コード例 #1
0
ファイル: reports.php プロジェクト: rindou240/Ushahidi_Web
    /**
    * Lists the reports.
    * @param int $page
    */
    function index($page = 1)
    {
        // If user doesn't have access, redirect to dashboard
        if ( ! admin::permissions($this->user, "reports_view"))
        {
            url::redirect(url::site().'admin/dashboard');
        }

        $this->template->content = new View('admin/reports');
        $this->template->content->title = Kohana::lang('ui_admin.reports');

		$r_from = "";
		if( isset($_GET['from']) )
		{
			$r_from = $this->input->xss_clean($_GET['from']);
		}
		$r_to = "";
		if( isset($_GET['to']) )
		{
			$r_to = $this->input->xss_clean($_GET['to']);
		}

		$filter_range = "";
		if( isset($r_from) && empty($r_to) )
		{
			$filter_range = "incident_date between \"".date("Y-m-d",strtotime($r_from))." 00:00:00\" and \"".date("Y-m-d")." 23:59:00\"";
		} elseif( isset($r_from) && isset($r_to) )
		{
			$filter_range = "incident_date between \"".date("Y-m-d",strtotime($r_from))." 00:00:00\" and \"".date("Y-m-d",strtotime($r_to))." 23:59:00\"";
		} elseif( empty($r_from) && isset($r_to) )
		{
			$filter_range = "incident_date between \"".date("Y-m-d",1)." 00:00:00\" and \"".date("Y-m-d",strtotime($r_to))." 23:59:00\"";
		}

		$filter = '';

		$status = "0";
		$filter_status = '';
        if (!empty($_GET['status']))
        {
			$status = strtolower($_GET['status']);
            if ($status == 'a')
            {
                $filter_status = 'incident_active = 0';
            }
            elseif ($status == 'v')
            {
                $filter_status = 'incident_verified = 0';
            }
			else
			{
				$status = "0";
				$filter_status = '';
			}
        }

		$filter_via = '';
		$via = "";
		if(!empty($_GET['via']))
		{
			$tmp_via = intval($this->input->xss_clean($_GET['via']));
			if ($tmp_via != 0)
			{
				$filter_via = 'incident_mode = '.$tmp_via;
			}
			$via = $tmp_via;
		}

        // Get Search Keywords (If Any)
		$filter_kw = '';
        if (isset($_GET['k']))
        {
            //  Brute force input sanitization
            
            // Phase 1 - Strip the search string of all non-word characters 
            $keyword_raw = preg_replace('/[^\w+]\w*/', '', $_GET['k']);
            
            // Strip any HTML tags that may have been missed in Phase 1
            $keyword_raw = strip_tags($keyword_raw);
            
            // Phase 3 - Invoke Kohana's XSS cleaning mechanism just incase an outlier wasn't caught
            // in the first 2 steps
            $keyword_raw = $this->input->xss_clean($keyword_raw);

			$filter_kw = "(".$this->_get_searchstring($keyword_raw).")";
        }

		// filter string build.
        $filter = $filter_status;
        $filter .= ((!empty($filter))? ((!empty($filter_via))? (" AND ".$filter_via):""):$filter_via);
        $filter .= ((!empty($filter))? ((!empty($filter_kw))? (" AND ".$filter_kw):""):$filter_kw);
        $filter .= ((!empty($filter))? ((!empty($filter_range))? (" AND ".$filter_range):""):$filter_range);
		if (empty($filter))
		{
			$filter = "1=1";
		}
        // check, has the form been submitted?
        $form_error = FALSE;
        $form_saved = FALSE;
        $form_action = "";
        
        if ($_POST)
        {
            $post = Validation::factory($_POST);

             //  Add some filters
            $post->pre_filter('trim', TRUE);

            // Add some rules, the input field, followed by a list of checks, carried out in order
            $post->add_rules('action','required', 'alpha', 'length[1,1]');
            $post->add_rules('incident_id.*','required','numeric');

            if ($post->validate())
            {
                if ($post->action == 'a')       // Approve Action
                {
                    foreach($post->incident_id as $item)
                    {
                        $update = new Incident_Model($item);
                        if ($update->loaded == true) 
                        {
                            if( $update->incident_active == 0 ) 
                            {
                                $update->incident_active = '1';
                            } 
                            else {
                                $update->incident_active = '0';
                            }

                            // Tag this as a report that needs to be sent out as an alert
                            if ($update->incident_alert_status != '2')
                            { // 2 = report that has had an alert sent
                                $update->incident_alert_status = '1';
                            }

                            $update->save();

                            $verify = new Verify_Model();
                            $verify->incident_id = $item;
                            $verify->verified_status = '1';
                            $verify->user_id = $_SESSION['auth_user']->id;          // Record 'Verified By' Action
                            $verify->verified_date = date("Y-m-d H:i:s",time());
                            $verify->save();

                            // Action::report_approve - Approve a Report
                            Event::run('ushahidi_action.report_approve', $update);
                        }
                    }
                    $form_action = strtoupper(Kohana::lang('ui_admin.approved'));
                }
                elseif ($post->action == 'u')   // Unapprove Action
                {
                    foreach($post->incident_id as $item)
                    {
                        $update = new Incident_Model($item);
                        if ($update->loaded == true) {
                            $update->incident_active = '0';

                            // If Alert hasn't been sent yet, disable it
                            if ($update->incident_alert_status == '1')
                            {
                                $update->incident_alert_status = '0';
                            }

                            $update->save();

                            $verify = new Verify_Model();
                            $verify->incident_id = $item;
                            $verify->verified_status = '0';
                            $verify->user_id = $_SESSION['auth_user']->id;          // Record 'Verified By' Action
                            $verify->verified_date = date("Y-m-d H:i:s",time());
                            $verify->save();

                            // Action::report_unapprove - Unapprove a Report
                            Event::run('ushahidi_action.report_unapprove', $update);
                        }
                    }
                    $form_action = strtoupper(Kohana::lang('ui_admin.unapproved'));
                }
                elseif ($post->action == 'v')   // Verify Action
                {
                    foreach($post->incident_id as $item)
                    {
                        $update = new Incident_Model($item);
                        $verify = new Verify_Model();
                        if ($update->loaded == true) {
                            if ($update->incident_verified == '1')
                            {
                                $update->incident_verified = '0';
                                $verify->verified_status = '0';
                            }
                            else {
                                $update->incident_verified = '1';
                                $verify->verified_status = '2';
                            }
                            $update->save();

                            $verify->incident_id = $item;
                            $verify->user_id = $_SESSION['auth_user']->id;          // Record 'Verified By' Action
                            $verify->verified_date = date("Y-m-d H:i:s",time());
                            $verify->save();
                        }
                    }
                    $form_action = "VERIFIED";
                }
                elseif ($post->action == 'd')   //Delete Action
                {
                    foreach($post->incident_id as $item)
                    {
                        $update = new Incident_Model($item);
                        if ($update->loaded == true)
                        {
                            $incident_id = $update->id;
                            $location_id = $update->location_id;
                            $update->delete();

                            // Delete Location
                            ORM::factory('location')->where('id',$location_id)->delete_all();

                            // Delete Categories
                            ORM::factory('incident_category')->where('incident_id',$incident_id)->delete_all();

                            // Delete Translations
                            ORM::factory('incident_lang')->where('incident_id',$incident_id)->delete_all();

                            // Delete Photos From Directory
                            foreach (ORM::factory('media')->where('incident_id',$incident_id)->where('media_type', 1) as $photo) {
                                deletePhoto($photo->id);
                            }

                            // Delete Media
                            ORM::factory('media')->where('incident_id',$incident_id)->delete_all();

                            // Delete Sender
                            ORM::factory('incident_person')->where('incident_id',$incident_id)->delete_all();

                            // Delete relationship to SMS message
                            $updatemessage = ORM::factory('message')->where('incident_id',$incident_id)->find();
                            if ($updatemessage->loaded == true) {
                                $updatemessage->incident_id = 0;
                                $updatemessage->save();
                            }

                            // Delete Comments
                            ORM::factory('comment')->where('incident_id',$incident_id)->delete_all();

                            // Action::report_delete - Deleted a Report
                            Event::run('ushahidi_action.report_delete', $update);
                        }
                    }
                    $form_action = strtoupper(Kohana::lang('ui_admin.deleted'));
                }
                $form_saved = TRUE;
            }
            else
            {
                $form_error = TRUE;
            }

        }

		$order = 0;
		$order_string = "desc";
		if( isset($_GET['order']) )
		{
			$order = intval($_GET['order']);
			if ( $order == 0 )
			{
				$order_string = "desc";
			} elseif ( $order == 1 ) {
				$order_string = "asc";
			} else {
				$order = 0;
				$order_string = "desc";
			}
		}

        // Pagination
        $pagination = new Pagination(array(
            'query_string'   => 'page',
            'items_per_page' => (int) Kohana::config('settings.items_per_page_admin'),
            'total_items'    => ORM::factory('incident')
				->join('location', 'incident.location_id', 'location.id','INNER')
				->where($filter)
				->count_all()
            ));
		$incidents = Incident_Model::get_incident_reports($filter,$order_string,$pagination->sql_offset);
        $location_ids = array();
        foreach ($incidents as $incident)
        {
            $location_ids[] = $incident->location_id;
        }
        foreach ($incidents as $incident)
        {
            $incident_ids[] = $incident->id;
        }
        //add_param_get
        $filter = " incident_id IN (".implode(',',$incident_ids).")";
        $incident_persons = Incident_Model::get_incident_persons($filter);
        $incident_messages = Incident_Model::get_incident_messages($filter);
		$incident_incident_langs = Incident_Model::get_incident_incident_langs($filter);
		$incident_incident_categories = Incident_Model::get_incident_incident_categories($filter);
        
        //check if location_ids is not empty
        if( count($location_ids ) > 0 ) 
        {
            $locations_result = ORM::factory('location')->in('id',implode(',',$location_ids))->find_all();
            $locations = array();
            foreach ($locations_result as $loc)
            {
                $locations[$loc->id] = $loc->location_name;
            }
        }
        else
        {
            $locations = array();
        }

        $this->template->content->locations = $locations;

        //GET countries
        $countries = array();
        foreach (ORM::factory('country')->orderby('country')->find_all() as $country)
        {
            // Create a list of all categories
            $this_country = $country->country;
            if (strlen($this_country) > 35)
            {
                $this_country = substr($this_country, 0, 35) . "...";
            }
            $countries[$country->id] = $this_country;
        }

		$this->template->content->from = $r_from;
		$this->template->content->to = $r_to;
		$this->template->content->order = $order;
		$this->template->content->filter = $filter_range;
        $this->template->content->countries = $countries;
        $this->template->content->incidents = $incidents;
        $this->template->content->pagination = $pagination;
        $this->template->content->form_error = $form_error;
        $this->template->content->form_saved = $form_saved;
		// ORM分離
        $this->template->content->incident_persons = $incident_persons;
        $this->template->content->incident_messages = $incident_messages;
        $this->template->content->incident_incident_langs = $incident_incident_langs;
        $this->template->content->incident_incident_categories = $incident_incident_categories;
        // Total Reports
        $this->template->content->total_items = $pagination->total_items;

		// via
		$this->template->content->via = $via;

        // Status Tab
        $this->template->content->status = $status;

        // Javascript Header
        $this->template->js = new View('admin/reports_js');
    }