/**
* Delete existing report
*
* @param int incident_id - the id of the report to be deleted.
*/
private function _delete_report()
{
$form = array('incident_id' => '');
$ret_value = 0;
// Return error value; start with no error
$errors = $form;
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list
// of checks, carried out in order
$post->add_rules('incident_id', 'required', 'numeric');
if ($post->validate()) {
$incident_id = $post->incident_id;
$update = new Incident_Model($incident_id);
if ($update->loaded == true) {
//$incident_id = $update->id;
$location_id = $update->location_id;
$update->delete();
// Delete Location
ORM::factory('location')->where('id', $location_id)->delete_all();
// Delete Categories
ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all();
// Delete Translations
ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all();
// Delete Photos From Directory
foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) {
$this->delete_photo($photo->id);
}
// Delete Media
ORM::factory('media')->where('incident_id', $incident_id)->delete_all();
// Delete Sender
ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all();
// Delete relationship to SMS message
$updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find();
if ($updatemessage->loaded == true) {
$updatemessage->incident_id = 0;
$updatemessage->save();
}
// Delete Comments
ORM::factory('comment')->where('incident_id', $incident_id)->delete_all();
}
} else {
//TODO i18nize the string
$this->error_messages .= "Incident ID is required.";
$ret_value = 1;
}
} else {
$ret_value = 3;
}
// Set the reponse info to be sent back to client
$this->response_data = $this->response($ret_value, $this->error_messages);
}
/**
* Lists the reports.
* @param int $page
*/
function index($page = 1)
{
$this->template->content = new View('admin/reports');
$this->template->content->title = Kohana::lang('ui_admin.reports');
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
$filter = 'incident_active = 0';
} elseif (strtolower($status) == 'v') {
$filter = 'incident_verified = 0';
} else {
$status = "0";
$filter = '1=1';
}
} else {
$status = "0";
$filter = "1=1";
}
// Get Search Keywords (If Any)
if (isset($_GET['k'])) {
$keyword_raw = $_GET['k'];
$filter .= " AND (" . $this->_get_searchstring($keyword_raw) . ")";
} else {
$keyword_raw = "";
}
// check, has the form been submitted?
$form_error = FALSE;
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks, carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if ($post->validate()) {
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$update->incident_active = '1';
// Tag this as a report that needs to be sent out as an alert
$update->incident_alert_status = '1';
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '1';
$verify->user_id = $_SESSION['auth_user']->id;
// Record 'Verified By' Action
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.approved'));
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$update->incident_active = '0';
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '0';
$verify->user_id = $_SESSION['auth_user']->id;
// Record 'Verified By' Action
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == true) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
$verify->incident_id = $item;
$verify->user_id = $_SESSION['auth_user']->id;
// Record 'Verified By' Action
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
$form_action = "VERIFIED";
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$incident_id = $update->id;
$location_id = $update->location_id;
$update->delete();
// Delete Location
ORM::factory('location')->where('id', $location_id)->delete_all();
// Delete Categories
ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all();
// Delete Translations
ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all();
// Delete Photos From Directory
foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) {
deletePhoto($photo->id);
}
// Delete Media
ORM::factory('media')->where('incident_id', $incident_id)->delete_all();
// Delete Sender
ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all();
// Delete relationship to SMS message
$updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find();
if ($updatemessage->loaded == true) {
$updatemessage->incident_id = 0;
$updatemessage->save();
}
// Delete relationship to Twitter message
$updatemessage = ORM::factory('twitter')->where('incident_id', $incident_id)->find();
if ($updatemessage->loaded == true) {
$updatemessage->incident_id = 0;
$updatemessage->save();
}
// Delete Comments
ORM::factory('comment')->where('incident_id', $incident_id)->delete_all();
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
$form_error = TRUE;
}
}
// Pagination
$pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page_admin'), 'total_items' => ORM::factory('incident')->where($filter)->join('location', 'incident.location_id', 'location.id', 'INNER')->count_all()));
$incidents = ORM::factory('incident')->where($filter)->orderby('incident_dateadd', 'desc')->join('location', 'incident.location_id', 'location.id', 'INNER')->find_all((int) Kohana::config('settings.items_per_page_admin'), $pagination->sql_offset);
//GET countries
$countries = array();
foreach (ORM::factory('country')->orderby('country')->find_all() as $country) {
// Create a list of all categories
$this_country = $country->country;
if (strlen($this_country) > 35) {
$this_country = substr($this_country, 0, 35) . "...";
}
$countries[$country->id] = $this_country;
}
$this->template->content->countries = $countries;
$this->template->content->incidents = $incidents;
$this->template->content->pagination = $pagination;
$this->template->content->form_error = $form_error;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = $pagination->total_items;
// Status Tab
$this->template->content->status = $status;
// Javascript Header
$this->template->js = new View('admin/reports_js');
}
/**
* Delete existing report
*
* @param int report_id - the id of the report to be deleted.
*/
public function _delete_report($respone_type)
{
$form = array('incident_id' => '');
$errors = $form;
if ($_POST) {
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of
//checks, carried out in order.
$post->add_rules('incident_id.*', 'required', 'numeric');
if ($post->validate()) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$incident_id = $update->id;
$location_id = $update->location_id;
$update->delete();
// Delete Location
ORM::factory('location')->where('id', $location_id)->delete_all();
// Delete Categories
ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all();
// Delete Translations
ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all();
// Delete Photos From Directory
foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) {
$this->delete_photo($photo->id);
}
// Delete Media
ORM::factory('media')->where('incident_id', $incident_id)->delete_all();
// Delete Sender
ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all();
// Delete relationship to SMS message
$updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find();
if ($updatemessage->loaded == true) {
$updatemessage->incident_id = 0;
$updatemessage->save();
}
// Delete Comments
ORM::factory('comment')->where('incident_id', $incident_id)->delete_all();
}
} else {
//TODO i18nize the string
$this->error_messages .= "Report ID is required.";
$this->ret_value = 1;
}
} else {
$this->ret_value = 3;
}
return $this->api_actions->_response($this->ret_value, $response_type);
}
/**
* Delete existing report
*
* @param int incident_id - the id of the report to be deleted.
*/
private function _delete_report()
{
$form = array('incident_id' => '');
$ret_value = 0;
// Return error value; start with no error
$errors = $form;
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list
// of checks, carried out in order
$post->add_rules('incident_id', 'required', 'numeric');
if ($post->validate(FALSE)) {
$incident_id = $post->incident_id;
$update = new Incident_Model($incident_id);
if ($update->loaded) {
$update->delete();
}
} else {
//TODO i18nize the string
$this->error_messages .= "Incident ID is required.";
$ret_value = 1;
}
} else {
$ret_value = 3;
}
// Set the reponse info to be sent back to client
$this->response_data = $this->response($ret_value, $this->error_messages);
}
/**
* Lists the reports.
*
* @param int $page
*/
public function index($page = 1)
{
// If user doesn't have access, redirect to dashboard
if (!$this->auth->has_permission("reports_view")) {
url::redirect(url::site() . 'admin/dashboard');
}
$this->template->content = new View('admin/reports/main');
$this->template->content->title = Kohana::lang('ui_admin.reports');
// Database table prefix
$table_prefix = Kohana::config('database.default.table_prefix');
// Hook into the event for the reports::fetch_incidents() method
Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters'));
$status = "0";
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
array_push($this->params, 'i.incident_active = 0');
} elseif (strtolower($status) == 'v') {
array_push($this->params, 'i.incident_verified = 0');
} elseif (strtolower($status) == 'o') {
array_push($this->params, '(ic.category_id IS NULL)');
} elseif (strtolower($status) != 'search') {
$status = "0";
}
}
// Get Search Keywords (If Any)
if (isset($_GET['k'])) {
// Brute force input sanitization
// Phase 1 - Strip the search string of all non-word characters
$keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : "";
// Strip any HTML tags that may have been missed in Phase 1
$keyword_raw = strip_tags($keyword_raw);
// Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught
// in the first 2 steps
$keyword_raw = $this->input->xss_clean($keyword_raw);
$filter = " (" . $this->_get_searchstring($keyword_raw) . ")";
array_push($this->params, $filter);
} else {
$keyword_raw = "";
}
$this->template->content->search_form = $this->_search_form();
$this->template->content->search_form->keywords = $keyword_raw;
// Handler sort/order fields
$order_field = 'date';
$sort = 'DESC';
if (isset($_GET['order'])) {
$order_field = html::escape($_GET['order']);
}
if (isset($_GET['sort'])) {
$sort = strtoupper($_GET['sort']) == 'ASC' ? 'ASC' : 'DESC';
}
// Check, has the form been submitted?
$form_error = FALSE;
$errors = array();
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks,
// carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if (in_array($post->action, array('a', 'u')) and !Auth::instance()->has_permission('reports_approve')) {
$post->add_error('action', 'permission');
}
if ($post->action == 'v' and !Auth::instance()->has_permission('reports_verify')) {
$post->add_error('action', 'permission');
}
if ($post->action == 'd' and !Auth::instance()->has_permission('reports_edit')) {
$post->add_error('action', 'permission');
}
if ($post->action == 'a') {
// sanitize the incident_ids
$post->incident_id = array_map('intval', $post->incident_id);
// Query to check if this report is uncategorized i.e categoryless
$query = "SELECT i.* FROM " . $table_prefix . "incident i " . "LEFT JOIN " . $table_prefix . "incident_category ic ON i.id=ic.incident_id " . "LEFT JOIN " . $table_prefix . "category c ON c.id = ic.category_id " . "WHERE c.id IS NULL " . "AND i.id IN :incidentids";
$result = Database::instance()->query($query, array(':incidentids' => $post->incident_id));
// We enly approve the report IF it's categorized
// throw an error if any incidents aren't categorized
foreach ($result as $incident) {
$post->add_error('incident_id', 'categories_required', $incident->incident_title);
}
}
if ($post->validate()) {
// Approve Action
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = '1';
// Tag this as a report that needs to be sent out as an alert
if ($update->incident_alert_status != '2') {
// 2 = report that has had an alert sent
$update->incident_alert_status = '1';
}
$update->save();
// Record 'Verified By' Action
reports::verify_approve($update);
// Action::report_approve - Approve a Report
Event::run('ushahidi_action.report_approve', $update);
}
$form_action = utf8::strtoupper(Kohana::lang('ui_admin.approved'));
}
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = '0';
// If Alert hasn't been sent yet, disable it
if ($update->incident_alert_status == '1') {
$update->incident_alert_status = '0';
}
$update->save();
// Record 'Verified By' Action
reports::verify_approve($update);
// Action::report_unapprove - Unapprove a Report
Event::run('ushahidi_action.report_unapprove', $update);
}
}
$form_action = utf8::strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == TRUE) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
// Record 'Verified By' Action
reports::verify_approve($update);
}
}
// Set the form action
$form_action = utf8::strtoupper(Kohana::lang('ui_admin.verified_unverified'));
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded) {
$update->delete();
}
}
$form_action = utf8::strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
// Repopulate the form fields
//$form = arr::overwrite($form, $post->as_array());
// Populate the error fields, if any
$errors = $post->errors('reports');
$form_error = TRUE;
}
}
// Fetch all incidents
$incidents = reports::fetch_incidents(TRUE, Kohana::config('settings.items_per_page_admin'));
Event::run('ushahidi_filter.filter_incidents', $incidents);
$this->template->content->countries = Country_Model::get_countries_list();
$this->template->content->incidents = $incidents;
$this->template->content->pagination = reports::$pagination;
$this->template->content->form_error = $form_error;
$this->template->content->errors = $errors;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = reports::$pagination->total_items;
// Status Tab
$this->template->content->status = $status;
$this->template->content->order_field = $order_field;
$this->template->content->sort = $sort;
$this->themes->map_enabled = TRUE;
$this->themes->json2_enabled = TRUE;
$this->themes->treeview_enabled = TRUE;
// Javascript Header
$this->themes->js = new View('admin/reports/reports_js');
}
/**
* Lists the reports.
*
* @param int $page
*/
public function index($page = 1)
{
// If user doesn't have access, redirect to dashboard
if (!admin::permissions($this->user, "reports_view")) {
url::redirect(url::site() . 'admin/dashboard');
}
$this->template->content = new View('admin/reports');
$this->template->content->title = Kohana::lang('ui_admin.reports');
//hook into the event for the reports::fetch_incidents() method
Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters'));
$status = "0";
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
array_push($this->params, 'i.incident_active = 0');
} elseif (strtolower($status) == 'v') {
array_push($this->params, 'i.incident_verified = 0');
} else {
$status = "0";
}
}
// Get Search Keywords (If Any)
if (isset($_GET['k'])) {
// Brute force input sanitization
// Phase 1 - Strip the search string of all non-word characters
$keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : "";
// Strip any HTML tags that may have been missed in Phase 1
$keyword_raw = strip_tags($keyword_raw);
// Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught
// in the first 2 steps
$keyword_raw = $this->input->xss_clean($keyword_raw);
$filter = " (" . $this->_get_searchstring($keyword_raw) . ")";
array_push($this->params, $filter);
} else {
$keyword_raw = "";
}
// Check, has the form been submitted?
$form_error = FALSE;
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks, carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if ($post->validate()) {
// Approve Action
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = $update->incident_active == 0 ? '1' : '0';
// Tag this as a report that needs to be sent out as an alert
if ($update->incident_alert_status != '2') {
// 2 = report that has had an alert sent
$update->incident_alert_status = '1';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '1';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_approve - Approve a Report
Event::run('ushahidi_action.report_approve', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.approved'));
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = '0';
// If Alert hasn't been sent yet, disable it
if ($update->incident_alert_status == '1') {
$update->incident_alert_status = '0';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '0';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_unapprove - Unapprove a Report
Event::run('ushahidi_action.report_unapprove', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == TRUE) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
$verify->incident_id = $item;
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
// Set the form action
$form_action = strtoupper(Kohana::lang('ui_admin.verified_unverified'));
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$incident_id = $update->id;
$location_id = $update->location_id;
$update->delete();
// Delete Location
ORM::factory('location')->where('id', $location_id)->delete_all();
// Delete Categories
ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all();
// Delete Translations
ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all();
// Delete Photos From Directory
foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) {
deletePhoto($photo->id);
}
// Delete Media
ORM::factory('media')->where('incident_id', $incident_id)->delete_all();
// Delete Sender
ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all();
// Delete relationship to SMS message
$updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find();
if ($updatemessage->loaded == TRUE) {
$updatemessage->incident_id = 0;
$updatemessage->save();
}
// Delete Comments
ORM::factory('comment')->where('incident_id', $incident_id)->delete_all();
// Delete form responses
ORM::factory('form_response')->where('incident_id', $incident_id)->delete_all();
// Action::report_delete - Deleted a Report
Event::run('ushahidi_action.report_delete', $incident_id);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
$form_error = TRUE;
}
}
// Fetch all incidents
$all_incidents = reports::fetch_incidents();
// Pagination
$pagination = new Pagination(array('style' => 'front-end-reports', 'query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $all_incidents->count()));
Event::run('ushahidi_filter.pagination', $pagination);
// Reports
$incidents = Incident_Model::get_incidents(reports::$params, $pagination);
Event::run('ushahidi_filter.filter_incidents', $incidents);
$this->template->content->countries = Country_Model::get_countries_list();
$this->template->content->incidents = $incidents;
$this->template->content->pagination = $pagination;
$this->template->content->form_error = $form_error;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = $pagination->total_items;
// Status Tab
$this->template->content->status = $status;
// Javascript Header
$this->template->js = new View('admin/reports_js');
}
/**
* Lists the reports.
* @param int $page
*/
public function index($page = 1)
{
// If user doesn't have access, redirect to dashboard
if (!admin::permissions($this->user, "reports_view")) {
url::redirect(url::site() . 'admin/dashboard');
}
$this->template->content = new View('admin/reports');
$this->template->content->title = Kohana::lang('ui_admin.reports');
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
$filter = 'incident_active = 0';
} elseif (strtolower($status) == 'v') {
$filter = 'incident_verified = 0';
} else {
$status = "0";
$filter = '1=1';
}
} else {
$status = "0";
$filter = "1=1";
}
// Get Search Keywords (If Any)
if (isset($_GET['k'])) {
// Brute force input sanitization
// Phase 1 - Strip the search string of all non-word characters
$keyword_raw = preg_replace('/[^\\w+]\\w*/', '', $_GET['k']);
// Strip any HTML tags that may have been missed in Phase 1
$keyword_raw = strip_tags($keyword_raw);
// Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught
// in the first 2 steps
$keyword_raw = $this->input->xss_clean($keyword_raw);
$filter .= " AND (" . $this->_get_searchstring($keyword_raw) . ")";
} else {
$keyword_raw = "";
}
// Check, has the form been submitted?
$form_error = FALSE;
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks, carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if ($post->validate()) {
// Approve Action
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = $update->incident_active == 0 ? '1' : '0';
// Tag this as a report that needs to be sent out as an alert
if ($update->incident_alert_status != '2') {
// 2 = report that has had an alert sent
$update->incident_alert_status = '1';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '1';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_approve - Approve a Report
Event::run('ushahidi_action.report_approve', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.approved'));
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$update->incident_active = '0';
// If Alert hasn't been sent yet, disable it
if ($update->incident_alert_status == '1') {
$update->incident_alert_status = '0';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '0';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_unapprove - Unapprove a Report
Event::run('ushahidi_action.report_unapprove', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == true) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
$verify->incident_id = $item;
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
// Set the form action
$form_action = strtoupper(Kohana::lang('ui_admin.verified_unverified'));
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$incident_id = $update->id;
$location_id = $update->location_id;
$update->delete();
// Delete Location
ORM::factory('location')->where('id', $location_id)->delete_all();
// Delete Categories
ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all();
// Delete Translations
ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all();
// Delete Photos From Directory
foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) {
deletePhoto($photo->id);
}
// Delete Media
ORM::factory('media')->where('incident_id', $incident_id)->delete_all();
// Delete Sender
ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all();
// Delete relationship to SMS message
$updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find();
if ($updatemessage->loaded == true) {
$updatemessage->incident_id = 0;
$updatemessage->save();
}
// Delete Comments
ORM::factory('comment')->where('incident_id', $incident_id)->delete_all();
// Delete form responses
ORM::factory('form_response')->where('incident_id', $incident_id)->delete_all();
// Action::report_delete - Deleted a Report
Event::run('ushahidi_action.report_delete', $incident_id);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
$form_error = TRUE;
}
}
// Pagination
$pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => $this->items_per_page, 'total_items' => ORM::factory('incident')->join('location', 'incident.location_id', 'location.id', 'INNER')->where($filter)->count_all()));
$incidents = ORM::factory('incident')->join('location', 'incident.location_id', 'location.id', 'INNER')->where($filter)->orderby('incident_dateadd', 'desc')->find_all($this->items_per_page, $pagination->sql_offset);
$location_ids = array();
foreach ($incidents as $incident) {
$location_ids[] = $incident->location_id;
}
// Check if location_ids is not empty
if (count($location_ids) > 0) {
$locations_result = ORM::factory('location')->in('id', implode(',', $location_ids))->find_all();
$locations = array();
$country_ids = array();
foreach ($locations_result as $loc) {
$locations[$loc->id] = $loc->location_name;
$country_ids[$loc->id]['country_id'] = $loc->country_id;
}
} else {
$locations = array();
}
$this->template->content->locations = $locations;
$this->template->content->country_ids = $country_ids;
// GET countries
$countries = array();
foreach (ORM::factory('country')->orderby('country')->find_all() as $country) {
// Create a list of all categories
$this_country = $country->country;
if (strlen($this_country) > 35) {
$this_country = substr($this_country, 0, 35) . "...";
}
$countries[$country->id] = $this_country;
}
$this->template->content->countries = $countries;
$this->template->content->incidents = $incidents;
$this->template->content->pagination = $pagination;
$this->template->content->form_error = $form_error;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = $pagination->total_items;
// Status Tab
$this->template->content->status = $status;
// Javascript Header
$this->template->js = new View('admin/reports_js');
}
/**
* Lists the reports.
* @param int $page
*/
function index($page = 1)
{
// If user doesn't have access, redirect to dashboard
if (!admin::permissions($this->user, "reports_view")) {
url::redirect(url::site() . 'admin/dashboard');
}
$this->template->content = new View('adminmap/adminmap_reports');
$this->template->content->title = Kohana::lang('ui_admin.reports');
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
$filter = 'incident.incident_active = 0';
} elseif (strtolower($status) == 'v') {
$filter = 'incident.incident_verified = 0';
} else {
$status = "0";
$filter = '1=1';
}
} else {
$status = "0";
$filter = "1=1";
}
// check, has the form been submitted?
$form_error = FALSE;
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks, carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if ($post->validate()) {
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
if ($update->incident_active == 0) {
$update->incident_active = '1';
} else {
$update->incident_active = '0';
}
// Tag this as a report that needs to be sent out as an alert
if ($update->incident_alert_status != '2') {
// 2 = report that has had an alert sent
$update->incident_alert_status = '1';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '1';
$verify->user_id = $_SESSION['auth_user']->id;
// Record 'Verified By' Action
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_approve - Approve a Report
Event::run('ushahidi_action.report_approve', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.approved'));
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$update->incident_active = '0';
// If Alert hasn't been sent yet, disable it
if ($update->incident_alert_status == '1') {
$update->incident_alert_status = '0';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '0';
$verify->user_id = $_SESSION['auth_user']->id;
// Record 'Verified By' Action
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_unapprove - Unapprove a Report
Event::run('ushahidi_action.report_unapprove', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == true) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
$verify->incident_id = $item;
$verify->user_id = $_SESSION['auth_user']->id;
// Record 'Verified By' Action
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
$form_action = "VERIFIED";
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$incident_id = $update->id;
$location_id = $update->location_id;
$update->delete();
// Delete Location
ORM::factory('location')->where('id', $location_id)->delete_all();
// Delete Categories
ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all();
// Delete Translations
ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all();
// Delete Photos From Directory
foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) {
deletePhoto($photo->id);
}
// Delete Media
ORM::factory('media')->where('incident_id', $incident_id)->delete_all();
// Delete Sender
ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all();
// Delete relationship to SMS message
$updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find();
if ($updatemessage->loaded == true) {
$updatemessage->incident_id = 0;
$updatemessage->save();
}
// Delete Comments
ORM::factory('comment')->where('incident_id', $incident_id)->delete_all();
// Action::report_delete - Deleted a Report
Event::run('ushahidi_action.report_delete', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
$form_error = TRUE;
}
}
$db = new Database();
// Category ID
$category_ids = array();
if (isset($_GET['c']) and !empty($_GET['c'])) {
$category_ids = explode(",", $_GET['c']);
//get rid of that trailing ","
} else {
$category_ids = array("0");
}
// logical operator
$logical_operator = "or";
if (isset($_GET['lo']) and !empty($_GET['lo'])) {
$logical_operator = $_GET['lo'];
}
$show_unapproved = "3";
//1 show only approved, 2 show only unapproved, 3 show all
//figure out if we're showing unapproved stuff or what.
if (isset($_GET['u']) and !empty($_GET['u'])) {
$show_unapproved = (int) $_GET['u'];
}
$approved_text = "";
if ($show_unapproved == 1) {
$approved_text = "incident.incident_active = 1 ";
} else {
if ($show_unapproved == 2) {
$approved_text = "incident.incident_active = 0 ";
} else {
if ($show_unapproved == 3) {
$approved_text = " (incident.incident_active = 0 OR incident.incident_active = 1) ";
}
}
}
// Start Date
$start_date = (isset($_GET['s']) and !empty($_GET['s'])) ? (int) $_GET['s'] : "0";
// End Date
$end_date = (isset($_GET['e']) and !empty($_GET['e'])) ? (int) $_GET['e'] : "0";
$filter .= $start_date ? " AND incident.incident_date >= '" . date("Y-m-d H:i:s", $start_date) . "'" : "";
$filter .= $end_date ? " AND incident.incident_date <= '" . date("Y-m-d H:i:s", $end_date) . "'" : "";
$location_where = "";
// Break apart location variables, if necessary
$southwest = array();
if (isset($_GET['sw'])) {
$southwest = explode(",", $_GET['sw']);
}
$northeast = array();
if (isset($_GET['ne'])) {
$northeast = explode(",", $_GET['ne']);
}
if (count($southwest) == 2 and count($northeast) == 2) {
$lon_min = (double) $southwest[0];
$lon_max = (double) $northeast[0];
$lat_min = (double) $southwest[1];
$lat_max = (double) $northeast[1];
$location_where = ' AND (location.latitude >=' . $lat_min . ' AND location.latitude <=' . $lat_max . ' AND location.longitude >=' . $lon_min . ' AND location.longitude <=' . $lon_max . ') ';
}
$reports_count = adminmap_reports::get_reports_count($category_ids, $approved_text, $location_where . " AND " . $filter, $logical_operator);
// Pagination
$pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $reports_count));
$incidents = adminmap_reports::get_reports($category_ids, $approved_text, $location_where . " AND " . $filter, $logical_operator, "incident.incident_date", "asc", (int) Kohana::config('settings.items_per_page_admin'), $pagination->sql_offset);
//GET countries
$countries = array();
foreach (ORM::factory('country')->orderby('country')->find_all() as $country) {
// Create a list of all categories
$this_country = $country->country;
if (strlen($this_country) > 35) {
$this_country = substr($this_country, 0, 35) . "...";
}
$countries[$country->id] = $this_country;
}
$this->template->content->countries = $countries;
$this->template->content->incidents = $incidents;
$this->template->content->pagination = $pagination;
$this->template->content->form_error = $form_error;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = $pagination->total_items;
// Status Tab
$this->template->content->status = $status;
// Javascript Header
$this->template->js = new View('admin/reports_js');
}
/**
* Lists the reports.
* @param int $page
*/
function index($page = 1)
{
$auth = new auth();
if (!($auth and $auth->logged_in('superadmin'))) {
url::redirect('admin/dashboard');
}
$this->template->content = new View('simplegroups/reportssuper');
$this->template->content->title = Kohana::lang('ui_admin.reports');
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
$filter = 'incident_active = 0';
} elseif (strtolower($status) == 'v') {
$filter = 'incident_verified = 0';
} else {
$status = "0";
$filter = '1=1';
}
} else {
$status = "0";
$filter = "1=1";
}
// Get Search Keywords (If Any)
if (isset($_GET['k'])) {
// Brute force input sanitization
// Phase 1 - Strip the search string of all non-word characters
$keyword_raw = preg_replace('/[^\\w+]\\w*/', '', $_GET['k']);
// Strip any HTML tags that may have been missed in Phase 1
$keyword_raw = strip_tags($keyword_raw);
// Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught
// in the first 2 steps
$keyword_raw = $this->input->xss_clean($keyword_raw);
$filter .= " AND (" . $this->_get_searchstring($keyword_raw) . ")";
} else {
$keyword_raw = "";
}
// check, has the form been submitted?
$form_error = FALSE;
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks, carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if ($post->validate()) {
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
if ($update->incident_active == 0) {
$update->incident_active = '1';
} else {
$update->incident_active = '0';
}
// Tag this as a report that needs to be sent out as an alert
if ($update->incident_alert_status != '2') {
// 2 = report that has had an alert sent
$update->incident_alert_status = '1';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '1';
$verify->user_id = $_SESSION['auth_user']->id;
// Record 'Verified By' Action
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_approve - Approve a Report
Event::run('ushahidi_action.report_approve', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.approved'));
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$update->incident_active = '0';
// If Alert hasn't been sent yet, disable it
if ($update->incident_alert_status == '1') {
$update->incident_alert_status = '0';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '0';
$verify->user_id = $_SESSION['auth_user']->id;
// Record 'Verified By' Action
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_unapprove - Unapprove a Report
Event::run('ushahidi_action.report_unapprove', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == true) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
$verify->incident_id = $item;
$verify->user_id = $_SESSION['auth_user']->id;
// Record 'Verified By' Action
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
$form_action = "VERIFIED";
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == true) {
$incident_id = $update->id;
$location_id = $update->location_id;
$update->delete();
// Delete Location
ORM::factory('location')->where('id', $location_id)->delete_all();
// Delete Categories
ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all();
// Delete Translations
ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all();
// Delete Photos From Directory
foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) {
deletePhoto($photo->id);
}
// Delete Media
ORM::factory('media')->where('incident_id', $incident_id)->delete_all();
// Delete Sender
ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all();
// Delete relationship to SMS message
$updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find();
if ($updatemessage->loaded == true) {
$updatemessage->incident_id = 0;
$updatemessage->save();
}
// Delete Comments
ORM::factory('comment')->where('incident_id', $incident_id)->delete_all();
//Delete Group
ORM::factory("simplegroups_groups_incident")->where('incident_id', $incident_id)->delete_all();
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
$form_error = TRUE;
}
}
$db = new Database();
// Category ID
$category_ids = array();
if (isset($_GET['c']) and !empty($_GET['c'])) {
$category_ids = explode(",", $_GET['c']);
//get rid of that trailing ","
} else {
$category_ids = array("0");
}
// logical operator
$logical_operator = "or";
if (isset($_GET['lo']) and !empty($_GET['lo'])) {
$logical_operator = $_GET['lo'];
}
$show_unapproved = "3";
//1 show only approved, 2 show only unapproved, 3 show all
//figure out if we're showing unapproved stuff or what.
if (isset($_GET['u']) and !empty($_GET['u'])) {
$show_unapproved = (int) $_GET['u'];
}
$approved_text = "";
if ($show_unapproved == 1) {
$approved_text = "incident.incident_active = 1 ";
} else {
if ($show_unapproved == 2) {
$approved_text = "incident.incident_active = 0 ";
} else {
if ($show_unapproved == 3) {
$approved_text = " (incident.incident_active = 0 OR incident.incident_active = 1) ";
}
}
}
$location_where = "";
// Break apart location variables, if necessary
$southwest = array();
if (isset($_GET['sw'])) {
$southwest = explode(",", $_GET['sw']);
}
$northeast = array();
if (isset($_GET['ne'])) {
$northeast = explode(",", $_GET['ne']);
}
if (count($southwest) == 2 and count($northeast) == 2) {
$lon_min = (double) $southwest[0];
$lon_max = (double) $northeast[0];
$lat_min = (double) $southwest[1];
$lat_max = (double) $northeast[1];
$location_where = ' AND (location.latitude >=' . $lat_min . ' AND location.latitude <=' . $lat_max . ' AND location.longitude >=' . $lon_min . ' AND location.longitude <=' . $lon_max . ') ';
}
$group = 0;
//figure out if we're showing unapproved stuff or what.
if (isset($_GET['sg']) and !empty($_GET['sg'])) {
$group = (int) $_GET['sg'];
}
$group_where = " (1=1) ";
if ($group != 0) {
$group_where = " (simplegroups_groups_incident.simplegroups_groups_id = " . $group . ") ";
}
$reports_count = groups::get_reports_count($category_ids, $approved_text, $location_where . " AND " . $filter . " AND " . $group_where, $logical_operator);
// Pagination
$pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $reports_count));
$incidents = groups::get_reports($category_ids, $approved_text, $location_where . " AND " . $filter . " AND " . $group_where, $logical_operator, "incident.incident_date", "asc", (int) Kohana::config('settings.items_per_page_admin'), $pagination->sql_offset);
$location_ids = array();
foreach ($incidents as $incident) {
$location_ids[] = $incident->location_id;
}
//check if location_ids is not empty
if (count($location_ids) > 0) {
$locations_result = ORM::factory('location')->in('id', implode(',', $location_ids))->find_all();
$locations = array();
foreach ($locations_result as $loc) {
$locations[$loc->id] = $loc->location_name;
}
} else {
$locations = array();
}
$this->template->content->locations = $locations;
//GET countries
$countries = array();
foreach (ORM::factory('country')->orderby('country')->find_all() as $country) {
// Create a list of all categories
$this_country = $country->country;
if (strlen($this_country) > 35) {
$this_country = substr($this_country, 0, 35) . "...";
}
$countries[$country->id] = $this_country;
}
$this->template->content->countries = $countries;
$this->template->content->incidents = $incidents;
$this->template->content->pagination = $pagination;
$this->template->content->form_error = $form_error;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = $pagination->total_items;
// Status Tab
$this->template->content->status = $status;
// Javascript Header
$this->template->js = new View('simplegroups/reports_js');
}
/**
* Lists the reports.
*
* @param int $page
*/
public function index($page = 1)
{
// If user doesn't have access, redirect to dashboard
if (!admin::permissions($this->user, "reports_view")) {
url::redirect(url::site() . 'admin/dashboard');
}
$this->template->content = new View('admin/reports');
$this->template->content->title = Kohana::lang('ui_admin.reports');
// Database table prefix
$table_prefix = Kohana::config('database.default.table_prefix');
// Hook into the event for the reports::fetch_incidents() method
Event::add('ushahidi_filter.fetch_incidents_set_params', array($this, '_add_incident_filters'));
$status = "0";
if (!empty($_GET['status'])) {
$status = $_GET['status'];
if (strtolower($status) == 'a') {
array_push($this->params, 'i.incident_active = 0');
} elseif (strtolower($status) == 'v') {
array_push($this->params, 'i.incident_verified = 0');
} elseif (strtolower($status) == 'o') {
array_push($this->params, 'ic.category_id = 5');
} else {
$status = "0";
}
}
// Get Search Keywords (If Any)
if (isset($_GET['k'])) {
// Brute force input sanitization
// Phase 1 - Strip the search string of all non-word characters
$keyword_raw = isset($_GET['k']) ? preg_replace('#/\\w+/#', '', $_GET['k']) : "";
// Strip any HTML tags that may have been missed in Phase 1
$keyword_raw = strip_tags($keyword_raw);
// Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught
// in the first 2 steps
$keyword_raw = $this->input->xss_clean($keyword_raw);
$filter = " (" . $this->_get_searchstring($keyword_raw) . ")";
array_push($this->params, $filter);
} else {
$keyword_raw = "";
}
// Check, has the form been submitted?
$form_error = FALSE;
$form_saved = FALSE;
$form_action = "";
if ($_POST) {
$post = Validation::factory($_POST);
// Add some filters
$post->pre_filter('trim', TRUE);
// Add some rules, the input field, followed by a list of checks,
// carried out in order
$post->add_rules('action', 'required', 'alpha', 'length[1,1]');
$post->add_rules('incident_id.*', 'required', 'numeric');
if ($post->validate()) {
// Approve Action
if ($post->action == 'a') {
foreach ($post->incident_id as $item) {
// Database instance
$db = new Database();
// Query to check if this report is uncategorized i.e categoryless
$query = "SELECT ic.* FROM " . $table_prefix . "incident_category ic " . "INNER JOIN " . $table_prefix . "category c ON c.id = ic.category_id " . "INNER JOIN " . $table_prefix . "incident i ON i.id=ic.incident_id " . "WHERE c.category_title =\"NONE\" AND c.category_trusted = '1' " . "AND ic.incident_id = {$item}";
$result = $db->query($query);
// Only approve the report IF it's not uncategorized
// i.e the query returns a null set
if (count($result) == 0) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = $update->incident_active == 0 ? '1' : '0';
// Tag this as a report that needs to be sent out as an alert
if ($update->incident_alert_status != '2') {
// 2 = report that has had an alert sent
$update->incident_alert_status = '1';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '1';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_approve - Approve a Report
Event::run('ushahidi_action.report_approve', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.approved'));
}
} elseif ($post->action == 'u') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded == TRUE) {
$update->incident_active = '0';
// If Alert hasn't been sent yet, disable it
if ($update->incident_alert_status == '1') {
$update->incident_alert_status = '0';
}
$update->save();
$verify = new Verify_Model();
$verify->incident_id = $item;
$verify->verified_status = '0';
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
// Action::report_unapprove - Unapprove a Report
Event::run('ushahidi_action.report_unapprove', $update);
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.unapproved'));
} elseif ($post->action == 'v') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
$verify = new Verify_Model();
if ($update->loaded == TRUE) {
if ($update->incident_verified == '1') {
$update->incident_verified = '0';
$verify->verified_status = '0';
} else {
$update->incident_verified = '1';
$verify->verified_status = '2';
}
$update->save();
$verify->incident_id = $item;
// Record 'Verified By' Action
$verify->user_id = $_SESSION['auth_user']->id;
$verify->verified_date = date("Y-m-d H:i:s", time());
$verify->save();
}
}
// Set the form action
$form_action = strtoupper(Kohana::lang('ui_admin.verified_unverified'));
} elseif ($post->action == 'd') {
foreach ($post->incident_id as $item) {
$update = new Incident_Model($item);
if ($update->loaded) {
$update->delete();
}
}
$form_action = strtoupper(Kohana::lang('ui_admin.deleted'));
}
$form_saved = TRUE;
} else {
$form_error = TRUE;
}
}
// Fetch all incidents
$all_incidents = reports::fetch_incidents();
// Pagination
$pagination = new Pagination(array('style' => 'front-end-reports', 'query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $all_incidents->count()));
Event::run('ushahidi_filter.pagination', $pagination);
// Reports
$incidents = Incident_Model::get_incidents(reports::$params, $pagination);
Event::run('ushahidi_filter.filter_incidents', $incidents);
$this->template->content->countries = Country_Model::get_countries_list();
$this->template->content->incidents = $incidents;
$this->template->content->pagination = $pagination;
$this->template->content->form_error = $form_error;
$this->template->content->form_saved = $form_saved;
$this->template->content->form_action = $form_action;
// Total Reports
$this->template->content->total_items = $pagination->total_items;
// Status Tab
$this->template->content->status = $status;
// Javascript Header
$this->template->js = new View('admin/reports_js');
}
