<?php /* CONTACTS $Id: view.php 6200 2013-01-15 06:24:08Z ajdonnison $ */ if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } $contact_id = intval(dPgetParam($_GET, 'contact_id', 0)); $AppUI->savePlace(); // load the record data $msg = ''; $row = new CContact(); $canDelete = $row->canDelete($msg, $contact_id); // Don't allow to delete contacts, that have a user associated to them. $q = new DBQuery(); $q->addTable('users'); $q->addQuery('user_id'); $q->addWhere('user_contact = ' . $contact_id); $sql = $q->prepare(); $q->clear(); $tmp_user = db_loadResult($sql); if (!empty($tmp_user)) { $canDelete = false; } $canEdit = getPermission($m, 'edit', $contact_id); if (!$row->load($contact_id) && $contact_id > 0) { $AppUI->setMsg('Contact'); $AppUI->setMsg('invalidID', UI_MSG_ERROR, true); $AppUI->redirect(); } else { if ($row->contact_private && $row->contact_owner != $AppUI->user_id && $row->contact_owner && $contact_id != 0) { $AppUI->redirect('m=public&a=access_denied');
die('You should not access this file directly.'); } $contact_id = (int) w2PgetParam($_GET, 'contact_id', 0); //check permissions for this record $perms =& $AppUI->acl(); $canRead = $perms->checkModuleItem($m, 'view', $contact_id); if (!$canRead) { $AppUI->redirect('m=public&a=access_denied'); } $tab = $AppUI->processIntState('ContactVwTab', $_GET, 'tab', 0); $df = $AppUI->getPref('SHDATEFORMAT'); $df .= ' ' . $AppUI->getPref('TIMEFORMAT'); // load the record data $msg = ''; $contact = new CContact(); $canDelete = $contact->canDelete($msg, $contact_id); $is_user = $contact->isUser($contact_id); $canEdit = $perms->checkModuleItem($m, 'edit', $contact_id); if (!$contact->load($contact_id) && $contact_id > 0) { $AppUI->setMsg('Contact'); $AppUI->setMsg('invalidID', UI_MSG_ERROR, true); $AppUI->redirect(); } elseif ($contact->contact_private && $contact->contact_owner != $AppUI->user_id && $contact->contact_owner && $contact_id != 0) { // check only owner can edit $AppUI->redirect('m=public&a=access_denied'); } $countries = w2PgetSysVal('GlobalCountries'); // Get the contact details for company and department $company_detail = $contact->getCompanyDetails(); $dept_detail = $contact->getDepartmentDetails(); // Get the Contact info (phone, emails, etc) for the contact
<?php if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } // @todo convert to template $object_id = (int) w2PgetParam($_GET, 'contact_id', 0); $company_id = (int) w2PgetParam($_GET, 'company_id', 0); $dept_id = (int) w2PgetParam($_GET, 'dept_id', 0); $object = new CContact(); $object->setId($object_id); $canAddEdit = $object->canAddEdit(); $canAuthor = $object->canCreate(); $canEdit = $object->canEdit(); $canDelete = $object->canDelete(); if (!$canAddEdit) { $AppUI->redirect(ACCESS_DENIED); } // load the record data $obj = $AppUI->restoreObject(); if ($obj) { $object = $obj; $object_id = $object->getId(); } else { $object->load($object_id); } if (!$object && $object_id > 0) { $AppUI->setMsg('Contact'); $AppUI->setMsg('invalidID', UI_MSG_ERROR, true); $AppUI->redirect('m=' . $m); }
<?php if (!defined('W2P_BASE_DIR')) { die('You should not access this file directly.'); } $contact_id = (int) w2PgetParam($_GET, 'contact_id', 0); $tab = $AppUI->processIntState('ContactVwTab', $_GET, 'tab', 0); $contact = new CContact(); if (!$contact->load($contact_id)) { $AppUI->redirect(ACCESS_DENIED); } $canEdit = $contact->canEdit(); $canDelete = $contact->canDelete(); $is_user = $contact->isUser($contact_id); // Get the contact details for company and department $company_detail = $contact->getCompanyDetails(); $dept_detail = $contact->getDepartmentDetails(); // Get the Contact info (phone, emails, etc) for the contact $methods = $contact->getContactMethods(); $methodLabels = w2PgetSysVal('ContactMethods'); // setup the title block $ttl = 'View Contact'; $titleBlock = new w2p_Theme_TitleBlock($ttl, 'icon.png', $m); $titleBlock->addCrumb('?m=contacts', 'contacts list'); if ($canEdit) { $titleBlock->addCrumb('?m=contacts&a=addedit&contact_id=' . $contact_id, 'edit this contact'); } if ($contact->user_id) { $titleBlock->addCrumb('?m=users&a=view&user_id=' . $contact->user_id, 'view this user'); } if ($canDelete) {
public function testCanDelete() { $this->obj->bind($this->post_data); $result = $this->obj->store($AppUI); $cantDelete = $this->obj->canDelete('error', true); $this->assertFalse($cantDelete); $contact = new CContact(); $contact->bind($this->post_data); $contact->contact_first_name = 'Firstname3'; $contact->contact_last_name = 'Lastname3'; $contact->contact_display_name = ''; $result = $contact->store($AppUI); $canDeleteUser = $contact->canDelete('error'); $this->assertTrue($canDeleteUser); }