public function Members()
{
$q = "SELECT `MemberID` FROM `MembersCallings` WHERE `CallingID`={$this->ID}";
$r = DB::Run($q);
$members = array();
while ($row = mysql_fetch_array($r)) {
$members[] = Member::Load($row['MemberID']);
}
return $members;
}
<?php
require_once "../lib/init.php";
protectPage(12);
// Profile pictures privileges
// Get a list of all current members
$q = "SELECT ID FROM Members WHERE WardID={$MEMBER->WardID} AND PictureFile != '' ORDER BY FirstName ASC, LastName ASC";
$r = DB::Run($q);
if (mysql_num_rows($r) == 0) {
fail("No pictures to export; no members have a profile picture.");
}
$zip = new ZipStream("profile_pics.zip");
while ($row = mysql_fetch_array($r)) {
$member = Member::Load($row['ID']);
$file = $member->PictureFile;
if (file_exists("../uploads/{$file}")) {
$zip->addLargeFile("../uploads/" . $file, "profile_pictures/" . $file);
}
}
$zip->finalize();
for ($i = 1; $i <= 3; $i++) {
DB::Run("UPDATE FheGroups SET Leader{$i}=0 WHERE Leader{$i}='{$ldr1}' OR Leader{$i}='{$ldr2}' OR Leader{$i}='{$ldr3}'");
}
// Make assignments, but don't save changes yet.
$group->GroupName = $_POST['groupname'];
$group->Leader1 = $_POST['ldr1'];
$group->Leader2 = $_POST['ldr2'];
$group->Leader3 = $_POST['ldr3'];
// Move the leaders into their new groups
if ($group->Leader1 > 0) {
$mem = Member::Load($group->Leader1);
$mem->FheGroup = $id;
$mem->Save();
}
if ($group->Leader2 > 0) {
$mem = Member::Load($group->Leader2);
$mem->FheGroup = $id;
$mem->Save();
}
if ($group->Leader3 > 0) {
$mem = Member::Load($group->Leader3);
$mem->FheGroup = $id;
$mem->Save();
}
if ($group->ConsolidateLeaders()) {
// Persists the object in the DB
Response::Send(200);
} else {
Response::Send(500, "Something went wrong; could not save group...");
}
}
public function GetBishop()
{
$q = DB::Run("SELECT `Members`.`ID`\n\t\t\t\t\t\tFROM\n\t\t\t\t\t\t\t`MembersCallings`\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\t\t\t`Callings`\n\t\t\t\t\t\tON\n\t\t\t\t\t\t\t`MembersCallings`.`CallingID` = `Callings`.`ID`\n\t\t\t\t\t\tINNER JOIN\n\t\t\t\t\t\t\t`Members`\n\t\t\t\t\t\tON\n\t\t\t\t\t\t\t`MembersCallings`.`MemberID` = `Members`.`ID`\n\t\t\t\t\t\tWHERE\n\t\t\t\t\t\t\t`Callings`.`WardID`={$this->ID} AND\n\t\t\t\t\t\t\t`Callings`.`Name`='Bishop' AND\n\t\t\t\t\t\t\t`Callings`.`Preset`=1\n\t\t\t\t\t\tLIMIT 1;");
if (!mysql_num_rows($q)) {
return null;
} else {
$r = mysql_fetch_array($q);
return Member::Load($r['ID']);
}
}
while ($row = mysql_fetch_array($r)) {
array_push($mems, Member::Load($row['ID']));
}
// Arrange the members, grouped by FHE group, into groups. (Huh?)
$groups = array();
foreach ($mems as $mem) {
$groupid = $mem->FheGroup;
if (!array_key_exists($groupid, $groups)) {
$group = $mem->FheGroup();
$groups[$groupid] = array();
$groups[$groupid]['group'] = $group;
$groups[$groupid]['leaders'] = array();
$groups[$groupid]['members'] = array();
$ldr1 = Member::Load($group->Leader1);
$ldr2 = Member::Load($group->Leader2);
$ldr3 = Member::Load($group->Leader3);
if ($ldr1) {
$groups[$groupid]['leaders'][] = $ldr1;
}
if ($ldr2) {
$groups[$groupid]['leaders'][] = $ldr2;
}
if ($ldr3) {
$groups[$groupid]['leaders'][] = $ldr3;
}
}
// Only add the member to the regular member list if they're not a group leader
$isLeader = false;
foreach ($groups[$groupid]['leaders'] as $ldr) {
if ($ldr->ID() == $mem->ID()) {
$isLeader = true;
// Email all sisters
// Get a list of this member's FHE group for convenience
$fheGroupMembers = array();
$r = DB::Run("SELECT ID FROM Members WHERE FheGroup='{$MEMBER->FheGroup}' AND FheGroup != ''");
while ($row = mysql_fetch_array($r)) {
array_push($fheGroupMembers, $row['ID']);
}
} else {
if ($MEMBER == null && $LEADER != null) {
$m = $LEADER;
// Get a list of all members of the stake
$mems = array();
$q = "SELECT ID FROM Members WHERE WardID IN (SELECT ID FROM Wards WHERE StakeID = '{$LEADER->StakeID}') ORDER BY FirstName ASC, LastName ASC";
$r = DB::Run($q);
while ($row = mysql_fetch_array($r)) {
array_push($mems, Member::Load($row['ID']));
}
// Get member's privileges in these matters
$has1 = true;
// Email all members
$has2 = true;
// Email all brethren
$has3 = true;
// Email all sisters
// Get a list of this member's FHE group for convenience
$fheGroupMembers = array();
}
}
?>
<!DOCTYPE html>
<html>
public function Start()
{
// Necessary fields must be basically valid
if ($this->Started > 0 || $this->Finished > 0 || !$this->StakeID && !$this->WardID || !$this->SenderID || !$this->Message || !$this->Recipients || count($this->Recipients) == 0) {
return false;
}
// Populate the sender name and email fields for preservation purposes
if ($this->IsMemberSender()) {
$mem = Member::Load($this->SenderID);
$this->SenderName = $mem->FirstName() . " " . $mem->LastName;
$this->SenderPhone = $mem->PhoneNumber;
} else {
$leader = StakeLeader::Load($this->SenderID);
$this->SenderName = $leader->Title . " " . $leader->FirstName . " " . $leader->LastName;
$this->SenderPhone = $leader->PhoneNumber;
}
// We leave sendsms.php to set and save the "start" timestamp; we don't do it here.
$this->Save();
// See EmailJob.php for any explanation about this last part
$docroot = DOCROOT;
$smspwd = SMS_JOB_PASSWORD;
$cmd = "php {$docroot}/api/sendsms.php {$this->ID} {$smspwd}";
exec("/usr/bin/nohup {$cmd} &> error_log &");
return true;
}
<?php
require_once "lib/init.php";
protectPage(0, true);
if (!isset($_GET['id'])) {
header("Location: /directory");
}
$mem = Member::Load($_GET['id']);
if (!$mem) {
header("Location: /directory");
}
// No member with given ID number, or member is not in the same ward
$memInWard = $mem->WardID != $WARD->ID();
$memInLeaderStake = false;
if ($LEADER != null) {
$r = DB::Run("SELECT StakeID FROM Wards WHERE ID='{$mem->WardID}'");
$row = mysql_fetch_object($r);
if ($row->StakeID == $LEADER->StakeID) {
$memInLeaderStake = true;
}
}
if (!$memInWard && !$memInLeaderStake) {
header("Location: /directory");
}
$isCurrent = $MEMBER && $MEMBER->ID() == $mem->ID();
// Get parts of the birth date
$bdate = strtotime($mem->Birthday);
$mm = date("F", $bdate);
$dd = date("j", $bdate);
$ordinal = date("S", $bdate);
// Load survey questions in order to get the answers
<div id="meta">
According to <b><?php
echo SITE_DOMAIN;
?>
</b>
as of <b><?php
echo date("F j, Y");
?>
</b>
</div>
</div>
<hr class="line" style="margin-bottom: -.5em">
<?php
while ($r = mysql_fetch_array($q)) {
$mem = Member::Load($r['ID']);
// Because of the epic SQL query above, regular addresses have both
// a full address AND a "regular" one e.g. ("Stratford 203")
// Prefer the "regular" one over the full one.
$addrString = trim($r['RegularAddr']) ? $r['RegularAddr'] : $r['FullAddr'];
if ($addrString == "") {
$addrString = "(No address provided)";
}
// Get parts of the birth date (don't show year on printed directories)
$bdate = strtotime($mem->Birthday);
$mm = date("F", $bdate);
$dd = date("j", $bdate);
if ($lastApt != $addrString) {
$i = 0;
// Reset the counter b/c we're restarting at a new row
?>
}
$callings = array();
while ($row = mysql_fetch_array($r)) {
$c = Calling::Load($row['ID']);
if (!$c) {
continue;
}
$r2 = DB::Run("SELECT MemberID FROM MembersCallings WHERE CallingID={$c->ID()}");
if (!$r2) {
fail("ERROR > Can't list members' callings. Please report this: " . mysql_error());
}
if (mysql_num_rows($r2) > 0) {
$callings[$c->Name] = array();
// Get a list of members with this calling
while ($row2 = mysql_fetch_array($r2)) {
$m = Member::Load($row2['MemberID']);
if (!$m) {
continue;
}
$callings[$c->Name][] = $m;
}
}
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Callings — <?php
echo $WARD ? $WARD->Name . " Ward" : SITE_NAME;
?>
</title>
</form>
<br>
<h2 id="by-member">Privileges granted to members</h2>
<table class="privList">
<tr>
<th>Member</th>
<th>Privilege</th>
<th>Options</th>
</tr>
<?php
$rm = DB::Run("SELECT MemberID,PrivilegeID FROM GrantedPrivileges INNER JOIN Members ON Members.ID = MemberID INNER JOIN Privileges ON Privileges.ID = GrantedPrivileges.PrivilegeID WHERE MemberID > 0 AND Members.WardID={$MEMBER->WardID} ORDER BY Members.FirstName ASC, Members.LastName ASC");
while ($row = mysql_fetch_array($rm)) {
$priv = Privilege::Load($row['PrivilegeID']);
$mem = Member::Load($row['MemberID']);
?>
<tr>
<td>
<b><?php
echo $mem->FirstName . ' ' . $mem->LastName;
?>
</b>
</td>
<td>
<span title="<?php
echo $priv->HelpText();
?>
"><?php
echo $priv->Privilege();
?>
<?php
require_once "../../lib/init.php";
protectPage(13);
@($users = $_POST['users']);
if (!isset($users) || !count($users)) {
Response::Send(400, "You must specify at least one account to delete.");
}
$mems = array();
foreach ($users as $id) {
$mem = Member::Load($id);
if (!$mem) {
fail("ERROR > User with ID {$id} couldn't be loaded. Are you sure the account exists? Aborting.");
}
if ($mem->ID() == $MEMBER->ID()) {
fail("ERROR > You can't delete your own account");
}
if ($mem->WardID != $MEMBER->WardID) {
fail("ERROR > You can only delete accounts of members in your own ward. User with ID {$mem->ID()} is not in your ward.");
}
$mems[] = $mem;
}
foreach ($mems as $mem) {
if (!$mem->Delete(true)) {
fail("Could not delete member with ID {$mem->ID()}... but all others before him/her were deleted.");
}
}
header("Location: ../prune.php?success=true");
}
// Verify that the credentials ID matches the token
$credID = DB::Safe($credID);
$token = DB::Safe($token);
$r = DB::Run("SELECT 1 FROM `PwdResetTokens` WHERE `CredentialsID`='{$credID}' AND `Token`='{$token}' LIMIT 1");
if (mysql_num_rows($r) == 0) {
Response::Send(400, "Account ID and token do not appear to match. Maybe try again from the link in your email?");
}
// Get account object (Member or Leader) -- first we have to determine which type it is
$q2 = DB::Run("SELECT * FROM Credentials WHERE ID='{$credID}' LIMIT 1");
$r = mysql_fetch_array($q2);
$memberID = $r['MemberID'];
$leaderID = $r['StakeLeaderID'];
$user = null;
if ($memberID && !$leaderID) {
$user = @Member::Load($memberID);
} else {
if ($leaderID && !$memberID) {
$user = @StakeLeader::Load($leaderID);
}
}
if (!$user) {
Response::Send(500, "Could not load account with ID '{$memberID}' or '{$leaderID}', from credentials ID {$credID} -- please report this exact error message. Thanks...");
}
// Reset password.
if (!$user->ChangePassword($pwd1)) {
// This function deletes the token from the DB for us
Response::Send(500, "Could not reset your password for some reason... please report this.");
}
// In the clear!
Response::Send(200);
<?php
require_once "../../lib/init.php";
protectPage(12);
// Grab the variables from the form
@($memberID = $_GET['member']);
if (!$memberID) {
fail("No member was specified; nothing to do.");
}
$mem = Member::Load($memberID);
if (!$mem) {
fail("Could not load member with ID " . $memberID . " - please report this.");
}
if ($mem->WardID != $MEMBER->WardID) {
fail("Member " . $memberID . " is not in your ward.");
}
if ($mem->DeletePictureFile()) {
Response::Send(200, $memberID);
} else {
fail("Could not delete profile picture, probably because the user doesn't have a picture, or it is already the default one.");
}
public function Start()
{
// Necessary fields must be filled out
if ($this->Started > 0 || $this->Ended > 0 || !$this->MemberID && !$this->StakeLeaderID || !$this->Subject || !$this->Message || !$this->Recipients) {
return;
}
// Populate the sender name and email fields for preservation purposes
if ($this->IsMemberSender()) {
$mem = Member::Load($this->MemberID);
$this->SenderName = $mem->FirstName() . " " . $mem->LastName;
$this->SenderEmail = $mem->Email;
} else {
$leader = StakeLeader::Load($this->StakeLeaderID);
$this->SenderName = $leader->Title . " " . $leader->LastName;
$this->SenderEmail = $leader->Email;
}
// We leave sendemails.php to set and save the "start" timestamp; we don't do it here.
$this->Save();
// Call the worker process to run in the background. We pass in the ID
// of the EmailJob so it can load all its info and process it. The worker
// process sends the emails at a throttled rate.
// The & tells it to go into the background, and the /dev/null thing
// means any output can be discarded. The funky string "DKQl..." is a
// password for internal use to help verify that the request is a valid one
// from a legit source.
$docroot = DOCROOT;
$pwd = EMAIL_JOB_PASSWORD;
$cmd = "php {$docroot}/api/sendemails.php {$this->ID} {$pwd}";
exec("/usr/bin/nohup {$cmd} &> error_log &");
}
public function Roommates()
{
$res = $this->Residence();
$roommates = array();
if ($this->HasCustomResidence()) {
$addr = $res->Address;
$city = $res->City;
$state = $res->State;
$zip = $res->PostalCode;
$r = DB::Run("SELECT Members.ID FROM Members INNER JOIN Residences " . "ON Members.ResidenceID=Residences.ID WHERE Residences.Address='{$addr}' " . "AND Residences.City='{$city}' AND Residences.State='{$state}' " . "AND Residences.PostalCode='{$zip}'");
while ($row = mysql_fetch_array($r)) {
if ($row['ID'] != $this->ID) {
array_push($roommates, Member::Load($row['ID']));
}
}
} else {
$r = DB::Run("SELECT ID FROM Members WHERE ResidenceID='{$this->ResidenceID}' AND Apartment='{$this->Apartment}' LIMIT 9");
while ($row = mysql_fetch_array($r)) {
if ($row['ID'] != $this->ID) {
array_push($roommates, Member::Load($row['ID']));
}
}
}
return $roommates;
}
<?php
require_once "../../lib/init.php";
protectPage(12);
@($memID = $_GET['member']);
@($thumb = $_GET['thumbnail']);
if (!$memID) {
fail("No member specified");
}
$m = Member::Load($memID);
if (!$m) {
fail("Could not load member with ID " . $memID);
}
if ($m->WardID != $MEMBER->WardID) {
fail("Member is not in your ward");
}
Response::Send(200, $m->PictureFile($thumb));
public function Object()
{
if (!$this->ObjectID) {
return null;
}
if ($this->ObjectType == 'Calling') {
return Calling::Load($this->ObjectID);
} elseif ($this->ObjectType == 'Member') {
return Member::Load($this->ObjectID);
} else {
return null;
}
}
fail("Need a privilege ID to revoke; cannot revoke no privilege!");
}
if ($m && $c || !$m && !$c) {
fail("Please choose a member or a calling to revoke from.");
}
$priv = Privilege::Load($privID);
if ($privID == 10) {
// 10 is Manage Site Privileges; at least one member or calling from the ward should always have this.
// This query gets a list of unique privileges.
$epicQuery = "SELECT GrantedPrivileges.ID, Members.WardID FROM GrantedPrivileges\n\t\t\t\t\t\tINNER JOIN Members ON Members.ID = GrantedPrivileges.MemberID\n\t\t\t\t\t\tWHERE WardID = {$MEMBER->WardID} AND GrantedPrivileges.PrivilegeID = 10\n\t\t\t\t\t\tUNION\n\t\t\t\t\t\tSELECT GrantedPrivileges.ID, Callings.WardID FROM GrantedPrivileges\n\t\t\t\t\t\tINNER JOIN Callings ON Callings.ID = GrantedPrivileges.CallingID\n\t\t\t\t\t\tWHERE WardID = {$MEMBER->WardID} AND GrantedPrivileges.PrivilegeID = 10;";
if (mysql_num_rows(DB::Run($epicQuery)) == 1) {
fail("At least one member or calling of your ward must be able to manage the site privileges. This was the last one; could not revoke.");
}
}
if ($m) {
$mem = Member::Load($m);
if ($mem->WardID != $MEMBER->WardID) {
fail("You can only revoke privileges from members of your ward.");
} else {
$priv->RevokeFromMember($m);
}
$redirectAppend = "?revoked#by-member";
} else {
$call = Calling::Load($c);
if ($call->WardID() != $MEMBER->WardID) {
fail("You can only revoke privileges of callings in your ward.");
} else {
$priv->RevokeFromCalling($c);
}
$redirectAppend = "?revoked#by-calling";
}