public function __construct() { parent::__construct(); $this->template->this_page = 'settings'; if (!admin::permissions($this->user, "manage")) { url::redirect(url::site() . 'admin/dashboard'); } }
function __construct() { parent::__construct(); $this->template->this_page = 'messages'; // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "messages_reporters")) { url::redirect(url::site() . 'admin/dashboard'); } }
function __construct() { parent::__construct(); $this->template->this_page = Kohana::lang('ui_admin.settings'); // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "settings")) { url::redirect(url::site() . 'admin/dashboard'); } }
public function __construct() { parent::__construct(); $this->template->this_page = 'DensityMap'; // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "manage")) { url::redirect(url::site() . 'admin/dashboard'); } }
function __construct() { parent::__construct(); $this->template->this_page = 'settings'; // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "settings")) { url::redirect(url::site() . 'admin/dashboard'); } $this->cache = Cache::instance(); }
function __construct() { parent::__construct(); $this->template->this_page = 'users'; // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "users")) { url::redirect(url::site() . 'admin/dashboard'); } $this->display_roles = admin::permissions($this->user, 'manage_roles'); }
function __construct() { parent::__construct(); $this->template->this_page = 'settings'; // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "manage")) { url::redirect(url::site() . 'admin/dashboard'); } $this->_registered_blocks = Kohana::config("settings.blocks"); }
/** * Export the reports to a CSV file * @param int $page */ function index() { // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "reports_download")) { url::redirect(url::site() . 'admin/dashboard'); } //export that data if ($_SERVER['REQUEST_METHOD'] == 'POST') { //get that table prefix $table_prefix = Kohana::config('database.default.table_prefix'); //get the IVR data from the database $sql = "SELECT incident_id, ivr_code, incident.incident_title as well_title, location.location_name as well_location, phone_number, well_working, time_received "; $sql .= "FROM " . $table_prefix . "ivrapi_data "; $sql .= "LEFT JOIN " . $table_prefix . "incident AS incident ON incident.id = ivrapi_data.incident_id "; $sql .= "LEFT JOIN " . $table_prefix . "location AS location ON incident.location_id = location.id "; $db = new Database(); $ivr_data = $db->query($sql); $ivr_csv = $this->_csv_text(Kohana::lang('ivr_api.ivr_code')); $ivr_csv .= ',' . $this->_csv_text(Kohana::lang('ivr_api.well_title')); $ivr_csv .= ',' . $this->_csv_text(Kohana::lang('ivr_api.well_location')); $ivr_csv .= ',' . $this->_csv_text(Kohana::lang('ivr_api.phone_number')); $ivr_csv .= ',' . $this->_csv_text(Kohana::lang('ivr_api.well_working')); $ivr_csv .= ',' . $this->_csv_text(Kohana::lang('ivr_api.time_received')); $ivr_csv .= "\n"; //now loop through the data foreach ($ivr_data as $data) { $ivr_csv .= '"="' . $this->_csv_text($data->ivr_code) . '""'; $ivr_csv .= ',' . $this->_csv_text($data->well_title); $ivr_csv .= ',' . $this->_csv_text($data->well_location); $ivr_csv .= ',"="' . $this->_csv_text($data->phone_number) . '""'; $ivr_csv .= ',' . $this->_csv_text($this->_code_numbers($data->well_working)); $ivr_csv .= ',' . $this->_csv_text($data->time_received); $ivr_csv .= "\n"; } // Output to browser header("Content-type: text/x-csv"); header("Cache-Control: must-revalidate, post-check=0, pre-check=0"); header("Content-Disposition: attachment; filename=IVR_export_" . date("Y-m-d_H.i.s") . ".csv"); header("Content-Length: " . strlen($ivr_csv)); echo $ivr_csv; exit; } // _POST if ($_SERVER['REQUEST_METHOD'] == 'GET') { $this->template->content = new View('ivr_api/ivrapiexport'); $this->template->content->title = Kohana::lang('ivr_api.export_ivr'); $this->template->content->form_error = false; } }
/** * add a comment */ function add_comment() { $output = array(); // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "reports_edit")) { $output['status'] = 'error'; $output['messages'] = array('error' => 'you don\'t have permissions to do this'); echo json_encode($output); exit; } //export that data if ($_SERVER['REQUEST_METHOD'] == 'POST') { // Instantiate Validation, use $post, so we don't overwrite $_POST fields with our own things $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); $post->add_rules('reporter_name', 'length[0,255]'); $post->add_rules('reporter_position', 'length[0,255]'); $post->add_rules('other_text', 'length[0,255]'); $post->add_rules('refered_to', 'length[0,255]'); $post->add_rules('refered_to_date', 'date_mmddyyyy'); $post->add_rules('entered_by', 'length[0,255]'); $post->add_rules('added_by_date', 'date_mmddyyyy'); if ($post->validate()) { $comment = ORM::factory('ivrapi_data_comments'); //get the data $comment->reporter_name = $post['reporter_name']; $comment->reporter_position = $post['reporter_position']; $comment->summary = $post['summary']; $comment->tech_hand_pump = $post['tech_hand_pump'] == 'true' ? 1 : 0; $comment->tech_other = $post['tech_other'] == 'true' ? 1 : 0; $comment->water_qual = $post['water_qual'] == 'true' ? 1 : 0; $comment->water_table = $post['water_table'] == 'true' ? 1 : 0; $comment->mechanic_awol = $post['mechanic_awol'] == 'true' ? 1 : 0; $comment->mechanic_no_fix = $post['mechanic_no_fix'] == 'true' ? 1 : 0; $comment->financial = $post['financial'] == 'true' ? 1 : 0; $comment->vandalism = $post['vandalism'] == 'true' ? 1 : 0; $comment->call_error = $post['call_error'] == 'true' ? 1 : 0; $comment->unknown = $post['unknown'] == 'true' ? 1 : 0; $comment->other = $post['other'] == 'true' ? 1 : 0; $comment->other_text = $post['other_text']; $comment->action_taken = $post['action_taken']; $comment->refered_to = $post['refered_to']; $comment->refered_to_date = date('Y-m-d G:i:s', strtotime($post['refered_to_date'])); $comment->entered_by = $post['entered_by']; $comment->added_on_date = date('Y-m-d G:i:s'); $comment->ivr_data_id = $post['ivr_data_id']; $comment->save(); $output['status'] = 'success'; $view = View::factory('ivr_api/ivr_view_comments'); $view->comment = $comment; //capture this into a variable; ob_start(); $view->render(TRUE); $output['html'] = ob_get_contents(); ob_end_clean(); echo json_encode($output); exit; } else { //send out the errors $output['status'] = 'error'; $errors = $post->errors(); $error_val = ""; $error_key = ""; foreach ($errors as $key => $val) { $error_val = $val; $error_key = $key; break; } //translate to more human readable if ($error_val == 'length') { $error_val = Kohana::lang('ivr_api.comment_field_length'); } $output['messages'] = Kohana::lang('ivr_api.comment_field') . ' "' . $error_key . '" ' . $error_val; echo json_encode($output); exit; } } }
* * Changelog: * 2012-04-27: MacKay - Initial release * * Developed by Etherton Technologies Ltd. */ ?> <?php //see if the user we're dealing with can see reports // If user doesn't have access, redirect to dashboard if (isset($_SESSION['auth_user'])) { $user = new User_Model($_SESSION['auth_user']->id); $user_view_reports = admin::permissions($user, "reports_view"); if (ORM::factory('enhancedmap_settings')->where('key', 'show_unapproved_frontend')->find()->value == 'true' and $user_view_reports) { ?> <!-- Show unapproved --> <ul id="<?php echo $status_filter_id; ?> " class="category-filters status-filters"> <strong><?php echo Kohana::lang('enhancedmap.status_filters'); ?> :</strong> <li> <a <?php if ($show_unapproved) {
public function upload() { // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "reports_upload")) { url::redirect(url::site() . 'admin/dashboard'); } if ($_SERVER['REQUEST_METHOD'] == 'GET') { $this->template->content = new View('admin/reports_upload'); $this->template->content->title = 'Upload Reports'; $this->template->content->form_error = false; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { $errors = array(); $notices = array(); if (!$_FILES['csvfile']['error']) { if (file_exists($_FILES['csvfile']['tmp_name'])) { if ($filehandle = fopen($_FILES['csvfile']['tmp_name'], 'r')) { $importer = new ReportsImporter(); if ($importer->import($filehandle)) { $this->template->content = new View('admin/reports_upload_success'); $this->template->content->title = 'Upload Reports'; $this->template->content->rowcount = $importer->totalrows; $this->template->content->imported = $importer->importedrows; $this->template->content->notices = $importer->notices; } else { $errors = $importer->errors; } } else { $errors[] = Kohana::lang('ui_admin.file_open_error'); } } else { $errors[] = Kohana::lang('ui_admin.file_not_found_upload'); } } else { $errors[] = $_FILES['csvfile']['error']; } if (count($errors)) { $this->template->content = new View('admin/reports_upload'); $this->template->content->title = Kohana::lang('ui_admin.upload_reports'); $this->template->content->errors = $errors; $this->template->content->form_error = 1; } } }
/** * Creates the view of the IVR history */ public function show_ivr_history() { //get the incident_id $id = Event::$data; //make sure it's a valid id if ($id == null || $id == "0" || $id == false) { return; } //get the IVR data that is associated with this incident $ivr_datas = ORM::factory('ivrapi_data')->where('incident_id', $id)->orderby('time_received', 'DESC')->find_all(); //get the comments that go along with this IVR data //start by getting the IDs of all the IVR items into a string $in_str = ""; $i = 0; foreach ($ivr_datas as $data) { $i++; if ($i > 1) { $in_str .= ','; } $in_str .= $data->id; } $comments = array(); if ($in_str != "") { //get the database prefix: $table_prefix = Kohana::config('database.default.table_prefix'); //make up some SQL $sql = 'SELECT * FROM ' . $table_prefix . 'ivrapi_data_comments as comments '; $sql .= 'WHERE ivr_data_id IN (' . $in_str . ') '; $sql .= 'ORDER BY ivr_data_id, added_on_date'; $db = new Database(); $query = $db->query($sql); //now put all of this into useful arrays foreach ($query as $comment) { if (!isset($comments[$comment->ivr_data_id])) { $comments[$comment->ivr_data_id] = array(); } $comments[$comment->ivr_data_id][] = $comment; } } //if there's no history, then bounce if (count($ivr_datas) == 0) { return; } $view = View::factory('ivr_api/ivr_view'); $view->can_comment = admin::permissions(new User_Model($_SESSION['auth_user']->id), "reports_edit"); $view->ivr_datas = $ivr_datas; $view->comments = $comments; $view->render(TRUE); }
/** * Lists the reports. * @param int $page */ function index($page = 1) { // If user doesn't have access, redirect to dashboard if (!admin::permissions($this->user, "reports_view")) { url::redirect(url::site() . 'admin/dashboard'); } $this->template->content = new View('adminmap/adminmap_reports'); $this->template->content->title = Kohana::lang('ui_admin.reports'); if (!empty($_GET['status'])) { $status = $_GET['status']; if (strtolower($status) == 'a') { $filter = 'incident.incident_active = 0'; } elseif (strtolower($status) == 'v') { $filter = 'incident.incident_verified = 0'; } else { $status = "0"; $filter = '1=1'; } } else { $status = "0"; $filter = "1=1"; } // check, has the form been submitted? $form_error = FALSE; $form_saved = FALSE; $form_action = ""; if ($_POST) { $post = Validation::factory($_POST); // Add some filters $post->pre_filter('trim', TRUE); // Add some rules, the input field, followed by a list of checks, carried out in order $post->add_rules('action', 'required', 'alpha', 'length[1,1]'); $post->add_rules('incident_id.*', 'required', 'numeric'); if ($post->validate()) { if ($post->action == 'a') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { if ($update->incident_active == 0) { $update->incident_active = '1'; } else { $update->incident_active = '0'; } // Tag this as a report that needs to be sent out as an alert if ($update->incident_alert_status != '2') { // 2 = report that has had an alert sent $update->incident_alert_status = '1'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '1'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_approve - Approve a Report Event::run('ushahidi_action.report_approve', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.approved')); } elseif ($post->action == 'u') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $update->incident_active = '0'; // If Alert hasn't been sent yet, disable it if ($update->incident_alert_status == '1') { $update->incident_alert_status = '0'; } $update->save(); $verify = new Verify_Model(); $verify->incident_id = $item; $verify->verified_status = '0'; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); // Action::report_unapprove - Unapprove a Report Event::run('ushahidi_action.report_unapprove', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.unapproved')); } elseif ($post->action == 'v') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); $verify = new Verify_Model(); if ($update->loaded == true) { if ($update->incident_verified == '1') { $update->incident_verified = '0'; $verify->verified_status = '0'; } else { $update->incident_verified = '1'; $verify->verified_status = '2'; } $update->save(); $verify->incident_id = $item; $verify->user_id = $_SESSION['auth_user']->id; // Record 'Verified By' Action $verify->verified_date = date("Y-m-d H:i:s", time()); $verify->save(); } } $form_action = "VERIFIED"; } elseif ($post->action == 'd') { foreach ($post->incident_id as $item) { $update = new Incident_Model($item); if ($update->loaded == true) { $incident_id = $update->id; $location_id = $update->location_id; $update->delete(); // Delete Location ORM::factory('location')->where('id', $location_id)->delete_all(); // Delete Categories ORM::factory('incident_category')->where('incident_id', $incident_id)->delete_all(); // Delete Translations ORM::factory('incident_lang')->where('incident_id', $incident_id)->delete_all(); // Delete Photos From Directory foreach (ORM::factory('media')->where('incident_id', $incident_id)->where('media_type', 1) as $photo) { deletePhoto($photo->id); } // Delete Media ORM::factory('media')->where('incident_id', $incident_id)->delete_all(); // Delete Sender ORM::factory('incident_person')->where('incident_id', $incident_id)->delete_all(); // Delete relationship to SMS message $updatemessage = ORM::factory('message')->where('incident_id', $incident_id)->find(); if ($updatemessage->loaded == true) { $updatemessage->incident_id = 0; $updatemessage->save(); } // Delete Comments ORM::factory('comment')->where('incident_id', $incident_id)->delete_all(); // Action::report_delete - Deleted a Report Event::run('ushahidi_action.report_delete', $update); } } $form_action = strtoupper(Kohana::lang('ui_admin.deleted')); } $form_saved = TRUE; } else { $form_error = TRUE; } } $db = new Database(); // Category ID $category_ids = array(); if (isset($_GET['c']) and !empty($_GET['c'])) { $category_ids = explode(",", $_GET['c']); //get rid of that trailing "," } else { $category_ids = array("0"); } // logical operator $logical_operator = "or"; if (isset($_GET['lo']) and !empty($_GET['lo'])) { $logical_operator = $_GET['lo']; } $show_unapproved = "3"; //1 show only approved, 2 show only unapproved, 3 show all //figure out if we're showing unapproved stuff or what. if (isset($_GET['u']) and !empty($_GET['u'])) { $show_unapproved = (int) $_GET['u']; } $approved_text = ""; if ($show_unapproved == 1) { $approved_text = "incident.incident_active = 1 "; } else { if ($show_unapproved == 2) { $approved_text = "incident.incident_active = 0 "; } else { if ($show_unapproved == 3) { $approved_text = " (incident.incident_active = 0 OR incident.incident_active = 1) "; } } } // Start Date $start_date = (isset($_GET['s']) and !empty($_GET['s'])) ? (int) $_GET['s'] : "0"; // End Date $end_date = (isset($_GET['e']) and !empty($_GET['e'])) ? (int) $_GET['e'] : "0"; $filter .= $start_date ? " AND incident.incident_date >= '" . date("Y-m-d H:i:s", $start_date) . "'" : ""; $filter .= $end_date ? " AND incident.incident_date <= '" . date("Y-m-d H:i:s", $end_date) . "'" : ""; $location_where = ""; // Break apart location variables, if necessary $southwest = array(); if (isset($_GET['sw'])) { $southwest = explode(",", $_GET['sw']); } $northeast = array(); if (isset($_GET['ne'])) { $northeast = explode(",", $_GET['ne']); } if (count($southwest) == 2 and count($northeast) == 2) { $lon_min = (double) $southwest[0]; $lon_max = (double) $northeast[0]; $lat_min = (double) $southwest[1]; $lat_max = (double) $northeast[1]; $location_where = ' AND (location.latitude >=' . $lat_min . ' AND location.latitude <=' . $lat_max . ' AND location.longitude >=' . $lon_min . ' AND location.longitude <=' . $lon_max . ') '; } $reports_count = adminmap_reports::get_reports_count($category_ids, $approved_text, $location_where . " AND " . $filter, $logical_operator); // Pagination $pagination = new Pagination(array('query_string' => 'page', 'items_per_page' => (int) Kohana::config('settings.items_per_page'), 'total_items' => $reports_count)); $incidents = adminmap_reports::get_reports($category_ids, $approved_text, $location_where . " AND " . $filter, $logical_operator, "incident.incident_date", "asc", (int) Kohana::config('settings.items_per_page_admin'), $pagination->sql_offset); //GET countries $countries = array(); foreach (ORM::factory('country')->orderby('country')->find_all() as $country) { // Create a list of all categories $this_country = $country->country; if (strlen($this_country) > 35) { $this_country = substr($this_country, 0, 35) . "..."; } $countries[$country->id] = $this_country; } $this->template->content->countries = $countries; $this->template->content->incidents = $incidents; $this->template->content->pagination = $pagination; $this->template->content->form_error = $form_error; $this->template->content->form_saved = $form_saved; $this->template->content->form_action = $form_action; // Total Reports $this->template->content->total_items = $pagination->total_items; // Status Tab $this->template->content->status = $status; // Javascript Header $this->template->js = new View('admin/reports_js'); }
/** * Function: _add_all_reports_filter * * Description: This function adds a flag that'll cause the incident::get_incidents to show all reports. * Called as a result of the following event(s): ushahidi_filter.fetch_incidents_set_params * * Views: * * Results: sneaks a fast one in and bypasses Ushahidi's attempt to hide unapproved reports */ public function _add_all_reports_filter() { //check if we're on the backend or not $on_backend = $this->_on_back_end(); //see if the user we're dealing with can see reports // If user doesn't have access, redirect to dashboard if (isset($_SESSION['auth_user'])) { $user = new User_Model($_SESSION['auth_user']->id); $user_view_reports = admin::permissions($user, "reports_view"); } else { $user_view_reports = false; } $params = Event::$data; //also check and see if we want to show maybe, online approved, or only unapproved, you never know. //but check against the settings first if (ORM::factory('enhancedmap_settings')->where('key', 'show_unapproved_backend')->find()->value == 'true' and $on_backend or ORM::factory('enhancedmap_settings')->where('key', 'show_unapproved_frontend')->find()->value == 'true' and !$on_backend and $user_view_reports) { if (isset($_GET['u']) and intval($_GET['u']) > 0) { $params["all_reports"] = TRUE; $show_unapproved = intval($_GET['u']); if ($show_unapproved == '1') { array_push($params, '(i.incident_active = 1)'); } else { if ($show_unapproved == '2') { array_push($params, '(i.incident_active = 0)'); } } } } //only show hidden cats if the user is on the backend if ($on_backend and ORM::factory('enhancedmap_settings')->where('key', 'show_hidden_categories_backend')->find()->value == 'true') { //also make it so you can see any categories, not just the visible ones $i = null; $found_it = false; foreach ($params as $key => $value) { if (!is_array($value) and strcmp($value, 'c.category_visible = 1') == 0) { $found_it = true; $i = $key; break; } } if ($found_it) { unset($params[$i]); } } Event::$data = $params; }