/** * Tests CountyModel::get_country_by_name * @test */ public function testGetCountryByName() { // Use valid country $valid = Country_Model::get_country_by_name('Kenya'); $this->assertEquals(TRUE, $valid instanceof Country_Model, sprintf('Invalid country object type (%s) returned', get_class($valid))); $this->assertGreaterThanOrEqual(1, $valid->id); // Use invalid country $invalid = Country_Model::get_country_by_name('Nairobi'); $this->assertNull($invalid); }
/** * Model Validation * * @param array $array values to check * @param boolean $save save[Optional] the record when validation succeeds * @return boolean */ public function validate(array &$post, $save = FALSE) { // Initialise the validation library and setup some rules $post = Validation::factory($post)->pre_filter('trim')->add_rules('alert_mobile', 'numeric', 'length[6,20]')->add_rules('alert_email', 'email', 'length[3,64]')->add_rules('alert_lat', 'required', 'between[-90,90]')->add_rules('alert_lon', 'required', 'between[-180,180]')->add_rules('alert_radius', 'required', 'in_array[1,5,10,20,50,100]')->add_callbacks('alert_mobile', array($this, '_mobile_or_email'))->add_callbacks('alert_mobile', array($this, '_mobile_check'))->add_callbacks('alert_email', array($this, '_email_check')); // If deployment is a single country deployment, check that the location mapped is in the default country if (!Kohana::config('settings.multi_country')) { $country = Country_Model::get_country_by_name($post->alert_country); if ($country and $country->id != Kohana::config('settings.default_country')) { $post->add_error('alert_country', 'single_country'); } } return parent::validate($post, $save); }
/** * Lists the reports. * * @param int $page */ public function index($page = 1) { // If user doesn't have access, redirect to dashboard if (!$this->auth->has_permission("reports_view")) { url::redirect(url::site() . 'admin/dashboard'); } $this->template->content = new View('admin/reports/main'); $this->template->content->title = Kohana::lang('ui_admin.reports'); // Database table prefix $table_prefix = Kohana::config('database.default.table_prefix'); // Hook into the event for the reports::fetch_incidents() method Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters')); $status = "0"; if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { array_push($this->params, 'i.incident_active = 0'); } elseif (strtolower($status) == 'v') { array_push($this->params, 'i.incident_verified = 0'); } elseif (strtolower($status) == 'o') { array_push($this->params, '(ic.category_id IS NULL)'); } elseif (strtolower($status) != 'search') { $status = "0"; } } // Get Search Keywords (If Any) if (isset($_GET['k'])) { // Brute force input sanitization // Phase 1 - Strip the search string of all non-word characters $keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : ""; // Strip any HTML tags that may have been missed in Phase 1 $keyword_raw = strip_tags($keyword_raw); // Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught // in the first 2 steps $keyword_raw = $this->input->xss_clean($keyword_raw); $filter = " (" . $this->_get_searchstring($keyword_raw) . ")"; array_push($this->params, $filter); } else { $keyword_raw = ""; } $this->template->content->search_form = $this->_search_form(); $this->template->content->search_form->keywords = $keyword_raw; // Handler sort/order fields $order_field = 'date'; $sort = 'DESC'; if (isset($_GET['order'])) { $order_field = html::escape($_GET['order']); } if (isset($_GET['sort'])) { $sort = strtoupper($_GET['sort']) == 'ASC' ? 'ASC' : 'DESC'; } // Check, has the form been submitted? $form_error = FALSE; $errors = array(); $form_saved = FALSE; $form_action = ""; if ($_POST) { $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, // carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if (in_array($post->action, array('a', 'u')) and !Auth::instance()->has_permission('reports_approve')) { $post->add_error('action', 'permission'); } if ($post->action == 'v' and !Auth::instance()->has_permission('reports_verify')) { $post->add_error('action', 'permission'); } if ($post->action == 'd' and !Auth::instance()->has_permission('reports_edit')) { $post->add_error('action', 'permission'); } if ($post->action == 'a') { // sanitize the incident_ids $post->incident_id = array_map('intval', $post->incident_id); // Query to check if this report is uncategorized i.e categoryless $query = "SELECT i.* FROM " . $table_prefix . "incident i " . "LEFT JOIN " . $table_prefix . "incident_category ic ON i.id=ic.incident_id " . "LEFT JOIN " . $table_prefix . "category c ON c.id = ic.category_id " . "WHERE c.id IS NULL " . "AND i.id IN :incidentids"; $result = Database::instance()->query($query, array(':incidentids' => $post->incident_id)); // We enly approve the report IF it's categorized // throw an error if any incidents aren't categorized foreach ($result as $incident) { $post->add_error('incident_id', 'categories_required', $incident->incident_title); } } if ($post->validate()) { // Approve Action if ($post->action == 'a') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $update->incident_active = '1'; // Tag this as a report that needs to be sent out as an alert if ($update->incident_alert_status != '2') { // 2 = report that has had an alert sent $update->incident_alert_status = '1'; } $update->save(); // Record 'Verified By' Action reports::verify_approve($update); // Action::report_approve - Approve a Report Event::run('ushahidi_action.report_approve', $update); } $form_action = utf8::strtoupper(Kohana::lang('ui_admin.approved')); } } elseif ($post->action == 'u') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $update->incident_active = '0'; // If Alert hasn't been sent yet, disable it if ($update->incident_alert_status == '1') { $update->incident_alert_status = '0'; } $update->save(); // Record 'Verified By' Action reports::verify_approve($update); // Action::report_unapprove - Unapprove a Report Event::run('ushahidi_action.report_unapprove', $update); } } $form_action = utf8::strtoupper(Kohana::lang('ui_admin.unapproved')); } elseif ($post->action == 'v') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); $verify = new Verify_Model(); if ($update->loaded == TRUE) { if ($update->incident_verified == '1') { $update->incident_verified = '0'; $verify->verified_status = '0'; } else { $update->incident_verified = '1'; $verify->verified_status = '2'; } $update->save(); // Record 'Verified By' Action reports::verify_approve($update); } } // Set the form action $form_action = utf8::strtoupper(Kohana::lang('ui_admin.verified_unverified')); } elseif ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded) { $update->delete(); } } $form_action = utf8::strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { // Repopulate the form fields //$form = arr::overwrite($form, $post->as_array()); // Populate the error fields, if any $errors = $post->errors('reports'); $form_error = TRUE; } } // Fetch all incidents $incidents = reports::fetch_incidents(TRUE, Kohana::config('settings.items_per_page_admin')); Event::run('ushahidi_filter.filter_incidents', $incidents); $this->template->content->countries = Country_Model::get_countries_list(); $this->template->content->incidents = $incidents; $this->template->content->pagination = reports::$pagination; $this->template->content->form_error = $form_error; $this->template->content->errors = $errors; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = reports::$pagination->total_items; // Status Tab $this->template->content->status = $status; $this->template->content->order_field = $order_field; $this->template->content->sort = $sort; $this->themes->map_enabled = TRUE; $this->themes->json2_enabled = TRUE; $this->themes->treeview_enabled = TRUE; // Javascript Header $this->themes->js = new View('admin/reports/reports_js'); }
/** * Function to save report location * * @param Validation $post * @param Location_Model $location Instance of the location model */ public static function save_location($post, $location) { // Load the country $country = isset($post->country_name) ? Country_Model::get_country_by_name($post->country_name) : new Country_Model(Kohana::config('settings.default_country')); // Fetch the country id $country_id = (!empty($country) and $country->loaded) ? $country->id : 0; // Assign country_id retrieved $post->country_id = $country_id; $location->location_name = $post->location_name; $location->latitude = $post->latitude; $location->longitude = $post->longitude; $location->country_id = $country_id; $location->location_date = date("Y-m-d H:i:s", time()); $location->save(); // Garbage collection unset($country, $country_id); }
/** * Edit a report * @param bool|int $id The id no. of the report * @param bool|string $saved */ function edit($id = false, $saved = false) { $db = new Database(); $this->template->content = new View('members/reports_edit'); $this->template->content->title = Kohana::lang('ui_admin.create_report'); // setup and initialize form field names $form = array('location_id' => '', 'form_id' => '', 'locale' => '', 'incident_title' => '', 'incident_description' => '', 'incident_date' => '', 'incident_hour' => '', 'incident_minute' => '', 'incident_ampm' => '', 'latitude' => '', 'longitude' => '', 'geometry' => array(), 'location_name' => '', 'country_id' => '', 'country_name' => '', 'incident_category' => array(), 'incident_news' => array(), 'incident_video' => array(), 'incident_photo' => array(), 'person_first' => '', 'person_last' => '', 'person_email' => '', 'custom_field' => array(), 'incident_source' => '', 'incident_information' => '', 'incident_zoom' => ''); // copy the form as errors, so the errors will be stored with keys corresponding to the form field names $errors = $form; $form_error = FALSE; if ($saved == 'saved') { $form_saved = TRUE; } else { $form_saved = FALSE; } // Initialize Default Values $form['locale'] = Kohana::config('locale.language'); //$form['latitude'] = Kohana::config('settings.default_lat'); //$form['longitude'] = Kohana::config('settings.default_lon'); $form['country_id'] = Kohana::config('settings.default_country'); $form['incident_date'] = date("m/d/Y", time()); $form['incident_hour'] = date('h'); $form['incident_minute'] = date('i'); $form['incident_ampm'] = date('a'); // initialize custom field array $form['custom_field'] = $this->_get_custom_form_fields($id, '', true); // Locale (Language) Array $this->template->content->locale_array = Kohana::config('locale.all_languages'); // Create Categories $this->template->content->categories = Category_Model::get_categories(); // Time formatting $this->template->content->hour_array = $this->_hour_array(); $this->template->content->minute_array = $this->_minute_array(); $this->template->content->ampm_array = $this->_ampm_array(); $this->template->content->stroke_width_array = $this->_stroke_width_array(); // Get Countries $countries = array(); foreach (ORM::factory('country')->orderby('country')->find_all() as $country) { // Create a list of all categories $this_country = $country->country; if (strlen($this_country) > 35) { $this_country = substr($this_country, 0, 35) . "..."; } $countries[$country->id] = $this_country; } $this->template->content->countries = $countries; // Initialize Default Value for Hidden Field Country Name, just incase Reverse Geo coding yields no result $form['country_name'] = $countries[$form['country_id']]; //GET custom forms $forms = array(); foreach (ORM::factory('form')->where('form_active', 1)->find_all() as $custom_forms) { $forms[$custom_forms->id] = $custom_forms->form_title; } $this->template->content->forms = $forms; // Retrieve thumbnail photos (if edit); //XXX: fix _get_thumbnails $this->template->content->incident = $this->_get_thumbnails($id); // Are we creating this report from a Checkin? if (isset($_GET['cid']) && !empty($_GET['cid'])) { $checkin_id = (int) $_GET['cid']; $checkin = ORM::factory('checkin', $checkin_id); if ($checkin->loaded) { // Has a report already been created for this Checkin? if ((int) $checkin->incident_id > 0) { // Redirect to report url::redirect('members/reports/edit/' . $checkin->incident_id); } $incident_description = $checkin->checkin_description; $incident_title = text::limit_chars(strip_tags($incident_description), 100, "...", true); $form['incident_title'] = $incident_title; $form['incident_description'] = $incident_description; $form['incident_date'] = date('m/d/Y', strtotime($checkin->checkin_date)); $form['incident_hour'] = date('h', strtotime($checkin->checkin_date)); $form['incident_minute'] = date('i', strtotime($checkin->checkin_date)); $form['incident_ampm'] = date('a', strtotime($checkin->checkin_date)); // Does the sender of this message have a location? if ($checkin->location->loaded) { $form['location_id'] = $checkin->location_id; $form['latitude'] = $checkin->location->latitude; $form['longitude'] = $checkin->location->longitude; $form['location_name'] = $checkin->location->location_name; } } } // check, has the form been submitted, if so, setup validation if ($_POST) { // Instantiate Validation, use $post, so we don't overwrite $_POST fields with our own things $post = Validation::factory(array_merge($_POST, $_FILES)); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, carried out in order // $post->add_rules('locale','required','alpha_dash','length[5]'); $post->add_rules('location_id', 'numeric'); $post->add_rules('message_id', 'numeric'); $post->add_rules('incident_title', 'required', 'length[3,200]'); $post->add_rules('incident_description', 'required'); $post->add_rules('incident_date', 'required', 'date_mmddyyyy'); $post->add_rules('incident_hour', 'required', 'between[1,12]'); $post->add_rules('incident_minute', 'required', 'between[0,59]'); if ($_POST['incident_ampm'] != "am" && $_POST['incident_ampm'] != "pm") { $post->add_error('incident_ampm', 'values'); } $post->add_rules('latitude', 'required', 'between[-90,90]'); // Validate for maximum and minimum latitude values $post->add_rules('longitude', 'required', 'between[-180,180]'); // Validate for maximum and minimum longitude values $post->add_rules('location_name', 'required', 'length[3,200]'); //XXX: Hack to validate for no checkboxes checked if (!isset($_POST['incident_category'])) { $post->incident_category = ""; $post->add_error('incident_category', 'required'); } else { $post->add_rules('incident_category.*', 'required', 'numeric'); } // Validate only the fields that are filled in if (!empty($_POST['incident_news'])) { foreach ($_POST['incident_news'] as $key => $url) { if (!empty($url) and !(bool) filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED)) { $post->add_error('incident_news', 'url'); } } } // Validate only the fields that are filled in if (!empty($_POST['incident_video'])) { foreach ($_POST['incident_video'] as $key => $url) { if (!empty($url) and !(bool) filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_HOST_REQUIRED)) { $post->add_error('incident_video', 'url'); } } } // Validate photo uploads $post->add_rules('incident_photo', 'upload::valid', 'upload::type[gif,jpg,png]', 'upload::size[2M]'); // Validate Personal Information if (!empty($_POST['person_first'])) { $post->add_rules('person_first', 'length[3,100]'); } if (!empty($_POST['person_last'])) { $post->add_rules('person_last', 'length[3,100]'); } if (!empty($_POST['person_email'])) { $post->add_rules('person_email', 'email', 'length[3,100]'); } // Validate Custom Fields if (isset($post->custom_field) && !$this->_validate_custom_form_fields($post->custom_field)) { $post->add_error('custom_field', 'values'); } // If deployment is a single country deployment, check that the location mapped is in the default country if (!Kohana::config('settings.multi_country')) { $country = Country_Model::get_country_by_name($post->country_name); if ($country and $country->id != Kohana::config('settings.default_country')) { $post->add_error('country_name', 'single_country'); } } $post->add_rules('incident_source', 'numeric', 'length[1,1]'); $post->add_rules('incident_information', 'numeric', 'length[1,1]'); // Test to see if things passed the rule checks if ($post->validate()) { // STEP 1: SAVE LOCATION $location = new Location_Model(); reports::save_location($post, $location); // STEP 2: SAVE INCIDENT $incident = new Incident_Model(); reports::save_report($post, $incident, $location->id); // STEP 3: SAVE CATEGORIES reports::save_category($post, $incident); // STEP 4: SAVE MEDIA reports::save_media($post, $incident); // STEP 5: SAVE CUSTOM FORM FIELDS reports::save_custom_fields($post, $incident); // STEP 6: SAVE PERSONAL INFORMATION reports::save_personal_info($post, $incident); // If creating a report from a checkin if (isset($checkin_id) and $checkin_id != "") { $checkin = ORM::factory('checkin', $checkin_id); if ($checkin->loaded) { $checkin->incident_id = $incident->id; $checkin->save(); // Attach all the media items in this checkin to the report foreach ($checkin->media as $media) { $media->incident_id = $incident->id; $media->save(); } } } // Action::report_add / report_submit_members - Added a New Report //++ Do we need two events for this? Or will one suffice? //Event::run('ushahidi_action.report_add', $incident); Event::run('ushahidi_action.report_submit_members', $post); // SAVE AND CLOSE? if ($post->save == 1) { url::redirect('members/reports/edit/' . $incident->id . '/saved'); } else { url::redirect('members/reports/'); } } else { // repopulate the form fields $form = arr::overwrite($form, $post->as_array()); // populate the error fields, if any $errors = arr::overwrite($errors, $post->errors('report')); $form_error = TRUE; } } else { if ($id) { // Retrieve Current Incident $incident = ORM::factory('incident')->where('user_id', $this->user->id)->find($id); if ($incident->loaded == true) { // Retrieve Categories $incident_category = array(); foreach ($incident->incident_category as $category) { $incident_category[] = $category->category_id; } // Retrieve Media $incident_news = array(); $incident_video = array(); $incident_photo = array(); foreach ($incident->media as $media) { if ($media->media_type == 4) { $incident_news[] = $media->media_link; } elseif ($media->media_type == 2) { $incident_video[] = $media->media_link; } elseif ($media->media_type == 1) { $incident_photo[] = $media->media_link; } } // Get Geometries via SQL query as ORM can't handle Spatial Data $sql = "SELECT AsText(geometry) as geometry, geometry_label, \n\t\t\t\t\t\tgeometry_comment, geometry_color, geometry_strokewidth \n\t\t\t\t\t\tFROM " . Kohana::config('database.default.table_prefix') . "geometry \n\t\t\t\t\t\tWHERE incident_id=" . $id; $query = $db->query($sql); foreach ($query as $item) { $geometry = array("geometry" => $item->geometry, "label" => $item->geometry_label, "comment" => $item->geometry_comment, "color" => $item->geometry_color, "strokewidth" => $item->geometry_strokewidth); $form['geometry'][] = json_encode($geometry); } // Combine Everything $incident_arr = array('location_id' => $incident->location->id, 'form_id' => $incident->form_id, 'locale' => $incident->locale, 'incident_title' => $incident->incident_title, 'incident_description' => $incident->incident_description, 'incident_date' => date('m/d/Y', strtotime($incident->incident_date)), 'incident_hour' => date('h', strtotime($incident->incident_date)), 'incident_minute' => date('i', strtotime($incident->incident_date)), 'incident_ampm' => date('a', strtotime($incident->incident_date)), 'latitude' => $incident->location->latitude, 'longitude' => $incident->location->longitude, 'location_name' => $incident->location->location_name, 'country_id' => $incident->location->country_id, 'incident_category' => $incident_category, 'incident_news' => $incident_news, 'incident_video' => $incident_video, 'incident_photo' => $incident_photo, 'person_first' => $incident->incident_person->person_first, 'person_last' => $incident->incident_person->person_last, 'person_email' => $incident->incident_person->person_email, 'custom_field' => $this->_get_custom_form_fields($id, $incident->form_id, true), 'incident_source' => $incident->incident_source, 'incident_information' => $incident->incident_information, 'incident_zoom' => $incident->incident_zoom); // Merge To Form Array For Display $form = arr::overwrite($form, $incident_arr); } else { // Redirect url::redirect('members/reports/'); } } } $this->template->content->id = $id; $this->template->content->form = $form; $this->template->content->errors = $errors; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; // Retrieve Custom Form Fields Structure $disp_custom_fields = $this->_get_custom_form_fields($id, $form['form_id'], false); $this->template->content->disp_custom_fields = $disp_custom_fields; // Retrieve Previous & Next Records $previous = ORM::factory('incident')->where('id < ', $id)->orderby('id', 'desc')->find(); $previous_url = $previous->loaded ? url::base() . 'members/reports/edit/' . $previous->id : url::base() . 'members/reports/'; $next = ORM::factory('incident')->where('id > ', $id)->orderby('id', 'desc')->find(); $next_url = $next->loaded ? url::base() . 'members/reports/edit/' . $next->id : url::base() . 'members/reports/'; $this->template->content->previous_url = $previous_url; $this->template->content->next_url = $next_url; // Javascript Header $this->template->map_enabled = TRUE; $this->template->colorpicker_enabled = TRUE; $this->template->treeview_enabled = TRUE; $this->template->json2_enabled = TRUE; $this->template->js = new View('reports_submit_edit_js'); $this->template->js->edit_mode = FALSE; $this->template->js->default_map = Kohana::config('settings.default_map'); $this->template->js->default_zoom = Kohana::config('settings.default_zoom'); if (!$form['latitude'] || !$form['latitude']) { $this->template->js->latitude = Kohana::config('settings.default_lat'); $this->template->js->longitude = Kohana::config('settings.default_lon'); } else { $this->template->js->latitude = $form['latitude']; $this->template->js->longitude = $form['longitude']; } $this->template->js->incident_zoom = $form['incident_zoom']; $this->template->js->geometries = $form['geometry']; // Inline Javascript $this->template->content->date_picker_js = $this->_date_picker_js(); $this->template->content->color_picker_js = $this->_color_picker_js(); // Pack Javascript $myPacker = new javascriptpacker($this->template->js, 'Normal', false, false); $this->template->js = $myPacker->pack(); }
/** * Lists the reports. * * @param int $page */ public function index($page = 1) { // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "reports_view")) { url::redirect(url::site() . 'admin/dashboard'); } $this->template->content = new View('admin/reports'); $this->template->content->title = Kohana::lang('ui_admin.reports'); //hook into the event for the reports::fetch_incidents() method Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters')); $status = "0"; if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { array_push($this->params, 'i.incident_active = 0'); } elseif (strtolower($status) == 'v') { array_push($this->params, 'i.incident_verified = 0'); } else { $status = "0"; } } // Get Search Keywords (If Any) if (isset($_GET['k'])) { // Brute force input sanitization // Phase 1 - Strip the search string of all non-word characters $keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : ""; // Strip any HTML tags that may have been missed in Phase 1 $keyword_raw = strip_tags($keyword_raw); // Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught // in the first 2 steps $keyword_raw = $this->input->xss_clean($keyword_raw); $filter = " (" . $this->_get_searchstring($keyword_raw) . ")"; array_push($this->params, $filter); } else { $keyword_raw = ""; } // Check, has the form been submitted? $form_error = FALSE; $form_saved = FALSE; $form_action = ""; if ($_POST) { $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if ($post->validate()) { // Approve Action if ($post->action == 'a') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $update->incident_active = $update->incident_active == 0 ? '1' : '0'; // Tag this as a report that needs to be sent out as an alert if ($update->incident_alert_status != '2') { // 2 = report that has had an alert sent $update->incident_alert_status = '1'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '1'; // Record 'Verified By' Action $verify->user_id = $_SESSION['auth_user']->id; $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_approve - Approve a Report Event::run('ushahidi_action.report_approve', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.approved')); } elseif ($post->action == 'u') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $update->incident_active = '0'; // If Alert hasn't been sent yet, disable it if ($update->incident_alert_status == '1') { $update->incident_alert_status = '0'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '0'; // Record 'Verified By' Action $verify->user_id = $_SESSION['auth_user']->id; $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_unapprove - Unapprove a Report Event::run('ushahidi_action.report_unapprove', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.unapproved')); } elseif ($post->action == 'v') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); $verify = new Verify_Model(); if ($update->loaded == TRUE) { if ($update->incident_verified == '1') { $update->incident_verified = '0'; $verify->verified_status = '0'; } else { $update->incident_verified = '1'; $verify->verified_status = '2'; } $update->save(); $verify->incident_id = $item; // Record 'Verified By' Action $verify->user_id = $_SESSION['auth_user']->id; $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } // Set the form action $form_action = strtoupper(Kohana::lang('ui_admin.verified_unverified')); } elseif ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $incident_id = $update->id; $location_id = $update->location_id; $update->delete(); // Delete Location ORM::factory('location')->where('id', $location_id)->delete_all(); // Delete Categories ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all(); // Delete Translations ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all(); // Delete Photos From Directory foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) { deletePhoto($photo->id); } // Delete Media ORM::factory('media')->where('incident_id', $incident_id)->delete_all(); // Delete Sender ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all(); // Delete relationship to SMS message $updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find(); if ($updatemessage->loaded == TRUE) { $updatemessage->incident_id = 0; $updatemessage->save(); } // Delete Comments ORM::factory('comment')->where('incident_id', $incident_id)->delete_all(); // Delete form responses ORM::factory('form_response')->where('incident_id', $incident_id)->delete_all(); // Action::report_delete - Deleted a Report Event::run('ushahidi_action.report_delete', $incident_id); } } $form_action = strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { $form_error = TRUE; } } // Fetch all incidents $all_incidents = reports::fetch_incidents(); // Pagination $pagination = new Pagination(array('style' => 'front-end-reports', 'query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $all_incidents->count())); Event::run('ushahidi_filter.pagination', $pagination); // Reports $incidents = Incident_Model::get_incidents(reports::$params, $pagination); Event::run('ushahidi_filter.filter_incidents', $incidents); $this->template->content->countries = Country_Model::get_countries_list(); $this->template->content->incidents = $incidents; $this->template->content->pagination = $pagination; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = $pagination->total_items; // Status Tab $this->template->content->status = $status; // Javascript Header $this->template->js = new View('admin/reports_js'); }
/** * Finds country on deployment database by code * @param string Country Name * @return int Country Id if exists, 0 if not * */ static function getCountryIdByCode($country_code) { // Grab country_id $country = Country_Model::get_country_by_code($country_code); return (!empty($country) and $country->loaded) ? $country->id : 0; }
/** * Model Validation * * @param array $array values to check * @param boolean $save save[Optional] the record when validation succeeds * @return bool TRUE when validation succeeds, FALSE otherwise */ public function validate(array &$post, $save = FALSE) { // Initialise the validation library and setup some rules $post = Validation::factory($post)->pre_filter('trim')->add_rules('alert_mobile', 'numeric', 'length[6,20]')->add_rules('alert_email', 'email', 'length[3,64]')->add_rules('alert_lat', 'required', 'between[-90,90]')->add_rules('alert_lon', 'required', 'between[-180,180]')->add_rules('alert_radius', 'required', 'in_array[1,5,10,20,50,100]')->add_rules('alert_confirmed', 'required', 'in_array[0,1]'); // TODO Callbacks to check for duplicate alert subscription - same // subscriber for the same lat/lon //$post->add_callbacks('alert_mobile', array($this, '_mobile_check')); //$post->add_callbacks('alert_email', array($this, '_email_check')); // Check if a recipient mobile phone no. or email address has been // specified if (empty($post->alert_mobile) and empty($post->alert_email)) { $post->add_rules('alert_recipient', 'required'); } // If deployment is a single country deployment, check that the location mapped is in the default country if (!Kohana::config('settings.multi_country')) { $country = Country_Model::get_country_by_name($post->alert_country); if ($country and $country->id != Kohana::config('settings.default_country')) { $post->add_error('alert_country', 'single_country'); return FALSE; } } return parent::validate($post, $save); }
/** * Lists the reports. * * @param int $page */ public function index($page = 1) { // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "reports_view")) { url::redirect(url::site() . 'admin/dashboard'); } $this->template->content = new View('admin/reports'); $this->template->content->title = Kohana::lang('ui_admin.reports'); // Database table prefix $table_prefix = Kohana::config('database.default.table_prefix'); // Hook into the event for the reports::fetch_incidents() method Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters')); $status = "0"; if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { array_push($this->params, 'i.incident_active = 0'); } elseif (strtolower($status) == 'v') { array_push($this->params, 'i.incident_verified = 0'); } elseif (strtolower($status) == 'o') { array_push($this->params, 'ic.category_id = 5'); } else { $status = "0"; } } // Get Search Keywords (If Any) if (isset($_GET['k'])) { // Brute force input sanitization // Phase 1 - Strip the search string of all non-word characters $keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : ""; // Strip any HTML tags that may have been missed in Phase 1 $keyword_raw = strip_tags($keyword_raw); // Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught // in the first 2 steps $keyword_raw = $this->input->xss_clean($keyword_raw); $filter = " (" . $this->_get_searchstring($keyword_raw) . ")"; array_push($this->params, $filter); } else { $keyword_raw = ""; } // Check, has the form been submitted? $form_error = FALSE; $form_saved = FALSE; $form_action = ""; if ($_POST) { $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, // carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if ($post->validate()) { // Approve Action if ($post->action == 'a') { foreach ($post->incident_id as $item) { // Database instance $db = new Database(); // Query to check if this report is uncategorized i.e categoryless $query = "SELECT ic.* FROM " . $table_prefix . "incident_category ic " . "INNER JOIN " . $table_prefix . "category c ON c.id = ic.category_id " . "INNER JOIN " . $table_prefix . "incident i ON i.id=ic.incident_id " . "WHERE c.category_title =\"NONE\" AND c.category_trusted = '1' " . "AND ic.incident_id = {$item}"; $result = $db->query($query); // Only approve the report IF it's not uncategorized // i.e the query returns a null set if (count($result) == 0) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $update->incident_active = $update->incident_active == 0 ? '1' : '0'; // Tag this as a report that needs to be sent out as an alert if ($update->incident_alert_status != '2') { // 2 = report that has had an alert sent $update->incident_alert_status = '1'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '1'; // Record 'Verified By' Action $verify->user_id = $_SESSION['auth_user']->id; $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_approve - Approve a Report Event::run('ushahidi_action.report_approve', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.approved')); } } elseif ($post->action == 'u') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == TRUE) { $update->incident_active = '0'; // If Alert hasn't been sent yet, disable it if ($update->incident_alert_status == '1') { $update->incident_alert_status = '0'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '0'; // Record 'Verified By' Action $verify->user_id = $_SESSION['auth_user']->id; $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_unapprove - Unapprove a Report Event::run('ushahidi_action.report_unapprove', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.unapproved')); } elseif ($post->action == 'v') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); $verify = new Verify_Model(); if ($update->loaded == TRUE) { if ($update->incident_verified == '1') { $update->incident_verified = '0'; $verify->verified_status = '0'; } else { $update->incident_verified = '1'; $verify->verified_status = '2'; } $update->save(); $verify->incident_id = $item; // Record 'Verified By' Action $verify->user_id = $_SESSION['auth_user']->id; $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } // Set the form action $form_action = strtoupper(Kohana::lang('ui_admin.verified_unverified')); } elseif ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded) { $update->delete(); } } $form_action = strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { $form_error = TRUE; } } // Fetch all incidents $all_incidents = reports::fetch_incidents(); // Pagination $pagination = new Pagination(array('style' => 'front-end-reports', 'query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $all_incidents->count())); Event::run('ushahidi_filter.pagination', $pagination); // Reports $incidents = Incident_Model::get_incidents(reports::$params, $pagination); Event::run('ushahidi_filter.filter_incidents', $incidents); $this->template->content->countries = Country_Model::get_countries_list(); $this->template->content->incidents = $incidents; $this->template->content->pagination = $pagination; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = $pagination->total_items; // Status Tab $this->template->content->status = $status; // Javascript Header $this->template->js = new View('admin/reports_js'); }
/** * GeoCode An Address * * @author * @param string $address * @return array $geocodes - lat/lon */ public static function geocode($address = NULL) { if ($address) { $payload = FALSE; $url = Kohana::config('config.external_site_protocol') . '://maps.google.com/maps/api/geocode/json?sensor=false&address=' . rawurlencode($address); $result = FALSE; if ($result = @file_get_contents($url)) { $payload = json_decode($result); } // Verify that the request succeeded if (!isset($payload->status)) { return FALSE; } if ($payload->status != 'OK') { return FALSE; } // Convert the Geocoder's results to an array $all_components = json_decode(json_encode($payload->results), TRUE); $location = $all_components[0]['geometry']['location']; // Find the country $address_components = $all_components[0]['address_components']; $country_name = NULL; foreach ($address_components as $component) { if (in_array('country', $component['types'])) { $country_name = $component['long_name']; break; } } // If no country has been found, use the formatted address if (empty($country_name)) { $country_name = $all_components[0]['formatted_address']; } // Grab country_id $country = Country_Model::get_country_by_name($country_name); $country_id = (!empty($country) and $country->loaded) ? $country->id : 0; $geocodes = array('country' => $country_name, 'country_id' => $country_id, 'location_name' => $all_components[0]['formatted_address'], 'latitude' => $location['lat'], 'longitude' => $location['lng']); return $geocodes; } else { return FALSE; } }