/**
* The function that decides what to do and which page to view.
*
* @param $getvars an associative array, representing the GET variables
* from the URL
* @return void
*/
function controlHandler($getvars)
{
global $dao;
//first authorize the user
$ac = new AccessController($getvars);
if (!$ac->isAuthorized()) {
return;
}
//if authorized, move on to displaying the correct page
switch ($getvars['vm_action']) {
case 'process_add':
global $dao;
/*
* First set up a Volunteer object to store all of the
* POST data
*/
if ($_SESSION['logged_in'] && !$dao->isVolunteer($_SESSION['user_id'])) {
$v = new Volunteer();
$v->info['ids'] = array();
$v->p_uuid = $_SESSION['user_id'];
$shn_user = true;
} else {
if (isset($getvars['p_uuid'])) {
$v = new Volunteer($getvars['p_uuid']);
$shn_user = false;
} else {
$v = new Volunteer();
$v->info['ids'] = array();
$shn_user = false;
}
}
$v->info['full_name'] = $getvars['full_name'];
$v->info['ids'][$getvars['id_type']] = trim($getvars['serial']);
$v->info['gender'] = $getvars['gender'];
$v->info['dob'] = $getvars['dob'];
$v->info['date_start'] = $getvars['start_date'];
$v->info['date_end'] = $getvars['end_date'];
$v->info['hour_start'] = $getvars['hrs_avail_start'];
$v->info['hour_end'] = $getvars['hrs_avail_end'];
$v->info['occupation'] = $getvars['occupation'];
$v->info['affiliation'] = $getvars['affiliation'];
$v->info['special_needs'] = $getvars['special_needs'];
$v->info['locations'] = array();
shn_get_parents(shn_location_get_form_submit_loc(), $v->info['locations']);
$v->info['contact'] = array();
// put every input that begins with 'contact_' into the contact array
foreach ($getvars as $key => $value) {
if (substr($key, 0, strlen('contact_')) == 'contact_') {
$v->info['contact'][substr($key, strlen('contact_'))] = $value;
}
}
$v->info['contact_prefer'] = $getvars['prefered_confirm_medium'];
//add skills information
$v_skills = array();
$skill_ids = $dao->getSkillIDs();
foreach ($skill_ids as $skill) {
if ($getvars["SKILL_{$skill}"] == 'on') {
$v_skills[] = $skill;
}
}
$v->info['skills'] = $v_skills;
//add Sahana account information if necessary
if ($getvars['reg_account'] == 'true') {
$v->info['account_info'] = array('account_name' => $getvars['full_name'], 'user_name' => $getvars['user_name'], 'pass' => $getvars['pass1']);
$v->p_uuid = $getvars['existing_puuid'];
}
View::View($v);
/*
* Check to see if the POST data is valid and act accordingly
*/
if ($this->validateAddForm($getvars = array_merge($_REQUEST, $_FILES))) {
$v->save($shn_user);
// picture
$p = $_FILES['picture'];
if (!empty($p['tmp_name'])) {
$pic = new VMPicture();
$pic->original = file_get_contents($p['tmp_name']);
$pic->name = $p['name'];
$pic->type = $p['type'];
$pic->size = $p['size'];
$pic->p_uuid = $v->p_uuid;
if ($pic->resize()) {
$pic->save();
} else {
add_error(_("The image file is invalid, or is not of a supported type."));
}
}
add_confirmation(_('Changes saved.'));
//if we just created a Sahana account, direct the user to log in
if (!$_SESSION['logged_in']) {
$this->displayPleaseLogin();
} else {
$this->displayVolunteer($v->p_uuid);
}
} else {
if (!empty($getvars['p_uuid'])) {
$this->addVolunteer(new Volunteer($getvars['p_uuid']));
} else {
$this->addVolunteer();
}
}
break;
case 'display_add':
View::View();
if ($dao->isVolunteer($_SESSION['user_id'])) {
//if this user is a volunteer already, display the edit form
$this->addVolunteer(new Volunteer($_SESSION['user_id']));
} else {
//otherwise display the add form
$this->addVolunteer();
}
break;
case 'display_edit':
View::View();
$this->addVolunteer(new Volunteer($getvars['p_uuid']));
break;
case 'display_confirm_delete':
View::View();
$this->confirmDelete($getvars['p_uuid']);
break;
case 'display_change_pass':
View::View();
$this->changePass($_SESSION['user_id']);
break;
case 'process_change_pass':
global $global;
require_once $global['approot'] . 'inc/lib_security/lib_auth.inc';
if ($this->validateChangePassForm($getvars = $_REQUEST)) {
if (shn_change_password($getvars['p_uuid'], $getvars['cur_pass'], $getvars['pass1']) === true) {
add_error(SHN_ERR_VM_PASSWORD_NOT_MATCH);
$this->changePass($getvars['p_uuid']);
} else {
add_confirmation(_("Your Password has been updated"));
}
} else {
$this->changePass($getvars['p_uuid']);
}
break;
case 'process_delete':
$v = new Volunteer();
$v->delete($getvars['p_uuid']);
View::View();
$this->displayConfirmation('The requested user was deleted.');
$extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true);
$this->listVolunteers($dao->getVolunteers(), $extra_opts);
break;
case 'display_list_all':
View::View();
$extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true);
$this->listVolunteers($dao->getVolunteers(), $extra_opts);
$this->showPagingNavigation("index.php?mod=vm&act=volunteer&vm_action=display_list_all");
break;
case 'display_list_assigned':
View::View();
$extra_opts = array('showPictures' => true, 'showAvailability' => true, 'showLocation' => true, 'showStatus' => true, 'showAffiliation' => true);
$this->listVolunteers($dao->getVolunteers(null, VM_SHOW_ALL_VOLUNTEERS_ASSIGNED), $extra_opts);
$this->showPagingNavigation("index.php?mod=vm&act=volunteer&vm_action=display_list_assigned");
break;
case 'display_mailbox':
View::View(new Volunteer($_SESSION['user_id']));
$this->displayMailbox($getvars['box']);
break;
case 'display_message':
/*
* Since we are passing $_SESSION['user_id'] as the p_uuid of the user here,
* we can only view the message (i.e., the query will only succeed) if it belongs
* to the current logged in user. Therefore, there is no need for extra access
* control checks on displaying a message here.
*/
View::View();
$this->displayMessage($_SESSION['user_id'], $getvars['msg_id'], $getvars['box']);
break;
case 'process_delete_message':
global $dao;
$dao->deleteMessage($_SESSION['user_id'], $getvars['msg_id'], $getvars['box'] != 'outbox');
//add_confirmation('_(Message has been deleted'));
View::View(new Volunteer($_SESSION['user_id']));
$this->displayMailbox($getvars['box']);
break;
case 'display_send_message':
$this->displaySendMessageForm();
break;
case 'process_send_message':
global $dao;
if ($this->validateSendMessageForm($getvars = $_REQUEST)) {
$message = stripslashes($getvars['message']);
$message = strtr($message, array("'" => "\\'"));
//have to escape any single quotes otherwise querying won't work
$dao->sendMessage($_SESSION['user_id'], $getvars['to'], $message);
add_confirmation(_("Message Sent"));
} else {
$to_list = array();
$to = $getvars['to'];
if (isset($to)) {
foreach ($to as $person) {
$to_list[$person] = $dao->getPersonName($person);
}
}
$this->displaySendMessageForm($to_list);
}
break;
case 'display_search':
$advanced = $getvars['advanced'] == 'true';
$this->openSearchForm();
$this->displaySearchForm($advanced);
break;
case 'process_search':
global $dao, $global;
include_once $global['approot'] . 'mod/vm/lib/vm_validate.inc';
View::View();
//print_r($getvars);
$vol_name = $getvars['vol_name'];
//name to search by
$vol_id = $getvars['vol_iden'];
//Identification number to search by
$loose = false;
$soundslike = false;
$start_date = $getvars['start_date'];
//availability start
$end_date = $getvars['end_date'];
//availability end
$skills_matching = $getvars['skills_matching'] == 'and_skills' ? VM_SKILLS_ALL : VM_SKILLS_ANY;
//search for all or any of the skills present
$unassigned = $getvars['unassigned'] == 'true';
//true to search for only unassigned volunteers
$assigning = $getvars['assigning'];
//true if we are using the search to assign volunteers
$advanced = $getvars['advanced'] == 'true';
//true if we are using an advanced search
$just_assigned_vol = $getvars['p_uuid'] != '' && $assigning;
//true if we just assigned a volunteer to a project (nice to know if no results are found to not display an error)
$date_constraint = $getvars['date_constraint'] == 'full_date';
//true if we must check for availability for the entire date range specified, false to check for any portion of the data range
$positions = $getvars['positions'];
if ($assigning) {
$assigning_proj = $getvars['proj_id'];
} else {
$assigning_proj = null;
}
$location = '';
if (shn_vm_location_selected()) {
$location = shn_location_get_form_submit_loc();
}
$skills = array();
$skill_ids = $dao->getSkillIDs();
foreach ($skill_ids as $sk) {
if ($getvars["SKILL_{$sk}"] == 'on') {
$skills[] = $sk;
}
}
//if we're not using the search results to do assigning, open the form here so that all of our paging navigation
//will also be part of the form
if (!$assigning) {
$this->openSearchForm();
}
//Validate the fields
if ($this->validateSearchForm($getvars)) {
//get the search results and display them
$results = $dao->getVolSearchResults($vol_id, $vol_name, $skills, $skills_matching, $start_date, $end_date, $location, $date_constraint, $unassigned, $loose, $soundslike, $assigning_proj);
$this->displaySearchResults($results, $assigning, $assigning_proj, $advanced, $just_assigned_vol, $positions);
}
if (!$assigning) {
$this->displaySearchForm($advanced, false);
} else {
$this->displaySearchForm(true, true);
}
break;
case 'display_single':
$v = new Volunteer($getvars['p_uuid']);
View::View($v);
$this->displayVolunteer($getvars['p_uuid']);
break;
case 'process_remove_picture':
$dao->deletePicture($dao->getPictureID($_GET['id']));
View::View();
if (empty($getvars['p_uuid'])) {
$this->addVolunteer();
} else {
$this->addVolunteer(new Volunteer($getvars['p_uuid']));
}
break;
case 'display_portal':
View::View(new Volunteer($_SESSION['user_id']));
$this->displayPortal();
break;
case 'display_report_all':
View::View();
$this->displayVolunteerReport($dao->getVolunteersForReport());
break;
case 'display_custom_report_select_for_mgrs':
$this->displayCustomReportFilterForMgrs($dao->listProjects($_SESSION['user_id'], true, true));
break;
case 'display_custom_report_select':
View::View();
$projects = array('ALL_PROJECTS' => '(all)') + $dao->listProjects(null, false, true);
$orgs = array('ALL_ORGS' => '(all)') + $dao->getOrganizations(true);
$this->displayCustomReportFilter($projects, $orgs, $dao->getVolunteerNames(true));
break;
case 'display_custom_report':
View::View();
$extra_opts = array();
$proj_id = null;
$org_id = null;
$vols = array();
if (isset($getvars['proj_id']) && $getvars['proj_id'] != 'ALL_PROJECTS') {
$proj_id = $getvars['proj_id'];
$extra_opts['reportProjName'] = $dao->getProjectName($proj_id);
}
if (isset($getvars['org_id']) && $getvars['org_id'] != 'ALL_ORGS') {
$org_id = $getvars['org_id'];
$temp = $dao->getOrganizationInfo($org_id);
$extra_opts['reportOrgName'] = $temp['name'];
}
if (!empty($getvars['vols']) && is_array($getvars['vols'])) {
$extra_opts['reportingSpecificVolunteers'] = true;
$vols = $getvars['vols'];
}
$this->displayVolunteerReport($dao->getVolunteersForReport($proj_id, $org_id, $vols), $extra_opts);
break;
case 'display_modify_skills':
$this->displayModifySkills();
break;
case 'process_add_skill':
global $global;
require_once $global['approot'] . 'mod/vm/lib/vm_validate.inc';
if (empty($getvars['skill_desc']) || empty($getvars['skill_code'])) {
add_error(_('Please specify both a skill description and skill code'));
} else {
//validate skill code length
if (strlen(trim($getvars['skill_code'])) < 4 || strlen(trim($getvars['skill_code'])) > 5) {
add_error(_('Skill code should be 4 - 5 letters'));
} else {
$find = array("/ *" . VM_SKILLS_DELIMETER . " */", "/^ +/", "/ +\$/");
$replace = array("-", '', '');
$description = preg_replace($find, $replace, $getvars['skill_desc']);
if (!$dao->addSkill($getvars['skill_code'], $description)) {
add_error(_('The specified skill code already exists. Please choose another'));
} else {
add_confirmation("Skill '{$description}' added");
unset($_POST);
}
}
}
$this->displayModifySkills();
break;
case 'process_remove_skill':
if (!empty($_REQUEST['skills'])) {
foreach ($_REQUEST['skills'] as $code) {
$dao->removeSkill($code);
add_confirmation("Deleted {$code}");
}
}
$this->displayModifySkills();
break;
case 'display_approval_management':
//currently only site manager approval is allowed, later credential approval will be added
$this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR'));
break;
case 'process_approval_modifications':
//currently only site manager approval is allowed, later credential approval will be added
$dao->updateAbilityStatus($getvars['vol_id'], 'MGR', isset($getvars['approve']));
add_confirmation(_('Approval information has been updated'));
$this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR'));
break;
case 'process_approval_upgrades':
//currently only site manager approval is allowed, later credential approval will be added
$dao->updateAbilityStatus($getvars['vol_id'], 'MGR', true);
add_confirmation(_('Approval information has been updated'));
$this->displayApprovalForm($dao->getVolunteerNames(), $dao->getVolunteersByAbility('MGR'));
break;
case 'process_log_time':
$start = strtotime($getvars['startDate'] . ' ' . $getvars['startTime']);
if (empty($getvars['numHours'])) {
$end = strtotime($getvars['endDate'] . ' ' . $getvars['endTime']);
} else {
$end = $start + $getvars['numHours'] * 60 * 60;
}
if (($e = validateShiftTimes($start, $end)) === VM_OK) {
if ($dao->logShift($getvars['p_uuid'], $getvars['pos_id'], $start, $end)) {
$this->displayConfirmation('Your time was logged successfully.');
$v = new Volunteer($getvars['p_uuid']);
View::View($v);
$this->displayVolunteer($getvars['p_uuid']);
} else {
add_error(_("There was a problem logging your time. Please go back and try again."));
}
} else {
add_error(_("Error logging time:") . $e);
$this->showLogTime($getvars['p_uuid'], $getvars['pos_id']);
}
break;
case 'review_hours':
if (empty($getvars['proj_id'])) {
$this->displaySelectReviewHours();
} else {
$this->displayReviewHours($getvars['proj_id']);
}
break;
case 'process_review_hours':
$this->dao->reviewShift($getvars['shift_id'], $getvars['status']);
$this->displayReviewHours($getvars['p_uuid'], $getvars['pos_id']);
break;
default:
if ($_SESSION['logged_in']) {
View::View(new Volunteer($_SESSION['user_id']));
$this->displayPortal();
}
}
}
/**
* The function that decides what to do and which page to view.
*
* @param $getvars an associative array, representing the GET variables
* from the URL
* @return void
*/
function controlHandler($getvars)
{
global $dao, $global;
include_once $global['approot'] . 'inc/lib_location.inc';
//first authorize the user
$ac = new AccessController($getvars);
if (!$ac->isAuthorized()) {
return;
}
// temporary, to support older 'action' instead of 'vm_action'
$vm_action = $getvars['vm_action'] ? $getvars['vm_action'] : $getvars['action'];
switch ($vm_action) {
case 'display_single':
$p = new Project($getvars['proj_id']);
$this->displayProject($p);
break;
case 'display_add':
$this->addProject();
break;
case 'display_edit':
$this->addProject(new Project($getvars['proj_id']));
break;
case 'display_closure_edit':
if ($dao->isSiteManagerForProject($_SESSION['user_id'], $getvars['proj_id'])) {
if (!empty($_POST)) {
$dao->saveClosureReport($getvars['proj_id'], $_POST);
$this->displayConfirmation(_('Changes Saved.'));
echo '<script type="text/javascript">';
echo 'setTimeout(\'location.href="?mod=vm&act=project&vm_action=display_closure_report&proj_id=' . $getvars['proj_id'] . '"\',1500);';
echo '</script>';
} else {
$this->editClosure($getvars['proj_id']);
}
}
break;
case 'display_closure_report':
$this->viewClosure($getvars['proj_id']);
break;
case 'display_closure_reports':
$this->listClosureReports();
$this->showPagingNavigation("index.php?mod=vm&act=project&vm_action=display_closure_reports");
break;
case 'process_add':
$p = new Project($getvars['proj_id']);
$p->info['name'] = $getvars['name'];
$p->info['description'] = $getvars['description'];
$p->info['start_date'] = $getvars['start_date'];
$p->info['end_date'] = $getvars['end_date'];
$p->info['mgr_id'] = $getvars['manager'];
$p->info['locations'] = array();
shn_get_parents(shn_location_get_form_submit_loc(), $p->info['locations']);
if ($this->validateAddForm($getvars)) {
$p->save();
$this->displayConfirmation(_('Changes Saved.'));
$this->displayProject($p);
} else {
$this->addProject();
}
break;
case 'process_delete':
$p = new Project();
$p->delete($getvars['proj_id']);
View::View();
$this->displayConfirmation('The requested Project was deleted.');
$this->listProjects();
$this->showPagingNavigation("index.php?mod=vm&act=project&vm_action=default");
break;
case 'display_confirm_delete':
View::View();
$this->confirmDelete($getvars['proj_id']);
break;
case 'display_select_project':
View::View();
if ($dao->isSiteManager($_SESSION['user_id']) && !$ac->dataAccessIsAuthorized(array('vm_proj_vol' => 'ru'), false)) {
$projects = $dao->listProjects($_SESSION['user_id'], true);
} else {
$projects = $dao->listProjects();
}
$this->displaySelectProjectForAssignmentForm($projects);
break;
case 'display_assign':
View::View();
if ($getvars['proj_id'] == '') {
add_error(SHN_ERR_VM_NO_PROJECT);
//if the user is just a site manager who got here due to overriding access control, only display his projects, otherwise display all
if ($dao->isSiteManager($_SESSION['user_id']) && !$ac->dataAccessIsAuthorized(array('vm_vol_position' => 'ru'), false)) {
$projects = $dao->listProjects($_SESSION['user_id'], true);
} else {
$projects = $dao->listProjects();
}
$this->displaySelectProjectForAssignmentForm($projects);
} else {
if ($this->validateAssignForm($getvars)) {
$p_uuid = $this->getAssigningVolId($getvars);
$dao->assignVolunteerToPosition($p_uuid, $getvars['pos_id_' . $p_uuid]);
add_confirmation(_('Volunteer has been successfully assigned'));
}
$p = new Project($getvars['proj_id']);
$this->assignVol($getvars['proj_id'], $p->positions);
}
break;
case 'process_remove_from_project':
$dao->deleteFromProject($getvars['p_uuid'], $getvars['proj_id']);
$p = new Project($getvars['proj_id']);
$this->displayProject($p);
break;
case 'display_my_list':
$this->listProjects($_SESSION['user_id']);
$this->showPagingNavigation("index.php?mod=vm&act=project&vm_action=display_my_list");
break;
case 'display_coming_list':
echo _('The items listed below are projects that will start from today or after today.');
echo '<div align="right"><a href="?mod=vm&act=project">' . _('View all projects') . '</a></div>';
$this->listComingProjects();
$this->showPagingNavigation("index.php?mod=vm&act=project&vm_action=display_coming_list");
break;
case 'process_add_position':
if ($getvars['pos_id'] != null) {
$p = new Position($getvars['pos_id']);
} else {
$p = new Position();
}
$p->proj_id = $getvars['proj_id'];
$p->ptype_id = $getvars['ptype_id'];
$p->description = $getvars['description'];
$p->title = $getvars['title'];
$p->numSlots = $getvars['numSlots'];
$p->payrate = $getvars['payrate'];
if ($this->validateAddPosition($getvars)) {
$dao->savePosition($p);
//$this->displayConfirmation("Position assignment has been added to {$p->position_title}");
$this->controlHandler(array('vm_action' => 'display_single', 'proj_id' => $p->proj_id));
} else {
$this->addPosition($p);
}
break;
case 'add_position':
//this case only displays the form to add/edit a position
if ($getvars['pos_id']) {
$p = new Position($getvars['pos_id']);
} else {
$p = new Position();
}
if (isset($getvars['proj_id'])) {
$p->proj_id = $getvars['proj_id'];
}
$this->addPosition($p);
break;
case 'remove_position':
$dao->removePosition($getvars['pos_id']);
$this->controlHandler(array('vm_action' => 'display_single', 'proj_id' => $getvars['proj_id']));
break;
default:
echo '<div align="right"><a href="?mod=vm&act=project&vm_action=display_coming_list">' . _('View coming projects') . '</a></div>';
$this->listProjects();
$this->showPagingNavigation("index.php?mod=vm&act=project&vm_action=default");
break;
}
}
