function suggest_alerts($email,$criteria,$maxresults)
{
$db = new ParlDB;
if(stripos($criteria,"speaker:")==0) //speaker only
{
// find emails who follow this speaker
// find the speakers followed by those email
// return their most frequently followed speakers, not followed by the searcher
$sql ="SELECT count(*) AS c, criteria FROM alerts "; // select and count criteria
$sql.="WHERE email = any (SELECT email FROM alerts WHERE criteria like '%$criteria%') "; // from emails which have the provided criteria/pid
$sql.="AND LENGTH(criteria)=13.AND LEFT(criteria,8)='speaker:' "; // filter in simple speaker alerts 'speaker:nnnnn'
$sql.="AND NOT(criteria=ANY(SELECT criteria FROM alerts WHERE email='$email')) "; // disregard any alert of this emailer (already following)
//$sql.="AND email like '%foo.test%' "; // filter in my test alerts // REMOVE ME
$sql.="GROUP BY criteria ORDER BY c DESC"; // most commo first
$q=$db->query($sql);
$resultcount=$q->rows();
if($resultcount>0) // if something was returned
print "<p>You may also be interested in being alerted when these people speak too.</p>";
{
if($resultcount>$maxresults) $resultcount=$maxresults; // cap results
for($i=0; $i<$resultcount; $i++) // iterate through results
{
if($q->field($i,'c')>1) // ignore suggestion where only one other has an alert for
{
$pid=substr($q->field($i,'criteria'),-5); // extract members PID
$member=new MEMBER(array('person_id'=>$pid));
print '<p><a href="' . WEBPATH . 'alert/?r=1&only=1&pid='.$member->person_id().'"><strong>Email me whenever '. $member->full_name() . ' speaks</strong></a></p>';
}
}
}
}
}
function fetch_mp($pc, $constituencies, $house = null)
{
global $THEUSER;
$args = array('constituency' => $constituencies['WMC']);
if ($house) {
$args['house'] = $house;
}
try {
$MEMBER = new MEMBER($args);
} catch (MySociety\TheyWorkForYou\MemberException $e) {
postcode_error($e->getMessage());
}
if ($MEMBER->person_id()) {
$THEUSER->set_postcode_cookie($pc);
}
return $MEMBER;
}
function confirm($token)
{
// The user has clicked the link in their confirmation email
// and the confirm page has passed the token from the URL to here.
// If all goes well they'll be confirmed and then logged in.
// Split the token into its parts.
$arg = '';
if (strstr($token, '::')) {
$arg = '::';
}
if (strstr($token, '-')) {
$arg = '-';
}
list($user_id, $registrationtoken) = explode($arg, $token);
if (!is_numeric($user_id) || $registrationtoken == '') {
return false;
}
$q = $this->db->query("SELECT email, password, postcode\n\t\t\t\t\t\tFROM\tusers\n\t\t\t\t\t\tWHERE\tuser_id = '" . mysql_escape_string($user_id) . "'\n\t\t\t\t\t\tAND\t\tregistrationtoken = '" . mysql_escape_string($registrationtoken) . "'\n\t\t\t\t\t\t");
if ($q->rows() == 1) {
// We'll need these to be set before logging the user in.
$this->user_id = $user_id;
$this->email = $q->field(0, 'email');
$this->password = $q->field(0, 'password');
// Set that they're confirmed in the DB.
$r = $this->db->query("UPDATE users\n\t\t\t\t\t\t\tSET\t\tconfirmed = '1'\n\t\t\t\t\t\t\tWHERE\tuser_id = '" . mysql_escape_string($user_id) . "'\n\t\t\t\t\t\t\t");
if ($q->field(0, 'postcode')) {
$MEMBER = new MEMBER(array('postcode' => $q->field(0, 'postcode')));
$pid = $MEMBER->person_id();
# This should probably be in the ALERT class
$this->db->query('update alerts set confirmed=1 where email="' . mysql_escape_string($this->email) . '" and criteria="speaker:' . mysql_escape_string($pid) . '"');
}
if ($r->success()) {
$this->confirmed = true;
// Log the user in, redirecting them to the confirm page
// where they should get a nice welcome message.
$URL = new URL('userconfirmed');
$URL->insert(array('welcome' => 't'));
$redirecturl = $URL->generate();
$this->login($redirecturl, 'session');
} else {
// Couldn't set them as confirmed in the DB.
return false;
}
} else {
// Couldn't find this user in the DB. Maybe the token was
// wrong or incomplete?
return false;
}
}
} elseif (isset($constituencies['SPE']) || isset($constituencies['SPC'])) {
$MEMBER = new MEMBER(array('constituency' => $constituencies['WMC']));
if ($MEMBER->person_id()) {
$THEUSER->set_postcode_cookie($pc);
}
list($out, $sidebars) = pick_multiple($pc, $constituencies, 'SPE', 'MSP');
} elseif (isset($constituencies['NIE'])) {
$MEMBER = new MEMBER(array('constituency' => $constituencies['WMC']));
if ($MEMBER->person_id()) {
$THEUSER->set_postcode_cookie($pc);
}
list($out, $sidebars) = pick_multiple($pc, $constituencies, 'NIE', 'MLA');
} else {
# Just have an MP, redirect instantly to the canonical page
$MEMBER = new MEMBER(array('constituency' => $constituencies['WMC']));
if ($MEMBER->person_id()) {
$THEUSER->set_postcode_cookie($pc);
}
member_redirect($MEMBER);
}
} else {
$errors['pc'] = "Sorry, " . htmlentities($pc) . " isn't a valid postcode";
twfy_debug('MP', "Can't display an MP because the submitted postcode wasn't of a valid form.");
}
$PAGE->page_start();
$PAGE->stripe_start();
if (isset($errors['pc'])) {
$PAGE->error_message($errors['pc']);
$PAGE->postcode_form();
}
echo $out;
// (Either in their logged-in details or in a cookie from a previous search.)
} elseif ($THEUSER->constituency_is_set() && $name == '' && $cconstituency == '') {
$MEMBER = new MEMBER(array('constituency' => $THEUSER->constituency()));
member_redirect($MEMBER);
} elseif ($name && $cconstituency) {
$MEMBER = new MEMBER(array('name' => $name, 'constituency' => $cconstituency));
if (!$MEMBER->canonical || $redirect) {
member_redirect($MEMBER);
}
if ($MEMBER->the_users_mp) {
$this_page = 'yourmp';
}
twfy_debug('MP', 'Displaying MP by name');
} elseif ($name) {
$MEMBER = new MEMBER(array('name' => $name));
if (($MEMBER->house_disp == 1 || $MEMBER->house_disp == 2 && $this_page != 'peer') && ($MEMBER->valid || !is_array($MEMBER->person_id())) || $redirect) {
member_redirect($MEMBER);
}
} elseif ($cconstituency) {
if ($cconstituency == 'your & my society') {
header('Location: /mp/stom%20teinberg');
exit;
}
$MEMBER = new MEMBER(array('constituency' => $cconstituency));
member_redirect($MEMBER);
} else {
// No postcode, member_id or person_id to use.
twfy_debug('MP', "We don't have any way of telling what MP to display");
}
/////////////////////////////////////////////////////////
// DISPLAY A REPRESENTATIVE
include_once "../../includes/easyparliament/init.php";
include_once INCLUDESPATH . "easyparliament/member.php";
include_once INCLUDESPATH . "postcode.inc";
$pc = get_http_var('pc');
$pc = preg_replace('#[^a-z0-9 ]#i', '', $pc);
if (!$pc) {
exit;
}
if (validate_postcode($pc)) {
$constituency = strtolower(postcode_to_constituency($pc));
if ($constituency == "CONNECTION_TIMED_OUT") {
$errors['pc'] = "Sorry, we couldn't check your postcode right now. Please use the 'All Mps' link above to browse MPs";
} elseif ($constituency == "") {
$errors['pc'] = "Sorry, " . htmlentities($pc) . " isn't a known postcode";
twfy_debug('MP', "Can't display an MP, as submitted postcode didn't match a constituency");
} else {
$MEMBER = new MEMBER(array('constituency' => $constituency));
if ($MEMBER->person_id()) {
// This will cookie the postcode.
$THEUSER->set_postcode_cookie($pc);
$THEUSER->set_constituency_cookie($constituency);
}
if ($MEMBER->person_id()) {
header('Location: http://' . DOMAIN . '/rss/mp/' . $MEMBER->person_id() . '.rdf');
}
}
} else {
$errors['pc'] = "Sorry, " . htmlentities($pc) . " isn't a valid postcode";
twfy_debug('MP', "Can't display an MP because the submitted postcode wasn't of a valid form.");
}
function display_user($user_id = "")
{
global $THEUSER, $PAGE, $DATA, $this_page, $who;
// We're either going to be:
// Displaying the details of a user who's just been edited
// (their user_id will be in $user_id now).
// Viewing THEUSER's own data.
// Viewing someone else's data (their id will be in the GET string
// user_id variable).
// We could do something cleverer so that if THEUSER has sufficient
// privileges we display more data when they're viewing someone else's info
// than what your average punter sees.
// If $user_id is a user id, we've just edited that user's info.
// FIRST: Work out whose info we're going to show.
$edited = false;
// Have we just edited someone's info?
if (is_numeric($user_id) && $user_id == $THEUSER->user_id()) {
// Display this user's just edited info.
$display = "this user";
$edited = true;
} elseif (is_numeric($user_id)) {
// Display someone else's just edited info.
$display = "another user";
$edited = true;
} elseif (is_numeric(get_http_var("u"))) {
// Display someone else's info.
$user_id = get_http_var("u");
$display = "another user";
} elseif ($THEUSER->isloggedin()) {
// Display this user's info.
$display = "this user";
$user_id = $THEUSER->user_id();
} else {
// Nothing to show!
$URL = new URL('userlogin');
$URL->insert(array('ret' => '/user/'));
$loginurl = $URL->generate();
header("Location: {$loginurl}");
exit;
}
// SECOND: Get the data for whoever we're going to show.
if ($display == "another user") {
// Viewing someone else's info.
$USER = new USER();
$valid = $USER->init($user_id);
if ($valid && $USER->confirmed() && !$USER->deleted()) {
// Don't want to display unconfirmed or deleted users.
$name = $USER->firstname() . " " . $USER->lastname();
$url = $USER->url();
if ($USER->emailpublic() == true) {
$email = $USER->email();
}
$status = $USER->status();
$registrationtime = $USER->registrationtime();
// Change the page title to reflect whose info we're viewing.
$DATA->set_page_metadata($this_page, "title", "{$name}");
} else {
// This user_id doesn't exist.
$display = "none";
}
} elseif ($display == "this user") {
// Display THEUSER's info.
$name = $THEUSER->firstname() . " " . $THEUSER->lastname();
$url = $THEUSER->url();
if ($edited) {
// We want to show all the info to the user.
$email = $THEUSER->email();
$emailpublic = $THEUSER->emailpublic() == true ? "Yes" : "No";
$optin = $THEUSER->optin() == true ? "Yes" : "No";
$constituency = $THEUSER->constituency();
} else {
// We're showing them how they're seen to other people.
if ($THEUSER->emailpublic()) {
$email = $THEUSER->email();
}
$registrationtime = $THEUSER->registrationtime();
$status = $THEUSER->status();
}
// Change the page title to make it clear we're viewing THEUSER's
// own info. Make them less worried about other people seeing some of the
// info that shouldn't be public.
$DATA->set_page_metadata($this_page, "title", "Your details");
} else {
// There's nothing to display!
}
// THIRD: Print out what we've got.
$PAGE->page_start();
if ($display != "none") {
$PAGE->stripe_start();
if (isset($registrationtime)) {
// Make registration time more user-friendly.
list($date, $time) = explode(' ', $registrationtime);
$registrationtime = format_date($date, LONGDATEFORMAT);
}
if ($edited) {
print "\t\t\t\t<p><strong>" . ucfirst($who) . " details have been updated:</strong></p>\n";
}
if ($this_page == 'userviewself' && !$edited) {
$EDITURL = new URL('useredit');
?>
<p><strong>This is how other people see you.</strong> <a href="<?php
echo $EDITURL->generate();
?>
">Edit your details</a>.</p>
<?php
}
?>
<div class="row">
<span class="label">Name</span>
<span class="formw"><?php
if (substr($name, -3) == ' MP') {
print '<a href="' . WEBPATH . '/mp/' . make_member_url(substr($name, 0, -3)) . '">';
}
echo htmlentities($name);
if (substr($name, -3) == ' MP') {
print '</a>';
}
?>
</span>
</div>
<div class="row">
<span class="label">Email</span>
<span class="formw"><?php
if (isset($email)) {
$escaped_email = str_replace('@', '@', htmlentities($email));
?>
<a href="mailto:<?php
echo $escaped_email . "\">" . $escaped_email;
?>
</a><?php
} else {
?>
Not public<?php
}
?>
</span>
</div>
<?php
if (isset($constituency)) {
if ($constituency == '') {
$constituency = 'none';
}
?>
<div class="row"> <br>
<span class="label">Australian Electoral Division</span>
<span class="formw"><?php
echo htmlentities($constituency);
?>
<small>(not public)</small></span>
</div>
<?php
}
if (isset($url)) {
if ($url == '') {
$url = 'none';
} else {
$url = '<a href="' . htmlentities($url) . '">' . htmlentities($url) . '</a>';
}
?>
<div class="row">
<span class="label">Website</span>
<span class="formw"><?php
echo $url;
?>
</span>
</div>
<?php
}
if (isset($emailpublic)) {
?>
<div class="row"> <br>Let other people see your email address? <strong><?php
echo htmlentities($emailpublic);
?>
</strong></div>
<?php
}
if (isset($optin)) {
?>
<div class="row">Receive OpenAustralia.org emails? <strong><?php
echo htmlentities($optin);
?>
</strong></div>
<?php
}
if (isset($status)) {
?>
<div class="row">
<span class="label">Status</span>
<span class="formw"><?php
echo htmlentities($status);
?>
</span>
</div>
<?php
}
if (isset($registrationtime)) {
?>
<div class="row">
<span class="label">Joined</span>
<span class="formw"><?php
echo htmlentities($registrationtime);
?>
</span>
</div>
<?php
}
if ($edited && $this_page == 'userviewself') {
$EDITURL = new URL('useredit');
$VIEWURL = new URL('userviewself');
?>
<p> <br><a href="<?php
echo $EDITURL->generate();
?>
">Edit again</a> or <a href="<?php
echo $VIEWURL->generate();
?>
">see how others see you</a>.</p>
<?php
}
$PAGE->stripe_end();
# Email alerts
if ($this_page == 'userviewself') {
$PAGE->stripe_start();
print '<h3>Your email alerts</h3>';
$db = new ParlDB();
$q = $db->query('SELECT * FROM alerts WHERE email = "' . mysql_real_escape_string($THEUSER->email()) . '" ORDER BY confirmed,deleted,alert_id');
$out = '';
for ($i = 0; $i < $q->rows(); ++$i) {
$row = $q->row($i);
$alert_criteria_terms = explode(' ', $row['criteria']);
$display_terms = array();
$search_keywords = array();
$search_url = WEBPATH . "search/?";
foreach ($alert_criteria_terms as $criteria_term) {
if (preg_match('#^speaker:(\\d+)#', $criteria_term, $m)) {
$MEMBER = new MEMBER(array('person_id' => $m[1]));
$display_terms[] = 'spoken by ' . $MEMBER->full_name();
$search_url .= 'pid=' . $MEMBER->person_id();
} else {
$display_terms[] = $criteria_term;
$search_keywords[] = $criteria_term;
}
}
if (count($search_keywords) > 0) {
if (strpos($search_url, 'pid=') !== false) {
$search_url .= '&';
}
$search_url .= "s=" . join("+", $search_keywords);
}
$display_criteria = join(' ', $display_terms);
$token = $row['alert_id'] . '-' . $row['registrationtoken'];
if (!$row['confirmed']) {
$action = '<a href="' . WEBPATH . 'A/' . $token . '">Confirm</a>';
} elseif ($row['deleted']) {
$action = '<form action="' . WEBPATH . 'alert/undelete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Resubscribe"></form>';
} else {
$action = '<form action="' . WEBPATH . 'alert/delete/" method="post"><input type="hidden" name="t" value="' . $token . '"><input type="submit" value="Unsubscribe"></form>';
}
$out .= "<tr><td><a href='" . $search_url . "'>" . $display_criteria . "</a></td><td>" . $action . "</td></tr>";
}
print '<p>To add a new alert, simply visit a Representative or Senator\'s page or conduct a search — to be given the option of turning them into alerts automatically — or visit <a href="' . WEBPATH . 'alert/">the manual addition page</a>.</p>';
if ($out) {
print '<p>Here are your email alerts:</p>';
print '<table cellpadding="3" cellspacing="0"><tr><th>Criteria</th><th>Action</th></tr>' . $out . '</table>';
} else {
print '<p>You currently have no email alerts set up.</p>';
}
$PAGE->stripe_end();
}
if (!$edited) {
$args = array('user_id' => $user_id, 'page' => get_http_var('p'));
$COMMENTLIST = new COMMENTLIST();
$COMMENTLIST->display('user', $args);
}
} else {
$message = array('title' => 'Sorry...', 'text' => "We don't have a user ID, so we can't show you anyone's details.");
$PAGE->message($message);
}
$PAGE->page_end();
}
function listoptions($args)
{
global $THEUSER;
$data = $this->_get_data_by_mps($args);
if ($THEUSER->isloggedin() && $THEUSER->postcode() != '' || $THEUSER->postcode_is_set()) {
$MEMBER = new MEMBER(array('postcode' => $THEUSER->postcode()));
print '<option value="' . $MEMBER->person_id() . '">Your MP, ' . $MEMBER->full_name() . '</option>';
}
print '<optgroup label="MPs">';
foreach ($data['data'] as $row) {
print '<option';
if (isset($args['pid']) && $args['pid'] == $row['person_id']) {
print ' selected';
}
print ' value="' . $row['person_id'] . '">' . $row['first_name'] . ' ' . $row['last_name'];
print ', ' . $row['constituency'];
print '</option>';
}
print '</optgroup> <optgroup label="Peers">';
$data = $this->_get_data_by_peers($args);
foreach ($data['data'] as $row) {
print '<option';
if (isset($args['pid']) && $args['pid'] == $row['person_id']) {
print ' selected';
}
print ' value="' . $row['person_id'] . '">';
print ucfirst(member_full_name(2, $row['title'], $row['first_name'], $row['last_name'], $row['constituency']));
print '</option>';
}
print '</optgroup> <optgroup label="MLAs">';
$data = $this->_get_data_by_mlas($args);
foreach ($data['data'] as $row) {
print '<option';
if (isset($args['pid']) && $args['pid'] == $row['person_id']) {
print ' selected';
}
print ' value="' . $row['person_id'] . '">';
print ucfirst(member_full_name(3, $row['title'], $row['first_name'], $row['last_name'], $row['constituency']));
print '</option>';
}
print '</optgroup> <optgroup label="MSPs">';
$data = $this->_get_data_by_msps($args);
foreach ($data['data'] as $row) {
print '<option';
if (isset($args['pid']) && $args['pid'] == $row['person_id']) {
print ' selected';
}
print ' value="' . $row['person_id'] . '">';
print ucfirst(member_full_name(4, $row['title'], $row['first_name'], $row['last_name'], $row['constituency']));
print '</option>';
}
print '</optgroup>';
}
function listoptions($args)
{
global $THEUSER;
$data = $this->_get_data_by_mps($args);
if ($THEUSER->constituency_is_set()) {
$MEMBER = new MEMBER(array('constituency' => $THEUSER->constituency()));
print '<option value="' . $MEMBER->person_id() . '">Your Representative, ' . $MEMBER->full_name() . '</option>';
}
print '<optgroup label="Representatives">';
$opik = array();
foreach ($data['data'] as $row) {
// Lembit Opik is special
if ($row['last_name'] == 'Öpik') {
$opik = $row;
continue;
}
if (count($opik) && strcmp('Opik', $row['last_name']) < 0) {
print '<option value="' . $opik['person_id'] . '">' . $opik['first_name'] . ' ' . $opik['last_name'] . '</option>';
$opik = array();
}
print '<option';
if (isset($args['pid']) && $args['pid'] == $row['person_id']) {
print ' selected';
}
print ' value="' . $row['person_id'] . '">' . $row['first_name'] . ' ' . $row['last_name'];
print ', ' . $row['constituency'];
print '</option>';
}
print '</optgroup> <optgroup label="Peers">';
$data = $this->_get_data_by_peers($args);
foreach ($data['data'] as $row) {
print '<option';
if (isset($args['pid']) && $args['pid'] == $row['person_id']) {
print ' selected';
}
print ' value="' . $row['person_id'] . '">';
print ucfirst(member_full_name(2, $row['title'], $row['first_name'], $row['last_name'], $row['constituency']));
print '</option>';
}
print '</optgroup> <optgroup label="MLAs">';
$data = $this->_get_data_by_mlas($args);
foreach ($data['data'] as $row) {
print '<option';
if (isset($args['pid']) && $args['pid'] == $row['person_id']) {
print ' selected';
}
print ' value="' . $row['person_id'] . '">';
print ucfirst(member_full_name(3, $row['title'], $row['first_name'], $row['last_name'], $row['constituency']));
print '</option>';
}
print '</optgroup>';
}
function find_constituency($args)
{
// We see if the user is searching for a postcode or constituency.
global $PAGE;
if ($args['s'] != '') {
$searchterm = $args['s'];
} else {
$PAGE->error_message('No search string');
return false;
}
list($constituencies, $validpostcode) = search_constituencies_by_query($searchterm);
$constituency = "";
if (count($constituencies) == 1) {
$constituency = $constituencies[0];
}
if ($constituency != '') {
// Got a match, display....
$MEMBER = new MEMBER(array('constituency' => $constituency, 'house' => 1));
$URL = new URL('mp');
if ($MEMBER->valid) {
$URL->insert(array('p' => $MEMBER->person_id()));
print '<h2>';
if (!$MEMBER->current_member(1)) {
print 'Former ';
}
print 'MP for ' . preg_replace('#' . preg_quote($searchterm, '#') . '#i', '<span class="hi">$0</span>', $constituency);
if ($validpostcode) {
// Display the postcode the user searched for.
print ' (' . _htmlentities(strtoupper($args['s'])) . ')';
}
?>
</h2>
<p><a href="<?php
echo $URL->generate();
?>
"><strong><?php
echo $MEMBER->full_name();
?>
</strong></a> (<?php
echo $MEMBER->party_text();
?>
)</p>
<?php
}
} elseif (count($constituencies)) {
$out = '';
$heading = array();
foreach ($constituencies as $constituency) {
$MEMBER = new MEMBER(array('constituency' => $constituency, 'house' => 1));
if ($MEMBER->valid) {
if ($MEMBER->current_member(1)) {
$heading[] = 'MPs';
} else {
$heading[] = 'Former MPs';
}
$URL = new URL('mp');
$URL->insert(array('p' => $MEMBER->person_id()));
$out .= '<li><a href="' . $URL->generate() . '"><strong>' . $MEMBER->full_name() . '</strong></a> (' . preg_replace('#' . preg_quote($searchterm, '#') . '#i', '<span class="hi">$0</span>', $constituency) . ', ' . $MEMBER->party() . ')</li>';
}
}
print '<h2>';
print join(" and ", array_unique($heading));
print " in constituencies matching ‘" . _htmlentities($searchterm) . "’</h2>";
print "<ul>{$out}</ul>";
}
}
function display_search_form($alert, $details = array(), $errors = array())
{
global $this_page, $PAGE;
$ACTIONURL = new URL($this_page);
$ACTIONURL->reset();
$form_start = '<form action="' . $ACTIONURL->generate() . '" method="post">
<input type="hidden" name="t" value="' . _htmlspecialchars(get_http_var('t')) . '">
<input type="hidden" name="email" value="' . _htmlspecialchars(get_http_var('email')) . '">';
if (isset($details['members']) && $details['members']->rows() > 0) {
echo '<ul class="hilites">';
$q = $details['members'];
for ($n = 0; $n < $q->rows(); $n++) {
echo '<li>';
echo $form_start . '<input type="hidden" name="pid" value="' . $q->field($n, 'person_id') . '">';
echo 'Things by ';
$name = member_full_name($q->field($n, 'house'), $q->field($n, 'title'), $q->field($n, 'given_name'), $q->field($n, 'family_name'), $q->field($n, 'lordofname'));
if ($q->field($n, 'constituency')) {
echo $name . ' (' . $q->field($n, 'constituency') . ') ';
} else {
echo $name;
}
echo ' <input type="submit" value="Subscribe"></form>';
echo "</li>\n";
}
echo '</ul>';
}
if (isset($details['constituencies'])) {
echo '<ul class="hilites">';
foreach ($details['constituencies'] as $constituency) {
$MEMBER = new MEMBER(array('constituency' => $constituency, 'house' => 1));
echo "<li>";
echo $form_start . '<input type="hidden" name="pid" value="' . $MEMBER->person_id() . '">';
if ($details['valid_postcode']) {
echo '<input type="hidden" name="pc" value="' . _htmlspecialchars($details['alertsearch']) . '">';
}
echo $MEMBER->full_name();
echo ' (' . _htmlspecialchars($constituency) . ')';
echo ' <input type="submit" value="Subscribe"></form>';
echo "</li>";
}
echo '</ul>';
}
if ($details['alertsearch']) {
echo '<ul class="hilites"><li>';
echo $form_start . '<input type="hidden" name="keyword" value="' . _htmlspecialchars($details['alertsearch']) . '">';
echo 'Mentions of [';
$alertsearch = $details['alertsearch'];
if (preg_match('#speaker:(\\d+)#', $alertsearch, $m)) {
$MEMBER = new MEMBER(array('person_id' => $m[1]));
$alertsearch = str_replace("speaker:{$m['1']}", "speaker:" . $MEMBER->full_name(), $alertsearch);
}
echo _htmlspecialchars($alertsearch) . '] ';
echo ' <input type="submit" value="Subscribe"></form>';
# Use original alertsearch variable here, because name replacement might introduce a comma
if (strstr($details['alertsearch'], ',') > -1) {
echo '<em class="error">You have used a comma in your search term – are you sure this is what you want?
You cannot sign up to multiple search terms using a comma – either use OR, or fill in this form multiple times.</em>';
}
if (preg_match('#([A-Z]{1,2}\\d+[A-Z]? ?\\d[A-Z]{2})#i', $alertsearch, $m) && strlen($alertsearch) > strlen($m[1]) && validate_postcode($m[1])) {
$scottish_text = '';
$mp_display_text = '';
if (postcode_is_scottish($m[1])) {
$mp_display_text = 'your MP, ';
$scottish_text = ' or MSP';
}
echo '<em class="error">You have used a postcode and something else in your search term – are you sure this is what you want?
You will only get an alert if all of these are mentioned in the same debate. Did you mean to get alerts for when your MP' . $scottish_text . ' mentions something instead? If so click subscribe below.</em></li>';
try {
$MEMBER = new MEMBER(array('postcode' => $m[1]));
// move the postcode to the front just to be tidy
$tidy_alertsearch = $m[1] . " " . trim(str_replace("{$m['1']}", "", $alertsearch));
$alertsearch_display = str_replace("{$m['1']} ", "", $tidy_alertsearch);
$alertsearch = str_replace("{$m['1']}", "speaker:" . $MEMBER->person_id, $tidy_alertsearch);
echo "<li>";
echo $form_start . '<input type="hidden" name="keyword" value="' . _htmlspecialchars($alertsearch) . '">';
echo 'Mentions of [';
echo _htmlspecialchars($alertsearch_display) . '] by ' . $mp_display_text . $MEMBER->full_name();
echo ' <input type="submit" value="Subscribe"></form>';
if ($scottish_text) {
$constituencies = postcode_to_constituencies($m[1]);
if (isset($constituencies['SPC'])) {
$MEMBER = new MEMBER(array('constituency' => $constituencies['SPC'], 'house' => 4));
// move the postcode to the front just to be tidy
$alertsearch = str_replace("{$m['1']}", "speaker:" . $MEMBER->person_id, $tidy_alertsearch);
echo "</li><li>";
echo $form_start . '<input type="hidden" name="keyword" value="' . _htmlspecialchars($alertsearch) . '">';
echo 'Mentions of [';
echo _htmlspecialchars($alertsearch_display) . '] by your MSP, ' . $MEMBER->full_name();
echo ' <input type="submit" value="Subscribe"></form>';
}
}
} catch (MySociety\TheyWorkForYou\MemberException $e) {
echo '<p>We had a problem looking up your representative.</p>';
}
}
echo "</li></ul>";
}
if ($details['pid']) {
$MEMBER = new MEMBER(array('person_id' => $details['pid']));
echo '<ul class="hilites"><li>';
echo "Signing up for things by " . $MEMBER->full_name();
echo ' (' . _htmlspecialchars($MEMBER->constituency()) . ')';
echo "</li></ul>";
}
if ($details['keyword']) {
echo '<ul class="hilites"><li>';
echo 'Signing up for results from a search for [';
$alertsearch = $details['keyword'];
if (preg_match('#speaker:(\\d+)#', $alertsearch, $m)) {
$MEMBER = new MEMBER(array('person_id' => $m[1]));
$alertsearch = str_replace("speaker:{$m['1']}", "speaker:" . $MEMBER->full_name(), $alertsearch);
}
echo _htmlspecialchars($alertsearch) . ']';
echo "</li></ul>";
}
if (!$details['pid'] && !$details['keyword']) {
?>
<p><label for="alertsearch">To sign up to an email alert, enter either your
<strong>postcode</strong>, the <strong>name</strong> of who you're interested
in, or the <strong>search term</strong> you wish to receive alerts
for.</label> To be alerted on an exact <strong>phrase</strong>, be sure to put it in quotes.
Also use quotes around a word to avoid stemming (where ‘horse’ would
also match ‘horses’).
<?php
}
echo '<form action="' . $ACTIONURL->generate() . '" method="post">
<input type="hidden" name="t" value="' . _htmlspecialchars(get_http_var('t')) . '">
<input type="hidden" name="submitted" value="1">';
if (!$details['pid'] && !$details['keyword'] || isset($errors['alertsearch'])) {
if (isset($errors["alertsearch"])) {
$PAGE->error_message($errors["alertsearch"]);
}
$text = $details['alertsearch'];
if (!$text) {
$text = $details['keyword'];
}
?>
<div class="row">
<input type="text" name="alertsearch" id="alertsearch" value="<?php
if ($text) {
echo _htmlentities($text);
}
?>
" maxlength="255" size="30" style="font-size:150%">
</div>
<?php
}
if ($details['pid']) {
echo '<input type="hidden" name="pid" value="' . _htmlspecialchars($details['pid']) . '">';
}
if ($details['keyword']) {
echo '<input type="hidden" name="keyword" value="' . _htmlspecialchars($details['keyword']) . '">';
}
if (!$details['email_verified']) {
if (isset($errors["email"]) && $details['submitted']) {
$PAGE->error_message($errors["email"]);
}
?>
<div class="row">
<label for="email">Your email address:</label>
<input type="text" name="email" id="email" value="<?php
if (isset($details["email"])) {
echo _htmlentities($details["email"]);
}
?>
" maxlength="255" size="30" class="form">
</div>
<?php
}
?>
<div class="row">
<input type="submit" class="submit" value="<?php
echo $details['pid'] || $details['keyword'] ? 'Subscribe' : 'Search';
?>
">
</div>
<div class="row">
<?php
if (!$details['email_verified']) {
?>
<p>If you <a href="/user/?pg=join">join</a> or <a href="/user/login/?ret=%2Falert%2F">sign in</a>, you won't need to confirm your email
address for every alert you set.<br><br>
<?php
}
if (!$details['pid'] && !$details['keyword']) {
?>
<p>Please note that you should only enter <strong>one term per alert</strong> – if
you wish to receive alerts on more than one thing, or for more than
one person, simply fill in this form as many times as you need, or use boolean OR.<br><br></p>
<p>For example, if you wish to receive alerts whenever the words
<i>horse</i> or <i>pony</i> are mentioned in Parliament, please fill in
this form once with the word <i>horse</i> and then again with the word
<i>pony</i> (or you can put <i>horse OR pony</i> with the OR in capitals
as explained on the right). Do not put <i>horse, pony</i> as that will only
sign you up for alerts where <strong>both</strong> horse and pony are mentioned.</p>
<?php
}
?>
</div>
<?php
if (get_http_var('sign')) {
echo '<input type="hidden" name="sign" value="' . _htmlspecialchars(get_http_var('sign')) . '">';
}
if (get_http_var('site')) {
echo '<input type="hidden" name="site" value="' . _htmlspecialchars(get_http_var('site')) . '">';
}
echo '</form>';
}
private function setUserData()
{
$this->data['current_mp'] = false;
$this->data['alerts'] = array();
if ($this->data['email_verified']) {
if ($this->user->postcode()) {
$current_mp = new \MEMBER(array('postcode' => $this->user->postcode()));
if (!$this->alert->fetch_by_mp($this->user->email(), $current_mp->person_id())) {
$this->data['current_mp'] = $current_mp;
}
}
$this->data['alerts'] = $this->getUsersAlerts();
}
}
public function confirm($token)
{
// The user has clicked the link in their confirmation email
// and the confirm page has passed the token from the URL to here.
// If all goes well they'll be confirmed and then logged in.
// Split the token into its parts.
$arg = '';
if (strstr($token, '::')) {
$arg = '::';
}
if (strstr($token, '-')) {
$arg = '-';
}
list($user_id, $registrationtoken) = explode($arg, $token);
if (!is_numeric($user_id) || $registrationtoken == '') {
return false;
}
$q = $this->db->query("SELECT email, password, postcode\n FROM users\n WHERE user_id = :user_id\n AND registrationtoken = :token\n ", array(':user_id' => $user_id, ':token' => $registrationtoken));
if ($q->rows() == 1) {
// We'll need these to be set before logging the user in.
$this->user_id = $user_id;
$this->email = $q->field(0, 'email');
$this->password = $q->field(0, 'password');
// Set that they're confirmed in the DB.
$r = $this->db->query("UPDATE users\n SET confirmed = '1'\n WHERE user_id = :user_id\n ", array(':user_id' => $user_id));
if ($q->field(0, 'postcode')) {
try {
$MEMBER = new MEMBER(array('postcode' => $q->field(0, 'postcode'), 'house' => 1));
$pid = $MEMBER->person_id();
# This should probably be in the ALERT class
$this->db->query('update alerts set confirmed=1 where email = :email and criteria = :criteria', array(':email' => $this->email, ':criteria' => 'speaker:' . $pid));
} catch (MySociety\TheyWorkForYou\MemberException $e) {
}
}
if ($r->success()) {
$this->confirmed = true;
// Log the user in, redirecting them to the confirm page
// where they should get a nice welcome message.
$URL = new URL('userconfirmed');
$URL->insert(array('welcome' => 't'));
$redirecturl = $URL->generate();
$this->login($redirecturl, 'session');
} else {
// Couldn't set them as confirmed in the DB.
return false;
}
} else {
// Couldn't find this user in the DB. Maybe the token was
// wrong or incomplete?
return false;
}
}
// (Either in their logged-in details or in a cookie from a previous search.)
} elseif ($THEUSER->constituency_is_set() && $name == '' && $cconstituency == '') {
$MEMBER = new MEMBER(array('constituency' => $THEUSER->constituency()));
member_redirect($MEMBER);
} elseif ($name && $cconstituency) {
$MEMBER = new MEMBER(array('name' => $name, 'constituency' => $cconstituency));
if (!$MEMBER->canonical || $redirect) {
member_redirect($MEMBER);
}
if ($MEMBER->the_users_mp) {
$this_page = 'yourmp';
}
twfy_debug('MP', 'Displaying MP by name');
} elseif ($name) {
$MEMBER = new MEMBER(array('name' => $name));
if (($MEMBER->house_disp == 1 || $MEMBER->house_disp == 2) && ($MEMBER->valid || !is_array($MEMBER->person_id())) || $redirect) {
member_redirect($MEMBER);
}
} elseif ($cconstituency) {
if ($cconstituency == 'your & my society') {
header('Location: /mp/stom%20teinberg');
exit;
}
$MEMBER = new MEMBER(array('constituency' => $cconstituency));
member_redirect($MEMBER);
} else {
// No postcode, member_id or person_id to use.
twfy_debug('MP', "We don't have any way of telling what MP to display");
}
/////////////////////////////////////////////////////////
// DISPLAY A REPRESENTATIVE
function display_search_form ( $alert, $details = array(), $errors = array() ) {
global $this_page, $PAGE;
$ACTIONURL = new URL($this_page);
$ACTIONURL->reset();
$form_start = '<form action="' . $ACTIONURL->generate() . '" method="post">
<input type="hidden" name="t" value="' . htmlspecialchars(get_http_var('t')) . '">
<input type="hidden" name="only" value="1">
<input type="hidden" name="email" value="' . htmlspecialchars(get_http_var('email')) . '">';
if (isset($details['members']) && $details['members']->rows() > 0) {
echo '<ul class="hilites">';
$q = $details['members'];
$last_pid = null;
for ($n=0; $n<$q->rows(); $n++) {
if ($q->field($n, 'person_id') != $last_pid) {
$last_pid = $q->field($n, 'person_id');
echo '<li>';
echo $form_start . '<input type="hidden" name="pid" value="' . $last_pid . '">';
echo 'Things by ';
$name = member_full_name($q->field($n, 'house'), $q->field($n, 'title'), $q->field($n, 'first_name'), $q->field($n, 'last_name'), $q->field($n, 'constituency') );
if ($q->field($n, 'house') != 2) {
echo $name . ' (' . $q->field($n, 'constituency') . ') ';
} else {
echo $name;
}
echo ' <input type="submit" value="Subscribe"></form>';
echo "</li>\n";
}
}
echo '</ul>';
}
if (isset($details['constituencies'])) {
echo '<ul class="hilites">';
foreach ($details['constituencies'] as $constituency) {
$MEMBER = new MEMBER(array('constituency'=>$constituency, 'house' => 1));
echo "<li>";
echo $form_start . '<input type="hidden" name="pid" value="' . $MEMBER->person_id() . '">';
if ($details['valid_postcode'])
echo '<input type="hidden" name="pc" value="' . htmlspecialchars($details['alertsearch']) . '">';
echo $MEMBER->full_name();
echo ' (' . htmlspecialchars($constituency) . ')';
echo ' <input type="submit" value="Subscribe"></form>';
echo "</li>";
}
echo '</ul>';
}
if ($details['alertsearch']) {
echo '<ul class="hilites"><li>';
echo $form_start . '<input type="hidden" name="keyword" value="' . htmlspecialchars($details['alertsearch']) . '">';
echo 'Mentions of [';
$alertsearch = $details['alertsearch'];
if (preg_match('#speaker:(\d+)#', $alertsearch, $m)) {
$MEMBER = new MEMBER(array('person_id'=>$m[1]));
$alertsearch = str_replace("speaker:$m[1]", "speaker:" . $MEMBER->full_name(), $alertsearch);
}
echo htmlspecialchars($alertsearch) . '] ';
echo ' <input type="submit" value="Subscribe"></form>';
echo "</li></ul>";
}
if ($details['pid']) {
$MEMBER = new MEMBER(array('person_id'=>$details['pid']));
echo '<ul class="hilites"><li>';
echo "Signing up for things by " . $MEMBER->full_name();
echo ' (' . htmlspecialchars($MEMBER->constituency()) . ')';
echo "</li></ul>";
}
if ($details['keyword']) {
echo '<ul class="hilites"><li>';
echo 'Signing up for results from a search for [';
$alertsearch = $details['keyword'];
if (preg_match('#speaker:(\d+)#', $alertsearch, $m)) {
$MEMBER = new MEMBER(array('person_id'=>$m[1]));
$alertsearch = str_replace("speaker:$m[1]", "speaker:" . $MEMBER->full_name(), $alertsearch);
}
echo htmlspecialchars($alertsearch) . ']';
echo "</li></ul>";
}
if (!$details['add']) {
?>
<p><label for="alertsearch">To sign up to an email alert, enter either your
<strong>postcode</strong>, the <strong>name</strong> of who you're interested
in, or the <strong>search word</strong> or <strong>words</strong> you wish to receive alerts
for.</label> To be alerted on an exact <strong>phrase</strong>, be sure to put it in quotes.
Also use quotes around a word to avoid stemming (where ‘horse’ will
also match ‘horses’),
<?
}
echo '<form action="' . $ACTIONURL->generate() . '" method="post">
<input type="hidden" name="t" value="' . htmlspecialchars(get_http_var('t')) . '">
<input type="hidden" name="submitted" value="1">';
if (!$details['add']) {
if (isset($errors["alertsearch"])) {
$PAGE->error_message($errors["alertsearch"]);
}
?>
<div class="row">
<input type="text" name="alertsearch" id="alertsearch" value="<?php if ($details['alertsearch']) { echo htmlentities($details['alertsearch']); } ?>" size="30" style="font-size:150%">
</div>
<?php
}
if ($details['pid'])
echo '<input type="hidden" name="pid" value="' . htmlspecialchars($details['pid']) . '">';
if ($details['keyword'])
echo '<input type="hidden" name="keyword" value="' . htmlspecialchars($details['keyword']) . '">';
if ($details['pid'] || $details['keyword'])
echo '<input type="hidden" name="only" value="1">';
if (!$details['email_verified']) {
if (isset($errors["email"]) && (get_http_var('submitted') || $details['add'])) {
$PAGE->error_message($errors["email"]);
}
?>
<div class="row">
<label for="email">Your email address:</label>
<input type="text" name="email" id="email" value="<?php if (isset($details["email"])) { echo htmlentities($details["email"]); } ?>" maxlength="255" size="30" class="form">
</div>
<?php
}
?>
<div class="row">
<input type="submit" class="submit" value="Search">
</div>
<div class="row">
<?php
if (!$details['email_verified']) {
?>
<p>If you join or sign in, you won't need to confirm your email
address for every alert you set.
<?php
}
if (!$details['add']) {
?>
<p>Please note that you should only enter one topic per alert - if
you wish to receive alerts on more than one topic, or for more than
one person, simply fill in this form as many times as you need.</p>
<?php
}
?>
</div>
<?php
if (get_http_var('sign'))
echo '<input type="hidden" name="sign" value="' . htmlspecialchars(get_http_var('sign')) . '">';
if (get_http_var('site'))
echo '<input type="hidden" name="site" value="' . htmlspecialchars(get_http_var('site')) . '">';
echo '</form>';
}