function show_page()
{
$query = 'SELECT * FROM users WHERE id="' . $_SESSION['user_id'] . '" LIMIT 1';
$result = DB::queryRaw($query);
$row = mysqli_fetch_assoc($result);
$cell = format_phone_number($row['cell']);
if ($cell == '') {
$cell = 'None';
}
page_title('Approve');
?>
<h1>Account Approval</h1>
Your account has been verified, but it must be approved by a captain. Please print this page and bring it to practice.<br />
<br />
<div class="scrhide">
<span class="b">ID: </span><?php
echo $row['id'];
?>
<br />
<span class="b">Name: </span><?php
echo $row['name'];
?>
<br />
<span class="b">Cell: </span><?php
echo $cell;
?>
<br />
<span class="b">Email: </span><?php
echo $row['email'];
?>
<br />
<span class="b">YOG: </span><?php
echo $row['yog'];
?>
<br />
<span class="b">Account Type: </span><?php
echo $row['permissions'];
?>
</div>
<?php
}
function show_page_for_members()
{
// Make certain links open in a new tab/window
global $use_rel_external_script, $CAPTAIN_EMAIL, $WEBMASTER_EMAIL;
$use_rel_external_script = true;
page_header('Contact');
echo <<<HEREDOC
<h1>Contact</h1>
<ul>
<li>
<span class="b">All Captains</span><br />
<a href="mailto:{$CAPTAIN_EMAIL}" rel="external">{$CAPTAIN_EMAIL}</a><br />
<br />
\t\t <br />
</li>
HEREDOC;
// Fetch Data
$query = 'SELECT name, email, cell FROM users WHERE permissions="C"';
$result = DB::queryRaw($query);
$row = mysqli_fetch_assoc($result);
while ($row) {
echo " <li>\n" . " <span class=\"b\">{$row['name']}</span><br />\n" . " <a href=\"mailto:{$row['email']}\" rel=\"external\">{$row['email']}</a><br />\n";
$cell = format_phone_number($row['cell']);
if ($cell != 'None') {
echo " {$cell}<br />\n";
}
echo " </li>\n";
$row = mysqli_fetch_assoc($result);
}
echo <<<HEREDOC
<br><li>
If you experience difficulty using this site, please
<a href="mailto:{$WEBMASTER_EMAIL}" rel="external">
email the Webmaster</a>
</li>
</ul>
<br />
HEREDOC;
}
/**
* Get the formatted value of a field
*
* This is used for HTML and non-HTML output so HTML should not be added
* - see printFieldValue below for that.
*/
public function getFormattedValue($name, $value = null)
{
if (!isset($this->fields[$name])) {
trigger_error('Cannot get value for field ' . ents($name) . ' - field does not exist', E_USER_WARNING);
return NULL;
}
if (is_null($value)) {
$value = array_get($this->values, $name, NULL);
}
$field = $this->fields[$name];
if (!empty($field['references'])) {
$obj =& $GLOBALS['system']->getDBObject($field['references'], $value);
if (!is_null($obj)) {
if (!array_get($field, 'show_id', true)) {
return $obj->toString();
} else {
return $obj->toString() . ' (#' . $value . ')';
}
} else {
if ($value != 0) {
return $value;
}
}
return '';
}
switch ($field['type']) {
case 'select':
return array_get($field['options'], $value, '(Invalid Value)');
break;
case 'datetime':
if (empty($value) && array_get($field, 'allow_empty')) {
return '';
}
return format_datetime($value);
break;
case 'date':
if (empty($value) && array_get($field, 'allow_empty')) {
return '';
}
return format_date($value);
break;
case 'bibleref':
require_once 'bible_ref.class.php';
$br = new bible_ref($value);
return $br->toShortString();
break;
case 'phone':
return format_phone_number($value, $field['formats']);
break;
default:
if (is_array($value)) {
return '<pre>' . print_r($value, 1) . '</pre>';
} else {
return $value;
}
}
}
function format_value($value, $params)
{
if (!empty($params['references'])) {
$obj =& $GLOBALS['system']->getDBObject($params['references'], $value);
if (!is_null($obj)) {
if (!array_get($params, 'show_id', true)) {
return $obj->toString();
} else {
return $obj->toString() . ' (#' . $value . ')';
}
} else {
if ($value != 0) {
return $value;
}
}
return '';
}
switch ($params['type']) {
case 'select':
return array_get($params['options'], $value, '(Invalid Value)');
break;
case 'datetime':
if (empty($value) && array_get($params, 'allow_empty')) {
return '';
}
return format_datetime($value);
break;
case 'date':
if (empty($value) && array_get($params, 'allow_empty')) {
return '';
}
return format_date($value);
break;
case 'bibleref':
require_once 'bible_ref.class.php';
$br = new bible_ref($value);
return $br->toShortString();
break;
case 'phone':
return format_phone_number($value, $params['formats']);
break;
default:
if (is_array($value)) {
return '<pre>' . print_r($value, 1) . '</pre>';
} else {
return $value;
}
}
}
$result = $db->Execute('SELECT * FROM ' . DB::$calls . ' ORDER BY ' . DB::$calls_start_time . ' DESC');
$total_call_duration = 0;
$total_call_count = $result->RecordCount();
// This data is used by the JS charting library to display a dot chart
// showing the calls received each hour. Each slot in the array
// corresponds to an hour in the day.
$call_volume_chart_data = array(0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0);
while ($row = $result->FetchRow()) {
$from = $row[DB::$calls_from];
$location = $row[DB::$calls_location];
$start_time = new DateTime($row[DB::$calls_start_time], $server_timezone);
$duration = ceil($row[DB::$calls_duration] / 60);
$total_call_duration += $duration;
$call_volume_chart_data[$start_time->format('G')] += 1;
$start_time->setTimezone($local_timezone);
$call['from'] = format_phone_number($from);
$call['location'] = $location;
$call['start_time'] = $start_time->format('F j, Y \\a\\t g:i A');
$call['duration'] = $duration;
$calls[] = $call;
}
} catch (ADODB_Exception $e) {
$error = 'An error occurred while connecting to the database. Please try again later.';
}
$data->assign('total_call_count', $total_call_count);
$data->assign('total_call_duration', $total_call_duration);
$data->assign('total_spent', money_format('%i', $total_call_duration * CALL_COST));
$data->assign('call_volume_chart_data', implode(', ', $call_volume_chart_data));
$data->assign('calls', $calls);
$data->assign('error', $error);
$dwoo->output($tpl, $data);
function show_page()
{
// Get data about user
$query = 'SELECT *, DATE_FORMAT(creation_date, "%M %e, %Y") AS formatted_creation FROM users WHERE id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" LIMIT 1';
$result = DB::queryRaw($query);
// have MySQL format the date for us
if (mysqli_num_rows($result) != 1) {
trigger_error('User not found', E_USER_ERROR);
}
// ** User Found, info valid at this point **
$row = mysqli_fetch_assoc($result);
// Page header
global $use_rel_external_script;
// direct page_header to include some javascript that will make links
$use_rel_external_script = true;
// marked as rel="external" open in a new tab while remaining XHTML-valid
page_header($row['name']);
// the title of the page is the user's name; helpful if you open multiple users in different tabs
echo <<<HEREDOC
<h1>View User</h1>
HEREDOC;
// Format Data
$email_verified = 'No';
if ($row['email_verification'] == '1') {
$email_verified = 'Yes';
}
$cell = format_phone_number($row['cell']);
$permissions = $row['permissions'];
$account_type = 'Regular';
if ($permissions == 'C') {
$account_type = 'Captain';
} else {
if ($permissions == 'A') {
$account_type = 'Non-Captain Admin';
} else {
if ($permissions == 'L') {
$account_type = 'Alumnus';
} else {
if ($permissions == 'T') {
$account_type = 'Temporary';
}
}
}
}
// mailing list status
$mailings = 'No';
if ($row['mailings'] == '1') {
$mailings = 'Yes';
}
// Format Approval Status line
//
// depending on whether the user is approved, banned, or in limbo, the link next to that
// information needs to un-approve, un-ban, or approve/ban the user
// eg. "Approval Status: Approved (to un-approve, click here)"
if ($row['approved'] == '-1') {
$approval_status = 'Banned';
$approval_line = " <span class=\"small\">(<a href=\"Edit_User?Approve&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">approve</a> | <a href=\"Edit_User?Unapprove&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">make pending</a>)</span>";
} else {
if ($row['approved'] == '0') {
$approval_status = 'Pending';
$approval_line = " <span class=\"small\">(<a href=\"Edit_User?Approve&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">approve</a> | <a href=\"Edit_User?Ban&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">ban</a>)</span>";
} else {
if ($row['approved'] == '1') {
$approval_status = 'Approved';
$approval_line = " <span class=\"small\">(<a href=\"Edit_User?Ban&ID={$row['id']}&xsrf_token={$_SESSION['xsrf_token']}&Return=View\">ban</a>)</span>";
}
}
}
echo <<<HEREDOC
<table class="spacious">
<tr>
<td>Name:</td>
<td>
<span class="b">{$row['name']}</span>
<span class="small">(<a href="Edit_User?Change_Name&ID={$row['id']}&Return=View">change</a>)</span>
</td>
</tr><tr>
<td>Email Address:</td>
<td class="b"><a href="mailto:{$row['email']}" rel="external">{$row['email']}</a></td>
</tr><tr>
<td>Cell Phone Number: </td>
<td class="b">{$cell}</td>
</tr><tr>
<td>Year of Graduation:</td>
<td>
<span class="b">{$row['yog']}</span>
<span class="small">(<a href="Edit_User?Change_YOG&ID={$row['id']}&Return=View">change</a>)</span>
<br /><br />
</td>
</tr><tr>
<td>ID:</td>
<td><span class="b">{$row['id']}</span></td>
</tr><tr>
<td>Account Type:</td>
<td>
<span class="b">{$account_type}</span>
<span class="small">(<a href="Edit_User?Change_Permissions&ID={$row['id']}&Return=View">change</a>)</span>
</td>
</tr><tr>
<td>Mailing List:</td>
<td><span class="b">{$mailings}</span></td>
</tr><tr>
<td>Approval Status:</td>
<td>
<span class="b">{$approval_status}</span>
{$approval_line}
</td>
</tr><tr>
<td>Email Verified:</td>
<td class="b">{$email_verified}</td>
</tr><tr>
<td>Creation Date:</td>
<td><span class="b">{$row['formatted_creation']}</span></td>
</tr><tr>
<td>Registered From:</td>
<td class="b">{$row['registration_ip']}</td>
</tr>
</table>
<br />
<span class="small i">Only users are able to edit their email address and cell phone number.</span>
HEREDOC;
// Show test scores
$query = 'SELECT test_scores.score AS score, tests.name AS name, tests.total_points AS total, DATE_FORMAT(tests.date, "%M %e, %Y") AS formatted_date, test_scores.score_id AS score_id' . ' FROM test_scores' . ' INNER JOIN tests ON tests.test_id=test_scores.test_id' . ' WHERE test_scores.user_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" AND archived="0"' . ' ORDER BY tests.date DESC';
$result = DB::queryRaw($query);
if (mysqli_num_rows($result) > 0) {
echo <<<HEREDOC
<br /><br /><br /><br /><br />
<h4>Recent Test Scores</h4>
<table class="contrasting">
<tr>
<th>Test</th>
<th>Score</th>
<th>Maximum</th>
<th>Date</th>
<th></th>
</tr>
HEREDOC;
$row = mysqli_fetch_assoc($result);
while ($row) {
echo <<<HEREDOC
<tr>
<td>{$row['name']}</td>
<td class="text-centered">{$row['score']}</td>
<td class="text-centered">{$row['total']}</td>
<td>{$row['formatted_date']}</td>
<td><a href="Delete_Score?ID={$row['score_id']}&xsrf_token={$_SESSION['xsrf_token']}">Delete</a></td>
</tr>
HEREDOC;
$row = mysqli_fetch_assoc($result);
}
echo <<<HEREDOC
</table>
HEREDOC;
}
$query = 'SELECT test_scores.score AS score, tests.name AS name, tests.total_points AS total, DATE_FORMAT(tests.date, "%M %e, %Y") AS formatted_date, test_scores.score_id AS score_id' . ' FROM test_scores' . ' INNER JOIN tests ON tests.test_id=test_scores.test_id' . ' WHERE test_scores.user_id="' . mysqli_real_escape_string(DB::get(), $_GET['ID']) . '" AND archived="1"' . ' ORDER BY tests.date DESC';
$result = DB::queryRaw($query);
if (mysqli_num_rows($result) > 0) {
echo <<<HEREDOC
<br /><br />
<h4>Old Test Scores</h4>
<table class="contrasting">
<tr>
<th>Test</th>
<th>Score</th>
<th>Maximum</th>
<th>Date</th>
<th></th>
</tr>
HEREDOC;
$row = mysqli_fetch_assoc($result);
while ($row) {
echo <<<HEREDOC
<tr>
<td>{$row['name']}</td>
<td class="text-centered">{$row['score']}</td>
<td class="text-centered">{$row['total']}</td>
<td>{$row['formatted_date']}</td>
<td><a href="Delete_Score?ID={$row['score_id']}&xsrf_token={$_SESSION['xsrf_token']}">Delete</a></td>
</tr>
HEREDOC;
$row = mysqli_fetch_assoc($result);
}
echo <<<HEREDOC
</table>
HEREDOC;
}
}
$excel .= '<table border="1" cellspacing="0" width="100%" style="font-family:arial; font-size:14px;" cellpadding="5">
<tr>
<th>First Name</th>
<th>Last Name</th>
<th>Phone</th>
<th>Email</th>
<th>Source</th>
<th>Date</th>
</tr>
';
foreach ($result as $rows) {
$date = new DateTime($rows->date);
$excel .= '<tr>
<td>' . $rows->first_name . '</td>
<td>' . $rows->last_name . '</td>
<td>' . format_phone_number($rows->phone) . '</td>
<td>' . $rows->email . '</td>
<td>' . $rows->source . '</td>
<td>' . $date->format('m/d/Y') . '</td>
</tr>';
}
$excel .= '</table>';
$filename1 = 'patients_' . date('Y-m-d') . '.doc';
$filename2 = 'patients_' . date('Y-m-d') . '.xls';
$pdf_output = 'patients_' . date('Y-m-d') . '.pdf';
if ($etype == 'word') {
header("Content-type: application/msword");
header("Content-Disposition: attachment; filename={$filename1}");
header("Pragma: no-cache");
header("Expires: 0");
print $excel;
function print_widget($name, $params, $value)
{
$classes = array_get($params, 'class', '');
if (!array_get($params, 'allow_empty', 1)) {
$classes .= ' compulsory';
}
$attrs = array();
foreach (array_get($params, 'attrs', array()) as $attr => $val) {
$attrs[] = $attr . '="' . ents($val) . '"';
}
$attrs = implode(' ', $attrs);
switch ($params['type']) {
case 'phone':
$lengths = get_valid_phone_number_lengths($params['formats']);
$width = max(get_phone_format_lengths($params['formats']));
?>
<input name="<?php
echo $name;
?>
" type="tel" size="<?php
echo $width;
?>
" value="<?php
echo format_phone_number($value, $params['formats']);
?>
" class="phone-number" validlengths="<?php
echo implode(',', $lengths);
?>
" <?php
echo $attrs;
?>
/>
<?php
break;
case 'bibleref':
require_once 'bible_ref.class.php';
$br = new bible_ref($value);
$value = $br->toShortString();
$params['class'] = 'bible-ref';
// fall through
// fall through
case 'text':
case 'email':
$maxlength_exp = empty($params['maxlength']) ? '' : 'maxlength="' . $params['maxlength'] . '"';
if (array_get($params, 'height', 1) > 1) {
$cols_exp = empty($params['width']) ? '' : 'cols="' . $params['width'] . '"';
?>
<textarea name="<?php
echo $name;
?>
" rows="<?php
echo $params['height'];
?>
" <?php
echo $cols_exp;
?>
class="<?php
echo trim($classes);
?>
" <?php
echo $maxlength_exp;
?>
><?php
echo ents($value);
?>
</textarea>
<?php
} else {
$width_exp = empty($params['width']) ? '' : 'size="' . $params['width'] . '"';
$regex_exp = empty($params['regex']) ? '' : 'regex="' . trim($params['regex'], '/ ') . '"';
$autocomplete_exp = isset($params['autocomplete']) ? 'autocomplete=' . ($params['autocomplete'] ? 'on' : 'off') . '"' : '';
?>
<input type="<?php
echo $params['type'];
?>
" name="<?php
echo $name;
?>
" value="<?php
echo ents($value);
?>
" class="<?php
echo trim($classes);
?>
" <?php
echo implode(' ', array($maxlength_exp, $width_exp, $regex_exp, $autocomplete_exp));
?>
<?php
echo $attrs;
?>
/>
<?php
}
break;
case 'html':
static $includedCK = false;
if (!$includedCK) {
?>
<script src="<?php
echo BASE_URL . 'resources/ckeditor/ckeditor.js';
?>
"></script>
<?php
}
?>
<textarea class="ckeditor" name="<?php
echo $name;
?>
" <?php
echo $attrs;
?>
><?php
echo $value;
?>
</textarea>
<?php
break;
case 'int':
$classes .= ' int-box';
$width_exp = '';
if (!empty($params['width'])) {
$width_exp = 'size="' . $params['width'] . '" ';
} else {
$width_exp = 'size="3" ';
}
?>
<input type="text" name="<?php
echo $name;
?>
" value="<?php
echo $value;
?>
" class="<?php
echo trim($classes);
?>
" <?php
echo $width_exp;
?>
<?php
echo $attrs;
?>
/>
<?php
break;
case 'select':
$our_val = is_array($value) ? $value : ($value === '' ? array() : array("{$value}"));
foreach ($our_val as $k => $v) {
$our_val[$k] = "{$v}";
}
if (array_get($params, 'style', 'dropbox') == 'colour-buttons') {
?>
<div class="radio-button-group <?php
echo array_get($params, 'class', '');
?>
"
<?php
if (!SizeDetector::isNarrow()) {
echo ' tabindex="1"';
}
?>
>
<input type="hidden" name="<?php
echo $name;
?>
" value="<?php
echo reset($our_val);
?>
" />
<?php
foreach ($params['options'] as $k => $v) {
$classes = 'btn value-' . $k;
if (in_array("{$k}", $our_val, true)) {
$classes .= ' active';
}
?>
<div
class="<?php
echo $classes;
?>
"
title="<?php
echo $v;
?>
"
data-val="<?php
echo $k;
?>
"
>
<?php
echo strtoupper($v[0]);
?>
</div>
<?php
}
?>
</div>
<?php
} else {
if (array_get($params, 'allow_multiple')) {
$height = array_get($params, 'height', min(count($params['options']), 4));
if (substr($name, -2) != '[]') {
$name .= '[]';
}
$style = 'height: ' . $height * 1.8 . 'em';
$classes .= ' multi-select';
// the empty onclick below is to make labels work on iOS
// see http://stackoverflow.com/questions/5421659/html-label-command-doesnt-work-in-iphone-browser
?>
<div class="<?php
echo $classes;
?>
" style="<?php
echo $style;
?>
" tabindex="0" onclick="" <?php
echo $attrs;
?>
>
<?php
foreach ($params['options'] as $k => $v) {
$checked_exp = in_array("{$k}", $our_val, true) ? ' checked="checked"' : '';
$disabled_exp = !empty($params['disabled_prefix']) && strpos($k, $params['disabled_prefix']) === 0 ? ' disabled="disabled" ' : '';
?>
<label class="checkbox" title="<?php
echo ents($v);
?>
">
<input type="checkbox" name="<?php
echo $name;
?>
" value="<?php
echo $k;
?>
" <?php
echo $checked_exp . $disabled_exp;
?>
>
<?php
echo ents($v);
?>
</label>
<?php
}
?>
</div>
<?php
} else {
?>
<select name="<?php
echo $name;
?>
" class="<?php
echo $classes;
?>
" <?php
echo $attrs;
?>
>
<?php
if (array_get($params, 'allow_empty') && !array_get($params, 'allow_multiple')) {
?>
<option value=""><?php
echo array_get($params, 'empty_text', '(None)');
?>
</option>
<?php
}
foreach (array_get($params, 'options', array()) as $k => $v) {
$selected_exp = in_array("{$k}", $our_val, true) ? ' selected="selected"' : '';
$disabled_exp = !empty($params['disabled_prefix']) && strpos($k, $params['disabled_prefix']) === 0 ? ' disabled="disabled" ' : '';
?>
<option value="<?php
echo $k;
?>
"<?php
echo $selected_exp . $disabled_exp;
?>
><?php
echo ents($v);
?>
</option>
<?php
}
?>
</select>
<?php
}
}
break;
case 'date':
$day_year_classes = trim($classes . ' int-box');
if (FALSE === strpos($name, '[')) {
$name_template = $name . '%s';
} else {
$name_template = substr($name, 0, strpos($name, '[')) . '%s' . substr($name, strpos($name, '['));
}
$months = array();
if (array_get($params, 'allow_empty', false)) {
$months[''] = '(Month)';
}
for ($i = 1; $i < 13; $i++) {
$months[$i] = date(array_get($params, 'month_format', 'F'), strtotime("2007-{$i}-01"));
}
if (empty($value)) {
$value = date('Y-m-d');
}
// blank dates not allowed
list($year_val, $month_val, $day_val) = explode('-', substr($value, 0, 10));
?>
<span class="nowrap" <?php
echo $attrs;
?>
>
<input type="text" name="<?php
printf($name_template, '_d');
?>
" class="day-box <?php
echo $day_year_classes;
?>
" size="2" maxlength="2" value="<?php
echo $day_val;
?>
" placeholder="DD" /><select name="<?php
printf($name_template, '_m');
?>
" class="month-box <?php
echo $classes;
?>
">
<?php
foreach ($months as $i => $month_name) {
$selected = $i == $month_val ? ' selected="selected"' : '';
?>
<option value="<?php
echo $i;
?>
"<?php
echo $selected;
?>
><?php
echo $month_name;
?>
</option>
<?php
}
?>
</select><input type="text" name="<?php
printf($name_template, '_y');
?>
" class="year-box <?php
echo $day_year_classes;
?>
" size="4" maxlength="4" value="<?php
echo $year_val;
?>
" placeholder="YYYY"/>
</span>
<?php
break;
case 'reference':
if (!empty($params['references'])) {
$where = array();
if (!empty($params['filter']) && is_array($params['filter'])) {
$where = $params['filter'];
}
$where_logic = array_get($params, 'filter_logic', 'AND');
$options = $GLOBALS['system']->getDBObjectData($params['references'], $where, $where_logic, array_get($params, 'order_by'));
$dummy = new $params['references']();
$our_val = is_array($value) ? $value : (empty($value) ? array() : array($value));
if (!empty($params['filter']) && is_callable($params['filter'])) {
foreach ($options as $i => $o) {
$dummy->populate($i, $o);
if (!in_array($i, $our_val) && !$params['filter']($dummy)) {
unset($options[$i]);
}
}
}
$params['options'] = array();
foreach ($options as $k => $details) {
$dummy->populate($k, $details);
$params['options'][$k] = $dummy->toString();
}
$params['type'] = 'select';
print_widget($name, $params, $value);
}
break;
case 'bitmask':
$value = (int) $value;
?>
<div class="bitmask-boxes">
<?php
$percol = false;
$cols = 3;
require_once 'include/size_detector.class.php';
if (SizeDetector::getWidth()) {
if (SizeDetector::isNarrow()) {
$cols = 1;
} else {
if (SizeDetector::isMedium()) {
$cols = 2;
}
}
}
if ($cols > 1) {
$percol = ceil(count($params['options']) / $cols);
?>
<div class="bitmask-column" <?php
echo $attrs;
?>
>
<?php
}
$i = 0;
foreach ($params['options'] as $k => $v) {
$checked_exp = ($value & (int) $k) == $k ? 'checked="checked"' : '';
// the empty onclick below is to make labels work on iOS
// see http://stackoverflow.com/questions/5421659/html-label-command-doesnt-work-in-iphone-browser
?>
<label class="checkbox" onclick="">
<input type="checkbox" name="<?php
echo ents($name);
?>
[]" value="<?php
echo ents($k);
?>
" <?php
echo $checked_exp;
?>
>
<?php
echo nbsp(ents($v));
?>
</label>
<?php
if ($percol && ++$i % $percol == 0) {
?>
</div>
<div>
<?php
}
}
if ($percol) {
?>
</div>
<?php
}
?>
</div>
<?php
break;
}
}
function show_change_cell_page($err, $selected_field)
{
// Put cursor in first field
global $body_onload;
$body_onload = 'document.forms[\'changeCell\'].' . $selected_field . '.focus()';
page_header('Change Cell');
// Get data
$query = 'SELECT cell FROM users WHERE id="' . $_SESSION['user_id'] . '" LIMIT 1';
$result = DB::queryRaw($query);
$row = mysqli_fetch_assoc($result);
$old_cell = format_phone_number($row['cell']);
// If an error message is given, put it inside this div and echo, later
if ($err != '') {
$err = "\n <div class=\"error\">{$err}</div><br />\n";
}
// If there was an error, put the last thing the user typed back in the box
global $cell;
// Assemble body of page
echo <<<HEREDOC
<h1>Change Cell Phone Number</h1>
<span class="i">Optional. You may leave your cell phone number blank.</span><br />
<br />
<br />{$err}
<form id="changeCell" method="post" action="{$_SERVER['REQUEST_URI']}">
<table class="spacious">
<tr>
<td>Current Cell Phone Number: </td>
<td><span class="b">{$old_cell}</span></td>
</tr><tr>
<td>New Cell Phone Number:</td>
<td><input type="text" name="cell" size="25" value="{$cell}"/></td>
</tr><tr>
<td>Current Password:</td>
<td><input type="password" name="pass" size="25"/></td>
</tr><tr>
<td></td>
<td>
<input type="hidden" name="xsrf_token" value="{$_SESSION['xsrf_token']}"/>
<input type="submit" name="do_change_cell" value="Change Cell Phone Number"/>
<a href="My_Profile">Cancel</a>
</td>
</tr>
</table>
</form>
HEREDOC;
}
<table border="1" style="header">
<tr font weight="bold">
<TD colspan="2">Name</TD>
<TD colspan="4">Address</TD>
<TD>Type</TD>
<TD>Last Recall</TD>
<TD>Last Exam</TD>
<TD colspan="3">Phone Numbers</TD>
<TD>Email</TD>
</TR>
<?php foreach($query as $row):?>
<tr>
<td><?=$row->FirstName?></TD>
<td><?=$row->LastName?></TD>
<td><?=$row->Address?></TD>
<td><?=$row->Address2?></TD>
<td><?=$row->City?>, <?=$row->State?> <?=$row->Zip?></TD>
<td><?=$row->Email?></TD>
<td><?=$row->Type?></TD>
<td><?=$row->LastRecall?></TD>
<td><?=$row->LastExam?></TD>
<td><? echo format_phone_number($row->Phone);?></TD>
<td><?=$row->Phone2?></TD>
<td><?=$row->Phone3?></TD>
<td><?=$row->Email?></TD>
</TR>
<?php endforeach;?>
</table>
<td><?php
echo form_input('state', $caller->state);
?>
</td>
</tr>
<tr>
<th>Zip:</th>
<td><?php
echo form_input('zip', $caller->zip);
?>
</td>
</tr>
<tr>
<th>Phone #:</th>
<td><?php
echo form_input('phone', format_phone_number($caller->phone));
?>
</td>
</tr>
<tr>
<th>E-Mail Address:</th>
<td><?php
echo form_input('email', $caller->email);
?>
</td>
</tr>
<tr>
<th>Gender:</th>
<td><?php
echo form_dropdown('gender', $gender, $caller->gender);
?>
?>
<div class="thin_90perc_box">
<table class="sample2" width="100%">
<?php
echo '<tr>';
echo '<th>Contact Date/Time</th>';
echo '<th>Phone Number</th>';
echo '<th>Username</th>';
echo '<th>Customer Name</th>';
echo '</tr>';
$number = 0;
while ($row = mysqli_fetch_assoc($result)) {
if ($row['cleaned_number'] != $number) {
$number = $row['cleaned_number'];
echo '<tr>';
echo '<td>' . $row['question_datetime'] . '</td>';
echo '<td><a href="script_results.php?show_lead=1&job=' . $_POST['job'] . '&search=1&from_date=' . $_POST['from_date'] . '&to_date=' . $_POST['to_date'] . '&customer_id=' . $row['customer_id'] . '&' . $disps . '"><img src="images/magnifier.png"> ' . format_phone_number($row['cleaned_number']) . '</a></td>';
echo '<td>' . $row['username'] . '</td>';
echo '<td>' . $row['first_name'] . " " . $row['last_name'] . '</td>';
echo '</tr>';
}
}
echo '</table></div>';
}
}
}
}
?>
<?php
require "footer.php";
/**
* @param $value
* @return string
*/
protected function formatPhoneAttribute($value)
{
return format_phone_number($value);
}
if (!XDB::execute($request, $row['pid'], $row['entrid'], 2, 'fax', $fmt_fax, $disp_fax, $row['tel_pub'])) {
echo 'WARNING: insert of professional fax number failed for profile ' . $row['pid'] . ' and entreprise ' . $row['entrid'] . ".\n";
$warnings++;
}
}
}
//import from tels
echo "\nImporting personnal phone numbers from tels...\n";
$phones = XDB::iterator('SELECT ap.pid, t.adrid, t.telid, t.tel_type, t.tel_pub, t.tel
FROM #x4dat#.tels AS t
INNER JOIN account_profiles AS ap ON (t.uid = ap.uid AND FIND_IN_SET(\'owner\', ap.perms))');
$conversions = array();
$other_count = 0;
while ($row = $phones->next()) {
$row['tel_pub'] = $row['tel_pub'] == '' ? 'private' : $row['tel_pub'];
$fmt_phone = format_phone_number($row['tel']);
if ($fmt_phone != '') {
$display = format_display_number($fmt_phone, $error);
$guess_type = guess_phone_type($row['tel_type'], $fmt_phone);
switch ($guess_type) {
case 'fixed':
case 'fax':
case 'mobile':
if (!XDB::execute('INSERT INTO profile_phones (pid, link_type, link_id, tel_id, tel_type, search_tel, display_tel, pub)
VALUES ({?}, \'address\', {?}, {?}, {?}, {?}, {?}, {?})', $row['pid'], $row['adrid'], $row['telid'], $guess_type, $fmt_phone, $display, $row['tel_pub'])) {
echo 'WARNING: insert of address phone number failed for profile ' . $row['pid'] . ', address ' . $row['adrid'] . ' and telephone id ' . $row['telid'] . ".\n";
++$warnings;
} else {
if ($row['tel_type'] == 'Autre') {
++$other_count;
} else {
function view_scl($id)
{
$scl = select_dbSCL($id);
$shift = select_dbShifts($id);
if (!$scl instanceof SCL) {
return null;
}
$persons = $scl->get_persons();
$status = $scl->get_status();
$venue = substr($id, 9);
// $venue = substr($venue,strlen($venue)-3);
if (array_key_exists('_shiftid', $_POST)) {
show_back_navigation($_POST['_shiftid'], 692, $venue);
}
// show_back_navigation($id,692);
echo "<table width=\"700\" align=\"center\" border=\"1px\">\n\t\t\t\t<tr><td colspan=\"5\" align=\"center\"><b>Sub Call List for " . get_shift_name_from_id($id) . "</b></td></tr>";
echo "<tr><td colspan=\"5\"><br>";
$v = $shift->num_vacancies();
if ($v == 1) {
echo " 1 sub";
} else {
echo " " . $v . " subs";
}
echo " needed for this shift.<br><br></td></tr>\n\t\t\t\t<br><br><tr><td> Name</td><td>Phone</td><td>Date Called</td><td>Notes</td><td>Accepted</td></tr>";
/* if($status=="closed") {
for($i=0;$i<count($persons);++$i) {
echo "<tr><td> <a href=\"personEdit.php?id=".$persons[$i][0]."\">".$persons[$i][1]." ".$persons[$i][2]."</a></td>
<td>".format_phone_number($persons[$i][3])."<br>".format_phone_number($persons[$i][4])."</td>
<td>".$persons[$i][5]."</td>
<td>".$persons[$i][6]."</td>
<td>".$persons[$i][7]."</td></tr>";
}
}
else {
*/
echo "<form method=\"POST\" style=\"margin-bottom:0;\">";
for ($i = 0; $i < count($persons); ++$i) {
if ($_SESSION['access_level'] >= 2) {
echo "<tr><td> <a href=\"personEdit.php?id=" . $persons[$i][0] . "\">" . $persons[$i][1] . " " . $persons[$i][2] . "</a></td><td>";
} else {
echo "<tr><td> " . $persons[$i][1] . " " . $persons[$i][2] . "</td><td>";
}
echo format_phone_number($persons[$i][3]) . "<br>" . format_phone_number($persons[$i][4]) . "</td>\n\t\t\t\t\t\t\t<td><textarea rows=\"2\" cols=\"20\" name=\"datecalled_" . $i . "\">" . $persons[$i][5] . "</textarea></td>\n\t\t\t\t\t\t\t<td><textarea rows=\"2\" cols=\"20\" name=\"notes_" . $i . "\">" . $persons[$i][6] . "</textarea></td>\n\t\t\t\t\t\t\t<td valign=\"top\">";
if ($persons[$i][7] == "Yes") {
echo "<br>Yes<input type=\"hidden\" name=\"accepted_" . $i . "\" value=\"Yes\">";
} else {
if ($persons[$i][7] == "No") {
echo "<br>No<input type=\"hidden\" name=\"accepted_" . $i . "\" value=\"No\">";
} else {
echo "<select name=\"accepted_" . $i . "\">\n\t\t\t\t\t\t\t\t\t\t<option value=\"-\" selected=\"selected\">-</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\"Yes\">Yes</option>\n\t\t\t\t\t\t\t\t\t\t<option value=\"No\">No</option></select>";
}
}
echo "</td></tr>";
}
echo "<tr><td align=\"right\" colspan=\"5\"><br>\n\t\t\t\t\t\t<input type=\"hidden\" name=\"_submit_save_scl_changes\" value=\"1\">\n\t\t\t\t\t\t<input type=\"hidden\" name=\"_shiftid\" value=\"" . $id . "\">\n\t\t\t\t\t\t<input type=\"submit\" value=\"Assign Subs / Save Changes\" name=\"submit\" style=\"width: 200px\"> \n\t\t\t\t\t\t</td></tr>";
// }
echo "</table>";
return $id;
}
<th>First Name</th><td><?php echo $rows->first_name; ?> </td> </tr> <tr> <th>Last Name</th><td><?php echo $rows->last_name; ?> </td> </tr> <tr> <th>Phone</th><td><?php echo format_phone_number($rows->phone); ?> </td> </tr> <tr> <th>Email</th><td><a href="mailto:<?php echo $rows->email; ?> "><?php echo $rows->email; ?> </a></td> </tr> <tr>
function process_form()
{
// INITIAL DATA FETCHING
global $name, $email, $cell, $yog, $mailings;
// so that the show_form function can use these values later
$name = htmlentities(ucwords(trim(strtolower($_POST['name']), ' \\-\'')));
foreach (array('-', '\'') as $delimiter) {
if (strpos($name, $delimiter) !== false) {
$name = implode($delimiter, array_map('ucfirst', explode($delimiter, $name)));
}
}
// forces characters after spaces, hyphens and apostrophes to be capitalized
$name = preg_replace('/[\\s\']*\\-+[\\s\']*/', '-', $name);
// removes hyphens not between two characters
$name = preg_replace('/[\\s\\-]*\'+[\\s\\-]*/', '\'', $name);
// removes apostrophes not between two characters
$name = preg_replace('/\\s+/', ' ', $name);
// removes multiple consecutive spaces
$name = preg_replace('/\\-+/', '-', $name);
// removes multiple consecutive hyphens
$name = preg_replace('/\'+/', '\'', $name);
// removes multiple consecutive apostrophes
$email = htmlentities(strtolower($_POST['email']));
$cell = htmlentities($_POST['cell']);
$yog = $_POST['yog'];
$pass = $_POST['pass1'];
$mailings = '0';
if ($_POST['mailings'] == 'Yes') {
$mailings = '1';
}
// CHECK THAT THE NAME IS VALID
if (($name = sanitize_username($name)) === false) {
alert('Your name must have only letters, hyphens, apostrophes, and spaces, and be between 3 and 30 characters long', -1);
show_form();
return;
}
if (strpos($name, ' ') == false) {
alert('Please enter both your first <span class="i">and</span> last name', -1);
show_form();
return;
}
// CHECK THAT THE EMAIL ADDRESS IS VALID
if (!val('e', $email)) {
alert('That\'s not a valid email address', -1);
show_form();
return;
}
// CHECK AND FORMAT CELL PHONE NUMBER
if ($cell != '' && ($cell = format_phone_number($cell)) === false) {
//Validate the format of the cell phone number (if it's not left blank)
alert('That\'s not a valid cell phone number', -1);
show_form();
return;
}
// CHECK THAT THE YOG IS VALID
$grade = intval(getGradeFromYOG($yog));
if ($grade < 9 || $grade > 12) {
alert('That is not a valid YOG (' . $grade . 'you have to be in high school)', -1);
show_form();
return;
}
// CHECK THAT THE PASSWORDS MATCH, MEET MINIMUM LENGTH
if ($pass != $_POST['pass2']) {
alert('The passwords that you entered do not match', -1);
show_form();
return;
}
if (strlen($pass) < 6) {
alert('Please choose a password that has at least 6 characters', -1);
show_form();
return;
}
// CHECK THAT THEY ENTERED THE RECAPTCHA CORRECTLY
// CURRENTLY BROKEN: NEED TO UPDATE RECAPTCHA
/*
$recaptcha_msg = validate_recaptcha();
if ($recaptcha_msg !== true) {
alert($recaptcha_msg, -1);
show_form();
return;
}
*/
// CHECK THAT AN ACCOUNT WITH THAT EMAIL DOES NOT ALREADY EXIST
// this is done *after* checking the reCaptcha to prevent bots from harvesting our email
// addresses via a brute-force attack.
if (DBExt::queryCount('users', 'LOWER(email)=LOWER(%s)', $email) != 0) {
alert('An account with that email address already exists', -1);
show_form();
return;
}
// CHECK THAT AN ACCOUNT WITH THE SAME NAME IN THE SAME GRADE DOES NOT EXIST
// - with the exception that if it's permissions = 'E', they probably mistyped their email and are redoing it.
if (DBExt::queryCount('users', 'LOWER(name)=%s AND yog=%i AND permissions!="E"', strtolower($name), $yog) != 0) {
alert('An account in your grade with that name already exists', -1);
show_form();
return;
}
// ** All information has been validated at this point **
$verification_code = generate_code(5);
// for verifying ownership of the email address
// Check if email address has been pre-approved
if (isset($_SESSION['PREAPPROVED']) && $email === $_SESSION['PREAPPROVED']) {
$approved = '1';
// skip Captain approval
$verification_code = '1';
// skip email verification (already done)
} else {
$approved = '0';
}
// Create database entry
$passhash = hash_pass($email, $pass);
if ($cell == '') {
$cell = 'None';
} else {
$cell = preg_replace('#[^\\d]#', '', $_POST['cell']);
}
// remove non-numbers from cell phone # again
DB::insert('users', array('name' => $name, 'email' => $email, 'passhash' => $passhash, 'cell' => $cell, 'yog' => $yog, 'mailings' => $mailings, 'approved' => $approved, 'email_verification' => $verification_code, 'registration_ip' => htmlentities(strtolower($_SERVER['REMOTE_ADDR']))));
set_login_data(DB::insertId());
// LOG THEM IN
// For pre-approved members:
if ($approved == '1') {
global $WEBMASTER_EMAIL;
$to = array($email => $name);
$subject = 'Account Created';
$body = <<<HEREDOC
Welcome to the LHS Math Club website, {$name}!
Your account has been created. If you have any questions about the site, please email
the webmaster at {$WEBMASTER_EMAIL}
HEREDOC;
send_email($to, $subject, $body, $WEBMASTER_EMAIL);
$_SESSION['HOME_welcome'] = 'Welcome to the LHS Math Club website, ' . $name . '!';
header('Location: Home');
}
$_SESSION['ACCOUNT_do_send_verification_email'] = true;
header('Location: Verify_Email');
}
<?php
if ($phones) {
foreach ($phones as $phone) {
$phone_data = json_decode($phone->value);
?>
<li class="item_data" id="item_data_<?php
echo $phone->user_meta_id;
?>
">
<span class="actions action_<?php
echo $phone_data->phone_type;
?>
"></span>
<span class="item_data"> +1 <?php
echo format_phone_number($phone_data->phone_number);
?>
</span>
<ul class="item_actions">
<li><a href="<?php
echo base_url() . 'api/users/mobile_modify/id/' . $phone->user_meta_id;
?>
" class="mobile_edit_data"><span class="actions action_edit"></span> Edit</a></li>
<li><a href="<?php
echo base_url() . 'api/users/mobile_destroy/id/' . $phone->user_meta_id;
?>
" class="mobile_delete_data" rel="<?php
echo $phone_data->phone_number;
?>
"><span class="actions action_delete"></span> Delete</a></li>
</ul>
<th>Reason For Call</th>
<th>Ethnicity</th>
</tr>
</thead>
<tbody>
<?php
if (isset($callers)) {
foreach ($callers as $caller) {
?>
<tr class="ui-helper-reset">
<td><?php
echo anchor(site_url('helpline/profile/' . $caller->ID), $caller->first_name . ' ' . $caller->last_name);
?>
</td>
<td><?php
echo format_phone_number($caller->phone);
?>
</td>
<td><?php
echo $caller->reason;
?>
</td>
<td><?php
echo $caller->ethnicity;
?>
</td>
</tr>
<?php
}
} else {
?>
<?php
if ($phones) {
foreach ($phones as $phone) {
$phone_data = json_decode($phone->value);
?>
<li class="item_data" id="item_data_<?php
echo $phone->user_meta_id;
?>
">
<span class="actions action_<?php
echo $phone_data->phone_type;
?>
"></span>
<span class="item_data"> +1 <?php
echo format_phone_number($phone->meta);
?>
</span>
<ul class="item_actions">
<li><a href="<?php
echo base_url() . 'api/users/mobile_modify/id/' . $phone->user_meta_id;
?>
" class="mobile_edit_data"><span class="actions action_edit"></span> Edit</a></li>
<li><a href="<?php
echo base_url() . 'api/users/mobile_destroy/id/' . $phone->user_meta_id;
?>
" class="mobile_delete_data" rel="<?php
echo $phone->meta;
?>
"><span class="actions action_delete"></span> Delete</a></li>
</ul>
