function FilterLinkBool($filter, $field, $value)
{
echo '<a href="' . vip_url($filter['base'] . (!$value ? '/not/' : '/') . $field) . '">';
if ($value) {
echo '<img src="/images/prototype/members/yes.png" alt="Yes" />';
} else {
echo '<img src="/images/prototype/members/no.png" alt="No" />';
}
echo '</a>';
}
function index()
{
if (!CheckPermissions('vip')) {
return;
}
//load the required models and libraries
$this->load->model('pr_model', 'pr_model');
$this->load->model('members_model', 'members_model');
$this->load->model('directory_model');
//setup the page properties
$this->pages_model->SetPageCode('viparea_contactpr');
//set the defaults for the email
$signature = $this->directory_model->GetOrganisationEmailSignature(VIPOrganisation());
$subject = '';
$content = "\r\r" . $signature;
//get the rep data from the pr model
$rep_data = $this->pr_model->GetOrganisationRatings(VipOrganisation());
if (isset($rep_data['rep'])) {
$rep = $rep_data['rep'];
$rep['email'] = $this->members_model->GetMemberEmail($rep['id']);
$rep['has_rep'] = true;
} else {
$rep['name'] = $this->config->item('pr_officer_name');
$rep['email'] = $this->config->item('pr_officer_email_address');
$rep['has_rep'] = false;
}
//users data
$user_name = $this->members_model->GetMemberName($this->user_auth->entityId);
if (isset($_POST['submit_save_advert'])) {
if ($_POST['a_subject'] == '') {
$this->messages->AddMessage('error', 'You must enter a subject for the email.');
$content = $_POST['a_content'];
} else {
if ($_POST['a_content'] == '') {
$this->messages->AddMessage('error', 'You must enter a message for the email.');
$subject = $_POST['a_subject'];
} else {
//no errors so send the email
$this->load->helper('yorkermail');
$to = $rep['email'];
$from = VipOrganisationName() . ' - ' . $user_name . ' <' . $this->members_model->GetMemberEmail($this->user_auth->entityId) . '>';
//try to send the email, report fail if error occurs
try {
yorkermail($to, $_POST['a_subject'], $_POST['a_content'], $from);
$this->messages->AddMessage('success', 'The email has been sent.');
} catch (Exception $e) {
$this->main_frame->AddMessage('error', $e->getMessage());
}
}
}
}
$data = array('main_text' => $this->pages_model->GetPropertyWikitext('main_text'), 'message_pr_target' => vip_url('contactpr'), 'rep' => $rep, 'subject' => $subject, 'content' => $content);
$this->main_frame->SetContentSimple('viparea/contactpr', $data);
$this->main_frame->Load();
}
function board()
{
if (!CheckPermissions('vip+pr')) {
return;
}
$this->load->helper('string');
$this->pages_model->SetPageCode('viparea_notices');
$this->_SetupTabs('board');
$data = array('Title' => 'Main ' . VipOrganisationName() . ' Notice Board', 'Notices' => array(array('from_name' => 'James Hogan', 'from_link' => site_url('login/main'), 'subject' => 'Cabbages', 'post_time' => 'yesterday', 'body' => '<p>It turns out they don\'t have any intellegence after all</p>', 'delete_link' => site_url('dummy')), array('from_name' => 'Joe Hogan', 'from_link' => site_url('login/main'), 'subject' => 'Cabbages', 'post_time' => 'monday', 'body' => '<p>It turns out they don\'t have any intellegence after all. This lot will be wikitext :) I reckon in wikitext we should parse smilies.</p>', 'delete_link' => NULL), array('from_name' => 'Luke Hogan', 'from_link' => site_url('login/main'), 'subject' => 'Cabbages', 'post_time' => 'last tuesday', 'body' => '<p>It turns out they don\'t have any intellegence after all</p>', 'delete_link' => site_url('dummy'))), 'Menu' => array(array('name' => 'link name 1', 'link' => vip_url('notices/board'), 'quantity' => 3, 'children' => array(array('name' => 'link name 1a', 'link' => vip_url('notices/board'), 'quantity' => 13), array('name' => 'link name 1b', 'link' => vip_url('notices/board'), 'quantity' => 31))), array('name' => 'link name 2', 'link' => vip_url('notices/board'), 'quantity' => 131)));
$this->main_frame->SetContentSimple('notices/board', $data);
$this->main_frame->SetTitleParameters(array('organisation' => VipOrganisationName()));
$this->main_frame->Load();
}
function DoTeam($team, $in_list = TRUE)
{
if ($in_list) {
echo '<li>' . "\n";
}
echo '<input type="checkbox" name="filter_team_' . $team['id'] . '" value="' . $team['id'] . '" />' . "\n";
echo '<a href="' . vip_url('members/teams/' . $team['id']) . '">' . xml_escape($team['name']) . '</a>' . "\n";
if (!empty($team['subteams'])) {
echo '<ul>' . "\n";
foreach ($team['subteams'] as $subteam) {
DoTeam($subteam);
}
echo '</ul>' . "\n";
}
if ($in_list) {
echo '</li>' . "\n";
}
echo '<br /><br />' . "\n";
return count($team['subteams']);
}
<p>
<strong>Account Maintainer:</strong> <?php
echo xml_escape($maintainer['maintainer_name']);
?>
<br />
<strong>Maintainer's Email:</strong> <?php
echo xml_escape($maintainer['maintainer_email']);
?>
<br />
</p>
<?php
}
} else {
?>
<p>
This account is being maintained by the yorker staff.
</p>
<?php
}
?>
<form action="<?php
echo vip_url('account/maintainer/');
?>
" method="post" class="form">
<fieldset>
<input type="submit" class="button" value="Change Admin" />
</fieldset>
</form>
</div>
</div>
?>
>
<label for='maintainer_name'>Admin's Name:</label>
<input type='text' name='maintainer_name' style='width: 150px;'
value='<?php
echo xml_escape($maintainer['maintainer_name']);
?>
'/>
<br />
<label for='maintainer_email'>Admin's Email:</label>
<input type='text' name='maintainer_email' style='width: 220px;'
value='<?php
echo xml_escape($maintainer['maintainer_email']);
?>
'/>
<br />
</div>
</fieldset>
<fieldset>
<label for='maintainer_button'></label>
<input type='submit' name='maintainer_button' value='Update' class='button' />
</fieldset>
</form>
<p>
<a href='<?php
echo vip_url('account/update');
?>
'>Back to my account settings.</a>
</p>
</div>
</div>
echo xml_escape($organisation['type']);
?>
</strong><br />
</p>
<?php
if (PermissionsSubset('pr', GetUserLevel())) {
?>
<form>
<fieldset>
<input name="name_edit_button" type="button" onclick="document.getElementById('name_details').style.display = 'none'; document.getElementById('name_details_form').style.display = 'block';" value="Edit" class="button" />
</fieldset>
</form>
</div>
<div id="name_details_form" style="display: none;">
<form id="org_name" action="<?php
echo vip_url('directory/information/changename');
?>
" method="post">
<fieldset>
<label for="organisation_name">Name:</label>
<input type="text" name="organisation_name" id="organisation_name" value="<?php
echo xml_escape($organisation['name']);
?>
"/>
<label for="organisation_type">Type:</label>
<select name="organisation_type" id="organisation_type" size="1">
<?php
foreach ($organisation['types'] as $type) {
echo '<option value="' . $type['organisation_type_id'] . '" ';
if ($organisation['type'] == $type['organisation_type_name']) {
echo 'selected="selected"';
<li><a href="<?php
echo vip_url('notices');
?>
">Manage Notices</a></li>
<li><a href="<?php
echo vip_url('members');
?>
">Manage Members</a></li>
</ul>
<ul>
<li class="first"><a href="<?php
echo vip_url('account');
?>
">Settings</a></li>
<li><a href="<?php
echo vip_url('contactpr');
?>
">Contact PR Rep</a></li>
</ul>
<?php
if (isset($extra_menu_buttons) && !empty($extra_menu_buttons)) {
echo '<ul>';
foreach ($extra_menu_buttons as $key => $button) {
echo '<li' . (!$key ? ' class="first"' : '') . '>';
if (is_string($button)) {
echo xml_escape($button);
} else {
echo '<a href="' . xml_escape($button[1]) . '">' . xml_escape($button[0]) . '</a>';
}
echo '</li>';
}
/**
*/
function invite()
{
if (!CheckPermissions('vip')) {
return;
}
//if the stage is not a valid stage redirect to stage 1
/*
if (!is_numeric($Stage) || $Stage < 1 || $Stage > 3) {
redirect(vip_url('members/invite/1'));
return;
}*/
//load string helper for use with preg_match() and preg_replace()
$this->load->helper('string');
//set up the main navbar and tell it which page we are on
$this->_SetupTabs('invite');
//set the page code, so we can get the page title and any parameters
$this->pages_model->SetPageCode('viparea_members_invite');
//stores a list of users to put in the invite box (has the list of users that had associated errors when trying to invite)
$default_list = '';
//$this->_GetTeams();
//initialise the data array to pass to the view, by filling it with generic information
$data = array('main_text' => $this->pages_model->GetPropertyWikitext('main_text'), 'what_to_do' => $this->pages_model->GetPropertyWikitext('what_to_do'), 'target' => vip_url('members/invite'), 'organisation' => $this->mOrganisation, 'default_list' => $default_list);
// Read the post data
/// @todo require comma or newline between items
//stage 1+2+3
if ($this->input->post('members_invite_button') === 'Continue') {
if (!$this->input->post('invite_list')) {
$emails = $this->input->post('invite_list_failures') . " \r" . $this->input->post('invite_list_valids');
} else {
//$emails = $this->input->post('invite_list');
$emails = $this->input->post('invite_list');
}
if (FALSE !== $emails) {
// Validate the emails
$preprocessed_emails = preg_replace('/[^a-zA-Z0-9@\\.]+/', ' ', $emails);
$word_list = explode(" ", $preprocessed_emails);
$valids = array();
$failures = array();
foreach ($word_list as $word) {
if (!empty($word)) {
if (preg_match('/^([a-zA-Z]{2,5}\\d{2,4})(@york\\.ac\\.uk)?$/', $word, $matches)) {
$valids[] = strtolower($matches[1]);
} else {
$failures[] = $word;
}
}
}
if (!empty($failures)) {
// There were failures!
$this->messages->AddMessage('error', 'Some of the email addresses you entered were not valid.');
$data['failures'] = $failures;
$data['valids'] = $valids;
//set view stage
$Stage = 2;
} else {
if (empty($valids)) {
// There weren't any valids.
$this->messages->AddMessage('information', 'You didn\'t specify any email addresses.');
//set view stage
$Stage = 1;
} else {
// Everything was fine.
$member_details = $this->members_model->GetMemberDetails(VipOrganisationId());
$members = array();
foreach ($member_details as $member) {
$members[] = $member['username'];
}
$existing = array_intersect($members, $valids);
$inviting = array_diff($valids, $existing);
$data['members'] = $members;
$data['existing'] = $existing;
$data['inviting'] = $inviting;
//set view stage
$Stage = 3;
}
}
}
} else {
if ($this->input->post('confirm_invite_button') === 'Confirm Invites') {
$selected_members = array();
//make an array of selected member ids where checked boxes are ticked
foreach ($_POST['invite'] as $key => $value) {
if ($value = 'on') {
$selected_members[] = $key;
}
}
$default_list = $this->_InviteUsers(VipOrganisationId(), $selected_members, 'username', VipOrganisationName());
$default_list = implode("\n", $default_list);
$data['default_list'] = $default_list;
$Stage = 1;
} else {
/*
if ($Stage != 1) {
redirect(vip_url('members/invite/1'));
}*/
$Stage = 1;
}
}
$data['State'] = $Stage;
$this->main_frame->SetContentSimple('members/invite', $data);
// Set the title parameters
$this->main_frame->SetTitleParameters(array('organisation' => VipOrganisationName()));
// Load the main frame
$this->main_frame->Load();
}
/**
* @param $Suboption1 [string/integer] Operation code or business card id.
* - 'filter'
* - 'request'
* - 'new'
* @param $Suboption2 [string] Sub operation code.
* - 'filter'
* - 'send'
* - 'post'
* - 'edit'
* @param $Suboption3 [string] Another sub operation code.
*
* @todo Move back to directory :P
*/
function cards($Suboption1 = NULL, $Suboption2 = NULL, $Suboption3 = NULL)
{
if (!CheckPermissions('vip+pr')) {
return;
}
$this->load->library('image');
$this->load->model('members_model');
$mode = 'view';
$sql = array('TRUE', array());
if ($Suboption1 === 'filter') {
static $field_translator = array('teamid' => 'subscriptions.subscription_organisation_entity_id', 'user' => 'business_cards.business_card_user_entity_id', 'card' => 'business_cards.business_card_id', 'paid' => 'subscriptions.subscription_paid', 'vip' => 'subscriptions.subscription_vip_status', 'confirmed' => '1', 'carded' => 'NULL', 'carding' => 'NULL', 'cardable' => 'NULL', 'mailable' => 'subscriptions.subscription_email', 'search' => 'NULL', 'firstname' => 'users.user_firstname', 'surname' => 'users.user_surname', 'nickname' => 'users.user_nickname', 'enrol_year' => 'users.user_enrolled_year');
try {
$filter = $this->_GetFilter(4);
$sql = $this->_GenerateFilterSql($filter, $field_translator);
} catch (Exception $e) {
$this->messages->AddMessage('error', 'The filter is invalid: ' . $e->getMessage());
}
} elseif (is_numeric($Suboption1)) {
$sql[0] = 'business_cards.business_card_id=?';
$sql[1] = array($Suboption1);
if ($Suboption2 === 'edit') {
$mode = 'edit';
}
}
$business_cards = $this->members_model->GetBusinessCards(VipOrganisationId(), $sql[0], $sql[1]);
// DISPLAY BUSINESS CARDS ----------------------------------- //
if ($mode === 'view') {
$this->pages_model->SetPageCode('viparea_members_cards');
$data = array('main_text' => $this->pages_model->GetPropertyWikitext('main_text'), 'business_cards' => $business_cards);
// Set up the content
$this->main_frame->SetContentSimple('members/members_cards', $data);
// Set the title parameters
$this->main_frame->SetTitleParameters(array('organisation' => VipOrganisationName()));
} elseif ($mode === 'edit') {
if (!count($business_cards)) {
$this->messages->AddMessage('error', 'Business card ' . $Suboption1 . ' could not be found');
redirect(vip_url('directory/cards'));
}
$this->pages_model->SetPageCode('viparea_members_card_edit');
$this->load->model('directory_model');
// translate into nice names for view
$data = array('business_card' => $business_cards[0], 'business_card_goups' => array(), 'url' => vip_url('directory/cards/' . $business_cards[0]['id'] . '/edit'), 'cancel_url' => vip_url('directory/contacts'));
//Get post data
if (!empty($_POST["card_editbutton"])) {
if (empty($_POST["card_name"]) || empty($_POST["card_title"])) {
$this->main_frame->AddMessage('error', 'Please include a name and a title for your contact card');
//add failed send the data back into the form
$data['card_form'] = $_POST;
} else {
//find user id if exist
if (!empty($_POST["card_username"])) {
//find user id from username
$user_id = $this->businesscards_model->GetUserIdFromUsername($_POST["card_username"]);
} else {
$user_id = "";
}
//Send message if username was given and no id found
if ($user_id == "" && !empty($_POST["card_username"])) {
$this->main_frame->AddMessage('error', 'The user ' . $_POST["card_username"] . ' was not found, you may have spelt the username incorrectly or the user is not on the yorker. You may wish to leave that field blank.');
//add failed send the data back into the form
$data['card_form'] = $_POST;
} else {
//add contact card
//@note start time, end time, order, and image id are all currently null and not in use.
$this->businesscards_model->UpdateBuisnessCard($user_id, $_POST["group_id"], null, $_POST["card_name"], $_POST["card_title"], $_POST["card_about"], $_POST["card_course"], $_POST["email"], $_POST["phone_mobile"], $_POST["phone_internal"], $_POST["phone_external"], $_POST["postal_address"], 0, null, null, $Suboption1, 1);
//The last param 1 forces immediate publishing
$this->main_frame->AddMessage('success', 'The contact card was successfully updated.');
redirect(vip_url('directory/contacts/viewgroup/' . $_POST["group_id"]));
}
}
} else {
//Send data to form if it isnt reloaded from a update attempt
$cards_data = $this->directory_model->GetDirectoryOrganisationCardsById($Suboption1);
foreach ($cards_data as $card_data) {
if ($card_data['business_card_user_entity_id'] != 0) {
$username = $this->businesscards_model->GetUsernameFromUserId($card_data['business_card_user_entity_id']);
} else {
$username = "";
}
$data['card_form'] = array('card_name' => $card_data['business_card_name'], 'card_title' => $card_data['business_card_title'], 'group_id' => $card_data['business_card_business_card_group_id'], 'card_username' => $username, 'card_course' => $card_data['business_card_course'], 'email' => $card_data['business_card_email'], 'card_about' => $card_data['business_card_blurb'], 'postal_address' => $card_data['business_card_postal_address'], 'phone_mobile' => $card_data['business_card_mobile'], 'phone_internal' => $card_data['business_card_phone_internal'], 'phone_external' => $card_data['business_card_phone_external']);
}
}
// Business Card Groups
$groups = $this->directory_model->GetDirectoryOrganisationCardGroups(VipOrganisation());
foreach ($groups as $group) {
$data['groups'][] = array('name' => $group['business_card_group_name'], 'id' => $group['business_card_group_id'], 'href' => vip_url('directory/cards/filter/cardgroup/' . $group['business_card_group_id']));
}
// Set the title parameters
$this->main_frame->SetTitleParameters(array('organisation' => VipOrganisationName(), 'name' => $business_cards[0]['name']));
$this->main_frame->SetContentSimple('directory/viparea_directory_contacts', $data);
}
$this->_SetupOrganisationNavbar();
$this->main_frame->SetPage('contacts');
// Load the main frame
$this->main_frame->Load();
}
<h2 class="first">Your Rep</h2>
<div class="Entry">
<?php
if ($rep['has_rep'] == true) {
echo ' <p>' . "\n";
echo ' Your rep is: ' . xml_escape($rep['firstname'] . ' ' . $rep['surname']) . "\n";
echo ' </p>' . "\n";
} else {
echo ' <p>' . "\n";
echo ' You have no dedicated rep, so our pr officers ' . xml_escape($rep['name']) . ' are looking after you.' . "\n";
echo ' </p>' . "\n";
}
?>
<p>
<?php
echo ' <a href="' . vip_url('contactpr') . '">Contact Your Rep</a>' . "\n";
?>
</p>
</div>
</div>
<div id="MainColumn">
<div id="HomeBanner">
<img src="/images/vip_banner.jpg" title="VIP Area" width="392" height="100" alt="VIP Area" />
</div>
<div class="BlueBox">
<h2>welcome</h2>
<?php
echo $main_text;
* Functional Specification section "VIP Send Notice"
*
* @version 21/03/2007 James Hogan (jh559)
* - Created.
*
* @param $MainText string Main help text.
* @todo Default values.
*/
?>
<div id="RightColumn">
<h2 class="first">Page Information</h2>
<div class="Entry">
<p>Info about writing notices from db including link to wikitext help page.</p>
<p><a href="<?php
echo vip_url('account/email');
?>
">Email settings</a></p>
</div>
</div>
<div id="MainColumn">
<div class="BlueBox">
from email
to {teams, [remove]}, add [dropdown teams]
subject: %%organisation%%: [_________]
(header)
[wikitext input]
(footer)
</div>
</div>
<div class="Entry">
The <b>photo title</b> will be used as an alternative text for the photo that is uploaded, to make the site more accessible to people who have difficulty recognising images. Please try to make this title <b>concisely</b> describe what the image depicts.
</div>
</div>
<div id="MainColumn">
<?php
if ($images->num_rows() > 0) {
?>
<div class="BlueBox">
<?php
foreach ($images->result() as $image) {
echo $this->image->getThumb($image->photo_id, 'slideshow');
echo '<br />';
echo anchor(vip_url('directory/photos/move/' . $image->photo_id . '/up'), 'move up') . '|';
echo anchor(vip_url('directory/photos/move/' . $image->photo_id . '/down'), 'move down') . '|';
echo '<a href="' . vip_url('directory/photos/delete/' . $image->photo_id) . '" onclick="return confirm(\'Are you sure you want to delete this photo?\');">delete</a>';
echo '<br />';
}
?>
</div>
<?php
}
?>
<?php
$CI =& get_instance();
$CI->load->view('uploader/upload_single_photo', array('action_url' => vip_url('directory/photos/upload')));
?>
</div>
echo ' <b>This organisation has no groups or cards.</b>';
echo ' </p>';
echo ' </div>';
echo ' </div>' . "\n";
echo ' <div id="WrapAddToGroup" style="display: block;">' . "\n";
echo ' </div>' . "\n";
}
?>
<?php
if ($no_groups == false) {
?>
<div class="BlueBox" id="WrapAddToGroup" style="display: none;">
<h2>add a new business card</h2>
<form method="post" action="<?php
echo vip_url('directory/contacts');
?>
">
<fieldset>
<label for="card_name">Name:</label>
<input type="text" name="card_name" id="card_name" value="<?php
if (!empty($card_form['card_name'])) {
echo xml_escape($card_form['card_name']);
}
?>
" />
<label for="card_title">Title:</label>
<input type="text" name="card_title" id="card_title" value="<?php
if (!empty($card_form['card_title'])) {
echo xml_escape($card_form['card_title']);
}
/**
* @param $SelectedPage string Selected Page.
* @pre CheckPermissions must have already been called.
*/
protected function _SetupTabs($SelectedPage)
{
$navbar = $this->main_frame->GetNavbar();
$navbar->AddItem('admin', 'Admin', vip_url('account'));
$navbar->AddItem('email', 'Email', vip_url('account/email'));
$navbar->AddItem('identities', 'Identities', vip_url('account/identities'));
if (!$this->user_auth->isUser) {
$navbar->AddItem('password', 'Password', vip_url('account/password'));
}
//$navbar->AddItem('maintainer', 'Maintainer',
// vip_url('account/maintainer'));
$this->main_frame->SetPage($SelectedPage);
}
?>
'" value='Approve' class='button' />
<?php
} else {
echo "<small>Waiting approval.</small>";
}
}
if (PermissionsSubset('pr', GetUserLevel()) || PermissionsSubset('vip', GetUserLevel())) {
?>
<input name='member_delete_button' type='submit' onClick="return confirm('Are you sure you want to delete <?php
echo xml_escape($business_card['name']);
?>
's contact card?');" value='Delete' class='button' />
<?php
}
if (!isset($url)) {
$url = vip_url('directory/cards/' . $business_card['id'] . '/edit');
}
?>
<input name='member_edit_button' type='button' onClick="parent.location=<?php
echo xml_escape(js_literalise($url));
?>
" value='Edit' class='button' />
</fieldset>
</form>
<?php
}
?>
</p>
</div>
return true;
}
function show_password_form() {
var editor_access = document.getElementById('editor_level_access');
var password_form = document.getElementById('password_form');
password_form.style.display = (editor_access.checked ? 'block' : 'none');
}
// ]]>
</script>
<?php
if ('manage' === VipMode()) {
?>
<div class='BlueBox'>
<h2>Office Access</h2>
<form action="<?php
echo vip_url('members/info/' . $membership['user_id']);
?>
" class="form" method='POST' onSubmit="return submit_checker();">
<fieldset>
<label for='office_access_level'>Access level:</label>
<input style="float:none;" type="radio" onChange="show_password_form()" id="none_level_access" name="office_access_level" value="none" <?php
if (!($membership['office_writer_access'] || $membership['office_editor_access'])) {
echo 'checked="checked"';
}
?>
> No Access
<input style="float:none;" type="radio" onChange="show_password_form()" id="writer_level_access" name="office_access_level" value="writer" <?php
if ($membership['office_writer_access']) {
echo 'checked="checked"';
}
?>
/**
* @param $Permission string or array of the following levels (in the order that
* they are to be obtained:
* - 'public' - anyone
* - 'student' - must be logged on
* - 'vip' - must be logged on as a vip
* - 'vip+pr' - must be logged on as a vip or a pr rep
* - 'office' - must be in the office
* - 'pr' - must be in the office as a pr rep
* - 'editor' - must be in the office as an editor
* - 'admin' - must be in the office as an administrator
* @param $LoadMainFrame bool Whether to load the mainframe if permision hasn't
* yet been acquired (for the login screen).
* @return bool Whether enough privilages.
*/
function CheckPermissions($Permission = 'public', $LoadMainFrame = TRUE, $NoPost = FALSE)
{
// Start a session
$CI =& get_instance();
// Initialisation stuff
$CI->load->library('messages');
$CI->load->model('user_auth');
$CI->load->model('pages_model');
// Decide on output format
if (isset($_POST['fb_sig'])) {
/// @todo AUTHENTICATE FACEBOOK
OutputMode('fbml');
global $_SESSION;
$_SESSION = array();
} else {
if (isset($_GET['opmode'])) {
OutputMode($_GET['opmode']);
} else {
OutputMode(DefaultOutputMode());
}
}
// If the output mode is not supported, show a 404
if (!in_array(OutputMode(), OutputModes())) {
show_404();
}
// Translate some auxilliary permissions
$auxilliary_permissions = array('moderator' => 'editor');
if (array_key_exists($Permission, $auxilliary_permissions)) {
$Permission = $auxilliary_permissions[$Permission];
}
$user_level = GetUserLevel();
// URL analysis regarding vip area
$thru_viparea = $CI->uri->total_segments() >= 1 && $CI->uri->segment(1) === 'viparea';
$thru_office_pr = $CI->uri->total_segments() >= 3 && $CI->uri->segment(1) === 'office' && $CI->uri->segment(2) === 'pr' && $CI->uri->segment(3) === 'org';
$thru_office_manage = $CI->uri->total_segments() >= 2 && $CI->uri->segment(1) === 'office' && $CI->uri->segment(2) === 'manage';
$company_short_name = $CI->config->Item('company_organisation_id');
$organisation_specified = FALSE;
if ($thru_viparea) {
if ($CI->uri->total_segments() > 1) {
$organisation_shortname = $CI->uri->segment(2);
$organisation_specified = TRUE;
VipSegments(2);
} else {
$organisation_shortname = $CI->user_auth->organisationShortName;
}
// don't allow access to vip area of the company, only through office/manage
if ($organisation_shortname === $company_short_name) {
$organisation_shortname = '';
$CI->user_auth->logoutOrganisation();
redirect('');
}
vip_url('viparea/' . $organisation_shortname . '/', TRUE);
} elseif ($thru_office_pr) {
$organisation_shortname = $CI->uri->segment(4);
$organisation_specified = TRUE;
VipSegments(4);
vip_url('office/pr/org/' . $organisation_shortname . '/', TRUE);
} elseif ($thru_office_manage) {
$organisation_shortname = $company_short_name;
$organisation_specified = TRUE;
VipSegments(2);
vip_url('office/manage/', TRUE);
} else {
$organisation_shortname = '';
}
VipOrganisation(FALSE, $organisation_shortname);
VipOrganisation(TRUE, $CI->user_auth->organisationShortName);
// Login actions for student/vip/office logins
$student_login_action = array('redirect+url', 'login/main', 'post' => TRUE);
if ($organisation_specified) {
$vip_login_action = array('redirect+url', 'login/vipswitch/' . $organisation_shortname, 'post' => TRUE);
} else {
$vip_login_action = array('redirect+url', 'login/vip', 'post' => TRUE);
}
$office_login_action = array('redirect+url', 'login/office', 'post' => TRUE);
// If vip+pr, use URI to decide which
if ($Permission === 'vip+pr') {
$Permission = $thru_viparea ? 'vip' : ($thru_office_pr ? 'pr' : ($thru_office_manage ? 'manage' : ''));
} elseif ($Permission === 'vip') {
$Permission = $thru_viparea ? 'vip' : ($thru_office_manage ? 'manage' : '');
} elseif ($thru_office_pr && $Permission !== 'pr' || $thru_viparea && $Permission !== 'vip' || $thru_office_manage && $Permission !== 'manage') {
$Permission = '';
}
// Matrix indexed by user level, then page level, of behaviour
// Possible values:
// NULL/notset http error 404
// TRUE allowed
// array specially handled
// otherwise access denied
if ($user_level === 'public') {
$action_levels = array('public' => TRUE, 'student' => $student_login_action, 'vip' => $student_login_action, 'office' => $student_login_action, 'pr' => $student_login_action, 'editor' => $student_login_action, 'manage' => $student_login_action, 'admin' => $student_login_action);
} elseif ($user_level === 'student') {
$action_levels = array('public' => TRUE, 'student' => TRUE, 'vip' => $vip_login_action, 'office' => $office_login_action, 'pr' => $office_login_action, 'editor' => $office_login_action, 'manage' => $office_login_action, 'admin' => $office_login_action);
} elseif ($user_level === 'organisation') {
// Logged in from public as organisation
$allow_vip = array_key_exists($organisation_shortname, $CI->user_auth->allTeams);
$action_levels = array('public' => TRUE, 'student' => TRUE, 'vip' => $allow_vip, 'office' => FALSE, 'pr' => FALSE, 'editor' => FALSE, 'manage' => FALSE, 'admin' => FALSE);
if ($allow_vip) {
VipOrganisationId(FALSE, $CI->user_auth->allTeams[$organisation_shortname][0]);
VipOrganisationName(FALSE, $CI->user_auth->allTeams[$organisation_shortname][1]);
VipOrganisationId(TRUE, $CI->user_auth->organisationLogin);
VipOrganisationName(TRUE, $CI->user_auth->organisationName);
VipMode('viparea');
VipLevel('write', TRUE);
}
} elseif ($user_level === 'vip') {
// Logged in as student and in VIP area
$vip_door_open_action = array('message', 'warning', HtmlButtonLink(site_url('logout/vip' . $CI->uri->uri_string()), 'Leave VIP Area') . $CI->pages_model->GetPropertyText('login:warn_open_vip', TRUE), TRUE);
$allow_vip = array_key_exists($organisation_shortname, $CI->user_auth->allTeams);
if ($allow_vip) {
$vip_accessible = TRUE;
VipOrganisationId(FALSE, $CI->user_auth->allTeams[$organisation_shortname][0]);
VipOrganisationName(FALSE, $CI->user_auth->allTeams[$organisation_shortname][1]);
VipOrganisationId(TRUE, $CI->user_auth->organisationLogin);
VipOrganisationName(TRUE, $CI->user_auth->organisationName);
VipMode('viparea');
VipLevel('write', TRUE);
} else {
// check permissions to access this organisation
$vip_organisations = $CI->user_auth->getOrganisationLogins();
foreach ($vip_organisations as $organisation) {
if ($organisation['organisation_directory_entry_name'] == $organisation_shortname) {
$vip_accessible = $vip_login_action;
break;
}
}
if (!isset($vip_accessible)) {
$vip_accessible = FALSE;
}
}
$action_levels = array('public' => $vip_door_open_action, 'student' => $vip_door_open_action, 'vip' => $vip_accessible, 'office' => $office_login_action, 'pr' => $office_login_action, 'editor' => $office_login_action, 'manage' => $office_login_action, 'admin' => $office_login_action);
} else {
// Office
// Door left open actions
$office_door_open_action = array('message', 'warning', HtmlButtonLink(site_url('logout/office' . $CI->uri->uri_string()), 'Leave Office') . $CI->pages_model->GetPropertyText('login:warn_open_office', TRUE), TRUE);
$admin_door_open_action = $office_door_open_action;
// check permissions to access this organisation
$manage_accessible = FALSE;
$vip_organisations = $CI->user_auth->getOrganisationLogins();
foreach ($vip_organisations as $organisation) {
if ($organisation['organisation_directory_entry_name'] == $company_short_name) {
$manage_accessible = TRUE;
break;
}
}
// Refine further
if ($user_level === 'office') {
$action_levels = array('public' => $office_door_open_action, 'student' => $office_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => 'pr', 'editor' => FALSE, 'manage' => FALSE, 'admin' => FALSE);
} elseif ($user_level === 'editor') {
$action_levels = array('public' => $office_door_open_action, 'student' => $office_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => TRUE, 'editor' => TRUE, 'manage' => $manage_accessible, 'admin' => FALSE);
} elseif ($user_level === 'admin') {
$action_levels = array('public' => $admin_door_open_action, 'student' => $admin_door_open_action, 'vip' => $vip_login_action, 'office' => TRUE, 'pr' => TRUE, 'editor' => TRUE, 'manage' => $manage_accessible, 'admin' => TRUE);
}
// Change an office user to pr if they rep for the organisation
static $vipModes = array('pr' => 'office', 'manage' => 'manage');
if (array_key_exists($Permission, $vipModes)) {
// Get organisation information
$CI->db->select('organisation_entity_id AS id,' . 'organisation_name AS name,' . 'organisation_pr_rep AS rep');
$CI->db->join('entities', 'organisation_entity_id = entity_id', 'inner');
$CI->db->where(array('organisation_directory_entry_name' => $organisation_shortname, 'entity_deleted = FALSE'));
$matching_org = $CI->db->get('organisations')->result_array();
if (empty($matching_org)) {
$action_levels[$Permission] = FALSE;
} else {
$matching_org = $matching_org[0];
if ($action_levels[$Permission] === 'pr') {
$action_levels[$Permission] = TRUE;
$rep = $matching_org['rep'] == $CI->user_auth->entityId;
if ($rep) {
VipLevel('rep', TRUE);
} else {
VipLevel('read', TRUE);
}
} elseif ($action_levels[$Permission]) {
VipLevel('write', TRUE);
}
VipOrganisationId(FALSE, $matching_org['id']);
VipOrganisationName(FALSE, $matching_org['name']);
VipOrganisationId(TRUE, $matching_org['id']);
VipOrganisationName(TRUE, $matching_org['name']);
VipMode($vipModes[$Permission]);
}
}
}
$access_allowed = FALSE;
// No permission set or NULL indicates page doesn't exist at this URI
if (!array_key_exists($Permission, $action_levels) || NULL === $action_levels[$Permission]) {
return show_404();
} else {
$action = $action_levels[$Permission];
// True is allow
if (TRUE === $action) {
$access_allowed = TRUE;
} elseif (is_array($action)) {
// Array is special decider
// Perform action
switch ($action[0]) {
case 'handle':
$access_allowed = $action[1]($action[2], $Permission);
if (array_key_exists(3, $action)) {
$CI->messages->AddMessage($action[3], $action[4], FALSE);
}
break;
case 'redirect+url':
$action[1] .= $CI->uri->uri_string();
case 'redirect':
if (array_key_exists(2, $action)) {
$CI->messages->AddMessage($action[2], $action[3]);
}
if (array_key_exists('post', $action) && $action['post']) {
// store post data
if (!empty($_POST)) {
SetRedirectData($action[1], serialize($_POST));
}
}
// Before redirecting, forward on the redirected post data
$post_data = GetRedirectData();
if (NULL !== $post_data) {
SetRedirectData($action[1], $post_data);
}
// Do the redirect
redirect($action[1]);
return FALSE;
case 'message':
$CI->messages->AddMessage($action[1], $action[2], FALSE);
$access_allowed = $action[3];
break;
default:
break;
}
} else {
// Anything else is disallow
$CI->messages->AddMessage('warning', 'You do not have the ' . $Permission . ' privilages required!');
//redirect('');
}
// Restore post data
if ((TRUE === $action || is_array($action)) && !$NoPost) {
$post_data = GetRedirectData();
if (NULL !== $post_data) {
$post_data = @unserialize($post_data);
if (is_array($post_data)) {
if (!isset($_POST)) {
global $_POST;
$_POST = array();
}
foreach ($post_data as $key => $value) {
$_POST[$key] = $value;
}
}
}
}
}
if ('fbml' === OutputMode()) {
$Permission = 'facebookapp';
} elseif ('ajax' === OutputMode()) {
$Permission = 'ajax';
} elseif (FeedOutputMode()) {
$Permission = 'feed';
}
SetupMainFrame($Permission, FALSE);
if (!$access_allowed && $LoadMainFrame) {
$CI->load->library('Custom_pages');
$page = new CustomPageView('error:permissions');
$CI->main_frame->SetContent($page);
$CI->main_frame->Load();
}
return $access_allowed;
}
<div id="RightColumn">
<h2 class="first">Page Information</h2>
<div class="Entry">
<?php
echo $main_text;
?>
</div>
</div>
<div id="MainColumn">
<?php
if (empty($business_cards)) {
?>
<p>
No matching business cards found.
</p>
<?php
} else {
foreach ($business_cards as $business_card) {
$this->load->view('directory/business_card', array('business_card' => $business_card, 'editmode' => TRUE));
}
}
?>
<a href='<?php
echo vip_url('members/list');
?>
'>Back to Member Management.</a>
</div>
function events($EventId = FALSE, $OccurrenceId = FALSE)
{
show_404();
if (FALSE !== $EventId && !is_numeric($EventId)) {
show_404();
}
if (FALSE !== $OccurrenceId && !is_numeric($OccurrenceId)) {
show_404();
}
if (!CheckPermissions('vip+pr')) {
return;
}
$this->load->model('calendar/events_model');
$this->load->model('calendar/recurrence_model');
$this->load->helper('text');
if (FALSE === $EventId) {
// Quick thingy to add atandard english calendar rules to current
// organisation. Note they aren't created with occurrences.
if (FALSE) {
$rules = $this->RuleCollectionStdEngland();
foreach ($rules as $info) {
$name = $info[0];
$rule = $info[1];
/// @todo Update for new recurrence system
$rule_id = $this->recurrence_model->AddRule($rule);
if (FALSE === $rule_id) {
$this->messages->AddMessage('warning', 'RRule named ' . $name . ' could not be added');
} else {
$new_event = array('name' => $name, 'recurrence_rule_id' => $rule_id);
try {
$result = $this->events_model->EventCreate($new_event);
$this->messages->AddMessage('success', 'added ' . $name);
} catch (Exception $e) {
$this->messages->AddMessage('error', 'while creating event ' . $name . ': ' . $e->getMessage());
}
}
}
}
$fields = array('event_id' => 'events.event_id', 'name' => 'events.event_name', 'description' => 'events.event_description');
$results = $this->events_model->EventsGet($fields, FALSE, TRUE);
$events = array();
if (FALSE !== $results) {
foreach ($results as $result) {
if (!array_key_exists($result['event_id'], $events)) {
$events[$result['event_id']] = $result;
}
}
}
$op = '<OL>';
foreach ($events as $event) {
if (array_key_exists('event_recurrence_rule', $event) && NULL != $event['event_recurrence_rule']) {
$event['description'] = $event['event_recurrence_rule']->ToString() . ' - ' . $event['description'];
}
$op .= '<LI><A HREF="' . vip_url('calendar/events/' . $event['event_id']) . '">' . $event['name'] . '</A> - ' . $event['description'] . '</LI>';
}
$op .= '</OL>';
$this->main_frame->SetTitle('Events');
$this->main_frame->SetContent(new SimpleView($op));
} else {
$special_condition = 'events.event_id=' . $EventId;
if (FALSE === $OccurrenceId) {
$filter = new EventOccurrenceFilter();
$filter->DisableSource('subscribed');
$filter->SetSpecialCondition($special_condition);
$fields = array('occurrence_id' => 'event_occurrences.event_occurrence_id', 'start' => 'event_occurrences.event_occurrence_start_time', 'end' => 'event_occurrences.event_occurrence_end_time', 'status' => $filter->ExpressionPublicState());
$results = $filter->GenerateOccurrences($fields);
$occurrences = array();
foreach ($results as $result) {
if (!array_key_exists($result['occurrence_id'], $occurrences)) {
$occurrences[$result['occurrence_id']] = $result;
}
}
$op = '<H4>Existing occurrences</H4>';
$op .= '<OL>';
foreach ($occurrences as $occurrence) {
$operations = array();
if ($occurrence['status'] === 'draft') {
$operations[] = 'publish';
$operations[] = 'trash';
}
if ($occurrence['status'] === 'movedraft') {
$operations[] = 'publishmove';
$operations[] = 'restoremove';
$operations[] = 'cancelmove';
}
if ($occurrence['status'] === 'trashed') {
$operations[] = 'untrash';
}
if ($occurrence['status'] === 'published') {
$operations[] = 'cancel';
$operations[] = 'postpone';
}
if ($occurrence['status'] === 'cancelled') {
$operations[] = 'uncancel';
$operations[] = 'postpone';
}
$links = array();
foreach ($operations as $operation) {
$links[] = '<A HREF="' . vip_url('calendar/occop/' . $operation . '/' . $EventId . '/' . $occurrence['occurrence_id']) . '">' . $operation . '</A>';
}
$op .= '<LI>' . $occurrence['status'] . ' <A HREF="' . vip_url('calendar/events/' . $EventId . '/' . $occurrence['occurrence_id']) . '">' . $occurrence['start'] . ' -> ' . $occurrence['end'] . '</A> ' . ' (' . implode(', ', $links) . ') </LI>';
}
$op .= '</OL>';
// Get event information
$events = $this->events_model->EventsGet(array('events.*'), $EventId, TRUE);
// If theres a recurrence rule, use it to generate the next two
// years occurrences
if (isset($events[0]['event_recurrence_rule'])) {
$op .= '<H4>Generated occurrences in next 5 years</H4>';
$op .= '<P><em>' . $events[0]['event_recurrence_rule']->ToString() . '</em></P>';
$occurrences_calculated = array_keys($events[0]['event_recurrence_rule']->FindTimes(time(), strtotime('+5years')));
foreach ($occurrences_calculated as $key => $timestamp) {
$occurrences_calculated[$key] = date(DATE_RFC822, $timestamp);
}
$op .= '<pre>' . ascii_to_entities(var_export($occurrences_calculated, true)) . '</pre>';
}
$op .= '<H4>Event information</H4>';
$op .= '<pre>' . ascii_to_entities(var_export($events, true)) . '</pre>';
$op .= '<H4>RSVP list</H4>';
$rsvps = $this->events_model->GetEventRsvp($EventId);
$op .= '<pre>' . ascii_to_entities(var_export($rsvps, true)) . '</pre>';
$this->main_frame->SetTitle('Events');
$this->main_frame->SetContent(new SimpleView($op));
} else {
$special_condition .= ' AND event_occurrences.event_occurrence_id=' . $OccurrenceId;
$filter = new EventOccurrenceFilter();
$filter->DisableSource('subscribed');
$filter->SetRange(strtotime('-1year'), strtotime('+1year'));
$filter->SetSpecialCondition($special_condition);
$result = $filter->GenerateOccurrences(array('occurrence_id' => 'event_occurrences.event_occurrence_id', 'start' => 'event_occurrences.event_occurrence_start_time', 'end' => 'event_occurrences.event_occurrence_end_time', 'active_id' => 'event_occurrences.event_occurrence_active_occurrence_id', 'rescheduled_start' => 'active_occurrence.event_occurrence_start_time', 'rescheduled_end' => 'active_occurrence.event_occurrence_end_time', 'status' => $filter->ExpressionPublicState(), 'cancelled' => $filter->ExpressionPublicCancelled(), 'postponed' => $filter->ExpressionPublicPostponed(), 'rescheduled' => $filter->ExpressionPublicRescheduled(), 'ts' => 'event_occurrences.event_occurrence_last_modified'));
$rsvps = $this->events_model->GetOccurrenceRsvp($OccurrenceId);
$op = '<pre>' . ascii_to_entities(var_export($result, true)) . '</pre><pre>' . ascii_to_entities(var_export($rsvps, true)) . '</pre>';
$this->main_frame->SetContent(new SimpleView($op));
}
}
// Load the main frame
$this->main_frame->Load();
}
