/**
* get person data to search for
*
* @return array with persons, key = id
*/
function getSearchableData()
{
$persons = churchdb_getAllowedPersonData('', 'person_id p_id, person_id id, familienstand_no, geschlecht_no, hochzeitsdatum, nationalitaet_id,
erstkontakt, zugehoerig, eintrittsdatum, austrittsdatum, taufdatum, plz, geburtsort, imageurl, cmsuserid, lastlogin');
foreach ($persons as $arr) {
unset($persons[$arr->id]->p_id);
$persons[$arr->id]->auth = getAuthForPerson($arr->id);
}
return $persons;
}
/**
* get person data to search for
*
* @return array with persons, key = id
*/
function getSearchableData()
{
$persons = db_query('SELECT person_id id, geburtsdatum, familienstand_no, geschlecht_no, hochzeitsdatum, nationalitaet_id,
erstkontakt, zugehoerig, eintrittsdatum, austrittsdatum, taufdatum, plz, geburtsort, imageurl, cmsuserid
FROM {cdb_person} p, {cdb_gemeindeperson} gp
WHERE p.id=gp.person_id');
foreach ($persons as $arr) {
$arr->auth = getAuthForPerson($arr->id);
$arrs[$arr->id] = $arr;
}
return $arrs;
}
/**
* get person details
* TODO: create a class for persons
*
* @param int $id
* @param bool $withComments
*
* @return person object
*/
function churchdb_getPersonDetails($id, $withComments = true)
{
global $user;
$allowed = $user->id == $id;
$iAmLeader = false;
$iAmSuperLeader = false;
// the export right give the permission to see everything!
if (user_access("export data", "churchdb")) {
$allowed = true;
$iAmLeader = true;
$iAmSuperLeader = true;
} else {
// user is super leader of person?
if (churchdb_isPersonSuperLeaderOfPerson($user->id, $id)) {
$iAmSuperLeader = true;
$iAmLeader = true;
$allowed = true;
}
// user is leader of person?
if (churchdb_isPersonLeaderOfPerson($user->id, $id)) {
$iAmLeader = true;
$allowed = true;
}
// user is in group with person?
if (!$allowed) {
$myGroups = churchdb_getMyGroups($user->id, true, false);
if (count($myGroups) > 0) {
$res = db_query("SELECT COUNT(*) c\n FROM {cdb_person} p, {cdb_gemeindeperson} gp, {cdb_gemeindeperson_gruppe} gpg\n WHERE p.id=gp.person_id AND gpg.gemeindeperson_id=gp.id AND p.id=:id\n AND gpg.gruppe_id in (" . implode(",", $myGroups) . ") ", array(':id' => $id))->fetch();
if ($res->c > 0) {
$allowed = true;
}
}
}
if (!$allowed) {
// TODO: maybe shorten next 2 lines to: if ($allowedDeps=user_access("view alldata", "churchdb")) {
$allowedDeps = user_access("view alldata", "churchdb");
if ($allowedDeps != null) {
$res = db_query('SELECT COUNT(*) as c FROM {cdb_bereich_person}
WHERE person_id=:p_id AND bereich_id in (' . implode(',', $allowedDeps) . ')', array(':p_id' => $id), false)->fetch();
if ($res->c > 0) {
$allowed = true;
}
}
}
if (!$allowed) {
return "no access";
}
}
$res = db_query("SELECT f.*, fk.intern_code FROM {cdb_feld} f, {cdb_feldkategorie} fk WHERE f.feldkategorie_id=fk.id\n AND fk.intern_code IN ('f_address', 'f_church', 'f_category') AND aktiv_yn=1");
$sqlFields = array();
$sqlFields[] = "p.id id";
$sqlFields[] = "gp.id gp_id";
$sqlFields[] = "geolat as lat";
$sqlFields[] = "imageurl";
$sqlFields[] = "geolng as lng";
$sqlFields[] = "cmsuserid";
foreach ($res as $res2) {
if ($res2->autorisierung == null || _checkPersonAuthorisation($res2->autorisierung, $iAmLeader, $iAmSuperLeader)) {
if ($res2->intern_code == "f_address" || $iAmLeader || user_access('view alldetails', "churchdb")) {
$sqlFields[] = $res2->db_spalte;
}
}
}
$sql = "SELECT " . join($sqlFields, ",");
if ($iAmLeader || user_access('view alldetails', "churchdb") || user_access('administer persons', "churchcore")) {
$sql .= ', p.letzteaenderung, p.aenderunguser, p.createdate, if (loginstr IS NULL , 0 , 1) AS einladung, p.active_yn, p.lastlogin';
}
$sql .= ' FROM {cdb_person} p, {cdb_gemeindeperson} gp WHERE p.id=gp.person_id AND p.id=:pid';
$person = db_query($sql, array(':pid' => $id))->fetch();
if ($withComments) {
$comments = db_query("SELECT id, text, person_id, datum, comment_viewer_id, relation_name \n FROM {cdb_comment}\n WHERE relation_id=:relid AND relation_name like 'person%'\n ORDER BY datum desc", array(':relid' => $id));
$auth = user_access("view comments", "churchdb");
if ($comments && $auth != null) {
// TODO: test for auth before DB query? if ($withComments &&
// $auth=user_access("view comments","churchdb"))
$arrs = null;
foreach ($comments as $arr) {
if (isset($auth[$arr->comment_viewer_id]) && $auth[$arr->comment_viewer_id] == $arr->comment_viewer_id) {
$arrs[] = $arr;
}
}
$person->comments = $arrs;
}
}
$person->auth = getAuthForPerson($id);
return $person;
}