PageRenderTime 26ms CodeModel.GetById 34ms RepoModel.GetById 0ms app.codeStats 0ms

/handle_signups_ajax.php

https://github.com/cwarren/sus
PHP | 305 lines | 262 code | 23 blank | 20 comment | 17 complexity | c6b5b2b2801635185c17200eef30c6f6 MD5 | raw file
    

  1. <?php
    2. 

  2. 

  3. // this script processes a signup addition or removal request. If the
    4. 

  4. // process fails for some reason it responds with "FAILURE: reason". On
    5. 

  5. // success it responds with "SUCCESS<data>" where <data> is the updated
    6. 

  6. // HTML for the opening to which the signup was attached. 
    7. 

  7. 

  8. require_once('../../config.php');
    9. 

  9. require_once($CFG->libdir.'/moodlelib.php');
    10. 

  10. 

  11. /////////////////////////////////////////////////////////////////////////////////////////
    12. 

  12. // locally defined functions
    13. 

  13. 

  14. // This function returns true. It is called by various included files
    15. 

  15. // to make sure they're actually in the signup sheet world - i.e. to
    16. 

  16. // prevent them from being (usefully) used directly from the web. E.g.
    17. 

  17. // if (! verify_in_signup_sheets()) { die("not in signup_sheets"); }
    18. 

  18. function verify_in_signup_sheets() {
    19. 

  19.     return true;
    20. 

  20. }
    21. 

  21. 

  22. require_login();
    23. 

  23. 

  24. include_once 'sus_lib.php';
    25. 

  25. 

  26. $DEBUG=0;
    27. 

  27. 

  28. if ($DEBUG > 0)
    29. 

  29. {
    30. 

  30.    echo 'FAILURE: ';
    31. 

  31. }
    32. 

  32. 

  33. /////////////////////////////////////////////////////////////////////////////////////////
    34. 

  34. // input validation
    35. 

  35. 

  36. log_debug_r(4,$_REQUEST);
    37. 

  37. 

  38. $contextid      = clean_param($_REQUEST['contextid'],PARAM_INT);                // determines what course
    39. 

  39. $access_id      = clean_param($_REQUEST['access'],PARAM_CLEAN);
    40. 

  40. $sheet_id       = clean_param($_REQUEST['sheet'],PARAM_CLEAN);
    41. 

  41. $opening_id     = clean_param($_REQUEST['opening'],PARAM_CLEAN);
    42. 

  42. $action         = clean_param($_REQUEST['action'],PARAM_CLEAN);
    43. 

  43. $actionsource   = clean_param($_REQUEST['actionsource'],PARAM_CLEAN);
    44. 

  44. $username       = clean_param($_REQUEST['username'],PARAM_CLEAN);
    45. 

  45. $admincomment   = clean_param($_REQUEST['admincomment'],PARAM_CLEAN);
    46. 

  46. $signup_id      = clean_param($_REQUEST['signup'],PARAM_CLEAN);
    47. 

  47. 

  48. log_debug(1,"
    49. 

  49. contextid is $contextid
    50. 

  50. access_id is $access_id
    51. 

  51. sheet_id is $sheet_id
    52. 

  52. opening_id is $opening_id
    53. 

  53. action is $action
    54. 

  54. actionsource is $actionsource
    55. 

  55. username is $username
    56. 

  56. signup_id is $signup_id
    57. 

  57. ");
    58. 

    59. 

  59. /////////////////////////////////////////////////////////////////////////////////////////
    60. 

  60. // processing
    61. 

  61. 

  62. $user_is_sheet_admin = userHasAdminAccess($USER->id,$sheet_id);
    63. 

  63. 

  64. if ($action == 'addsignup')
    65. 

  65. {
    66. 

  66.     $user_has_signup_access = userHasSignupAccess($USER->id,$sheet_id,$access_id);
    67. 

  67.     if ((! $user_has_signup_access) && (! $user_is_sheet_admin) )
    68. 

  68.     {
    69. 

  69.       echo "FAILURE: you do not have signup access to this sheet and you are not a sheet admin";
    70. 

  70.       exit;
    71. 

  71.     }
    72. 

  72. 

  73.     $for_user = $USER->id;
    74. 

  74.     if ($username)
    75. 

  75.     {
    76. 

  76.         if (! $user_is_sheet_admin)
    77. 

  77.         {
    78. 

  78.             echo "FAILURE: you are not a sheet admin and so cannot sign up other users";
    79. 

  79.             exit;
    80. 

  80.         }
    81. 

  81.         $for_user = $username;
    82. 

  82.     }
    83. 

  83.     $su = newSignup($opening_id,$for_user);
    84. 

  84.     if (! $su)
    85. 

  85.     {
    86. 

  86.         echo "FAILURE: could not create signup for user $for_user";
    87. 

  87.         exit;
    88. 

  88.     }
    89. 

  89. 

  90.     // add signup
    91. 

  91.     $signup = newSignup($opening_id,$for_user);
    92. 

  92.     if ($admincomment)
    93. 

  93.     {
    94. 

  94.         $signup->admin_comment = $admincomment;
    95. 

  95.     }
    96. 

  96.     $ns_id = addSignup($signup);
    97. 

  97. 

  98.     // if user is not admin
    99. 

  99.     //   get info for that opening
    100. 

  100.     //   check that max sign-ups is not exceeded
    101. 

  101.     //   if it is
    102. 

  102.     //     remove the just added signup and alert user
    103. 

  103.     if (! $user_is_sheet_admin)
    104. 

  104.     {
    105. 

  105.         $op = getOpenings($sheet_id,$opening_id);
    106. 

  106.         if ($op->o_num_signups > $op->o_max_signups)
    107. 

  107.         {
    108. 

  108.             removeSignup($ns_id);
    109. 

  109.             echo "FAILURE: opening is fully-booked";
    110. 

  110.             exit;
    111. 

  111.         }
    112. 

  112.     }    
    113. 

  113. 

  114.     $sheet_complex = getStructuredSheetData($sheet_id,0,$opening_id);
    115. 

  115.     $su_user_data = $sheet_complex->openings[0]->signups_by_user[$signup->signup_user_id]->user;
    116. 

  116. 

  117.     log_debug_r(2,$su_user_data);
    118. 

  118. 

  119.     $confirmation_message = "
    120. 

  120. You are signed up for {$sheet_complex->s_name}.\n\n  ".ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-');
    121. 

    122. 

  122.     $admin_message = "{$su_user_data->usr_firstname} {$su_user_data->usr_lastname} has signed up for the ".
    123. 

  123.                    ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-')." opening on ".$sheet_complex->s_name.".";
    124. 

  124. 

  125.     if ($sheet_complex->openings[0]->o_name)
    126. 

  126.     {
    127. 

  127.         $confirmation_message .= "\n  ".$sheet_complex->openings[0]->o_name;
    128. 

  128.         $admin_message .= "\n  ".$sheet_complex->openings[0]->o_name;
    129. 

  129.     }
    130. 

  130.     if ($sheet_complex->openings[0]->o_description)
    131. 

  131.     {
    132. 

  132.         $confirmation_message .= "\n     ".$sheet_complex->openings[0]->o_description;
    133. 

  133.         $admin_message .= "\n     ".$sheet_complex->openings[0]->o_description;
    134. 

  134.     }
    135. 

  135.     if ($sheet_complex->openings[0]->o_location)
    136. 

  136.     {
    137. 

  137.         $confirmation_message .= "\n\nYou're meeting at ".$sheet_complex->openings[0]->o_location;
    138. 

  138.         $admin_message .= "\n\nThe meeting is at ".$sheet_complex->openings[0]->o_location;
    139. 

  139.     }
    140. 

  140. 

  141.     $mail_error =  mailAlerts($sheet_complex,$signup->signup_user_id,
    142. 

  142.                               sus_block_name()." - {$sheet_complex->s_name} at ".ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-'),
    143. 

  143.                               $confirmation_message,
    144. 

  144.                               "Glow SUS- {$su_user_data->usr_firstname} {$su_user_data->usr_lastname} signed up for ".$sheet_complex->s_name,
    145. 

  145.                               $admin_message);
    146. 

  146. 

  147.     if (! $mail_error)
    148. 

  148.     {
    149. 

  149.         include_once 'cal_lib.php';  // for openingDisplay below
    150. 

  150. 

  151.         $new_opening_html = openingDisplay($sheet_complex->openings[0],
    152. 

  152.                                            ($user_is_sheet_admin && ($actionsource != 'do_signup')),
    153. 

  153.                                            $sheet_complex->s_flag_private_signups);
    154. 

  154. 

  155.         echo 'SUCCESS';
    156. 

  156.         if ($actionsource == 'sheet_edit_opening_form')
    157. 

  157.         {
    158. 

  158.             $sep = '___|||---';
    159. 

  159.             echo $ns_id . $sep;
    160. 

  160.             echo $sheet_complex->openings[0]->signups_by_id[$ns_id]->user->usr_firstname . $sep 
    161. 

  161.                  . $sheet_complex->openings[0]->signups_by_id[$ns_id]->user->usr_lastname . $sep;
    162. 

  162.             echo $admincomment . $sep . mktime();
    163. 

  163.         } else
    164. 

  164.         {
    165. 

  165.             echo $new_opening_html;
    166. 

  166.         }
    167. 

  167.     }
    168. 

  168.     exit;
    169. 

  169. 

  170. } else if ($action == 'removesignup')
    171. 

  171. {
    172. 

  172.     if (! $signup_id)
    173. 

  173.         {
    174. 

  174.         echo 'FAILURE: no signup specified';
    175. 

  175.         exit;
    176. 

  176.     }
    177. 

  177. 

  178.     $sheet_complex = getStructuredSheetData($sheet_id,0,$opening_id,$signup_id);
    179. 

  179.     $su = $sheet_complex->openings[0]->signups_by_id[$signup_id];
    180. 

  180.     $su_user_data = $su->user;
    181. 

  181. 

  182.     // log_debug_r(-1,$su);
    183. 

  183. 

  184.     // user either has to own the given signup (i.e. be the one signed up) or be an admin of the sheet for that signup
    185. 

  185.     $removal_success = 0;
    186. 

  186.     if ($user_is_sheet_admin)
    187. 

  187.     {
    188. 

  188.         $removal_success = removeSignup($signup_id);
    189. 

  189.     } else
    190. 

  190.     {
    191. 

  191.         if ($su->su_signup_user_id == $USER->id)
    192. 

  192.         {
    193. 

  193.             $removal_success = removeSignup($signup_id);
    194. 

  194.         }
    195. 

  195.     }
    196. 

  196.     if ($removal_success)
    197. 

  197.     {
    198. 

  198. 

  199.         $confirmation_message = "\nSignup cancelled for {$sheet_complex->s_name}.\n\n  ".ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-');
    200. 

  200. 

  201.         $admin_message = "Cancelled {$su_user_data->usr_firstname} {$su_user_data->usr_lastname} signup for the ".
    202. 

  202.                        ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-')." opening on ".$sheet_complex->s_name.".\n";
    203. 

  203. 

  204.         if ($sheet_complex->openings[0]->o_name)
    205. 

  205.         {
    206. 

  206.             $confirmation_message .= "\n  ".$sheet_complex->openings[0]->o_name;
    207. 

  207.             $admin_message .= "\n  ".$sheet_complex->openings[0]->o_name;
    208. 

  208.         }
    209. 

  209.         if ($sheet_complex->openings[0]->o_description)
    210. 

  210.         {
    211. 

  211.             $confirmation_message .= "\n     ".$sheet_complex->openings[0]->o_description;
    212. 

  212.             $admin_message .= "\n     ".$sheet_complex->openings[0]->o_description;
    213. 

  213.         }
    214. 

  214. 

  215.         $mail_error =  mailAlerts($sheet_complex,$su->su_signup_user_id,
    216. 

  216.                                   sus_block_name()." - signup cancelled on {$sheet_complex->s_name} at ".ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-'),
    217. 

  217.                                   $confirmation_message,
    218. 

  218.                                   sus_block_name()." - cancelled {$su_user_data->usr_firstname} {$su_user_data->usr_lastname} signup for ".$sheet_complex->s_name,
    219. 

  219.                                   $admin_message);
    220. 

  220. 

  221.         include_once 'cal_lib.php'; // for openingDisplay below
    222. 

  222.         $sheet_complex = getStructuredSheetData($sheet_id,0,$opening_id);
    223. 

  223.         log_debug_r(4,$sheet_complex);
    224. 

  224. 

  225.         $new_opening_html = openingDisplay($sheet_complex->openings[0],($user_is_sheet_admin && ($actionsource != 'do_signup')),$sheet_complex->s_flag_private_signups);
    226. 

  226. 

  227.         echo 'SUCCESS';
    228. 

  228.         echo $new_opening_html;
    229. 

  229.         exit;
    230. 

  230.     } else
    231. 

  231.     {
    232. 

  232.         echo 'FAILURE: could not remove';
    233. 

  233.         exit;
    234. 

  234.     }
    235. 

  235.     
    236. 

  236. } else 
    237. 

  237. {
    238. 

  238.     echo 'FAILURE: unknown action $action';
    239. 

  239.     exit;
    240. 

  240. }
    241. 

  241. 

  242. ////////////////////////////////////////////////////////////////////////////////////////////////
    243. 

  243. 

  244. # takes: 
    245. 

  245. #   a sheet complex
    246. 

  246. #   subject for signee alert
    247. 

  247. #   body for signee alert
    248. 

  248. #   subject for admin alert
    249. 

  249. #   body for admin alert
    250. 

  250. # does: send alert email to the signee and admin as appropriate
    251. 

  251. # returns: true on all success, false on 1 or more failures
    252. 

  252. function mailAlerts($sheet_complex,$signup_user_id,$sign_subj,$sign_body,$admin_subj,$admin_body)
    253. 

  253. {
    254. 

  254.     $mail_error = false;
    255. 

  255. 

  256.     $su_user_data = $sheet_complex->openings[0]->signups_by_user[$signup_user_id]->user;
    257. 

  257. 

  258.     // log_debug_r(-2,$su_user_data);
    259. 

  259. 

  260. 

  261.     if (! simpleEmail($su_user_data->usr_email, $sign_subj, $sign_body)) {
    262. 

  262.         echo 'FAILURE: signup handled, but no confirmation email sent';
    263. 

  263.         $mail_error = true;
    264. 

  264.     }
    265. 

  265. 

  266.     if ($sheet_complex->s_flag_alert_owner_signup || $sheet_complex->s_flag_alert_admin_signup)
    267. 

  267.     {
    268. 

  268. 

  269.         $users_to_alert = getSheetOwnerAndAdmins($sheet_complex->s_id);
    270. 

  270.         $owner = $users_to_alert[0];
    271. 

  271. 

  272.         // trim off owner xor admins as necessary
    273. 

  273.         if (! $sheet_complex->s_flag_alert_owner_signup)
    274. 

  274.         {
    275. 

  275.           array_shift($users_to_alert);
    276. 

  276.         } else if (! $sheet_complex->s_flag_alert_admin_signup)
    277. 

  277.         {
    278. 

  278.           $users_to_alert = array(array_shift($users_to_alert));
    279. 

  279.         }
    280. 

  280. 

  281.         // CSW 200/02/24 : modify owner info to make mail message clearer
    282. 

  282.         $owner->firstname =  sus_block_name();
    283. 

  283.         $owner->lastname = 'Admin';
    284. 

  284.         // NOTE: ideally the message would be from a noreply address,
    285. 

  285.         // any change to the owner email address causes a silent and
    286. 

  286.         // inexplicable mail deliver failure
    287. 

  287. 

  288.         $mailresult = true;
    289. 

  289.         foreach ($users_to_alert as $u)
    290. 

  290.         {
    291. 

  291.             $mailresult = $mailresult && email_to_user($u, $owner, $admin_subj, $admin_body);
    292. 

  292.         }
    293. 

  293.         
    294. 

  294.         if (! $mailresult)
    295. 

  295.         {
    296. 

  296.             echo 'FAILURE: signup handled, but admin alerts failed';
    297. 

  297.             $mail_error = true;
    298. 

  298.         }
    299. 

  299.     }
    300. 

  300. 

  301.    return $mail_error;
    302. 

  302. }
    303. 

  303. 

  304. 

  305. ?>
    306.