/**
* This function sends out a notification of the given type
* with the specified message.
*
* @param $type string A notification type guid
* @param $message string The message to send
* @param $persons (object)array The netId, method, and email address of a specific person(s) to receive the message
* usually the person to whom the message is referring (i.e. performance logs)
*/
function notify($type, $message, $persons = null)
{
global $areaGuid, $db;
// Find permission needed to receive notification
try {
$stmt = $db->prepare("SELECT * FROM notificationTypes WHERE guid=:guid");
$stmt->execute(array(':guid' => $type));
} catch (PDOException $e) {
exit("error in query");
}
$notType = $stmt->fetch();
// Get notifications url
$url = getEnv('NOTIFICATIONSURL');
// Get recipients
try {
$stmt = $db->prepare("SELECT notificationPreferences.*, employee.email FROM notificationPreferences JOIN employee\n\t\t\tON notificationPreferences.netId=employee.netID WHERE type=:type AND notificationPreferences.area=:area");
$stmt->execute(array(':type' => $type, ':area' => $areaGuid));
} catch (PDOException $e) {
exit("error in query");
}
// Make sure each recipient can recieve the notification
// If not, remove them from the list and delete that preference
$receivers = array();
if ($persons !== null) {
$receivers = $persons;
// If no permission is required, send to all
} else {
if ($notType->resource == null) {
while ($recipient = $stmt->fetch()) {
$receivers[] = (object) array("netId" => $recipient->netId, "method" => $recipient->method, "email" => $recipient->email);
}
// If user must be an admin to receive this notification
} else {
if ($notType->resource == "admin") {
while ($recipient = $stmt->fetch()) {
// Add to send list only if the user is an admin or can be superuser
if (isAdmin($recipient->netId, $areaGuid) || canBeSuperuser($recipient->netId)) {
$receivers[] = (object) array("netId" => $recipient->netId, "method" => $recipient->method, "email" => $recipient->email);
} else {
// User is not authorized to receive permission, remove entry from table
try {
$stmt2 = $db->prepare("DELETE FROM notificationPreferences WHERE netId=:netId AND type=:type AND area=:area");
$stmt2->execute(array(':netId' => $recipient->netId, ':type' => $type, ':area' => $areaGuid));
} catch (PDOException $e) {
exit("error in query");
}
}
}
// Normal permission check
} else {
while ($recipient = $stmt->fetch()) {
// Add to send list only if the user is an admin or can be superuser
if (can($notType->verb, $notType->resource, $recipient->netId) || canBeSuperuser($recipient->netId)) {
$receivers[] = (object) array("netId" => $recipient->netId, "method" => $recipient->method, "email" => $recipient->email);
} else {
// User is not authorized to receive permission, remove entry from table
try {
$stmt2 = $db->prepare("DELETE FROM notificationPreferences WHERE netId=:netId AND type=:type AND area=:area");
$stmt2->execute(array(':netId' => $recipient->netId, ':type' => $type, ':area' => $areaGuid));
} catch (PDOException $e) {
exit("error in query");
}
}
}
}
}
}
$guid = newGuid();
try {
$stmt3 = $db->prepare("INSERT INTO notifications (message, type, area, guid) VALUES (:message, :type, :area, :guid)");
$stmt3->execute(array(":message" => $message, ":type" => $type, ":area" => $areaGuid, ":guid" => $guid));
} catch (PDOException $e) {
exit("error in query");
}
if (count($receivers) > 0) {
sendAuthenticatedRequest("POST", "https://" . $url . "/notify", array("message" => $message, "receivers" => json_encode($receivers)));
foreach ($receivers as $receiver) {
if ($receiver->method == "onsite" || $receiver->method == "all") {
try {
$stmt4 = $db->prepare("INSERT INTO userNotifications (netId, notificationGuid) VALUES (:netId, :guid)");
$stmt4->execute(array(":netId" => $receiver->netId, ":guid" => $guid));
} catch (PDOException $e) {
}
// catch exceptions if they arise, but try to add as many as possible
}
}
}
}
?>
/includes/template/img/byu-logo-small.gif" alt="BYU Logo" /></a> <a href="http://it.byu.edu" id="parent">Office of Information Technology</a>
</div>
<a href="/" id="site-name"><?php
echo getAreaName();
?>
</a>
<div id="search-container">
<?php
if ($auth) {
?>
<?php
if (canBeSuperuser()) {
if (isSuperuser()) {
?>
<a id="superuserButton" onclick="stop('<?php
echo $netID;
?>
')" class="button">Stop Superuser</a>
<?php
} else {
?>
<a id="superuserButton" onclick="elevate('<?php
echo $netID;
?>
')" class="button">Elevate to Superuser</a>
<?php
}
