public function FirstName()
{
if (StakeLeader::IsLoggedIn()) {
return $this->FirstName;
}
$formal = false;
$callings = $this->Callings();
$merited = array("Bishop", "Bishopric 1st Counselor", "Bishopric 2nd Counselor", "High Counselor");
// First check for calling
foreach ($callings as $c) {
if ($c->Name == "Bishop") {
return "Bishop";
}
// Bishop gets own title
if (in_array($c->Name, $merited)) {
$formal = true;
break;
}
}
// Now check age if not already decided
if (!$formal) {
$secondsPerYear = 31557600;
$formal = floor(abs(strtotime(now()) - strtotime($this->Birthday)) / $secondsPerYear) > 30;
}
return $formal ? Gender::RenderLDS($this->Gender) : $this->FirstName;
}
public static function IsLoggedIn()
{
// To prevent possible session hijacking, compare IP addresses
// from what they logged in with to what the current client has.
// If it's different, the session ID was probably intercepted.
// In that case, do a full, deliberate logout.
if (isset($_SESSION['ipaddress']) && $_SESSION['ipaddress'] != $_SERVER['REMOTE_ADDR']) {
StakeLeader::Logout();
}
return isset($_SESSION['stakeLeaderID']) && isset($_SESSION['ipaddress']) && isset($_SESSION['timestamp']) && $_SESSION['stakeLeaderID'] > 0 && $_SESSION['ipaddress'] == $_SERVER['REMOTE_ADDR'];
}
<?php
/*
This file helps insert a new stake leader account into the system.
Make sure only the webmaster can access it.
*/
exit;
// SAFETY LINE; comment-out or remove this line to use this file.
require_once "../lib/init.php";
$leader = new StakeLeader();
$leader->Email = "";
// Stake leader's email address
$leader->SetPassword("");
// Stake leader's account password
$leader->StakeID = 0;
// ID number of the stake he belongs to (Stakes table, column `ID`)
$leader->Gender = Gender::Male;
// Usually this is Male...
$leader->Calling = "";
// Calling of the stake leader, for example: "Stake Presidency Second Counselor" or "Stake President" or "Stake Executive Secretary"
$leader->Title = "";
// Title of the stake leader, for example: "President" or "Brother"
$leader->FirstName = "";
// First name of the stake leader (required)
$leader->MiddleName = "";
// Middle name or initial of the stake leader; not required
$leader->LastName = "";
// Last name of the stake leader
$leader->Save();
// Saves the leader.
echo "<pre>";
<?php
require_once "lib/init.php";
if (Member::IsLoggedIn() || StakeLeader::IsLoggedIn()) {
header("Location: /directory");
}
?>
<!DOCTYPE html>
<html>
<head>
<title><?php
echo SHORT_SITE_NAME;
?>
</title>
<?php
include "includes/head.php";
?>
<!-- Facebook OpenGraph tags (for sharing) -->
<meta name="description" content="Sign up so your ward can get your membership records. You'll also get a custom directory and abilities to text and email.">
<meta property="og:image" content="http://<?php
echo $_SERVER['SERVER_NAME'];
echo SITE_LARGE_IMG;
?>
">
<meta property="og:title" content="Welcome — <?php
echo SITE_NAME;
?>
">
<meta property="og:site_name" content="<?php
echo SITE_NAME;
?>
public function Start()
{
// Necessary fields must be basically valid
if ($this->Started > 0 || $this->Finished > 0 || !$this->StakeID && !$this->WardID || !$this->SenderID || !$this->Message || !$this->Recipients || count($this->Recipients) == 0) {
return false;
}
// Populate the sender name and email fields for preservation purposes
if ($this->IsMemberSender()) {
$mem = Member::Load($this->SenderID);
$this->SenderName = $mem->FirstName() . " " . $mem->LastName;
$this->SenderPhone = $mem->PhoneNumber;
} else {
$leader = StakeLeader::Load($this->SenderID);
$this->SenderName = $leader->Title . " " . $leader->FirstName . " " . $leader->LastName;
$this->SenderPhone = $leader->PhoneNumber;
}
// We leave sendsms.php to set and save the "start" timestamp; we don't do it here.
$this->Save();
// See EmailJob.php for any explanation about this last part
$docroot = DOCROOT;
$smspwd = SMS_JOB_PASSWORD;
$cmd = "php {$docroot}/api/sendsms.php {$this->ID} {$smspwd}";
exec("/usr/bin/nohup {$cmd} &> error_log &");
return true;
}
public function Start()
{
// Necessary fields must be filled out
if ($this->Started > 0 || $this->Ended > 0 || !$this->MemberID && !$this->StakeLeaderID || !$this->Subject || !$this->Message || !$this->Recipients) {
return;
}
// Populate the sender name and email fields for preservation purposes
if ($this->IsMemberSender()) {
$mem = Member::Load($this->MemberID);
$this->SenderName = $mem->FirstName() . " " . $mem->LastName;
$this->SenderEmail = $mem->Email;
} else {
$leader = StakeLeader::Load($this->StakeLeaderID);
$this->SenderName = $leader->Title . " " . $leader->LastName;
$this->SenderEmail = $leader->Email;
}
// We leave sendemails.php to set and save the "start" timestamp; we don't do it here.
$this->Save();
// Call the worker process to run in the background. We pass in the ID
// of the EmailJob so it can load all its info and process it. The worker
// process sends the emails at a throttled rate.
// The & tells it to go into the background, and the /dev/null thing
// means any output can be discarded. The funky string "DKQl..." is a
// password for internal use to help verify that the request is a valid one
// from a legit source.
$docroot = DOCROOT;
$pwd = EMAIL_JOB_PASSWORD;
$cmd = "php {$docroot}/api/sendemails.php {$this->ID} {$pwd}";
exec("/usr/bin/nohup {$cmd} &> error_log &");
}
// Keep users logged in for a month... TODO: This doesn't work??
$SESSION_LIFETIME = 60 * 60 * 24 * 30;
session_set_cookie_params($SESSION_LIFETIME);
ini_set('session.gc_maxlifetime', $SESSION_LIFETIME);
// Start session... we'll need it
session_start();
require_once "common.php";
// Open a persistent connection to the database
$DB = new DB();
// If the user is logged in, update last activity.
// They could be a leader or a regular member.
$MEMBER = Member::Current();
$LEADER = null;
$WARD = null;
if ($MEMBER) {
$MEMBER->UpdateLastActivity();
} else {
$LEADER = StakeLeader::Current();
if ($LEADER) {
$LEADER->UpdateLastActivity();
}
}
if ($MEMBER) {
$WARD = Ward::Load($MEMBER->WardID);
} else {
if ($LEADER) {
$WARD = Ward::Load($_SESSION['wardID']);
}
}
$USER = $MEMBER ? $MEMBER : $LEADER;
define('IS_MOBILE', isMobile());
<?php
require_once "../lib/init.php";
@($eml = trim($_POST['eml']));
@($pwd = trim($_POST['pwd']));
// Login; returns null if bad credentials.
// First see if they're a regular member...
$m = Member::Login($eml, $pwd);
// Where to potentially redirect the member after login
$afterLogin = isset($_SESSION['after_login']) ? $_SESSION['after_login'] : "******";
if (!$m) {
// No? Maybe a stake leader?
$s = StakeLeader::Login($eml, $pwd);
if (!$s) {
Response::Send(400);
} else {
// Choose the first ward in the stake... alphabetically I guess... as default view for them.
$r = mysql_fetch_array(DB::Run("SELECT ID FROM Wards WHERE StakeID='{$s->StakeID}' AND Deleted != 1 ORDER BY Name ASC LIMIT 1"));
$_SESSION['wardID'] = $r['ID'];
// Stake leader logged in.
Response::Send(200, $afterLogin);
}
} else {
Response::Send(200, $afterLogin);
}
}
// Verify that the credentials ID matches the token
$credID = DB::Safe($credID);
$token = DB::Safe($token);
$r = DB::Run("SELECT 1 FROM `PwdResetTokens` WHERE `CredentialsID`='{$credID}' AND `Token`='{$token}' LIMIT 1");
if (mysql_num_rows($r) == 0) {
Response::Send(400, "Account ID and token do not appear to match. Maybe try again from the link in your email?");
}
// Get account object (Member or Leader) -- first we have to determine which type it is
$q2 = DB::Run("SELECT * FROM Credentials WHERE ID='{$credID}' LIMIT 1");
$r = mysql_fetch_array($q2);
$memberID = $r['MemberID'];
$leaderID = $r['StakeLeaderID'];
$user = null;
if ($memberID && !$leaderID) {
$user = @Member::Load($memberID);
} else {
if ($leaderID && !$memberID) {
$user = @StakeLeader::Load($leaderID);
}
}
if (!$user) {
Response::Send(500, "Could not load account with ID '{$memberID}' or '{$leaderID}', from credentials ID {$credID} -- please report this exact error message. Thanks...");
}
// Reset password.
if (!$user->ChangePassword($pwd1)) {
// This function deletes the token from the DB for us
Response::Send(500, "Could not reset your password for some reason... please report this.");
}
// In the clear!
Response::Send(200);
<?php
require_once "lib/init.php";
// Make sure they're first logged in
protectPage(0, true);
if ($MEMBER) {
// Perform member logout
if (!Member::Logout()) {
// Uh oh.
// Attempt to perform manual, "hard-wired" logout...
$_SESSION['userID'] = 0;
if (isset($_SESSION['userID'])) {
unset($_SESSION['userID']);
}
session_destroy();
}
} else {
// Perform leader logout
if (!StakeLeader::Logout()) {
// Same spiel as above...
$_SESSION['stakeLeaderID'] = 0;
if (isset($_SESSION['stakeLeaderID'])) {
unset($_SESSION['stakeLeaderID']);
}
session_destroy();
}
}
header("Location: /");
function errorHandler($level, $errorMsg, $file, $line)
{
// Don't handle it if the error was suppressed (maybe with @) (or error reporting is off)
if (!error_reporting()) {
return true;
}
$errorType;
if ($level == E_USER_ERROR) {
$errorType = "Error";
} else {
if ($level == E_USER_WARNING) {
$errorType = "Warning";
} else {
if ($level == E_USER_NOTICE) {
$errorType = "Notice";
} else {
$errorType = "Unknown";
}
}
}
$alertSubject = $errorType . ": " . $errorMsg;
$alertBody = "FILE: {$file}\r\nLINE: {$line}\r\nPROBLEM: {$errorType}: {$errorMsg}\r\n";
// See if there's a logged-in user
$user = Member::Current();
if (!$user) {
$user = StakeLeader::Current();
}
if ($user) {
$alertBody .= "Currently logged-in user:\r\n" . print_r($user, true);
}
$alertBody .= "\r\n\r\n--\r\nAutomatically generated by the PHP error handling subsystem for debugging purposes.";
$mail = new Mailer();
$mail->FromAndReplyTo(ERR_HANDLE_FROM_NAME, EMAIL_BLACKHOLE);
$mail->Subject($alertSubject);
$mail->Body($alertBody);
$mail->To(WEBMASTER_NAME, WEBMASTER_EMAIL);
$mail->Send();
// Write this to the server's internal log file...
error_log("{$errorType}: {$errorMsg} in {$file} on line {$line}\n", LOG_TYPE, LOG_FILE);
// Don't execute PHP's internal error handler
return true;
}
