tests CountyModel::get_country_by_name
* @test
*/
public function testGetCountryByName()
{
// Use valid country
$valid = Country_Model::get_country_by_name('Kenya');
$this->assertEquals(TRUE, $valid instanceof Country_Model, sprintf('Invalid country object type (%s) returned', get_class($valid)));
$this->assertGreaterThanOrEqual(1, $valid->id);
// Use invalid country
$invalid = Country_Model::get_country_by_name('Nairobi');
$this->assertNull($invalid);
}
/**
* Model Validation
*
* @param array $array values to check
* @param boolean $save save[Optional] the record when validation succeeds
* @return boolean
*/
public function validate(array &$post, $save = FALSE)
{
// Initialise the validation library and setup some rules
$post = Validation::factory($post)->pre_filter('trim')->add_rules('alert_mobile', 'numeric', 'length[6,20]')->add_rules('alert_email', 'email', 'length[3,64]')->add_rules('alert_lat', 'required', 'between[-90,90]')->add_rules('alert_lon', 'required', 'between[-180,180]')->add_rules('alert_radius', 'required', 'in_array[1,5,10,20,50,100]')->add_callbacks('alert_mobile', array($this, '_mobile_or_email'))->add_callbacks('alert_mobile', array($this, '_mobile_check'))->add_callbacks('alert_email', array($this, '_email_check'));
// If deployment is a single country deployment, check that the location mapped is in the default country
if (!Kohana::config('settings.multi_country')) {
$country = Country_Model::get_country_by_name($post->alert_country);
if ($country and $country->id != Kohana::config('settings.default_country')) {
$post->add_error('alert_country', 'single_country');
}
}
return parent::validate($post, $save);
}
/**
* Lists the reports.
*
* @param int $page
*/
public function index($page = 1)
{
// If user doesn't have access, redirect to dashboard
if (!$this->auth->has_permission("reports_view")) {
url::redirect(url::site() . 'admin/dashboard');
}
$this->template->content = new View('admin/reports/main');
$this->template->content->title = Kohana::lang('ui_admin.reports');
// Database table prefix
$table_prefix = Kohana::config('database.default.table_prefix');
// Hook into the event for the reports::fetch_incidents() method
Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters'));
$status = "0";
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
array_push($this->params, 'i.incident_active = 0');
} elseif (strtolower($status) == 'v') {
array_push($this->params, 'i.incident_verified = 0');
} elseif (strtolower($status) == 'o') {
array_push($this->params, '(ic.category_id IS NULL)');
} elseif (strtolower($status) != 'search') {
$status = "0";
}
}
// Get Search Keywords (If Any)
if (isset($_GET['k'])) {
// Brute force input sanitization
// Phase 1 - Strip the search string of all non-word characters
$keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : "";
// Strip any HTML tags that may have been missed in Phase 1
$keyword_raw = strip_tags($keyword_raw);
// Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught
// in the first 2 steps
$keyword_raw = $this->input->xss_clean($keyword_raw);
$filter = " (" . $this->_get_searchstring($keyword_raw) . ")";
array_push($this->params, $filter);
} else {
$keyword_raw = "";
}
$this->template->content->search_form = $this->_search_form();
$this->template->content->search_form->keywords = $keyword_raw;
// Handler sort/order fields
$order_field = 'date';
$sort = 'DESC';
if (isset($_GET['order'])) {
$order_field = html::escape($_GET['order']);
}
if (isset($_GET['sort'])) {
$sort = strtoupper($_GET['sort']) == 'ASC' ? 'ASC' : 'DESC';
}
// Check, has the form been submitted?
$form_error = FALSE;
$errors = array();
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks,
// carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if (in_array($post->action, array('a', 'u')) and !Auth::instance()->has_permission('reports_approve')) {
$post->add_error('action', 'permission');
}
if ($post->action == 'v' and !Auth::instance()->has_permission('reports_verify')) {
$post->add_error('action', 'permission');
}
if ($post->action == 'd' and !Auth::instance()->has_permission('reports_edit')) {
$post->add_error('action', 'permission');
}
if ($post->action == 'a') {
// sanitize the incident_ids
$post->incident_id = array_map('intval', $post->incident_id);
// Query to check if this report is uncategorized i.e categoryless
$query = "SELECT i.* FROM " . $table_prefix . "incident i " . "LEFT JOIN " . $table_prefix . "incident_category ic ON i.id=ic.incident_id " . "LEFT JOIN " . $table_prefix . "category c ON c.id = ic.category_id " . "WHERE c.id IS NULL " . "AND i.id IN :incidentids";
$result = Database::instance()->query($query, array(':incidentids' => $post->incident_id));
// We enly approve the report IF it's categorized
// throw an error if any incidents aren't categorized
foreach ($result as $incident) {
$post->add_error('incident_id', 'categories_required', $incident->incident_title);
}
}
if ($post->validate()) {
// Approve Action
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = '1';
// Tag this as a report that needs to be sent out as an alert
if ($update->incident_alert_status != '2') {
// 2 = report that has had an alert sent
$update->incident_alert_status = '1';
}
$update->save();
// Record 'Verified By' Action
reports::verify_approve($update);
// Action::report_approve - Approve a Report
Event::run('ushahidi_action.report_approve', $update);
}
$form_action = utf8::strtoupper(Kohana::lang('ui_admin.approved'));
}
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = '0';
// If Alert hasn't been sent yet, disable it
if ($update->incident_alert_status == '1') {
$update->incident_alert_status = '0';
}
$update->save();
// Record 'Verified By' Action
reports::verify_approve($update);
// Action::report_unapprove - Unapprove a Report
Event::run('ushahidi_action.report_unapprove', $update);
}
}
$form_action = utf8::strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == TRUE) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
// Record 'Verified By' Action
reports::verify_approve($update);
}
}
// Set the form action
$form_action = utf8::strtoupper(Kohana::lang('ui_admin.verified_unverified'));
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded) {
$update->delete();
}
}
$form_action = utf8::strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
// Repopulate the form fields
//$form = arr::overwrite($form, $post->as_array());
// Populate the error fields, if any
$errors = $post->errors('reports');
$form_error = TRUE;
}
}
// Fetch all incidents
$incidents = reports::fetch_incidents(TRUE, Kohana::config('settings.items_per_page_admin'));
Event::run('ushahidi_filter.filter_incidents', $incidents);
$this->template->content->countries = Country_Model::get_countries_list();
$this->template->content->incidents = $incidents;
$this->template->content->pagination = reports::$pagination;
$this->template->content->form_error = $form_error;
$this->template->content->errors = $errors;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = reports::$pagination->total_items;
// Status Tab
$this->template->content->status = $status;
$this->template->content->order_field = $order_field;
$this->template->content->sort = $sort;
$this->themes->map_enabled = TRUE;
$this->themes->json2_enabled = TRUE;
$this->themes->treeview_enabled = TRUE;
// Javascript Header
$this->themes->js = new View('admin/reports/reports_js');
}
/**
* Function to save report location
*
* @param Validation $post
* @param Location_Model $location Instance of the location model
*/
public static function save_location($post, $location)
{
// Load the country
$country = isset($post->country_name) ? Country_Model::get_country_by_name($post->country_name) : new Country_Model(Kohana::config('settings.default_country'));
// Fetch the country id
$country_id = (!empty($country) and $country->loaded) ? $country->id : 0;
// Assign country_id retrieved
$post->country_id = $country_id;
$location->location_name = $post->location_name;
$location->latitude = $post->latitude;
$location->longitude = $post->longitude;
$location->country_id = $country_id;
$location->location_date = date("Y-m-d H:i:s", time());
$location->save();
// Garbage collection
unset($country, $country_id);
}
/**
* Edit a report
* @param bool|int $id The id no. of the report
* @param bool|string $saved
*/
function edit($id = false, $saved = false)
{
$db = new Database();
$this->template->content = new View('members/reports_edit');
$this->template->content->title = Kohana::lang('ui_admin.create_report');
// setup and initialize form field names
$form = array('location_id' => '', 'form_id' => '', 'locale' => '', 'incident_title' => '', 'incident_description' => '', 'incident_date' => '', 'incident_hour' => '', 'incident_minute' => '', 'incident_ampm' => '', 'latitude' => '', 'longitude' => '', 'geometry' => array(), 'location_name' => '', 'country_id' => '', 'country_name' => '', 'incident_category' => array(), 'incident_news' => array(), 'incident_video' => array(), 'incident_photo' => array(), 'person_first' => '', 'person_last' => '', 'person_email' => '', 'custom_field' => array(), 'incident_source' => '', 'incident_information' => '', 'incident_zoom' => '');
// copy the form as errors, so the errors will be stored with keys corresponding to the form field names
$errors = $form;
$form_error = FALSE;
if ($saved == 'saved') {
$form_saved = TRUE;
} else {
$form_saved = FALSE;
}
// Initialize Default Values
$form['locale'] = Kohana::config('locale.language');
//$form['latitude'] = Kohana::config('settings.default_lat');
//$form['longitude'] = Kohana::config('settings.default_lon');
$form['country_id'] = Kohana::config('settings.default_country');
$form['incident_date'] = date("m/d/Y", time());
$form['incident_hour'] = date('h');
$form['incident_minute'] = date('i');
$form['incident_ampm'] = date('a');
// initialize custom field array
$form['custom_field'] = $this->_get_custom_form_fields($id, '', true);
// Locale (Language) Array
$this->template->content->locale_array = Kohana::config('locale.all_languages');
// Create Categories
$this->template->content->categories = Category_Model::get_categories();
// Time formatting
$this->template->content->hour_array = $this->_hour_array();
$this->template->content->minute_array = $this->_minute_array();
$this->template->content->ampm_array = $this->_ampm_array();
$this->template->content->stroke_width_array = $this->_stroke_width_array();
// Get Countries
$countries = array();
foreach (ORM::factory('country')->orderby('country')->find_all() as $country) {
// Create a list of all categories
$this_country = $country->country;
if (strlen($this_country) > 35) {
$this_country = substr($this_country, 0, 35) . "...";
}
$countries[$country->id] = $this_country;
}
$this->template->content->countries = $countries;
// Initialize Default Value for Hidden Field Country Name, just incase Reverse Geo coding yields no result
$form['country_name'] = $countries[$form['country_id']];
//GET custom forms
$forms = array();
foreach (ORM::factory('form')->where('form_active', 1)->find_all() as $custom_forms) {
$forms[$custom_forms->id] = $custom_forms->form_title;
}
$this->template->content->forms = $forms;
// Retrieve thumbnail photos (if edit);
//XXX: fix _get_thumbnails
$this->template->content->incident = $this->_get_thumbnails($id);
// Are we creating this report from a Checkin?
if (isset($_GET['cid']) && !empty($_GET['cid'])) {
$checkin_id = (int) $_GET['cid'];
$checkin = ORM::factory('checkin', $checkin_id);
if ($checkin->loaded) {
// Has a report already been created for this Checkin?
if ((int) $checkin->incident_id > 0) {
// Redirect to report
url::redirect('members/reports/edit/' . $checkin->incident_id);
}
$incident_description = $checkin->checkin_description;
$incident_title = text::limit_chars(strip_tags($incident_description), 100, "...", true);
$form['incident_title'] = $incident_title;
$form['incident_description'] = $incident_description;
$form['incident_date'] = date('m/d/Y', strtotime($checkin->checkin_date));
$form['incident_hour'] = date('h', strtotime($checkin->checkin_date));
$form['incident_minute'] = date('i', strtotime($checkin->checkin_date));
$form['incident_ampm'] = date('a', strtotime($checkin->checkin_date));
// Does the sender of this message have a location?
if ($checkin->location->loaded) {
$form['location_id'] = $checkin->location_id;
$form['latitude'] = $checkin->location->latitude;
$form['longitude'] = $checkin->location->longitude;
$form['location_name'] = $checkin->location->location_name;
}
}
}
// check, has the form been submitted, if so, setup validation
if ($_POST) {
// Instantiate Validation, use $post, so we don't overwrite $_POST fields with our own things
$post = Validation::factory(array_merge($_POST, $_FILES));
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks, carried out in order
// $post->add_rules('locale','required','alpha_dash','length[5]');
$post->add_rules('location_id', 'numeric');
$post->add_rules('message_id', 'numeric');
$post->add_rules('incident_title', 'required', 'length[3,200]');
$post->add_rules('incident_description', 'required');
$post->add_rules('incident_date', 'required', 'date_mmddyyyy');
$post->add_rules('incident_hour', 'required', 'between[1,12]');
$post->add_rules('incident_minute', 'required', 'between[0,59]');
if ($_POST['incident_ampm'] != "am" && $_POST['incident_ampm'] != "pm") {
$post->add_error('incident_ampm', 'values');
}
$post->add_rules('latitude', 'required', 'between[-90,90]');
// Validate for maximum and minimum latitude values
$post->add_rules('longitude', 'required', 'between[-180,180]');
// Validate for maximum and minimum longitude values
$post->add_rules('location_name', 'required', 'length[3,200]');
//XXX: Hack to validate for no checkboxes checked
if (!isset($_POST['incident_category'])) {
$post->incident_category = "";
$post->add_error('incident_category', 'required');
} else {
$post->add_rules('incident_category.*', 'required', 'numeric');
}
// Validate only the fields that are filled in
if (!empty($_POST['incident_news'])) {
foreach ($_POST['incident_news'] as $key => $url) {
if (!empty($url) and !(bool) filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED)) {
$post->add_error('incident_news', 'url');
}
}
}
// Validate only the fields that are filled in
if (!empty($_POST['incident_video'])) {
foreach ($_POST['incident_video'] as $key => $url) {
if (!empty($url) and !(bool) filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED)) {
$post->add_error('incident_video', 'url');
}
}
}
// Validate photo uploads
$post->add_rules('incident_photo', 'upload::valid', 'upload::type[gif,jpg,png]', 'upload::size[2M]');
// Validate Personal Information
if (!empty($_POST['person_first'])) {
$post->add_rules('person_first', 'length[3,100]');
}
if (!empty($_POST['person_last'])) {
$post->add_rules('person_last', 'length[3,100]');
}
if (!empty($_POST['person_email'])) {
$post->add_rules('person_email', 'email', 'length[3,100]');
}
// Validate Custom Fields
if (isset($post->custom_field) && !$this->_validate_custom_form_fields($post->custom_field)) {
$post->add_error('custom_field', 'values');
}
// If deployment is a single country deployment, check that the location mapped is in the default country
if (!Kohana::config('settings.multi_country')) {
$country = Country_Model::get_country_by_name($post->country_name);
if ($country and $country->id != Kohana::config('settings.default_country')) {
$post->add_error('country_name', 'single_country');
}
}
$post->add_rules('incident_source', 'numeric', 'length[1,1]');
$post->add_rules('incident_information', 'numeric', 'length[1,1]');
// Test to see if things passed the rule checks
if ($post->validate()) {
// STEP 1: SAVE LOCATION
$location = new Location_Model();
reports::save_location($post, $location);
// STEP 2: SAVE INCIDENT
$incident = new Incident_Model();
reports::save_report($post, $incident, $location->id);
// STEP 3: SAVE CATEGORIES
reports::save_category($post, $incident);
// STEP 4: SAVE MEDIA
reports::save_media($post, $incident);
// STEP 5: SAVE CUSTOM FORM FIELDS
reports::save_custom_fields($post, $incident);
// STEP 6: SAVE PERSONAL INFORMATION
reports::save_personal_info($post, $incident);
// If creating a report from a checkin
if (isset($checkin_id) and $checkin_id != "") {
$checkin = ORM::factory('checkin', $checkin_id);
if ($checkin->loaded) {
$checkin->incident_id = $incident->id;
$checkin->save();
// Attach all the media items in this checkin to the report
foreach ($checkin->media as $media) {
$media->incident_id = $incident->id;
$media->save();
}
}
}
// Action::report_add / report_submit_members - Added a New Report
//++ Do we need two events for this? Or will one suffice?
//Event::run('ushahidi_action.report_add', $incident);
Event::run('ushahidi_action.report_submit_members', $post);
// SAVE AND CLOSE?
if ($post->save == 1) {
url::redirect('members/reports/edit/' . $incident->id . '/saved');
} else {
url::redirect('members/reports/');
}
} else {
// repopulate the form fields
$form = arr::overwrite($form, $post->as_array());
// populate the error fields, if any
$errors = arr::overwrite($errors, $post->errors('report'));
$form_error = TRUE;
}
} else {
if ($id) {
// Retrieve Current Incident
$incident = ORM::factory('incident')->where('user_id', $this->user->id)->find($id);
if ($incident->loaded == true) {
// Retrieve Categories
$incident_category = array();
foreach ($incident->incident_category as $category) {
$incident_category[] = $category->category_id;
}
// Retrieve Media
$incident_news = array();
$incident_video = array();
$incident_photo = array();
foreach ($incident->media as $media) {
if ($media->media_type == 4) {
$incident_news[] = $media->media_link;
} elseif ($media->media_type == 2) {
$incident_video[] = $media->media_link;
} elseif ($media->media_type == 1) {
$incident_photo[] = $media->media_link;
}
}
// Get Geometries via SQL query as ORM can't handle Spatial Data
$sql = "SELECT AsText(geometry) as geometry, geometry_label, \n\t\t\t\t\t\tgeometry_comment, geometry_color, geometry_strokewidth \n\t\t\t\t\t\tFROM " . Kohana::config('database.default.table_prefix') . "geometry \n\t\t\t\t\t\tWHERE incident_id=" . $id;
$query = $db->query($sql);
foreach ($query as $item) {
$geometry = array("geometry" => $item->geometry, "label" => $item->geometry_label, "comment" => $item->geometry_comment, "color" => $item->geometry_color, "strokewidth" => $item->geometry_strokewidth);
$form['geometry'][] = json_encode($geometry);
}
// Combine Everything
$incident_arr = array('location_id' => $incident->location->id, 'form_id' => $incident->form_id, 'locale' => $incident->locale, 'incident_title' => $incident->incident_title, 'incident_description' => $incident->incident_description, 'incident_date' => date('m/d/Y', strtotime($incident->incident_date)), 'incident_hour' => date('h', strtotime($incident->incident_date)), 'incident_minute' => date('i', strtotime($incident->incident_date)), 'incident_ampm' => date('a', strtotime($incident->incident_date)), 'latitude' => $incident->location->latitude, 'longitude' => $incident->location->longitude, 'location_name' => $incident->location->location_name, 'country_id' => $incident->location->country_id, 'incident_category' => $incident_category, 'incident_news' => $incident_news, 'incident_video' => $incident_video, 'incident_photo' => $incident_photo, 'person_first' => $incident->incident_person->person_first, 'person_last' => $incident->incident_person->person_last, 'person_email' => $incident->incident_person->person_email, 'custom_field' => $this->_get_custom_form_fields($id, $incident->form_id, true), 'incident_source' => $incident->incident_source, 'incident_information' => $incident->incident_information, 'incident_zoom' => $incident->incident_zoom);
// Merge To Form Array For Display
$form = arr::overwrite($form, $incident_arr);
} else {
// Redirect
url::redirect('members/reports/');
}
}
}
$this->template->content->id = $id;
$this->template->content->form = $form;
$this->template->content->errors = $errors;
$this->template->content->form_error = $form_error;
$this->template->content->form_saved = $form_saved;
// Retrieve Custom Form Fields Structure
$disp_custom_fields = $this->_get_custom_form_fields($id, $form['form_id'], false);
$this->template->content->disp_custom_fields = $disp_custom_fields;
// Retrieve Previous & Next Records
$previous = ORM::factory('incident')->where('id < ', $id)->orderby('id', 'desc')->find();
$previous_url = $previous->loaded ? url::base() . 'members/reports/edit/' . $previous->id : url::base() . 'members/reports/';
$next = ORM::factory('incident')->where('id > ', $id)->orderby('id', 'desc')->find();
$next_url = $next->loaded ? url::base() . 'members/reports/edit/' . $next->id : url::base() . 'members/reports/';
$this->template->content->previous_url = $previous_url;
$this->template->content->next_url = $next_url;
// Javascript Header
$this->template->map_enabled = TRUE;
$this->template->colorpicker_enabled = TRUE;
$this->template->treeview_enabled = TRUE;
$this->template->json2_enabled = TRUE;
$this->template->js = new View('reports_submit_edit_js');
$this->template->js->edit_mode = FALSE;
$this->template->js->default_map = Kohana::config('settings.default_map');
$this->template->js->default_zoom = Kohana::config('settings.default_zoom');
if (!$form['latitude'] || !$form['latitude']) {
$this->template->js->latitude = Kohana::config('settings.default_lat');
$this->template->js->longitude = Kohana::config('settings.default_lon');
} else {
$this->template->js->latitude = $form['latitude'];
$this->template->js->longitude = $form['longitude'];
}
$this->template->js->incident_zoom = $form['incident_zoom'];
$this->template->js->geometries = $form['geometry'];
// Inline Javascript
$this->template->content->date_picker_js = $this->_date_picker_js();
$this->template->content->color_picker_js = $this->_color_picker_js();
// Pack Javascript
$myPacker = new javascriptpacker($this->template->js, 'Normal', false, false);
$this->template->js = $myPacker->pack();
}
/**
* Lists the reports.
*
* @param int $page
*/
public function index($page = 1)
{
// If user doesn't have access, redirect to dashboard
if (!admin::permissions($this->user, "reports_view")) {
url::redirect(url::site() . 'admin/dashboard');
}
$this->template->content = new View('admin/reports');
$this->template->content->title = Kohana::lang('ui_admin.reports');
//hook into the event for the reports::fetch_incidents() method
Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters'));
$status = "0";
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
array_push($this->params, 'i.incident_active = 0');
} elseif (strtolower($status) == 'v') {
array_push($this->params, 'i.incident_verified = 0');
} else {
$status = "0";
}
}
// Get Search Keywords (If Any)
if (isset($_GET['k'])) {
// Brute force input sanitization
// Phase 1 - Strip the search string of all non-word characters
$keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : "";
// Strip any HTML tags that may have been missed in Phase 1
$keyword_raw = strip_tags($keyword_raw);
// Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught
// in the first 2 steps
$keyword_raw = $this->input->xss_clean($keyword_raw);
$filter = " (" . $this->_get_searchstring($keyword_raw) . ")";
array_push($this->params, $filter);
} else {
$keyword_raw = "";
}
// Check, has the form been submitted?
$form_error = FALSE;
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks, carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if ($post->validate()) {
// Approve Action
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = $update->incident_active == 0 ? '1' : '0';
// Tag this as a report that needs to be sent out as an alert
if ($update->incident_alert_status != '2') {
// 2 = report that has had an alert sent
$update->incident_alert_status = '1';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '1';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_approve - Approve a Report
Event::run('ushahidi_action.report_approve', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.approved'));
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = '0';
// If Alert hasn't been sent yet, disable it
if ($update->incident_alert_status == '1') {
$update->incident_alert_status = '0';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '0';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_unapprove - Unapprove a Report
Event::run('ushahidi_action.report_unapprove', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == TRUE) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
$verify->incident_id = $item;
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
// Set the form action
$form_action = strtoupper(Kohana::lang('ui_admin.verified_unverified'));
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$incident_id = $update->id;
$location_id = $update->location_id;
$update->delete();
// Delete Location
ORM::factory('location')->where('id', $location_id)->delete_all();
// Delete Categories
ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all();
// Delete Translations
ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all();
// Delete Photos From Directory
foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) {
deletePhoto($photo->id);
}
// Delete Media
ORM::factory('media')->where('incident_id', $incident_id)->delete_all();
// Delete Sender
ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all();
// Delete relationship to SMS message
$updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find();
if ($updatemessage->loaded == TRUE) {
$updatemessage->incident_id = 0;
$updatemessage->save();
}
// Delete Comments
ORM::factory('comment')->where('incident_id', $incident_id)->delete_all();
// Delete form responses
ORM::factory('form_response')->where('incident_id', $incident_id)->delete_all();
// Action::report_delete - Deleted a Report
Event::run('ushahidi_action.report_delete', $incident_id);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
$form_error = TRUE;
}
}
// Fetch all incidents
$all_incidents = reports::fetch_incidents();
// Pagination
$pagination = new Pagination(array('style' => 'front-end-reports', 'query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $all_incidents->count()));
Event::run('ushahidi_filter.pagination', $pagination);
// Reports
$incidents = Incident_Model::get_incidents(reports::$params, $pagination);
Event::run('ushahidi_filter.filter_incidents', $incidents);
$this->template->content->countries = Country_Model::get_countries_list();
$this->template->content->incidents = $incidents;
$this->template->content->pagination = $pagination;
$this->template->content->form_error = $form_error;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = $pagination->total_items;
// Status Tab
$this->template->content->status = $status;
// Javascript Header
$this->template->js = new View('admin/reports_js');
}
/**
* Finds country on deployment database by code
* @param string Country Name
* @return int Country Id if exists, 0 if not
*
*/
static function getCountryIdByCode($country_code)
{
// Grab country_id
$country = Country_Model::get_country_by_code($country_code);
return (!empty($country) and $country->loaded) ? $country->id : 0;
}
/**
* Model Validation
*
* @param array $array values to check
* @param boolean $save save[Optional] the record when validation succeeds
* @return bool TRUE when validation succeeds, FALSE otherwise
*/
public function validate(array &$post, $save = FALSE)
{
// Initialise the validation library and setup some rules
$post = Validation::factory($post)->pre_filter('trim')->add_rules('alert_mobile', 'numeric', 'length[6,20]')->add_rules('alert_email', 'email', 'length[3,64]')->add_rules('alert_lat', 'required', 'between[-90,90]')->add_rules('alert_lon', 'required', 'between[-180,180]')->add_rules('alert_radius', 'required', 'in_array[1,5,10,20,50,100]')->add_rules('alert_confirmed', 'required', 'in_array[0,1]');
// TODO Callbacks to check for duplicate alert subscription - same
// subscriber for the same lat/lon
//$post->add_callbacks('alert_mobile', array($this, '_mobile_check'));
//$post->add_callbacks('alert_email', array($this, '_email_check'));
// Check if a recipient mobile phone no. or email address has been
// specified
if (empty($post->alert_mobile) and empty($post->alert_email)) {
$post->add_rules('alert_recipient', 'required');
}
// If deployment is a single country deployment, check that the location mapped is in the default country
if (!Kohana::config('settings.multi_country')) {
$country = Country_Model::get_country_by_name($post->alert_country);
if ($country and $country->id != Kohana::config('settings.default_country')) {
$post->add_error('alert_country', 'single_country');
return FALSE;
}
}
return parent::validate($post, $save);
}
/**
* Lists the reports.
*
* @param int $page
*/
public function index($page = 1)
{
// If user doesn't have access, redirect to dashboard
if (!admin::permissions($this->user, "reports_view")) {
url::redirect(url::site() . 'admin/dashboard');
}
$this->template->content = new View('admin/reports');
$this->template->content->title = Kohana::lang('ui_admin.reports');
// Database table prefix
$table_prefix = Kohana::config('database.default.table_prefix');
// Hook into the event for the reports::fetch_incidents() method
Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters'));
$status = "0";
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
array_push($this->params, 'i.incident_active = 0');
} elseif (strtolower($status) == 'v') {
array_push($this->params, 'i.incident_verified = 0');
} elseif (strtolower($status) == 'o') {
array_push($this->params, 'ic.category_id = 5');
} else {
$status = "0";
}
}
// Get Search Keywords (If Any)
if (isset($_GET['k'])) {
// Brute force input sanitization
// Phase 1 - Strip the search string of all non-word characters
$keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : "";
// Strip any HTML tags that may have been missed in Phase 1
$keyword_raw = strip_tags($keyword_raw);
// Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught
// in the first 2 steps
$keyword_raw = $this->input->xss_clean($keyword_raw);
$filter = " (" . $this->_get_searchstring($keyword_raw) . ")";
array_push($this->params, $filter);
} else {
$keyword_raw = "";
}
// Check, has the form been submitted?
$form_error = FALSE;
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks,
// carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if ($post->validate()) {
// Approve Action
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
// Database instance
$db = new Database();
// Query to check if this report is uncategorized i.e categoryless
$query = "SELECT ic.* FROM " . $table_prefix . "incident_category ic " . "INNER JOIN " . $table_prefix . "category c ON c.id = ic.category_id " . "INNER JOIN " . $table_prefix . "incident i ON i.id=ic.incident_id " . "WHERE c.category_title =\"NONE\" AND c.category_trusted = '1' " . "AND ic.incident_id = {$item}";
$result = $db->query($query);
// Only approve the report IF it's not uncategorized
// i.e the query returns a null set
if (count($result) == 0) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = $update->incident_active == 0 ? '1' : '0';
// Tag this as a report that needs to be sent out as an alert
if ($update->incident_alert_status != '2') {
// 2 = report that has had an alert sent
$update->incident_alert_status = '1';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '1';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_approve - Approve a Report
Event::run('ushahidi_action.report_approve', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.approved'));
}
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = '0';
// If Alert hasn't been sent yet, disable it
if ($update->incident_alert_status == '1') {
$update->incident_alert_status = '0';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '0';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_unapprove - Unapprove a Report
Event::run('ushahidi_action.report_unapprove', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == TRUE) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
$verify->incident_id = $item;
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
// Set the form action
$form_action = strtoupper(Kohana::lang('ui_admin.verified_unverified'));
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded) {
$update->delete();
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
$form_error = TRUE;
}
}
// Fetch all incidents
$all_incidents = reports::fetch_incidents();
// Pagination
$pagination = new Pagination(array('style' => 'front-end-reports', 'query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $all_incidents->count()));
Event::run('ushahidi_filter.pagination', $pagination);
// Reports
$incidents = Incident_Model::get_incidents(reports::$params, $pagination);
Event::run('ushahidi_filter.filter_incidents', $incidents);
$this->template->content->countries = Country_Model::get_countries_list();
$this->template->content->incidents = $incidents;
$this->template->content->pagination = $pagination;
$this->template->content->form_error = $form_error;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = $pagination->total_items;
// Status Tab
$this->template->content->status = $status;
// Javascript Header
$this->template->js = new View('admin/reports_js');
}
/**
* GeoCode An Address
*
* @author
* @param string $address
* @return array $geocodes - lat/lon
*/
public static function geocode($address = NULL)
{
if ($address) {
$payload = FALSE;
$url = Kohana::config('config.external_site_protocol') . '://maps.google.com/maps/api/geocode/json?sensor=false&address=' . rawurlencode($address);
$result = FALSE;
if ($result = @file_get_contents($url)) {
$payload = json_decode($result);
}
// Verify that the request succeeded
if (!isset($payload->status)) {
return FALSE;
}
if ($payload->status != 'OK') {
return FALSE;
}
// Convert the Geocoder's results to an array
$all_components = json_decode(json_encode($payload->results), TRUE);
$location = $all_components[0]['geometry']['location'];
// Find the country
$address_components = $all_components[0]['address_components'];
$country_name = NULL;
foreach ($address_components as $component) {
if (in_array('country', $component['types'])) {
$country_name = $component['long_name'];
break;
}
}
// If no country has been found, use the formatted address
if (empty($country_name)) {
$country_name = $all_components[0]['formatted_address'];
}
// Grab country_id
$country = Country_Model::get_country_by_name($country_name);
$country_id = (!empty($country) and $country->loaded) ? $country->id : 0;
$geocodes = array('country' => $country_name, 'country_id' => $country_id, 'location_name' => $all_components[0]['formatted_address'], 'latitude' => $location['lat'], 'longitude' => $location['lng']);
return $geocodes;
} else {
return FALSE;
}
}
