PageRenderTime 62ms CodeModel.GetById 15ms RepoModel.GetById 0ms app.codeStats 0ms

/pmfv2-1-0-alpha-1/modules/user/TrackingDAO.php

https://github.com/redbugz/rootstech2013
PHP | 259 lines | 190 code | 43 blank | 26 comment | 34 complexity | 72afd0039a1480c1c8997758a499e492 MD5 | raw file
Possible License(s): AGPL-1.0, BSD-3-Clause 
    

  1. <?php
    2. 

  2. 

  3. class TrackingDAO extends MyFamilyDAO {
    4. 

  4. 

  5.        function updateEmail($newemail) {
    6. 

  6.                 global $tblprefix, $pdo;
    7. 

  7. 

  8. 		$id = $this->getId();
    9. 

  9.                 $stmt = $pdo->prepare("UPDATE ".$tblprefix."users SET email = ? WHERE id = ?");
    10. 

  10.                 $stmt->bindParam(1, $newemail, PDO::PARAM_STR);
    11. 

  11.                 $stmt->bindParam(2, $id, PDO::PARAM_STR);
    12. 

  12.                 $stmt->execute();
    13. 

  13. 

  14. //Tracking is allowed by unregistered users hence this
    15. 

  15. 	 	$stmt = $pdo->prepare("UPDATE ".$tblprefix."tracking SET email = ? WHERE email = ?");
    16. 

  16.                 $stmt->bindParam(1, $newemail, PDO::PARAM_STR);
    17. 

  17.                 $stmt->bindParam(2, $_SESSION["email"], PDO::PARAM_STR);
    18. 

  18.                 $stmt->execute();
    19. 

  19. 

  20. 		$_SESSION["email"] = $newemail;
    21. 

  21.         }
    22. 

  22. 

  23.         // function: delete_expired
    24. 

  24.         // deletes timedout requests from database
    25. 

  25.         function delete_expired() {
    26. 

  26.                 global $tblprefix, $pdo;
    27. 

  27. 

  28.                 // clear out subscription requests
    29. 

  29.                 $dquery = "DELETE FROM ".$tblprefix."tracking WHERE expires < NOW() and expires IS NOT NULL AND `action` = 'sub'";
    30. 

  30. 		if ($pdo->exec($dquery) === FALSE) {
    31. 

  31. 			die(print_r($pdo->errorInfo(), true));
    32. 

  32. 		}
    33. 

  33. 

  34.                 // clear out unsubscribe requests
    35. 

  35.                 $dquery = "UPDATE ".$tblprefix."tracking SET `key` = '', `expires` = NULL WHERE expires < NOW() and expires IS NOT NULL AND `action` = 'unsub'";
    36. 

  36. 		if ($pdo->exec($dquery) === FALSE) {
    37. 

  37. 			die(print_r($pdo->errorInfo(), true));
    38. 

  38. 		}
    39. 

  39. 

  40.         }       // end of delete_expired()
    41. 

  41. 

  42. 	function trackByRegistered($person, $email) {
    43. 

  43. 		global $tblprefix, $pdo;
    44. 

  44.    		$query = "INSERT INTO ".$tblprefix."tracking (person_id, email) VALUES (".$pdo->quote($person).", ".$pdo->quote($email).")";
    45. 

  45. 		if ($pdo->exec($query) === FALSE) {
    46. 

  46. 			die(print_r($pdo->errorInfo(), true));
    47. 

  47. 		}
    48. 

  48. 

  49. 

  50. 	}
    51. 

  51. 	function untrackByRegistered($person, $email) {
    52. 

  52. 		global $tblprefix, $pdo;
    53. 

  53. 		$query = "DELETE FROM ".$tblprefix."tracking WHERE person_id = ".$pdo->quote($person)." AND email = ".$pdo->quote($email);
    54. 

  54. 		if ($pdo->exec($query) === FALSE) {
    55. 

  55. 			die(print_r($pdo->errorInfo(), true));
    56. 

  56. 		}
    57. 

  57. 

  58. 	}
    59. 

  59. 	function trackByUnregistered($person, $name, $newkey, $email) {
    60. 

  60. 		global $tblprefix, $pdo, $eSubBody, $eSubSubject;
    61. 

  61. 	                       // insert into database
    62. 

  62.         	$iquery = "INSERT INTO ".$tblprefix."tracking (person_id, email, `key`, `action`, expires) VALUES ('".$person."', '".$email."', '".$newkey."', 'sub', DATE_ADD(NOW(), INTERVAL 24 HOUR))";
    63. 

  63.                 $iresult = mysql_query($iquery);
    64. 

  64. 

  65.                 // if we get this error then already tracking
    66. 

  66.                 if (mysql_errno() == 1062) {
    67. 

  67.                     $ret = 1; 
    68. 

  68.                 } else {
    69. 

  69. 			$this->mailSubscriber($eSubBody, $name, $newkey, $eSubSubject, $email);
    70. 

  70.                     $ret = 0; 
    71. 

  71. 		}
    72. 

  72. 		return ($ret);
    73. 

  73. 	}
    74. 

  74. 	function untrackByUnregistered($person, $name, $newkey, $email) {
    75. 

  75. 		global $tblprefix, $pdo, $eSubSubject, $eUnSubBody;
    76. 

  76. 		$ret = 1;
    77. 

  77.         	$uquery = "UPDATE ".$tblprefix."tracking SET `key` = '".$newkey."', `expires` = DATE_ADD(NOW(), INTERVAL 24 HOUR), `action` = 'unsub' WHERE person_id = '".$person."' AND email = '".$email."'";
    78. 

  78. 		if (($numrows = $pdo->exec($uquery)) === FALSE) {
    79. 

  79. 			die(print_r($pdo->errorInfo(), true));
    80. 

  80. 		}
    81. 

  81. 		if ($numrows != 0) {
    82. 

  82. 			$this->mailSubscriber($eUnSubBody, $name, $newkey, $eSubSubject, $email);
    83. 

  83. 			$ret = 0;
    84. 

  84. 		}
    85. 

  85. 

  86. 		return ($ret);
    87. 

  87. 

  88. 	}
    89. 

  89. 

  90. 	function isTracked($email, $person) {
    91. 

  91. 		global $tblprefix, $pdo;
    92. 

  92. 		$query = "SELECT * FROM ".$tblprefix."tracking WHERE email = ".$pdo->quote($email)." AND person_id = ".$pdo->quote($person);
    93. 

  93. 		if (($result = $pdo->query($query)) == FALSE) {
    94. 

  94. 			die(print_r($pdo->errorInfo(), true));
    95. 

  95. 		}
    96. 

  96. 

  97.                 if ($result->rowCount() == 0) {
    98. 

  98. 			$ret = false;
    99. 

  99. 		} else {
    100. 

  100. 			$ret = true;
    101. 

  101. 		}
    102. 

  102. 		return ($ret);
    103. 

  103. 	}
    104. 

  104. 	function processTrackingAction($key, $action) {
    105. 

  105. 		global $tblprefix, $pdo;
    106. 

  106. 		$ret = 0;
    107. 

  107.                // find out what we're supposed to do
    108. 

  108.                 $kquery = "SELECT * FROM ".$tblprefix."tracking WHERE `key` = ".$pdo->quote($key);
    109. 

  109. 		foreach ($pdo->query($kquery) as $krow) {
    110. 

  110.                         $action = $krow["action"];
    111. 

  111.                 }
    112. 

  112. 

  113. 

  114.                 // sub or un?
    115. 

  115.                 if ($action == "sub") {
    116. 

  116.                         // check we have key and action it
    117. 

  117.                         $pquery = "UPDATE ".$tblprefix."tracking SET `key` = '', expires = NULL WHERE `key` = ".$pdo->quote($key);
    118. 

  118. 			if (($numrows = $pdo->exec($pquery)) === FALSE) {
    119. 

  119. 				die(print_r($pdo->errorInfo(), true));
    120. 

  120. 			}
    121. 

  121.                         if ($numrows != 0) {
    122. 

  122.                                 // You are now monitoring this person
    123. 

  123.                                 $ret = 1;
    124. 

  124.                         } else {
    125. 

  125.                                 // Theres been a problem
    126. 

  126.                                 $ret = -1;
    127. 

  127.                         }
    128. 

  128.                 } elseif ($action == "unsub") {
    129. 

  129.                         $uquery = "DELETE FROM ".$tblprefix."tracking WHERE `key` = ".$pdo->quote($key)." AND `action` = 'unsub'";
    130. 

  130. 			if (($numrows = $pdo->exec($uquery)) === FALSE) {
    131. 

  131. 				die(print_r($pdo->errorInfo(), true));
    132. 

  132. 			}
    133. 

  133.                         if ($numrows != 0) {
    134. 

  134.                                 // You are now not monitoring this person
    135. 

  135.                                 $ret = 2;
    136. 

  136.                         } else {
    137. 

  137.                                 // Theres been a problem
    138. 

  138.                                 $ret = -1;
    139. 

  139.                         }
    140. 

  140.                 } else {
    141. 

  141. 			$ret = -1;
    142. 

  142. 		}
    143. 

  143. 		return ($ret);
    144. 

  144. 	}
    145. 

  145. 

  146.        function trackPerson($person) {
    147. 

  147.                 global $tblprefix;
    148. 

  148.                 global $err_person;
    149. 

  149.                 global $eTrackSubject;
    150. 

  150.                 global $eTrackBodyTop;
    151. 

  151.                 global $eTrackBodyBottom;
    152. 

  152.                 global $currentRequest;
    153. 

  153. 		global $pdo;
    154. 

  154. 

  155.                 $config = Config::getInstance();
    156. 

  156. 

  157.                 $tquery = "SELECT ".$tblprefix."people.person_id, email FROM ".$tblprefix."people, ".$tblprefix."tracking WHERE ".
    158. 

  158.                 $tblprefix."people.person_id = ".$tblprefix."tracking.person_id AND ".$tblprefix."people.person_id = ?".
    159. 

  159.                 " AND `key` = '' AND expires IS NULL";
    160. 

  160. 

  161.                 $stmt = $pdo->prepare($tquery);
    162. 

  162.                 $stmt->bindParam(1, $person->person_id, PDO::PARAM_INT);
    163. 

  163.                 if ($stmt->execute() === FALSE) {
    164. 

  164.                 	die($err_person);
    165. 

  165. 		}
    166. 

  166.                 while ($trow = $stmt->fetch(PDO::FETCH_ASSOC)) {
    167. 

  167. 

  168.                        $subject=str_replace("$1", $person->getDisplayName(), $eTrackSubject);
    169. 

  169.                        $body = str_replace("$1", $person->getDisplayName(), $eTrackBodyTop);
    170. 

  170.                        $body = str_replace("$2", $config->absurl, $body);
    171. 

  171.                        $body = str_replace("$3", $currentRequest->name, $body);
    172. 

  172.                        $body .= $config->absurl."people.php?person=".$person->person_id."\n\n";
    173. 

  173.                        $body .= $eTrackBodyBottom;
    174. 

  174.                        $body .= $config->absurl."track.php?person=".$person->person_id."&action=unsub&email=".$trow["email"]."&name=".urlencode($person->name->getDisplayName())."\n";
    175. 

  175. 

  176. 			$this->mailSubscriber($body, $person->getDisplayName(), '', $subject, $trow["email"]);
    177. 

  177.                 }
    178. 

  178.                 $stmt->closeCursor();
    179. 

  179.         }       // eod of track_person()
    180. 

  180. 

  181.         // function: bb_person($person)
    182. 

  182.         // send a big brother email on all changes
    183. 

  183.         function bbPerson($person, $action = "updated") {
    184. 

  184.                 global $tblprefix;
    185. 

  185.                 global $err_person;
    186. 

  186.                 global $eBBSubject;
    187. 

  187.                 global $eTrackBodyTop;
    188. 

  188.                 global $eBBBottom;
    189. 

  189.                 global $currentRequest;
    190. 

  190. 

  191.                 $config = Config::getInstance();
    192. 

  192. 

  193.                 // Give a subject line
    194. 

  194.                 $subject = str_replace("$1", $person->getDisplayName(), $eBBSubject);
    195. 

  195. 

  196.                 // Flesh out the body
    197. 

  197.                 $body = str_replace("$1", $person->getDisplayName(), $eTrackBodyTop);
    198. 

  198.                 $body = str_replace("$2", $config->absurl, $body);
    199. 

  199.                 $body = str_replace("$3", $currentRequest->name, $body);
    200. 

  200.                 $body .= $config->absurl."people.php?person=".$person->person_id."\n\n";
    201. 

  201.                 $body .= $eBBBottom;
    202. 

  202. 

  203.                 // Fire of the Big Brother email
    204. 

  204. 		$this->mailSubscriber($body, $person->getDisplayName(), '', $subject, $config->email);
    205. 

  205.         }       // end of bb_person()
    206. 

  206. 

  207.         // function: stamppeeps
    208. 

  208.         // timestamp a particular person for last updated
    209. 

  209.         function stamppeeps($person) {
    210. 

  210.                 // declare globals used within
    211. 

  211.                 global $tblprefix, $currentRequest, $pdo;
    212. 

  212.                 $config = Config::getInstance();
    213. 

  213. 

  214. 

  215.                 // update the updated column
    216. 

  216.                 $query = "UPDATE ".$tblprefix."people SET updated = NOW(), editor_id=".$currentRequest->id." WHERE person_id = '".$person->person_id."'";
    217. 

  217.                 $result = $pdo->exec($query);
    218. 

  218. 

  219.                 // If we allow tracking by email
    220. 

  220.                 if ($config->tracking)
    221. 

  221.                         $this->trackPerson($person);
    222. 

  222. 

  223.                 // If Big Brother is watching
    224. 

  224.                 if ($config->bbtracking)
    225. 

  225.                         $this->bbPerson($person);
    226. 

  226. 

  227.         }       // end of stamppeeps()
    228. 

  228. 

  229. 

  230. 	function mailSubscriber($body, $name, $newkey, $subject, $email) {
    231. 

  231. 		$config = Config::getInstance();
    232. 

  232. 

  233.                 $body = str_replace("$1", $name, $body);
    234. 

  234. 		if ($newkey != '') {
    235. 

  235.                 	$body .= $config->absurl."track.php?key=".$newkey."\n";
    236. 

  236. 		}
    237. 

  237. 

  238.                $email = $config->email;
    239. 

  239.                 $mail = new PHPMailer();
    240. 

  240.                 $mail->IsSMTP();
    241. 

  241.                 $mail->SMTPAuth = true;
    242. 

  242.                 // SMTP username
    243. 

  243.                 $mail->Host = $config->smtp_host;
    244. 

  244.                 $mail->Username = $config->smtp_user;
    245. 

  245.                 $mail->Password = $config->smtp_password;
    246. 

  246. 

  247.                 $mail->From=$config->trackemail;
    248. 

  248.                 $mail->AddAddress($email,'');
    249. 

  249.                 $mail->Subject=$subject;
    250. 

  250.                 $mail->Body=$body;
    251. 

  251.                 if(!$mail->Send()) {
    252. 

  252.                         echo "Message could not be sent. <p>";
    253. 

  253.                         echo "Mailer Error: " . $mail->ErrorInfo;
    254. 

  254.                         exit;
    255. 

  255.                 }
    256. 

  256. 

  257. 	}
    258. 

  258. }
    259. 

  259. ?>
    260. 

  260.