function addComment($props)
{
if (!$props) {
drupal_set_message(t('Insert requested with empty (filtered) data set'), 'error');
return false;
}
//global $user;
$txn = db_transaction();
try {
//$uid = $user->uid;
//$props['author'] = $uid;
$now = new DateTime();
$props['date_posted'] = $now->format('Y-m-d H:i:s');
// check for top level posts with an empty parent & set it to mysql null.
if (!isset($props['parent_id']) || empty($props['parent_id'])) {
$props['parent_id'] = null;
}
$result = FALSE;
$query = db_insert(tableName('comment'))->fields($props);
$id = $query->execute();
if ($id) {
$result = $id;
} else {
drupal_set_message(t('We could not add your comment'), 'error');
}
} catch (Exception $ex) {
$txn->rollback();
drupal_set_message(t('We could not add your comment. ') . (_DEBUG ? $ex->__toString() : ''), 'error');
}
return $result;
}
public static function getMyOrganisations($detail = FALSE)
{
if ($detail) {
return Groups::getGroups(_ORGANISATION_GROUP);
} else {
$user_id = $GLOBALS['user']->uid;
$table = tableName(_ORGANISATION_GROUP);
$orgids = db_query("SELECT o.org_id from {$table} as o " . "LEFT JOIN soc_user_membership as um on o.org_id = um.group_id " . "WHERE um.uid = {$user_id} AND um.type = :organisation", array(':organisation' => _ORGANISATION_GROUP))->fetchCol();
}
return $orgids;
}
function getLabelCodeInfo($lid)
{
return Yii::app()->db->createCommand()->select('code, title, sortorder, language, assessment_value')->order('language, sortorder, code')->where('lid=:lid')->from(tableName())->bindParam(":lid", $lid, PDO::PARAM_INT)->query()->readAll();
}
}
$my_id = Users::getMyId();
if ($project['state'] == 'draft' && !($project['mentor_id'] == $my_id || $project['owner_id'] == $my_id || Users::isAdmin() || Groups::isAssociate(_PROJECT_OBJ, $project_id))) {
jsonBadResult(t('You cannot view this proposal. It is in draft state.'));
return;
}
if (Users::isSuperVisor()) {
$project['rate'] = Project::getRating($project_id, $my_id);
} else {
$project['rate'] = -2;
if (Users::isStudent()) {
$table = tableName('student_favourite');
$favourite = db_select($table)->fields($table)->condition('pid', $project_id)->condition('uid', $my_id)->execute()->rowCount();
$project['favourite'] = $favourite != 0;
//Count the views of the students
$result = db_update(tableName('project'))->condition('pid', $project_id)->fields(array('views' => $project['views'] + 1))->execute();
}
}
jsonGoodResult($project);
} catch (Exception $e) {
jsonBadResult(t('Could not get details of project') . (_DEBUG ? $e->getMessage() : ""));
}
} else {
jsonBadResult(t("No valid project identifier submitted!"));
}
break;
case 'view':
$type = _PROJECT_OBJ;
$id = altSubValue($_POST, 'id');
$target = altSubValue($_POST, 'target', '');
$inline = getRequestVar('inline', FALSE);
$container = $is_modal ? 'admin_container' : 'our_content';
$before = 'toc';
$args = array('id' => $proposal_id, 'before' => $before, 'target' => $container, 'replace_target' => true);
$proposal_nr = Proposal::getInstance()->getProposalById($proposal_id);
if (!$proposal_nr) {
jsonBadResult(t('This proposal was already deleted!'), $args);
return;
}
$title = altPropertyValue($proposal_nr, 'title');
$state = altPropertyValue($proposal_nr, 'state');
if (!Groups::isOwner(_PROPOSAL_OBJ, $proposal_id)) {
jsonBadResult(t('You can only delete your own proposals!'), $args);
} elseif ($state == 'published') {
jsonBadResult(t('We could not remove your proposal: It has already been published.'), $args);
} else {
$num_deleted = db_delete(tableName(_PROPOSAL_OBJ))->condition(AbstractEntity::keyField(_PROPOSAL_OBJ), $proposal_id)->execute();
if ($num_deleted) {
// junk the proposal comments too
ThreadedComments::getInstance()->removethreadsForEntity($proposal_id, _PROPOSAL_OBJ);
$args['before'] = '';
jsonGoodResult(TRUE, tt('You have removed the proposal %1$s', $title), $args);
} else {
jsonBadResult(t('We could not remove your proposal'), $args);
}
}
} else {
jsonBadResult(t('No proposal identifier submitted!'), $args);
}
break;
case 'save_public':
// no break so that the request filters down to 'save'
static function updateAgreement($props)
{
if (!$props) {
drupal_set_message(t('Update requested with empty (filtered) data set'), 'error');
return false;
}
//echo var_dump($props);
$txn = db_transaction();
try {
$id = db_update(tableName(_AGREEMENT_OBJ))->fields($props)->condition(self::keyField(_AGREEMENT_OBJ), $props['agreement_id'])->execute();
if ($props['student_signed'] && $props['supervisor_signed'] && $props['mentor_signed']) {
$res = db_update(tableName(_PROJECT_OBJ))->fields(array('state' => 'active'))->condition(self::keyField(_PROJECT_OBJ), $props['project_id'])->execute();
}
return TRUE;
} catch (Exception $ex) {
$txn->rollback();
drupal_set_message(t('We could not update your agreement.') . (_DEBUG ? $ex->__toString() : ''), 'error');
}
return FALSE;
}
static function changeProject($props, $id)
{
if (!$props) {
drupal_set_message(t('Update requested with empty data set'));
return false;
}
if (isset($props['url']) && $props['url'] && stripos($props['url'], 'http') === FALSE) {
$props['url'] = 'http://' . $props['url'];
}
$key = self::keyField(_PROJECT_OBJ);
//Project::normaliseFormArrays($props);
$query = db_update(tableName(_PROJECT_OBJ))->condition($key, $id)->fields($props);
$res = $query->execute();
// the returned value from db_update is how many rows were updated rather than a boolean
// - however if the user submits the form without changing anything no rows are actually updated and
// zero is returned, which is not an error per se. so as a hack set this back to '1'
// until we find a better way of handling this
if ($res == 0) {
$res = 1;
}
return $res;
}
/**
* Updates the configuration in the database
*
* @param $name
* name of the config var
* @param $val
* new value of the config var
*/
function updateConfig($name, $val)
{
global $MYSQL_CONN;
$name = addslashes($name);
$val = trim(addslashes($val));
$query = 'UPDATE ' . tableName('nucleus_config') . " SET value = '{$val}'" . " WHERE name = '{$name}'";
sql_query($query, $MYSQL_CONN) or _doError(_ERROR26 . ': ' . sql_error($MYSQL_CONN));
return sql_insert_id($MYSQL_CONN);
}
static function updateProposal($props, $proposal_id)
{
if (!$props) {
drupal_set_message(t('Update requested with empty (filtered) data set'), 'error');
return false;
}
global $user;
$txn = db_transaction();
try {
$uid = Users::getMyId();
if (!Users::isOfType(_STUDENT_TYPE, $uid) && !Users::isAdmin()) {
drupal_set_message(t('You must be a student to submit a proposal'), 'error');
return FALSE;
}
//$project = Project::getProjectById($project_id);
// $student_details = Users::getStudentDetails($uid);
// $props['owner_id'] = $uid;
// $props['org_id'] = $project['org_id'];
// $props['inst_id'] = $student_details->inst_id ;
// $props['supervisor_id'] = $student_details->supervisor_id ;
//$props['pid'] = $project['pid'];
//$props['state'] = 'draft' ;
$id = db_update(tableName(_PROPOSAL_OBJ))->fields($props)->condition(self::keyField(_PROPOSAL_OBJ), $proposal_id)->execute();
// if ($id){
// //TODO: notify mentor???
// drupal_set_message('You have saved your proposal. Later you can edit it.');
// return TRUE;
// } else {
// drupal_set_message(tt('We could not add your %1$s.', $type), 'error');
// }
return TRUE;
} catch (Exception $ex) {
$txn->rollback();
drupal_set_message(t('We could not update your proposal.') . (_DEBUG ? $ex->__toString() : ''), 'error');
}
return FALSE;
}
static function addGroup($props, $type)
{
global $user;
if (!$props) {
drupal_set_message(t('Insert requested with empty (filtered) data set'), 'error');
return false;
}
$txn = db_transaction();
try {
$uid = $user->uid;
$props['owner_id'] = $uid;
if ($type == _ORGANISATION_GROUP) {
if (!isset($props['url'])) {
$props['url'] = '';
}
if (!isset($props['description'])) {
$props['description'] = '';
}
$subtype = _MENTOR_TYPE;
} else {
if ($type == _INSTITUTE_GROUP) {
$subtype = _SUPERVISOR_TYPE;
} else {
drupal_set_message(tt('This type of group cannot be added: %1$s', $type), 'error');
return false;
}
}
$id = db_insert(tableName($type))->fields($props)->execute();
if ($id) {
//Make current user creating this organisation, member
$result = db_insert('soc_user_membership')->fields(array('uid' => $uid, 'type' => $type, 'group_id' => $id))->execute();
if ($result) {
$insert = db_insert('soc_codes')->fields(array('type', 'code', 'entity_id', 'studentgroup_id'));
$insert->values(array('type' => $subtype, 'code' => createRandomCode($subtype, $id), 'entity_id' => $id, 'studentgroup_id' => 0));
$insert->values(array('type' => "{$type}_admin", 'code' => createRandomCode($type, $id), 'entity_id' => $id, 'studentgroup_id' => 0));
$result = $result && $insert->execute();
if (!$result) {
drupal_set_message(t('We could not add a code.'), 'error');
}
} else {
drupal_set_message(tt('We could not add you to this %1$s.', $type), 'error');
}
} else {
drupal_set_message(tt('We could not add your %1$s.', $type), 'error');
}
return $result ? $id : FALSE;
} catch (Exception $ex) {
$txn->rollback();
drupal_set_message(t('We could not add your group. ') . (_DEBUG ? $ex->__toString() : ''), 'error');
}
return FALSE;
}
module_load_include('php', 'vals_soc', 'includes/classes/ThreadedComments');
module_load_include('php', 'vals_soc', 'includes/classes/ThreadUIBuilder');
module_load_include('php', 'vals_soc', 'includes/classes/Project');
module_load_include('php', 'vals_soc', 'includes/classes/Proposal');
module_load_include('php', 'vals_soc', 'includes/classes/Institutes');
module_load_include('php', 'vals_soc', 'includes/classes/Organisations');
switch ($_GET['action']) {
case 'delete':
if (!Users::isAdmin()) {
echo errorDiv("You cannot delete comments");
} else {
$type = altSubValue($_POST, 'entity_type', '');
$id = altSubValue($_POST, 'id', '');
$entity_id = altSubValue($_POST, 'entity_id', '');
try {
$result = db_delete(tableName('comment'))->condition('id', $id);
} catch (Exception $e) {
echo "Error " . $e->getMessage();
}
echo $result ? successDiv(tt('You succesfully deleted your %1$s.', t('comment'))) : errorDiv(tt('We could not delete your %1%s.', t('comment')));
}
break;
case 'save':
global $user;
$type = altSubValue($_POST, 'entity_type', '');
$id = altSubValue($_POST, 'id', '');
$entity_id = altSubValue($_POST, 'entity_id', '');
$target = altSubValue($_POST, 'target', '');
$properties = ThreadedComments::getInstance()->filterPostLite(ThreadedComments::getInstance()->getKeylessFields(), $_POST);
$properties['author'] = $user->uid;
$result = ThreadedComments::getInstance()->addComment($properties);
function delHold($msi, $smarty, $user_id, $contact_id, $data_type, $id_field, $data_id, &$err_msg)
{
/* delete the hold_address, _phone, or _email rec */
$u_c = new ContactData($msi, $smarty, $user_id, $contact_id);
switch ($data_type) {
case a:
$da =& $uc->ad;
break;
case p:
$da =& $uc->ph;
break;
case e:
$da =& $uc->em;
break;
}
if (noChange($da)) {
/*$err_msg.= '<br />no changes left - deleting hold '.
"id field: $id_field, data_id: $data_id "; */
/*echo '<br />delete from '.tableName($data_type,'h').
" where contact_id=$contact_id and $id_field=$data_id";*/
$msi_error = false;
if (!$msi->real_query('delete from ' . tableName($data_type, 'h') . " where contact_id={$contact_id} and {$id_field}={$data_id}")) {
$err_msg .= "data type {$data_type} delete hold query failed: " . $msi->error . ' ';
$msi_error = true;
}
}
//echo '<pre>'.print_r($da,true).'</pre>';
unset($da, $u_c);
/* return NOT $msi_error, so delHold will return true on success */
return !$msi_error;
}
public static function getUsers($member_type, $group_type = '', $group_id = '', $id = '')
{
global $user;
$group_head = $user->uid;
//todo: find out whether current user is indeed head of the group
$group_type = $group_type ?: self::participationGroup($member_type);
if ($group_id == 'all') {
// updated to ensure we only retrieve users that belong to
// one of the logged in users 'soc_user_membership ' groups.
// For example, this was originally retrieving ALL mentors,
// inc ones not in any of the current users organisations
$group_ids = Users::isAdmin() ? null : db_query("SELECT group_id from soc_user_membership t" . " WHERE t.uid = {$group_head} AND t.type = '{$group_type}' ")->fetchCol();
if ($group_ids) {
//So we know which groups and of which type membertype should be member
$query = "SELECT DISTINCT u.*,n.name as fullname from users as u " . "left join users_roles as ur on u.uid = ur.uid " . "left join role as r on ur.rid = r.rid " . "left join soc_user_membership as um on u.uid = um.uid " . 'left join soc_names as n on u.uid=n.names_uid ' . "WHERE r.name = '{$member_type}' AND um.type = '{$group_type}' AND um.group_id IN (" . implode(',', $group_ids) . ")";
$members = db_query($query);
} else {
//So the admin cannot see who are subscribed???? Used to be : return NULL;
$query = "SELECT DISTINCT u.*,n.name as fullname from users as u " . "left join users_roles as ur on u.uid = ur.uid " . "left join role as r on ur.rid = r.rid " . "left join soc_user_membership as um on u.uid = um.uid " . 'left join soc_names as n on u.uid=n.names_uid ' . "WHERE r.name = '{$member_type}' AND um.type = '{$group_type}' ";
$members = db_query($query);
}
} else {
if ($id) {
$members = db_query("SELECT u.*,n.name as fullname from users as u " . 'left join soc_names as n on u.uid=n.names_uid ' . "WHERE u.uid = '{$id}'");
} else {
if ($group_id && $group_type) {
$group_ids = array($group_id);
} else {
if ($group_type) {
$key = self::keyField($group_type);
$table = tableName($group_type);
//get the organisation from the current user, assuming he/she is head of the organisation/group/etc
$group_ids = db_query("SELECT {$key} from {$table} t" . " WHERE t.owner_id = {$group_head} ")->fetchCol();
} else {
$group_ids = null;
}
}
if ($group_ids) {
//So we know which groups and of which type membertype should be member
$members = db_query("SELECT u.*,n.name as fullname from users as u " . "left join users_roles as ur on u.uid = ur.uid " . "left join role as r on ur.rid = r.rid " . "left join soc_user_membership as um on u.uid = um.uid " . 'left join soc_names as n on u.uid=n.names_uid ' . "WHERE r.name = '{$member_type}' AND um.type = '{$group_type}' AND um.group_id IN (" . implode(',', $group_ids) . ")");
} else {
return NULL;
}
}
}
return $members;
}