/** * The function that decides what to do and which page to view. * * @param $getvars an associative array, representing the GET variables * from the URL * @return void */ function controlHandler($getvars) { global $dao; //first authorize the user $ac = new AccessController($getvars); if (!$ac->isAuthorized()) { return; } //if authorized, move on to displaying the correct page switch ($getvars['vm_action']) { case 'process_add': global $dao; /* * First set up a Volunteer object to store all of the * POST data */ if ($_SESSION['logged_in'] && !$dao->isVolunteer($_SESSION['user_id'])) { $v = new Volunteer(); $v->info['ids'] = array(); $v->p_uuid = $_SESSION['user_id']; $shn_user = true; } else { if (isset($getvars['p_uuid'])) { $v = new Volunteer($getvars['p_uuid']); $shn_user = false; } else { $v = new Volunteer(); $v->info['ids'] = array(); $shn_user = false; } } $v->info['full_name'] = $getvars['full_name']; $v->info['ids'][$getvars['id_type']] = trim($getvars['serial']); $v->info['gender'] = $getvars['gender']; $v->info['dob'] = $getvars['dob']; $v->info['date_start'] = $getvars['start_date']; $v->info['date_end'] = $getvars['end_date']; $v->info['hour_start'] = $getvars['hrs_avail_start']; $v->info['hour_end'] = $getvars['hrs_avail_end']; $v->info['occupation'] = $getvars['occupation']; $v->info['affiliation'] = $getvars['affiliation']; $v->info['special_needs'] = $getvars['special_needs']; $v->info['locations'] = array(); shn_get_parents(shn_location_get_form_submit_loc(), $v->info['locations']); $v->info['contact'] = array(); // put every input that begins with 'contact_' into the contact array foreach ($getvars as $key => $value) { if (substr($key, 0, strlen('contact_')) == 'contact_') { $v->info['contact'][substr($key, strlen('contact_'))] = $value; } } $v->info['contact_prefer'] = $getvars['prefered_confirm_medium']; //add skills information $v_skills = array(); $skill_ids = $dao->getSkillIDs(); foreach ($skill_ids as $skill) { if ($getvars["SKILL_{$skill}"] == 'on') { $v_skills[] = $skill; } } $v->info['skills'] = $v_skills; //add Sahana account information if necessary if ($getvars['reg_account'] == 'true') { $v->info['account_info'] = array('account_name' => $getvars['full_name'], 'user_name' => $getvars['user_name'], 'pass' => $getvars['pass1']); $v->p_uuid = $getvars['existing_puuid']; } View::View($v); /* * Check to see if the POST data is valid and act accordingly */ if ($this->validateAddForm($getvars = array_merge($_REQUEST, $_FILES))) { $v->save($shn_user); // picture $p = $_FILES['picture']; if (!empty($p['tmp_name'])) { $pic = new VMPicture(); $pic->original = file_get_contents($p['tmp_name']); $pic->name = $p['name']; $pic->type = $p['type']; $pic->size = $p['size']; $pic->p_uuid = $v->p_uuid; if ($pic->resize()) { $pic->save(); } else { add_error(_("The image file is invalid, or is not of a supported type.")); } } add_confirmation(_('Changes saved.')); //if we just created a Sahana account, direct the user to log in if (!$_SESSION['logged_in']) { $this->displayPleaseLogin(); } else { $this->displayVolunteer($v->p_uuid); } } else { if (!empty($getvars['p_uuid'])) { $this->addVolunteer(new Volunteer($getvars['p_uuid'])); } else { $this->addVolunteer(); } } break; case 'display_add': View::View(); if ($dao->isVolunteer($_SESSION['user_id'])) { //if this user is a volunteer already, display the edit form $this->addVolunteer(new Volunteer($_SESSION['user_id'])); } else { //otherwise display the add form $this->addVolunteer(); } break; case 'display_edit': View::View(); $this->addVolunteer(new Volunteer($getvars['p_uuid'])); break; case 'display_confirm_delete': View::View(); $this->confirmDelete($getvars['p_uuid']); break; case 'display_change_pass': View::View(); $this->changePass($_SESSION['user_id']); break; case 'process_change_pass': global $global; require_once $global['approot'] . 'inc/lib_security/lib_auth.inc'; if ($this->validateChangePassForm($getvars = $_REQUEST)) { if (shn_change_password($getvars['p_uuid'], $getvars['cur_pass'], $getvars['pass1']) === true) { add_error(SHN_ERR_VM_PASSWORD_NOT_MATCH); $this->changePass($getvars['p_uuid']); } else { add_confirmation(_("Your Password has been updated")); } } else { $this->changePass($getvars['p_uuid']); } break; case 'process_delete': $v = new Volunteer(); $v->delete($getvars['p_uuid']); View::View(); $this->displayConfirmation('The requested user was deleted.'); $extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true); $this->listVolunteers($dao->getVolunteers(), $extra_opts); break; case 'display_list_all': View::View(); $extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true); $this->listVolunteers($dao->getVolunteers(), $extra_opts); $this->showPagingNavigation("index.php?mod=vm&act=volunteer&vm_action=display_list_all"); break; case 'display_list_assigned': View::View(); $extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true); $this->listVolunteers($dao->getVolunteers(null, VM_SHOW_ALL_VOLUNTEERS_ASSIGNED), $extra_opts); $this->showPagingNavigation("index.php?mod=vm&act=volunteer&vm_action=display_list_assigned"); break; case 'display_mailbox': View::View(new Volunteer($_SESSION['user_id'])); $this->displayMailbox($getvars['box']); break; case 'display_message': /* * Since we are passing $_SESSION['user_id'] as the p_uuid of the user here, * we can only view the message (i.e., the query will only succeed) if it belongs * to the current logged in user. Therefore, there is no need for extra access * control checks on displaying a message here. */ View::View(); $this->displayMessage($_SESSION['user_id'], $getvars['msg_id'], $getvars['box']); break; case 'process_delete_message': global $dao; $dao->deleteMessage($_SESSION['user_id'], $getvars['msg_id'], $getvars['box'] != 'outbox'); //add_confirmation('_(Message has been deleted')); View::View(new Volunteer($_SESSION['user_id'])); $this->displayMailbox($getvars['box']); break; case 'display_send_message': $this->displaySendMessageForm(); break; case 'process_send_message': global $dao; if ($this->validateSendMessageForm($getvars = $_REQUEST)) { $message = stripslashes($getvars['message']); $message = strtr($message, array("'" => "\\'")); //have to escape any single quotes otherwise querying won't work $dao->sendMessage($_SESSION['user_id'], $getvars['to'], $message); add_confirmation(_("Message Sent")); } else { $to_list = array(); $to = $getvars['to']; if (isset($to)) { foreach ($to as $person) { $to_list[$person] = $dao->getPersonName($person); } } $this->displaySendMessageForm($to_list); } break; case 'display_search': $advanced = $getvars['advanced'] == 'true'; $this->openSearchForm(); $this->displaySearchForm($advanced); break; case 'process_search': global $dao, $global; include_once $global['approot'] . 'mod/vm/lib/vm_validate.inc'; View::View(); //print_r($getvars); $vol_name = $getvars['vol_name']; //name to search by $vol_id = $getvars['vol_iden']; //Identification number to search by $loose = false; $soundslike = false; $start_date = $getvars['start_date']; //availability start $end_date = $getvars['end_date']; //availability end $skills_matching = $getvars['skills_matching'] == 'and_skills' ? VM_SKILLS_ALL : VM_SKILLS_ANY; //search for all or any of the skills present $unassigned = $getvars['unassigned'] == 'true'; //true to search for only unassigned volunteers $assigning = $getvars['assigning']; //true if we are using the search to assign volunteers $advanced = $getvars['advanced'] == 'true'; //true if we are using an advanced search $just_assigned_vol = $getvars['p_uuid'] != '' && $assigning; //true if we just assigned a volunteer to a project (nice to know if no results are found to not display an error) $date_constraint = $getvars['date_constraint'] == 'full_date'; //true if we must check for availability for the entire date range specified, false to check for any portion of the data range $positions = $getvars['positions']; if ($assigning) { $assigning_proj = $getvars['proj_id']; } else { $assigning_proj = null; } $location = ''; if (shn_vm_location_selected()) { $location = shn_location_get_form_submit_loc(); } $skills = array(); $skill_ids = $dao->getSkillIDs(); foreach ($skill_ids as $sk) { if ($getvars["SKILL_{$sk}"] == 'on') { $skills[] = $sk; } } //if we're not using the search results to do assigning, open the form here so that all of our paging navigation //will also be part of the form if (!$assigning) { $this->openSearchForm(); } //Validate the fields if ($this->validateSearchForm($getvars)) { //get the search results and display them $results = $dao->getVolSearchResults($vol_id, $vol_name, $skills, $skills_matching, $start_date, $end_date, $location, $date_constraint, $unassigned, $loose, $soundslike, $assigning_proj); $this->displaySearchResults($results, $assigning, $assigning_proj, $advanced, $just_assigned_vol, $positions); } if (!$assigning) { $this->displaySearchForm($advanced, false); } else { $this->displaySearchForm(true, true); } break; case 'display_single': $v = new Volunteer($getvars['p_uuid']); View::View($v); $this->displayVolunteer($getvars['p_uuid']); break; case 'process_remove_picture': $dao->deletePicture($dao->getPictureID($_GET['id'])); View::View(); if (empty($getvars['p_uuid'])) { $this->addVolunteer(); } else { $this->addVolunteer(new Volunteer($getvars['p_uuid'])); } break; case 'display_portal': View::View(new Volunteer($_SESSION['user_id'])); $this->displayPortal(); break; case 'display_report_all': View::View(); $this->displayVolunteerReport($dao->getVolunteersForReport()); break; case 'display_custom_report_select_for_mgrs': $this->displayCustomReportFilterForMgrs($dao->listProjects($_SESSION['user_id'], true, true)); break; case 'display_custom_report_select': View::View(); $projects = array('ALL_PROJECTS' => '(all)') + $dao->listProjects(null, false, true); $orgs = array('ALL_ORGS' => '(all)') + $dao->getOrganizations(true); $this->displayCustomReportFilter($projects, $orgs, $dao->getVolunteerNames(true)); break; case 'display_custom_report': View::View(); $extra_opts = array(); $proj_id = null; $org_id = null; $vols = array(); if (isset($getvars['proj_id']) && $getvars['proj_id'] != 'ALL_PROJECTS') { $proj_id = $getvars['proj_id']; $extra_opts['reportProjName'] = $dao->getProjectName($proj_id); } if (isset($getvars['org_id']) && $getvars['org_id'] != 'ALL_ORGS') { $org_id = $getvars['org_id']; $temp = $dao->getOrganizationInfo($org_id); $extra_opts['reportOrgName'] = $temp['name']; } if (!empty($getvars['vols']) && is_array($getvars['vols'])) { $extra_opts['reportingSpecificVolunteers'] = true; $vols = $getvars['vols']; } $this->displayVolunteerReport($dao->getVolunteersForReport($proj_id, $org_id, $vols), $extra_opts); break; case 'display_modify_skills': $this->displayModifySkills(); break; case 'process_add_skill': global $global; require_once $global['approot'] . 'mod/vm/lib/vm_validate.inc'; if (empty($getvars['skill_desc']) || empty($getvars['skill_code'])) { add_error(_('Please specify both a skill description and skill code')); } else { //validate skill code length if (strlen(trim($getvars['skill_code'])) < 4 || strlen(trim($getvars['skill_code'])) > 5) { add_error(_('Skill code should be 4 - 5 letters')); } else { $find = array("/ *" . VM_SKILLS_DELIMETER . " */", "/^ +/", "/ +\$/"); $replace = array("-", '', ''); $description = preg_replace($find, $replace, $getvars['skill_desc']); if (!$dao->addSkill($getvars['skill_code'], $description)) { add_error(_('The specified skill code already exists. Please choose another')); } else { add_confirmation("Skill '{$description}' added"); unset($_POST); } } } $this->displayModifySkills(); break; case 'process_remove_skill': if (!empty($_REQUEST['skills'])) { foreach ($_REQUEST['skills'] as $code) { $dao->removeSkill($code); add_confirmation("Deleted {$code}"); } } $this->displayModifySkills(); break; case 'display_approval_management': //currently only site manager approval is allowed, later credential approval will be added $this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR')); break; case 'process_approval_modifications': //currently only site manager approval is allowed, later credential approval will be added $dao->updateAbilityStatus($getvars['vol_id'], 'MGR', isset($getvars['approve'])); add_confirmation(_('Approval information has been updated')); $this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR')); break; case 'process_approval_upgrades': //currently only site manager approval is allowed, later credential approval will be added $dao->updateAbilityStatus($getvars['vol_id'], 'MGR', true); add_confirmation(_('Approval information has been updated')); $this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR')); break; case 'process_log_time': $start = strtotime($getvars['startDate'] . ' ' . $getvars['startTime']); if (empty($getvars['numHours'])) { $end = strtotime($getvars['endDate'] . ' ' . $getvars['endTime']); } else { $end = $start + $getvars['numHours'] * 60 * 60; } if (($e = validateShiftTimes($start, $end)) === VM_OK) { if ($dao->logShift($getvars['p_uuid'], $getvars['pos_id'], $start, $end)) { $this->displayConfirmation('Your time was logged successfully.'); $v = new Volunteer($getvars['p_uuid']); View::View($v); $this->displayVolunteer($getvars['p_uuid']); } else { add_error(_("There was a problem logging your time. Please go back and try again.")); } } else { add_error(_("Error logging time:") . $e); $this->showLogTime($getvars['p_uuid'], $getvars['pos_id']); } break; case 'review_hours': if (empty($getvars['proj_id'])) { $this->displaySelectReviewHours(); } else { $this->displayReviewHours($getvars['proj_id']); } break; case 'process_review_hours': $this->dao->reviewShift($getvars['shift_id'], $getvars['status']); $this->displayReviewHours($getvars['p_uuid'], $getvars['pos_id']); break; default: if ($_SESSION['logged_in']) { View::View(new Volunteer($_SESSION['user_id'])); $this->displayPortal(); } } }
/** * test deleting a Volunteer that does not exist * * @expectedException PDOException **/ public function testDeleteInvalidVolunteer() { // create a Volunteer and try to delete it without actually inserting it $volunteer = new Volunteer(null, $this->organization->getOrgId(), $this->VALID_EMAIL, $this->VALID_EMAIL_ACTIVATION, $this->VALID_FIRST_NAME, $this->VALID_HASH, $this->VALID_VOL_IS_ADMIN, $this->VALID_LAST_NAME, $this->VALID_PHONE, $this->VALID_SALT); $volunteer->delete($this->getPDO()); }