/**
* The function that decides what to do and which page to view.
*
* @param $getvars an associative array, representing the GET variables
* from the URL
* @return void
*/
function controlHandler($getvars)
{
global $dao;
//first authorize the user
$ac = new AccessController($getvars);
if (!$ac->isAuthorized()) {
return;
}
//if authorized, move on to displaying the correct page
switch ($getvars['vm_action']) {
case 'process_add':
global $dao;
/*
* First set up a Volunteer object to store all of the
* POST data
*/
if ($_SESSION['logged_in'] && !$dao->isVolunteer($_SESSION['user_id'])) {
$v = new Volunteer();
$v->info['ids'] = array();
$v->p_uuid = $_SESSION['user_id'];
$shn_user = true;
} else {
if (isset($getvars['p_uuid'])) {
$v = new Volunteer($getvars['p_uuid']);
$shn_user = false;
} else {
$v = new Volunteer();
$v->info['ids'] = array();
$shn_user = false;
}
}
$v->info['full_name'] = $getvars['full_name'];
$v->info['ids'][$getvars['id_type']] = trim($getvars['serial']);
$v->info['gender'] = $getvars['gender'];
$v->info['dob'] = $getvars['dob'];
$v->info['date_start'] = $getvars['start_date'];
$v->info['date_end'] = $getvars['end_date'];
$v->info['hour_start'] = $getvars['hrs_avail_start'];
$v->info['hour_end'] = $getvars['hrs_avail_end'];
$v->info['occupation'] = $getvars['occupation'];
$v->info['affiliation'] = $getvars['affiliation'];
$v->info['special_needs'] = $getvars['special_needs'];
$v->info['locations'] = array();
shn_get_parents(shn_location_get_form_submit_loc(), $v->info['locations']);
$v->info['contact'] = array();
// put every input that begins with 'contact_' into the contact array
foreach ($getvars as $key => $value) {
if (substr($key, 0, strlen('contact_')) == 'contact_') {
$v->info['contact'][substr($key, strlen('contact_'))] = $value;
}
}
$v->info['contact_prefer'] = $getvars['prefered_confirm_medium'];
//add skills information
$v_skills = array();
$skill_ids = $dao->getSkillIDs();
foreach ($skill_ids as $skill) {
if ($getvars["SKILL_{$skill}"] == 'on') {
$v_skills[] = $skill;
}
}
$v->info['skills'] = $v_skills;
//add Sahana account information if necessary
if ($getvars['reg_account'] == 'true') {
$v->info['account_info'] = array('account_name' => $getvars['full_name'], 'user_name' => $getvars['user_name'], 'pass' => $getvars['pass1']);
$v->p_uuid = $getvars['existing_puuid'];
}
View::View($v);
/*
* Check to see if the POST data is valid and act accordingly
*/
if ($this->validateAddForm($getvars = array_merge($_REQUEST, $_FILES))) {
$v->save($shn_user);
// picture
$p = $_FILES['picture'];
if (!empty($p['tmp_name'])) {
$pic = new VMPicture();
$pic->original = file_get_contents($p['tmp_name']);
$pic->name = $p['name'];
$pic->type = $p['type'];
$pic->size = $p['size'];
$pic->p_uuid = $v->p_uuid;
if ($pic->resize()) {
$pic->save();
} else {
add_error(_("The image file is invalid, or is not of a supported type."));
}
}
add_confirmation(_('Changes saved.'));
//if we just created a Sahana account, direct the user to log in
if (!$_SESSION['logged_in']) {
$this->displayPleaseLogin();
} else {
$this->displayVolunteer($v->p_uuid);
}
} else {
if (!empty($getvars['p_uuid'])) {
$this->addVolunteer(new Volunteer($getvars['p_uuid']));
} else {
$this->addVolunteer();
}
}
break;
case 'display_add':
View::View();
if ($dao->isVolunteer($_SESSION['user_id'])) {
//if this user is a volunteer already, display the edit form
$this->addVolunteer(new Volunteer($_SESSION['user_id']));
} else {
//otherwise display the add form
$this->addVolunteer();
}
break;
case 'display_edit':
View::View();
$this->addVolunteer(new Volunteer($getvars['p_uuid']));
break;
case 'display_confirm_delete':
View::View();
$this->confirmDelete($getvars['p_uuid']);
break;
case 'display_change_pass':
View::View();
$this->changePass($_SESSION['user_id']);
break;
case 'process_change_pass':
global $global;
require_once $global['approot'] . 'inc/lib_security/lib_auth.inc';
if ($this->validateChangePassForm($getvars = $_REQUEST)) {
if (shn_change_password($getvars['p_uuid'], $getvars['cur_pass'], $getvars['pass1']) === true) {
add_error(SHN_ERR_VM_PASSWORD_NOT_MATCH);
$this->changePass($getvars['p_uuid']);
} else {
add_confirmation(_("Your Password has been updated"));
}
} else {
$this->changePass($getvars['p_uuid']);
}
break;
case 'process_delete':
$v = new Volunteer();
$v->delete($getvars['p_uuid']);
View::View();
$this->displayConfirmation('The requested user was deleted.');
$extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true);
$this->listVolunteers($dao->getVolunteers(), $extra_opts);
break;
case 'display_list_all':
View::View();
$extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true);
$this->listVolunteers($dao->getVolunteers(), $extra_opts);
$this->showPagingNavigation("index.php?mod=vm&act=volunteer&vm_action=display_list_all");
break;
case 'display_list_assigned':
View::View();
$extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true);
$this->listVolunteers($dao->getVolunteers(null, VM_SHOW_ALL_VOLUNTEERS_ASSIGNED), $extra_opts);
$this->showPagingNavigation("index.php?mod=vm&act=volunteer&vm_action=display_list_assigned");
break;
case 'display_mailbox':
View::View(new Volunteer($_SESSION['user_id']));
$this->displayMailbox($getvars['box']);
break;
case 'display_message':
/*
* Since we are passing $_SESSION['user_id'] as the p_uuid of the user here,
* we can only view the message (i.e., the query will only succeed) if it belongs
* to the current logged in user. Therefore, there is no need for extra access
* control checks on displaying a message here.
*/
View::View();
$this->displayMessage($_SESSION['user_id'], $getvars['msg_id'], $getvars['box']);
break;
case 'process_delete_message':
global $dao;
$dao->deleteMessage($_SESSION['user_id'], $getvars['msg_id'], $getvars['box'] != 'outbox');
//add_confirmation('_(Message has been deleted'));
View::View(new Volunteer($_SESSION['user_id']));
$this->displayMailbox($getvars['box']);
break;
case 'display_send_message':
$this->displaySendMessageForm();
break;
case 'process_send_message':
global $dao;
if ($this->validateSendMessageForm($getvars = $_REQUEST)) {
$message = stripslashes($getvars['message']);
$message = strtr($message, array("'" => "\\'"));
//have to escape any single quotes otherwise querying won't work
$dao->sendMessage($_SESSION['user_id'], $getvars['to'], $message);
add_confirmation(_("Message Sent"));
} else {
$to_list = array();
$to = $getvars['to'];
if (isset($to)) {
foreach ($to as $person) {
$to_list[$person] = $dao->getPersonName($person);
}
}
$this->displaySendMessageForm($to_list);
}
break;
case 'display_search':
$advanced = $getvars['advanced'] == 'true';
$this->openSearchForm();
$this->displaySearchForm($advanced);
break;
case 'process_search':
global $dao, $global;
include_once $global['approot'] . 'mod/vm/lib/vm_validate.inc';
View::View();
//print_r($getvars);
$vol_name = $getvars['vol_name'];
//name to search by
$vol_id = $getvars['vol_iden'];
//Identification number to search by
$loose = false;
$soundslike = false;
$start_date = $getvars['start_date'];
//availability start
$end_date = $getvars['end_date'];
//availability end
$skills_matching = $getvars['skills_matching'] == 'and_skills' ? VM_SKILLS_ALL : VM_SKILLS_ANY;
//search for all or any of the skills present
$unassigned = $getvars['unassigned'] == 'true';
//true to search for only unassigned volunteers
$assigning = $getvars['assigning'];
//true if we are using the search to assign volunteers
$advanced = $getvars['advanced'] == 'true';
//true if we are using an advanced search
$just_assigned_vol = $getvars['p_uuid'] != '' && $assigning;
//true if we just assigned a volunteer to a project (nice to know if no results are found to not display an error)
$date_constraint = $getvars['date_constraint'] == 'full_date';
//true if we must check for availability for the entire date range specified, false to check for any portion of the data range
$positions = $getvars['positions'];
if ($assigning) {
$assigning_proj = $getvars['proj_id'];
} else {
$assigning_proj = null;
}
$location = '';
if (shn_vm_location_selected()) {
$location = shn_location_get_form_submit_loc();
}
$skills = array();
$skill_ids = $dao->getSkillIDs();
foreach ($skill_ids as $sk) {
if ($getvars["SKILL_{$sk}"] == 'on') {
$skills[] = $sk;
}
}
//if we're not using the search results to do assigning, open the form here so that all of our paging navigation
//will also be part of the form
if (!$assigning) {
$this->openSearchForm();
}
//Validate the fields
if ($this->validateSearchForm($getvars)) {
//get the search results and display them
$results = $dao->getVolSearchResults($vol_id, $vol_name, $skills, $skills_matching, $start_date, $end_date, $location, $date_constraint, $unassigned, $loose, $soundslike, $assigning_proj);
$this->displaySearchResults($results, $assigning, $assigning_proj, $advanced, $just_assigned_vol, $positions);
}
if (!$assigning) {
$this->displaySearchForm($advanced, false);
} else {
$this->displaySearchForm(true, true);
}
break;
case 'display_single':
$v = new Volunteer($getvars['p_uuid']);
View::View($v);
$this->displayVolunteer($getvars['p_uuid']);
break;
case 'process_remove_picture':
$dao->deletePicture($dao->getPictureID($_GET['id']));
View::View();
if (empty($getvars['p_uuid'])) {
$this->addVolunteer();
} else {
$this->addVolunteer(new Volunteer($getvars['p_uuid']));
}
break;
case 'display_portal':
View::View(new Volunteer($_SESSION['user_id']));
$this->displayPortal();
break;
case 'display_report_all':
View::View();
$this->displayVolunteerReport($dao->getVolunteersForReport());
break;
case 'display_custom_report_select_for_mgrs':
$this->displayCustomReportFilterForMgrs($dao->listProjects($_SESSION['user_id'], true, true));
break;
case 'display_custom_report_select':
View::View();
$projects = array('ALL_PROJECTS' => '(all)') + $dao->listProjects(null, false, true);
$orgs = array('ALL_ORGS' => '(all)') + $dao->getOrganizations(true);
$this->displayCustomReportFilter($projects, $orgs, $dao->getVolunteerNames(true));
break;
case 'display_custom_report':
View::View();
$extra_opts = array();
$proj_id = null;
$org_id = null;
$vols = array();
if (isset($getvars['proj_id']) && $getvars['proj_id'] != 'ALL_PROJECTS') {
$proj_id = $getvars['proj_id'];
$extra_opts['reportProjName'] = $dao->getProjectName($proj_id);
}
if (isset($getvars['org_id']) && $getvars['org_id'] != 'ALL_ORGS') {
$org_id = $getvars['org_id'];
$temp = $dao->getOrganizationInfo($org_id);
$extra_opts['reportOrgName'] = $temp['name'];
}
if (!empty($getvars['vols']) && is_array($getvars['vols'])) {
$extra_opts['reportingSpecificVolunteers'] = true;
$vols = $getvars['vols'];
}
$this->displayVolunteerReport($dao->getVolunteersForReport($proj_id, $org_id, $vols), $extra_opts);
break;
case 'display_modify_skills':
$this->displayModifySkills();
break;
case 'process_add_skill':
global $global;
require_once $global['approot'] . 'mod/vm/lib/vm_validate.inc';
if (empty($getvars['skill_desc']) || empty($getvars['skill_code'])) {
add_error(_('Please specify both a skill description and skill code'));
} else {
//validate skill code length
if (strlen(trim($getvars['skill_code'])) < 4 || strlen(trim($getvars['skill_code'])) > 5) {
add_error(_('Skill code should be 4 - 5 letters'));
} else {
$find = array("/ *" . VM_SKILLS_DELIMETER . " */", "/^ +/", "/ +\$/");
$replace = array("-", '', '');
$description = preg_replace($find, $replace, $getvars['skill_desc']);
if (!$dao->addSkill($getvars['skill_code'], $description)) {
add_error(_('The specified skill code already exists. Please choose another'));
} else {
add_confirmation("Skill '{$description}' added");
unset($_POST);
}
}
}
$this->displayModifySkills();
break;
case 'process_remove_skill':
if (!empty($_REQUEST['skills'])) {
foreach ($_REQUEST['skills'] as $code) {
$dao->removeSkill($code);
add_confirmation("Deleted {$code}");
}
}
$this->displayModifySkills();
break;
case 'display_approval_management':
//currently only site manager approval is allowed, later credential approval will be added
$this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR'));
break;
case 'process_approval_modifications':
//currently only site manager approval is allowed, later credential approval will be added
$dao->updateAbilityStatus($getvars['vol_id'], 'MGR', isset($getvars['approve']));
add_confirmation(_('Approval information has been updated'));
$this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR'));
break;
case 'process_approval_upgrades':
//currently only site manager approval is allowed, later credential approval will be added
$dao->updateAbilityStatus($getvars['vol_id'], 'MGR', true);
add_confirmation(_('Approval information has been updated'));
$this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR'));
break;
case 'process_log_time':
$start = strtotime($getvars['startDate'] . ' ' . $getvars['startTime']);
if (empty($getvars['numHours'])) {
$end = strtotime($getvars['endDate'] . ' ' . $getvars['endTime']);
} else {
$end = $start + $getvars['numHours'] * 60 * 60;
}
if (($e = validateShiftTimes($start, $end)) === VM_OK) {
if ($dao->logShift($getvars['p_uuid'], $getvars['pos_id'], $start, $end)) {
$this->displayConfirmation('Your time was logged successfully.');
$v = new Volunteer($getvars['p_uuid']);
View::View($v);
$this->displayVolunteer($getvars['p_uuid']);
} else {
add_error(_("There was a problem logging your time. Please go back and try again."));
}
} else {
add_error(_("Error logging time:") . $e);
$this->showLogTime($getvars['p_uuid'], $getvars['pos_id']);
}
break;
case 'review_hours':
if (empty($getvars['proj_id'])) {
$this->displaySelectReviewHours();
} else {
$this->displayReviewHours($getvars['proj_id']);
}
break;
case 'process_review_hours':
$this->dao->reviewShift($getvars['shift_id'], $getvars['status']);
$this->displayReviewHours($getvars['p_uuid'], $getvars['pos_id']);
break;
default:
if ($_SESSION['logged_in']) {
View::View(new Volunteer($_SESSION['user_id']));
$this->displayPortal();
}
}
}
public function testSaveVMPicture()
{
$pic = new VMPicture();
$pic->original = file_get_contents('ant_pic.jpg');
$pic->resize();
$pic->img_uuid = 'save_test';
$pic->p_uuid = 'save_test_person';
$pic->name = 'ant.jpg';
$this->fixture->saveVMPicture($pic);
$expected = array('fbfa2f68b52b8ccd8d24b7b31c90d7d4', 'e4687afe05b6d5c4539b9f1b3b92f95c', 'save_test_person', 320, 240, 160, 120, 'image/jpeg', 'ant.jpg');
$result = $this->fixture->getVMPicture('save_test');
$result[0] = md5($result[0]);
$result[1] = md5($result[1]);
$this->assertEquals($result, $expected);
}
/**
* shn_image_vm_display_image()
* This lets us use Sahana's 'stream' functionality to display an image without resorting to
* an extra file in /tmp.
* Sahana automatically calls this, according to the shn_[stream]_[mod]_[act]() naming convention.
*/
function shn_image_vm_display_image()
{
// we're not going through our controller here, so we need to set up the database.
shn_vm_load_db();
$img_uuid = $_GET['id'];
$size = $_GET['size'];
$p = new VMPicture($img_uuid);
if ($size == 'thumb') {
$p->displayThumb();
} else {
$p->display();
}
}
