/**
* Get a form, allowing modules to alter it.
*/
function crm_get_form()
{
if (func_num_args() < 1) {
return array();
}
$args = func_get_args();
$form_id = array_shift($args);
$hook = "{$form_id}_form";
// Build initial form
if (!function_exists($hook)) {
error_register("No such hook: {$hook}");
return array();
}
$form = call_user_func_array($hook, $args);
if (empty($form)) {
return $form;
}
// Allow modules to alter the form
foreach (module_list() as $module) {
$hook = $module . '_form_alter';
if (function_exists($hook)) {
$form = $hook($form, $form_id);
if (empty($form)) {
error_register('Empty form returned by ' . $hook);
}
}
}
return $form;
}
/**
* Get an array of data structures from the database, and allow all modules
* to extend them. This function will call hook_data() to get the data and
* hook_data_alter() to allow modules to alter the data.
* @param $type The type of data.
* @param $opts An associative array of options.
* @return An array of data structures.
*/
function crm_get_data($type, $opts = array())
{
// Get the base data
$hook = "{$type}_data";
if (!function_exists($hook)) {
error_register('No such data type: ' . $type);
die;
}
$data = call_user_func($hook, $opts);
if (!empty($data)) {
// Let other modules extend the data
foreach (module_list() as $module) {
// Make sure module is really installed
$rev_hook = "{$module}_revision";
$hook = "{$module}_data_alter";
if (function_exists($hook)) {
if (module_get_schema_revision($module) != call_user_func($rev_hook)) {
error_register("Database schema needs to be upgraded for module {$module}.");
continue;
}
$data = call_user_func($hook, $type, $data, $opts);
// Make sure the hook actually returned data
if (is_null($data)) {
error_register('Hook returned null: ' . $hook);
}
}
}
}
return $data;
}
/**
* Get a table, allowing modules to alter it.
* @param $table_id The name of the table.
* @param $opts Associative array of options.
*/
function crm_get_table($table_id, $opts = array())
{
// Get base table
$table = call_user_func("{$table_id}_table", $opts);
// Allow modules to alter the table
foreach (module_list() as $module) {
$hook = $module . '_table_alter';
if (function_exists($hook)) {
$table = call_user_func($hook, $table, $table_id, $opts);
if (is_null($table)) {
error_register('Null table returned by ' . $hook);
}
}
}
return $table;
}
/**
* @return The form structure for adding a member.
*/
function member_add_form()
{
// Ensure user is allowed to add members
if (!user_access('member_add')) {
error_register('Permission denied: member_add');
return NULL;
}
// Start with contact form
$form = crm_get_form('contact');
// Generate default start date, first of current month
$start = date("Y-m-d");
// Change form command
$form['command'] = 'member_add';
// Add member data
$form['fields'][] = array('type' => 'fieldset', 'label' => 'User Info', 'fields' => array(array('type' => 'text', 'label' => 'Username', 'name' => 'username')));
$form['fields'][] = array('type' => 'fieldset', 'label' => 'Membership Info', 'fields' => array(array('type' => 'select', 'label' => 'Plan', 'name' => 'pid', 'selected' => '', 'options' => member_plan_options(array('filter' => array('active' => true)))), array('type' => 'text', 'label' => 'Start Date', 'name' => 'start', 'value' => $start, 'class' => 'date')));
return $form;
}
/**
* Process a command and redirect.
* @param $command The name of the command to process
* @return The url to redirect to.
*/
function command($command)
{
// Initialize url and parameters
$url = '';
$params = array();
// Call legacy handler if it exists
$handler = "command_{$command}";
if (function_exists($handler)) {
$res = call_user_func($handler);
// Split result into file and params
$parts = explode('?', $res);
$url = $parts[0];
if (sizeof($parts) > 0) {
$clauses = explode('&', $parts[1]);
foreach ($clauses as $clause) {
$keyvalue = explode('=', $clause);
if (sizeof($keyvalue) > 1) {
$params[$keyvalue[0]] = $keyvalue[1];
}
}
}
}
// Call the handler for each module if it exists
foreach (module_list() as $module) {
$handler = "{$module}_command";
if (function_exists($handler)) {
$handler($command, $url, $params);
}
}
// Error if the url is still empty
if (empty($url)) {
error_register('No such command: ' . $command);
$url = crm_url();
}
$url .= '?';
$parts = array();
foreach ($params as $key => $value) {
$parts[] = $key . '=' . $value;
}
return $url . implode('&', $parts);
}
/**
* Handle secret delete request.
*
* @return The url to display on completion.
*/
function command_secrets_delete()
{
global $esc_post;
// Verify permissions
if (!user_access('secrets_delete')) {
error_register('Permission denied: secrets_delete');
return crm_url('secrets');
}
secrets_delete($_POST);
return crm_url('secrets');
}
/**
* Handle key delete request.
*
* @return The url to display on completion.
*/
function command_key_delete()
{
global $esc_post;
// Verify permissions
if (!user_access('key_delete')) {
error_register('Permission denied: key_delete');
return crm_url('key&kid=' . $esc_post['kid']);
}
key_delete($_POST);
return crm_url('members');
}
/**
* Handle plan import request.
*
* @return The url to display on completion.
*/
function command_member_plan_import()
{
if (!user_access('member_plan_edit')) {
error_register('User does not have permission: member_plan_edit');
return crm_url('members');
}
if (!array_key_exists('plan-file', $_FILES)) {
error_register('No plan file uploaded');
return crm_url('plans&tab=import');
}
$csv = file_get_contents($_FILES['plan-file']['tmp_name']);
$data = csv_parse($csv);
foreach ($data as $row) {
// Convert row keys to lowercase and remove spaces
foreach ($row as $key => $value) {
$new_key = str_replace(' ', '', strtolower($key));
unset($row[$key]);
$row[$new_key] = $value;
}
// Add plan
$name = mysql_real_escape_string($row['planname']);
$price = mysql_real_escape_string($row['price']);
$active = mysql_real_escape_string($row['active']);
$voting = mysql_real_escape_string($row['voting']);
$sql = "\n INSERT INTO `plan`\n (`name`,`price`,`active`,`voting`)\n VALUES\n ('{$name}','{$price}','{$active}','{$voting}')";
$res = mysql_query($sql);
if (!$res) {
crm_error(mysql_error());
}
$pid = mysql_insert_id();
}
return crm_url('plans');
}
/**
* Handle mentor delete request.
*
* @return The url to display on completion.
*/
function command_mentor_delete()
{
global $esc_post;
// Verify permissions
if (!user_access('mentor_delete')) {
error_register('Permission denied: mentor_delete');
return crm_url('');
}
// Query database
$sql = "\r\n DELETE FROM `mentor`\r\n WHERE `cid`='{$esc_post['cid']}' AND `mentor_cid`='{$esc_post['mentor_cid']}'";
$res = mysql_query($sql);
if (!$res) {
die(mysql_error());
}
return crm_url('members');
}
/**
* Handle user permissions update request.
*
* @return The url to display on completion.
*/
function command_user_permissions_update()
{
global $esc_post;
// Check permissions
if (!user_access('user_edit')) {
error_register('Current user does not have permission: user_edit');
return crm_url('permissions');
}
// Check status of each permission for each role
$perms = user_permissions_list();
$roles = user_role_data();
foreach ($perms as $perm) {
$esc_perm = mysql_real_escape_string($perm);
foreach ($roles as $role) {
$key = "{$perm}-{$role['name']}";
$esc_rid = mysql_real_escape_string($role['rid']);
if ($_POST[$key]) {
// Ensure the role has this permission
$sql = "\n SELECT * FROM `role_permission`\n WHERE `rid`='{$esc_rid}' AND `permission`='{$esc_perm}'\n ";
$res = mysql_query($sql);
if (!$res) {
die(mysql_error());
}
if (mysql_numrows($res) === 0) {
$sql = "\n INSERT INTO `role_permission`\n (`rid`, `permission`)\n VALUES\n ('{$esc_rid}', '{$esc_perm}')\n ";
}
$res = mysql_query($sql);
if (!$res) {
die(mysql_error());
}
} else {
// Delete the permission for this role
$sql = "\n DELETE FROM `role_permission`\n WHERE `rid`='{$esc_rid}' AND `permission`='{$esc_perm}'\n ";
$res = mysql_query($sql);
if (!$res) {
die(mysql_error());
}
}
}
}
return crm_url('permissions');
}
/**
* Return themed html for an amazon payment button.
* @param $cid The cid to create a button for.
* @param $params Options for the button.
* @return A string containing the themed html.
*/
function theme_amazon_payment_button($cid, $params = array())
{
global $config_amazon_payment_access_key_id;
global $config_amazon_payment_secret;
global $config_host;
if (empty($config_amazon_payment_access_key_id)) {
error_register('Missing Amazon Access Key ID');
return '';
}
if (empty($config_amazon_payment_secret)) {
error_register('Missing Amazon Secret Key');
return '';
}
$defaults = array('immediateReturn' => '0', 'collectShippingAddress' => '0', 'referenceId' => 'YourReferenceId', 'amount' => 'USD 1.1', 'cobrandingStyle' => 'logo', 'description' => 'Test Widget', 'ipnUrl' => 'http://' . $config_host . base_path() . 'modules/amazon_payment/ipn.php', 'returnUrl' => 'http://' . $config_host . crm_url('contact', array('query' => array('cid' => $cid, 'tab' => 'account'))), 'processImmediate' => '1', 'cobrandingStyle' => 'logo', 'abandonUrl' => 'http://' . $config_host . crm_url('contact', array('query' => array('cid' => $cid, 'tab' => 'account'))));
// Use defaults for parameters not specified
foreach ($defaults as $key => $value) {
if (!isset($params[$key])) {
$params[$key] = $value;
}
}
// Always use AWS Signatures v2 with SHA256 HMAC
// http://docs.aws.amazon.com/general/latest/gr/signature-version-2.html
$params['accessKey'] = $config_amazon_payment_access_key_id;
$params['signatureVersion'] = '2';
$params['signatureMethod'] = 'HmacSHA256';
$host = 'authorize.payments.amazon.com';
$path = '/pba/paypipeline';
$params['signature'] = amazon_payment_signature($params, $host, $path, 'POST');
$html = <<<EOF
<form action ="https://authorize.payments.amazon.com/pba/paypipeline" method="POST"/>
<input type="image" src="https://authorize.payments.amazon.com/pba/images/SLPayNowWithLogo.png" border="0"/>
<input type="hidden" name="accessKey" value="{$params['accessKey']}"/>
<input type="hidden" name="amount" value="{$params['amount']}"/>
<input type="hidden" name="collectShippingAddress" value="{$params['collectShippingAddress']}"/>
<input type="hidden" name="description" value="{$params['description']}"/>
<input type="hidden" name="signatureMethod" value="{$params['signatureMethod']}"/>
<input type="hidden" name="referenceId" value="{$params['referenceId']}"/>
<input type="hidden" name="immediateReturn" value="{$params['immediateReturn']}"/>
<input type="hidden" name="returnUrl" value="{$params['returnUrl']}"/>
<input type="hidden" name="abandonUrl" value="{$params['abandonUrl']}"/>
<input type="hidden" name="processImmediate" value="{$params['processImmediate']}"/>
<input type="hidden" name="ipnUrl" value="{$params['ipnUrl']}"/>
<input type="hidden" name="cobrandingStyle" value="{$params['cobrandingStyle']}"/>
<input type="hidden" name="signatureVersion" value="{$params['signatureVersion']}"/>
<input type="hidden" name="signature" value="{$params['signature']}"/>
</form>
EOF;
return $html;
}
/**
* Upgrade all configured modules.
*/
function module_upgrade()
{
// Make sure core is installed
if (!module_core_installed()) {
error_register('Please run the install script');
return false;
}
foreach (module_list() as $module) {
// Get current schema and code revisions
$old_revision = module_get_schema_revision($module);
$new_revision = module_get_code_revision($module);
// Upgrade the module to the current revision
$installer = $module . '_install';
if (function_exists($installer)) {
call_user_func($installer, $old_revision);
}
// Update the revision number in the database
module_set_schema_revision($module, $new_revision);
}
return true;
}
/**
* Handle payment edit request.
*
* @return The url to display on completion.
*/
function command_payment_edit()
{
// Verify permissions
if (!user_access('payment_edit')) {
error_register('Permission denied: payment_edit');
return crm_url('payments');
}
// Parse and save payment
$payment = $_POST;
$value = payment_parse_currency($_POST['value'], $_POST['code']);
$payment['code'] = $value['code'];
$payment['value'] = $value['value'];
payment_save($payment);
message_register('1 payment updated.');
return crm_url('payments');
}
/**
* Handle paypal payment import request.
*
* @return The url to display on completion.
*/
function command_paypal_payment_import()
{
if (!user_access('payment_edit')) {
error_register('User does not have permission: payment_edit');
return crm_url('payments');
}
if (!array_key_exists('payment-file', $_FILES)) {
error_register('No payment file uploaded');
return crm_url('payments&tab=import');
}
$csv = file_get_contents($_FILES['payment-file']['tmp_name']);
$data = csv_parse($csv);
$count = 0;
foreach ($data as $row) {
// Skip transactions that have already been imported
$payment_opts = array('filter' => array('confirmation' => $row['Transaction ID']));
$data = payment_data($payment_opts);
if (count($data) > 0) {
continue;
}
// Parse value
$value = payment_parse_currency($row['Gross']);
// Create payment object
$payment = array('date' => date('Y-m-d', strtotime($row['Date'])), 'code' => $value['code'], 'value' => $value['value'], 'description' => $row['Name'] . ' Paypal Payment', 'method' => 'paypal', 'confirmation' => $row['Transaction ID'], 'notes' => $row['Item Title'], 'paypal_email' => $row['From Email Address']);
// Check if the paypal email is linked to a contact
$opts = array('filter' => array('paypal_email' => $row['From Email Address']));
$contact_data = paypal_payment_contact_data($opts);
if (count($contact_data) > 0) {
$payment['credit_cid'] = $contact_data[0]['cid'];
}
// Save the payment
$payment = payment_save($payment);
$count++;
}
message_register("Successfully imported {$count} payment(s)");
return crm_url('payments');
}
/**
* Page hook. Adds contact module content to a page before it is rendered.
*
* @param &$page_data Reference to data about the page being rendered.
* @param $page_name The name of the page being rendered.
*/
function contact_page(&$page_data, $page_name)
{
switch ($page_name) {
case 'contacts':
// Set page title
page_set_title($page_data, 'Contacts');
// Add view tab
if (user_access('contact_view')) {
$opts = array('show_export' => true, 'exclude' => array('emergencyName', 'emergencyPhone'));
$view = theme('table', 'contact', $opts);
page_add_content_top($page_data, $view, 'View');
}
// Add add tab
if (user_access('contact_add')) {
page_add_content_top($page_data, theme('form', crm_get_form('contact')), 'Add');
}
break;
case 'contact':
// Capture contact id
$cid = $_GET['cid'];
if (empty($cid)) {
return;
}
if (!user_access('contact_view') && $cid !== user_id()) {
error_register('Permission denied: contact_view');
return;
}
$contact_data = crm_get_data('contact', array('cid' => $cid));
$contact = $contact_data[0];
// Set page title
page_set_title($page_data, theme('contact_name', $contact));
// Add view tab
$view_content = '';
if (user_access('contact_view')) {
$view_content .= '<h3>Contact Info</h3>';
$opts = array('cid' => $cid, 'ops' => false);
$view_content .= theme('table_vertical', 'contact', array('cid' => $cid));
}
if (!empty($view_content)) {
page_add_content_top($page_data, $view_content, 'View');
}
// Add edit tab
if (user_access('contact_edit') || $cid == user_id()) {
$opts = array('cid' => $cid);
$form = crm_get_form('contact', $opts);
page_add_content_top($page_data, theme('form', $form), 'Edit');
}
break;
}
}
