/** * Function to set variables up before form is built * * @return void * @access public */ public function preProcess() { $this->_participantId = CRM_Utils_Request::retrieve('participantId', 'Positive', $this); $this->_cc = CRM_Utils_Request::retrieve('cc', 'String', $this); //get the contact and event id and assing to session. $values = array(); $csContactID = NULL; if ($this->_participantId) { $params = array('id' => $this->_participantId); CRM_Core_DAO::commonRetrieve('CRM_Event_DAO_Participant', $params, $values, array('contact_id', 'event_id', 'status_id')); } $this->_participantStatusId = CRM_Utils_Array::value('status_id', $values); $this->_eventId = CRM_Utils_Array::value('event_id', $values); $csContactId = CRM_Utils_Array::value('contact_id', $values); // make sure we have right permission to edit this user $this->_csContactID = NULL; if ($csContactId && $this->_eventId) { $session = CRM_Core_Session::singleton(); if ($csContactId == $session->get('userID')) { $this->_csContactID = $csContactId; } else { if (CRM_Contact_BAO_Contact_Permission::validateChecksumContact($csContactId, $this)) { //since we have landing page so get this contact //id in session if user really want to walk wizard. $this->_csContactID = $csContactId; } } } if (!$this->_csContactID) { $config = CRM_Core_Config::singleton(); CRM_Core_Error::statusBounce(ts('You do not have permission to access this event registration. Contact the site administrator if you need assistance.'), $config->userFrameworkBaseURL); } }
/** * Function to set variables up before form is built * * @return void * @access public */ public function preProcess() { parent::preProcess(); // make sure we have right permission to edit this user $csContactID = CRM_Utils_Request::retrieve('cid', 'Positive', $this, false, $this->_userID); require_once 'CRM/Contact/BAO/Contact.php'; if ($csContactID != $this->_userID) { require_once 'CRM/Contact/BAO/Contact/Permission.php'; if (CRM_Contact_BAO_Contact_Permission::validateChecksumContact($csContactID, $this)) { $session = CRM_Core_Session::singleton(); $session->set('userID', $csContactID); $this->_userID = $csContactID; } } if (CRM_Utils_Array::value('id', $this->_pcpInfo) && CRM_Utils_Array::value('intro_text', $this->_pcpInfo)) { $this->assign('intro_text', $this->_pcpInfo['intro_text']); } else { if (CRM_Utils_Array::value('intro_text', $this->_values)) { $this->assign('intro_text', $this->_values['intro_text']); } } if (CRM_Utils_Array::value('footer_text', $this->_values)) { $this->assign('footer_text', $this->_values['footer_text']); } //CRM-5001 if ($this->_values['is_for_organization']) { $msg = ts('Mixed profile not allowed for on behalf of registration/sign up.'); require_once 'CRM/Core/BAO/UFGroup.php'; if ($preID = CRM_Utils_Array::value('custom_pre_id', $this->_values)) { $preProfile = CRM_Core_BAO_UFGroup::profileGroups($preID); foreach (array('Individual', 'Organization', 'Household') as $contactType) { if (in_array($contactType, $preProfile) && (in_array('Membership', $preProfile) || in_array('Contribution', $preProfile))) { CRM_Core_Error::fatal($msg); } } } if ($postID = CRM_Utils_Array::value('custom_post_id', $this->_values)) { $postProfile = CRM_Core_BAO_UFGroup::profileGroups($postID); foreach (array('Individual', 'Organization', 'Household') as $contactType) { if (in_array($contactType, $postProfile) && (in_array('Membership', $postProfile) || in_array('Contribution', $postProfile))) { CRM_Core_Error::fatal($msg); } } } } }
/** * pre processing work done here. * * @param * @return void * * @access public * */ function preProcess() { $this->_mode = CRM_Profile_Form::MODE_CREATE; //set the context for the profile $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this); if ($this->_context) { $this->assign('context', $this->_context); } if ($this->get('skipPermission')) { $this->_skipPermission = true; } if ($this->get('edit')) { //this is edit mode. $this->_mode = CRM_Profile_Form::MODE_EDIT; // make sure we have right permission to edit this user $session =& CRM_Core_Session::singleton(); $userID = $session->get('userID'); $id = CRM_Utils_Request::retrieve('id', 'Positive', $this, false, $userID); require_once 'CRM/Contact/BAO/Contact/Utils.php'; if ($id != $userID) { // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 require_once 'CRM/Contact/BAO/Contact/Permission.php'; $config =& CRM_Core_Config::singleton(); if ($config->userFrameworkFrontend) { CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($id, $this); } else { CRM_Contact_BAO_Contact_Permission::validateChecksumContact($id, $this); } $this->_isPermissionedChecksum = true; } } parent::preProcess(); // make sure the gid is set and valid if (!$this->_gid) { CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is disabled, OR there is no Profile with that ID, OR a valid \'gid=\' integer value is missing from the URL. Contact the site administrator if you need assistance.', array(1 => $this->_gid))); } // and also the profile is of type 'Profile' $query = "\nSELECT module\n FROM civicrm_uf_join\n WHERE module = 'Profile'\n AND uf_group_id = %1\n"; $params = array(1 => array($this->_gid, 'Integer')); $dao =& CRM_Core_DAO::executeQuery($query, $params); if (!$dao->fetch()) { CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is not configured to be used for \'Profile\' edit and view forms in its Settings. Contact the site administrator if you need assistance.', array(1 => $this->_gid))); } }
/** * Run the page. * * This method is called after the page is created. It checks for the * type of action and executes that action. * * @return void */ public function run() { $template = CRM_Core_Smarty::singleton(); if ($this->_id && $this->_gid) { // first check that id is part of the limit group id, CRM-4822 $limitListingsGroupsID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'limit_listings_group_id'); $config = CRM_Core_Config::singleton(); if ($limitListingsGroupsID) { if (!CRM_Contact_BAO_GroupContact::isContactInGroup($this->_id, $limitListingsGroupsID)) { CRM_Utils_System::setTitle(ts('Profile View - Permission Denied')); return CRM_Core_Session::setStatus(ts('You do not have permission to view this contact record. Contact the site administrator if you need assistance.'), ts('Permission Denied'), 'error'); } } $session = CRM_Core_Session::singleton(); $userID = $session->get('userID'); $this->_isPermissionedChecksum = $allowPermission = FALSE; $permissionType = CRM_Core_Permission::VIEW; if (CRM_Core_Permission::check('administer users') || CRM_Core_Permission::check('view all contacts') || CRM_Contact_BAO_Contact_Permission::allow($this->_id)) { $allowPermission = TRUE; } if ($this->_id != $userID) { // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 if ($config->userFrameworkFrontend) { $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE); if (!$this->_isPermissionedChecksum) { $this->_isPermissionedChecksum = $allowPermission; } } else { $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE); } } // CRM-10853 // Users with create or edit permission should be allowed to view their own profile if ($this->_id == $userID || $this->_isPermissionedChecksum) { if (!CRM_Core_Permission::check('profile view')) { if (CRM_Core_Permission::check('profile create') || CRM_Core_Permission::check('profile edit')) { $this->_skipPermission = TRUE; } } } // make sure we dont expose all fields based on permission $admin = FALSE; if (!$config->userFrameworkFrontend && $allowPermission || $this->_id == $userID || $this->_isPermissionedChecksum) { $admin = TRUE; } $values = array(); $fields = CRM_Core_BAO_UFGroup::getFields($this->_profileIds, FALSE, CRM_Core_Action::VIEW, NULL, NULL, FALSE, $this->_restrict, $this->_skipPermission, NULL, $permissionType); if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) { CRM_Core_BAO_UFGroup::shiftMultiRecordFields($fields, $multiRecordFields); $fields = $multiRecordFields; } if ($this->_isContactActivityProfile && $this->_gid) { $errors = CRM_Profile_Form::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid); if (!empty($errors)) { CRM_Core_Error::fatal(array_pop($errors)); } } //reformat fields array foreach ($fields as $name => $field) { // also eliminate all formatting fields if (CRM_Utils_Array::value('field_type', $field) == 'Formatting') { unset($fields[$name]); } // make sure that there is enough permission to expose this field if (!$admin && $field['visibility'] == 'User and User Admin Only') { unset($fields[$name]); } } if ($this->_isContactActivityProfile) { $contactFields = $activityFields = array(); foreach ($fields as $fieldName => $field) { if (CRM_Utils_Array::value('field_type', $field) == 'Activity') { $activityFields[$fieldName] = $field; } else { $contactFields[$fieldName] = $field; } } CRM_Core_BAO_UFGroup::getValues($this->_id, $contactFields, $values); if ($this->_activityId) { CRM_Core_BAO_UFGroup::getValues(NULL, $activityFields, $values, TRUE, array(array('activity_id', '=', $this->_activityId, 0, 0))); } } else { $customWhereClause = NULL; if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId) { if ($this->_allFields) { $copyFields = $fields; CRM_Core_BAO_UFGroup::shiftMultiRecordFields($copyFields, $multiRecordFields); $fieldKey = key($multiRecordFields); } else { $fieldKey = key($fields); } if ($fieldID = CRM_Core_BAO_CustomField::getKeyID($fieldKey)) { $tableColumnGroup = CRM_Core_BAO_CustomField::getTableColumnGroup($fieldID); $columnName = "{$tableColumnGroup[0]}.id"; $customWhereClause = $columnName . ' = ' . $this->_recordId; } } CRM_Core_BAO_UFGroup::getValues($this->_id, $fields, $values, TRUE, NULL, FALSE, $customWhereClause); } // $profileFields array can be used for customized display of field labels and values in Profile/View.tpl $profileFields = array(); $labels = array(); foreach ($fields as $name => $field) { //CRM-14338 // Create a unique, non-empty index for each field. $index = $field['title']; if ($index === '') { $index = ' '; } while (array_key_exists($index, $labels)) { $index .= ' '; } $labels[$index] = preg_replace('/\\s+|\\W+/', '_', $name); } foreach ($values as $title => $value) { $profileFields[$labels[$title]] = array('label' => $title, 'value' => $value); } $template->assign_by_ref('row', $values); $template->assign_by_ref('profileFields', $profileFields); } $name = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name'); $this->assign('ufGroupName', $name); CRM_Utils_Hook::viewProfile($name); if (strtolower($name) == 'summary_overlay') { $template->assign('overlayProfile', TRUE); } if ($this->_multiRecord & CRM_Core_Action::VIEW && $this->_recordId && !$this->_allFields) { $fieldDetail = reset($fields); $fieldId = CRM_Core_BAO_CustomField::getKeyID($fieldDetail['name']); $customGroupDetails = CRM_Core_BAO_CustomGroup::getGroupTitles(array($fieldId)); $multiRecTitle = $customGroupDetails[$fieldId]['groupTitle']; } else { $title = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'title'); } //CRM-4131. $displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name'); if ($displayName) { $session = CRM_Core_Session::singleton(); $config = CRM_Core_Config::singleton(); if ($session->get('userID') && CRM_Core_Permission::check('access CiviCRM') && CRM_Contact_BAO_Contact_Permission::allow($session->get('userID'), CRM_Core_Permission::VIEW) && !$config->userFrameworkFrontend) { $contactViewUrl = CRM_Utils_System::url('civicrm/contact/view', "action=view&reset=1&cid={$this->_id}", TRUE); $this->assign('displayName', $displayName); $displayName = "<a href=\"{$contactViewUrl}\">{$displayName}</a>"; } $title .= ' - ' . $displayName; } $title = isset($multiRecTitle) ? ts('View %1 Record', array(1 => $multiRecTitle)) : $title; CRM_Utils_System::setTitle($title); // invoke the pagRun hook, CRM-3906 CRM_Utils_Hook::pageRun($this); return trim($template->fetch($this->getHookedTemplateFileName())); }
/** * FIXME: we should make this method like getLocBlock() OR use the same method and * remove this one. * * obtain the location of given contact-id. * This method is used by on-behalf-of form to dynamically generate poulate the * location field values for selected permissioned contact. */ public static function getPermissionedLocation() { $cid = CRM_Utils_Request::retrieve('cid', 'Integer', CRM_Core_DAO::$_nullObject, TRUE); $ufId = CRM_Utils_Request::retrieve('ufId', 'Integer', CRM_Core_DAO::$_nullObject, TRUE); // Verify user id $user = CRM_Utils_Request::retrieve('uid', 'Integer', CRM_Core_DAO::$_nullObject, FALSE, CRM_Core_Session::singleton()->get('userID')); if (empty($user) || CRM_Utils_Request::retrieve('cs', 'String', $form, FALSE) && !CRM_Contact_BAO_Contact_Permission::validateChecksumContact($user, CRM_Core_DAO::$_nullObject, FALSE)) { CRM_Utils_System::civiExit(); } // Verify user permission on related contact $organizations = CRM_Contact_BAO_Relationship::getPermissionedContacts($user, NULL, NULL, 'Organization'); if (!isset($organizations[$cid])) { CRM_Utils_System::civiExit(); } $values = array(); $entityBlock = array('contact_id' => $cid); $location = CRM_Core_BAO_Location::getValues($entityBlock); $config = CRM_Core_Config::singleton(); $addressSequence = array_flip($config->addressSequence()); $profileFields = CRM_Core_BAO_UFGroup::getFields($ufId, FALSE, CRM_Core_Action::VIEW, NULL, NULL, FALSE, NULL, FALSE, NULL, CRM_Core_Permission::CREATE, NULL); $website = CRM_Core_BAO_Website::getValues($entityBlock, $values); foreach ($location as $fld => $values) { if (is_array($values) && !empty($values)) { $locType = $values[1]['location_type_id']; if ($fld == 'email') { $elements["onbehalf_{$fld}-{$locType}"] = array('type' => 'Text', 'value' => $location[$fld][1][$fld]); unset($profileFields["{$fld}-{$locType}"]); } elseif ($fld == 'phone') { $phoneTypeId = $values[1]['phone_type_id']; $elements["onbehalf_{$fld}-{$locType}-{$phoneTypeId}"] = array('type' => 'Text', 'value' => $location[$fld][1][$fld]); unset($profileFields["{$fld}-{$locType}-{$phoneTypeId}"]); } elseif ($fld == 'im') { $providerId = $values[1]['provider_id']; $elements["onbehalf_{$fld}-{$locType}"] = array('type' => 'Text', 'value' => $location[$fld][1][$fld]); $elements["onbehalf_{$fld}-{$locType}provider_id"] = array('type' => 'Select', 'value' => $location[$fld][1]['provider_id']); unset($profileFields["{$fld}-{$locType}-{$providerId}"]); } } } if (!empty($website)) { foreach ($website as $key => $val) { $websiteTypeId = $values[1]['website_type_id']; $elements["onbehalf_url-1"] = array('type' => 'Text', 'value' => $website[1]['url']); $elements["onbehalf_url-1-website_type_id"] = array('type' => 'Select', 'value' => $website[1]['website_type_id']); unset($profileFields["url-1"]); } } $locTypeId = isset($location['address'][1]) ? $location['address'][1]['location_type_id'] : NULL; $addressFields = array('street_address', 'supplemental_address_1', 'supplemental_address_2', 'city', 'postal_code', 'county', 'state_province', 'country'); foreach ($addressFields as $field) { if (array_key_exists($field, $addressSequence)) { $addField = $field; $type = 'Text'; if (in_array($field, array('state_province', 'country', 'county'))) { $addField = "{$field}_id"; $type = 'Select'; } $elements["onbehalf_{$field}-{$locTypeId}"] = array('type' => $type, 'value' => isset($location['address'][1]) ? CRM_Utils_Array::value($addField, $location['address'][1]) : NULL); unset($profileFields["{$field}-{$locTypeId}"]); } } //set custom field defaults $defaults = array(); CRM_Core_BAO_UFGroup::setProfileDefaults($cid, $profileFields, $defaults, TRUE, NULL, NULL, TRUE); if (!empty($defaults)) { foreach ($profileFields as $key => $val) { if (array_key_exists($key, $defaults)) { $htmlType = CRM_Utils_Array::value('html_type', $val); if ($htmlType == 'Radio') { $elements["onbehalf_{$key}"]['type'] = $htmlType; $elements["onbehalf_{$key}"]['value'] = $defaults[$key]; } elseif ($htmlType == 'CheckBox') { $elements["onbehalf_{$key}"]['type'] = $htmlType; foreach ($defaults[$key] as $k => $v) { $elements["onbehalf_{$key}"]['value'][$k] = $v; } } elseif (strstr($htmlType, 'Multi-Select') && $htmlType != 'AdvMulti-Select') { $elements["onbehalf_{$key}"]['type'] = 'Multi-Select'; $elements["onbehalf_{$key}"]['value'] = array_values($defaults[$key]); } elseif ($htmlType == 'Autocomplete-Select') { $elements["onbehalf_{$key}"]['type'] = $htmlType; $elements["onbehalf_{$key}"]['value'] = $defaults[$key]; } elseif ($htmlType == 'Select Date') { $elements["onbehalf_{$key}"]['type'] = $htmlType; $elements["onbehalf_{$key}"]['value'] = $defaults[$key]; $elements["onbehalf_{$key}_display"]['value'] = $defaults[$key]; } else { $elements["onbehalf_{$key}"]['type'] = $htmlType; $elements["onbehalf_{$key}"]['value'] = $defaults[$key]; } } else { $elements["onbehalf_{$key}"]['value'] = ''; } } } CRM_Utils_JSON::output($elements); }
/** * Pre processing work done here. * * @param * * @return void */ public function preProcess() { $this->_mode = CRM_Profile_Form::MODE_CREATE; $this->_onPopupClose = CRM_Utils_Request::retrieve('onPopupClose', 'String', $this); $this->assign('onPopupClose', $this->_onPopupClose); //set the context for the profile $this->_context = CRM_Utils_Request::retrieve('context', 'String', $this); //set the block no $this->_blockNo = CRM_Utils_Request::retrieve('blockNo', 'String', $this); //set the prefix $this->_prefix = CRM_Utils_Request::retrieve('prefix', 'String', $this); $this->assign('context', $this->_context); if ($this->_blockNo) { $this->assign('blockNo', $this->_blockNo); $this->assign('prefix', $this->_prefix); } $this->assign('createCallback', CRM_Utils_Request::retrieve('createCallback', 'String', $this)); if ($this->get('skipPermission')) { $this->_skipPermission = TRUE; } if ($this->get('edit')) { // make sure we have right permission to edit this user $session = CRM_Core_Session::singleton(); $userID = $session->get('userID'); // Set the ID from the query string, otherwise default to the current user $id = CRM_Utils_Request::retrieve('id', 'Positive', $this, FALSE, $userID); if ($id) { // this is edit mode. $this->_mode = CRM_Profile_Form::MODE_EDIT; if ($id != $userID) { // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 $config = CRM_Core_Config::singleton(); if ($config->userFrameworkFrontend) { CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($id, $this); } else { CRM_Contact_BAO_Contact_Permission::validateChecksumContact($id, $this); } $this->_isPermissionedChecksum = TRUE; } } else { CRM_Core_Error::fatal(ts('No user/contact ID was specified, so the Profile cannot be used in edit mode.')); } } parent::preProcess(); // and also the profile is of type 'Profile' $query = "\nSELECT module,is_reserved\n FROM civicrm_uf_group\n LEFT JOIN civicrm_uf_join ON uf_group_id = civicrm_uf_group.id\n WHERE civicrm_uf_group.id = %1\n"; $params = array(1 => array($this->_gid, 'Integer')); $dao = CRM_Core_DAO::executeQuery($query, $params); $isProfile = FALSE; while ($dao->fetch()) { $isProfile = $isProfile || $dao->module == "Profile"; } //Check that the user has the "add contacts" Permission $canAdd = CRM_Core_Permission::check("add contacts"); //Remove need for Profile module type when using reserved profiles [CRM-14488] if (!$dao->N || !$isProfile && !($dao->is_reserved && $canAdd)) { CRM_Core_Error::fatal(ts('The requested Profile (gid=%1) is not configured to be used for \'Profile\' edit and view forms in its Settings. Contact the site administrator if you need assistance.', array(1 => $this->_gid))); } }
/** * Function to set variables up before form is built * * @return void * @access public */ public function preProcess() { parent::preProcess(); $this->_ppType = CRM_Utils_Array::value('type', $_GET); $this->assign('ppType', FALSE); if ($this->_ppType) { $this->assign('ppType', TRUE); return CRM_Core_Payment_ProcessorForm::preProcess($this); } //get payPal express id and make it available to template $paymentProcessors = $this->get('paymentProcessors'); if (!empty($paymentProcessors)) { foreach ($paymentProcessors as $ppId => $values) { $payPalExpressId = $values['payment_processor_type'] == 'PayPal_Express' ? $values['id'] : 0; $this->assign('payPalExpressId', $payPalExpressId); if ($payPalExpressId) { break; } } } // Make the contributionPageID avilable to the template $this->assign('contributionPageID', $this->_id); $this->assign('isShare', CRM_Utils_Array::value('is_share', $this->_values)); $this->assign('isConfirmEnabled', CRM_Utils_Array::value('is_confirm_enabled', $this->_values)); // make sure we have right permission to edit this user $csContactID = CRM_Utils_Request::retrieve('cid', 'Positive', $this, FALSE, $this->_userID); $reset = CRM_Utils_Request::retrieve('reset', 'Boolean', CRM_Core_DAO::$_nullObject); $mainDisplay = CRM_Utils_Request::retrieve('_qf_Main_display', 'Boolean', CRM_Core_DAO::$_nullObject); if ($csContactID != $this->_userID) { if (CRM_Contact_BAO_Contact_Permission::validateChecksumContact($csContactID, $this)) { $session = CRM_Core_Session::singleton(); $session->set('userID', $csContactID); $this->_userID = $csContactID; } } if ($reset) { $this->assign('reset', $reset); } if ($mainDisplay) { $this->assign('mainDisplay', $mainDisplay); } $this->_onbehalf = FALSE; if (CRM_Utils_Array::value('is_for_organization', $this->_values)) { $urlParams = "&id={$this->_id}&qfKey={$this->controller->_key}"; $this->assign('urlParams', $urlParams); $this->_onbehalf = CRM_Utils_Array::value('onbehalf', $_GET); CRM_Contribute_Form_Contribution_OnBehalfOf::preProcess($this); if (CRM_Utils_Array::value('hidden_onbehalf_profile', $_POST) && (CRM_Utils_Array::value('is_for_organization', $_POST) || CRM_Utils_Array::value('is_for_organization', $this->_values) == 2)) { CRM_Contribute_Form_Contribution_OnBehalfOf::buildQuickForm($this); } } if (CRM_Utils_Array::value('id', $this->_pcpInfo) && CRM_Utils_Array::value('intro_text', $this->_pcpInfo)) { $this->assign('intro_text', $this->_pcpInfo['intro_text']); } elseif (CRM_Utils_Array::value('intro_text', $this->_values)) { $this->assign('intro_text', $this->_values['intro_text']); } $qParams = "reset=1&id={$this->_id}"; if ($pcpId = CRM_Utils_Array::value('pcp_id', $this->_pcpInfo)) { $qParams .= "&pcpId={$pcpId}"; } $this->assign('qParams', $qParams); if (CRM_Utils_Array::value('footer_text', $this->_values)) { $this->assign('footer_text', $this->_values['footer_text']); } //CRM-5001 if (CRM_Utils_Array::value('is_for_organization', $this->_values)) { $msg = ts('Mixed profile not allowed for on behalf of registration/sign up.'); if ($preID = CRM_Utils_Array::value('custom_pre_id', $this->_values)) { $preProfile = CRM_Core_BAO_UFGroup::profileGroups($preID); foreach (array('Individual', 'Organization', 'Household') as $contactType) { if (in_array($contactType, $preProfile) && (in_array('Membership', $preProfile) || in_array('Contribution', $preProfile))) { CRM_Core_Error::fatal($msg); } } } if ($postID = CRM_Utils_Array::value('custom_post_id', $this->_values)) { $postProfile = CRM_Core_BAO_UFGroup::profileGroups($postID); foreach (array('Individual', 'Organization', 'Household') as $contactType) { if (in_array($contactType, $postProfile) && (in_array('Membership', $postProfile) || in_array('Contribution', $postProfile))) { CRM_Core_Error::fatal($msg); } } } } if (CRM_Utils_Array::value('hidden_processor', $_POST)) { $this->set('type', CRM_Utils_Array::value('payment_processor', $_POST)); $this->set('mode', $this->_mode); $this->set('paymentProcessor', $this->_paymentProcessor); CRM_Core_Payment_ProcessorForm::preProcess($this); CRM_Core_Payment_ProcessorForm::buildQuickForm($this); } }
/** * Function to set variables up before form is built * * @return void * @access public */ public function preProcess() { parent::preProcess(); // make sure we have right permission to edit this user $csContactID = CRM_Utils_Request::retrieve('cid', 'Positive', $this, false, $this->_userID); $reset = CRM_Utils_Request::retrieve('reset', 'Boolean', CRM_Core_DAO::$_nullObject); $mainDisplay = CRM_Utils_Request::retrieve('_qf_Main_display', 'Boolean', CRM_Core_DAO::$_nullObject); require_once 'CRM/Contact/BAO/Contact.php'; if ($csContactID != $this->_userID) { require_once 'CRM/Contact/BAO/Contact/Permission.php'; if (CRM_Contact_BAO_Contact_Permission::validateChecksumContact($csContactID, $this)) { $session = CRM_Core_Session::singleton(); $session->set('userID', $csContactID); $this->_userID = $csContactID; } } if ($reset) { $this->assign('reset', $reset); } if ($mainDisplay) { $this->assign('mainDisplay', $mainDisplay); } $this->_onbehalf = false; if (CRM_Utils_Array::value('is_for_organization', $this->_values)) { $urlParams = "&id={$this->_id}&qfKey={$this->controller->_key}"; $this->assign('urlParams', $urlParams); $this->_onbehalf = CRM_Utils_Array::value('onbehalf', $_GET); require_once 'CRM/Contribute/Form/Contribution/OnBehalfOf.php'; CRM_Contribute_Form_Contribution_OnBehalfOf::preProcess($this); if (CRM_Utils_Array::value('hidden_onbehalf_profile', $_POST) && CRM_Utils_Array::value('is_for_organization', $_POST)) { CRM_Contribute_Form_Contribution_OnBehalfOf::buildQuickForm($this); } } if (CRM_Utils_Array::value('id', $this->_pcpInfo) && CRM_Utils_Array::value('intro_text', $this->_pcpInfo)) { $this->assign('intro_text', $this->_pcpInfo['intro_text']); } else { if (CRM_Utils_Array::value('intro_text', $this->_values)) { $this->assign('intro_text', $this->_values['intro_text']); } } if (CRM_Utils_Array::value('footer_text', $this->_values)) { $this->assign('footer_text', $this->_values['footer_text']); } //CRM-5001 if ($this->_values['is_for_organization']) { $msg = ts('Mixed profile not allowed for on behalf of registration/sign up.'); require_once 'CRM/Core/BAO/UFGroup.php'; if ($preID = CRM_Utils_Array::value('custom_pre_id', $this->_values)) { $preProfile = CRM_Core_BAO_UFGroup::profileGroups($preID); foreach (array('Individual', 'Organization', 'Household') as $contactType) { if (in_array($contactType, $preProfile) && (in_array('Membership', $preProfile) || in_array('Contribution', $preProfile))) { CRM_Core_Error::fatal($msg); } } } if ($postID = CRM_Utils_Array::value('custom_post_id', $this->_values)) { $postProfile = CRM_Core_BAO_UFGroup::profileGroups($postID); foreach (array('Individual', 'Organization', 'Household') as $contactType) { if (in_array($contactType, $postProfile) && (in_array('Membership', $postProfile) || in_array('Contribution', $postProfile))) { CRM_Core_Error::fatal($msg); } } } } }
/** * Run the page. * * This method is called after the page is created. It checks for the * type of action and executes that action. * * @return void * @access public * */ function run() { $template = CRM_Core_Smarty::singleton(); if ($this->_id && $this->_gid) { // first check that id is part of the limit group id, CRM-4822 $limitListingsGroupsID = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'limit_listings_group_id'); $config = CRM_Core_Config::singleton(); if ($limitListingsGroupsID) { if (!CRM_Contact_BAO_GroupContact::isContactInGroup($this->_id, $limitListingsGroupsID)) { CRM_Utils_System::setTitle(ts('Profile View - Permission Denied')); return CRM_Core_Session::setStatus(ts('You do not have permission to view this contact record. Contact the site administrator if you need assistance.')); } } $values = array(); $fields = CRM_Core_BAO_UFGroup::getFields($this->_profileIds, FALSE, CRM_Core_Action::VIEW, NULL, NULL, FALSE, $this->_restrict, $this->_skipPermission, NULL, CRM_Core_Permission::VIEW); if ($this->_isContactActivityProfile && $this->_gid) { $errors = CRM_Profile_Form::validateContactActivityProfile($this->_activityId, $this->_id, $this->_gid); if (!empty($errors)) { CRM_Core_Error::fatal(array_pop($errors)); } } $session = CRM_Core_Session::singleton(); $userID = $session->get('userID'); $this->_isPermissionedChecksum = FALSE; if ($this->_id != $userID) { // do not allow edit for anon users in joomla frontend, CRM-4668, unless u have checksum CRM-5228 if ($config->userFrameworkFrontend) { $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateOnlyChecksum($this->_id, $this, FALSE); } else { $this->_isPermissionedChecksum = CRM_Contact_BAO_Contact_Permission::validateChecksumContact($this->_id, $this, FALSE); } } // make sure we dont expose all fields based on permission $admin = FALSE; if (!$config->userFrameworkFrontend && (CRM_Core_Permission::check('administer users') || CRM_Core_Permission::check('view all contacts') || CRM_Contact_BAO_Contact_Permission::allow($this->_id, CRM_Core_Permission::VIEW)) || $this->_id == $userID || $this->_isPermissionedChecksum) { $admin = TRUE; } if (!$admin) { foreach ($fields as $name => $field) { // make sure that there is enough permission to expose this field if ($field['visibility'] == 'User and User Admin Only') { unset($fields[$name]); } } } // also eliminate all formatting fields foreach ($fields as $name => $field) { if (CRM_Utils_Array::value('field_type', $field) == 'Formatting') { unset($fields[$name]); } } if ($this->_isContactActivityProfile) { $contactFields = $activityFields = array(); foreach ($fields as $fieldName => $field) { if (CRM_Utils_Array::value('field_type', $field) == 'Activity') { $activityFields[$fieldName] = $field; } else { $contactFields[$fieldName] = $field; } } CRM_Core_BAO_UFGroup::getValues($this->_id, $contactFields, $values); if ($this->_activityId) { CRM_Core_BAO_UFGroup::getValues(NULL, $activityFields, $values, TRUE, array(array('activity_id', '=', $this->_activityId, 0, 0))); } } else { CRM_Core_BAO_UFGroup::getValues($this->_id, $fields, $values); } // $profileFields array can be used for customized display of field labels and values in Profile/View.tpl $profileFields = array(); $labels = array(); foreach ($fields as $name => $field) { $labels[$field['title']] = preg_replace('/\\s+|\\W+/', '_', $name); } foreach ($values as $title => $value) { $profileFields[$labels[$title]] = array('label' => $title, 'value' => $value); } $template->assign_by_ref('row', $values); $template->assign_by_ref('profileFields', $profileFields); } $name = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'name'); if (strtolower($name) == 'summary_overlay') { $template->assign('overlayProfile', TRUE); } $title = CRM_Core_DAO::getFieldValue('CRM_Core_DAO_UFGroup', $this->_gid, 'title'); //CRM-4131. $displayName = CRM_Core_DAO::getFieldValue('CRM_Contact_DAO_Contact', $this->_id, 'display_name'); if ($displayName) { $session = CRM_Core_Session::singleton(); $config = CRM_Core_Config::singleton(); if ($session->get('userID') && CRM_Core_Permission::check('access CiviCRM') && CRM_Contact_BAO_Contact_Permission::allow($session->get('userID'), CRM_Core_Permission::VIEW) && !$config->userFrameworkFrontend) { $contactViewUrl = CRM_Utils_System::url('civicrm/contact/view', "action=view&reset=1&cid={$this->_id}", TRUE); $this->assign('displayName', $displayName); $displayName = "<a href=\"{$contactViewUrl}\">{$displayName}</a>"; } $title .= ' - ' . $displayName; } CRM_Utils_System::setTitle($title); // invoke the pagRun hook, CRM-3906 CRM_Utils_Hook::pageRun($this); return trim($template->fetch($this->getTemplateFileName())); }