PageRenderTime 69ms CodeModel.GetById 3ms app.highlight 54ms RepoModel.GetById 2ms app.codeStats 0ms

/trunk/manage/controllers/people/controller.php

https://bitbucket.org/pooshonk/esw
PHP | 1499 lines | 1238 code | 148 blank | 113 comment | 219 complexity | a35f827ed0fd860c907f60affd84327f MD5 | raw file
   1<?php
   2
   3class Peoplecontroller{
   4	
   5	private $registry;
   6	
   7	public function __construct( PeacockCarterFrameworkRegistry $registry, $directCall )
   8	{
   9		$this->registry = $registry;
  10		if( $this->registry->getObject('authenticate')->isAuthorised('users') == true )
  11		{
  12			$this->registry->getObject('adminmenubuilder')->buildMenu( 'people' );
  13			if( $this->registry->getURLBit(1) != '' )
  14			{
  15				switch( $this->registry->getURLBit(1) )
  16				{
  17					case 'toggle-admin':
  18						$this->toggleAdministrator( intval( $this->registry->getURLBit(2) ) );
  19						break;
  20					case 'toggle-active':
  21						$this->toggleActive( intval( $this->registry->getURLBit(2) ) );
  22						break;
  23					case 'create':
  24						$this->createUser();
  25						break;
  26					case 'create-member':
  27						$this->createMember();
  28						break;	
  29					case 'delete':
  30						$this->deleteUser(  intval( $this->registry->getURLBit(2) )  );
  31						break;
  32					case 'delete-group':
  33						$this->deleteGroup(  intval( $this->registry->getURLBit(2) )  );
  34						break;
  35					case 'edit':
  36						$this->editUser(  intval( $this->registry->getURLBit(2) )  );
  37						break;
  38					case 'edit-member':
  39						$this->editMember(  intval( $this->registry->getURLBit(2) )  );
  40						break;	
  41					case 'edit-group':
  42						$this->editGroup(  intval( $this->registry->getURLBit(2) )  );
  43						break;
  44					case 'create-group':
  45						$this->createGroup();
  46						break;	
  47					case 'groups':
  48						$this->listGroups();
  49						break;
  50					default:
  51						break;
  52				}
  53			}
  54			else
  55			{
  56				$this->listPeople();
  57			}
  58		}
  59		else
  60		{
  61			$this->registry->getObject('authenticate')->redirectToAuthorised('primary');
  62		}	
  63				
  64	}
  65	
  66	private function listGroups()
  67	{
  68		$sql = "SELECT * FROM groups WHERE deleted = 0";
  69		$cache = $this->registry->getObject('db')->cacheQuery( $sql );
  70		$this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );
  71		$this->registry->getObject('template')->buildFromTemplates( 'header.tpl.php', 'people/listgroups.tpl.php', 'footer.tpl.php' );
  72	}
  73	
  74	private function createGroup()
  75	{
  76		if( isset( $_POST['create_group'] ) )
  77		{
  78			$insert = array();
  79			$insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['name'] );
  80			$insert['deleted'] = 0;
  81			$this->registry->getObject('db')->insertRecords( 'groups', $insert );
  82			$id = $this->registry->getObject('db')->lastInsertID(); 
  83			
  84			if( isset( $_POST['permission'] ) && is_array( $_POST['permission'] ) && count( $_POST['permission'] ) > 0 )
  85			{
  86				$sql = "INSERT INTO permission_group_associations (`permission`, `group` ) VALUES ";
  87				foreach( $_POST['permission'] as $pid )
  88				{
  89					$sql .= " ({$pid}, {$id} ),";
  90				}
  91				// remove last char from sql
  92				$sql = substr_replace($sql ,"",-1);
  93				$this->registry->getObject('db')->executeQuery( $sql );
  94			}	
  95								
  96			$this->registry->redirectUser( array('people', 'groups'), 'Group created', 'The group has been saved.', true );
  97			
  98		}
  99		else
 100		{
 101			$sql = "SELECT code as outer_code, description as area FROM permissions WHERE code REGEXP '^[A-Za-z0-9]+$'";
 102			$cache = $this->registry->getObject('db')->cacheQuery( $sql );
 103			$this->registry->getObject('template')->getPage()->addTag( 'areas', array( 'SQL', $cache ) );		
 104			
 105			$sql = "SELECT p.ID as inner_perm_id, p.description as perm_description, p.code FROM permissions p ORDER BY p.code ASC";
 106			$this->registry->getObject('db')->executeQuery( $sql );
 107			$inner = array();
 108			while ( $row = $this->registry->getObject('db')->getRows() )
 109			{
 110				$code = explode( '_', $row['code'] );
 111				if( isset( $inner[ $code[0] ] ) )
 112				{
 113					$inner[ $code[0] ][] = $row;
 114				}
 115				else
 116				{
 117					$inner[ $code[0] ] = array();
 118					$inner[ $code[0] ][] = $row;
 119				}
 120			}
 121			foreach( $inner as $code => $data )
 122			{
 123				$cache = $this->registry->getObject('db')->cacheData( $data );
 124				$this->registry->getObject('template')->getPage()->addTag( 'permissions-' . $code , array( 'DATA', $cache ) );
 125			}					
 126			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/creategroup.tpl.php', 'footer.tpl.php');
 127			
 128		
 129		}
 130	}
 131		
 132	private function editGroup( $id )
 133	{
 134		if( isset( $_POST['edit_group'] ) )
 135		{
 136			$insert = array();
 137			$insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['name'] );
 138			$this->registry->getObject('db')->updateRecords( 'groups', $insert, 'ID=' . $id );
 139			
 140			if( isset( $_POST['permission'] ) && is_array( $_POST['permission'] ) && count( $_POST['permission'] ) > 0 )
 141			{
 142				$sql = "DELETE FROM permission_group_associations WHERE `group`=" .$id;
 143				$this->registry->getObject('db')->executeQuery( $sql );
 144				
 145				$sql = "INSERT INTO permission_group_associations (`permission`, `group` ) VALUES ";
 146				foreach( $_POST['permission'] as $pid )
 147				{
 148					$sql .= " ({$pid}, {$id} ),";
 149				}
 150				// remove last char from sql
 151				$sql = substr_replace($sql ,"",-1);
 152				$this->registry->getObject('db')->executeQuery( $sql );
 153			}	
 154								
 155			$this->registry->redirectUser( array('people', 'groups'), 'Group edited', 'Changes to the group have been saved', true );
 156			
 157		}
 158		else
 159		{
 160			$sql = "SELECT * FROM groups WHERE ID=" . $id;
 161			$this->registry->getObject('db')->executeQuery( $sql );
 162			$data = $this->registry->getObject('db')->getRows();
 163			$this->registry->getObject('template')->dataToTags( $data, 'group_' );
 164									
 165			$sql = "SELECT code as outer_code, description as area FROM permissions WHERE code REGEXP '^[A-Za-z0-9]+$'";
 166			$cache = $this->registry->getObject('db')->cacheQuery( $sql );
 167			$this->registry->getObject('template')->getPage()->addTag( 'areas', array( 'SQL', $cache ) );		
 168			
 169			$sql = "SELECT IF( (SELECT COUNT(*) FROM permission_group_associations a WHERE a.group={$id} AND a.permission=p.ID)>0 ,'checked=\'checked\'','' ) as checker, p.ID as inner_perm_id, p.description as perm_description, p.code FROM permissions p ORDER BY p.code ASC";
 170			$this->registry->getObject('db')->executeQuery( $sql );
 171			$inner = array();
 172			while ( $row = $this->registry->getObject('db')->getRows() )
 173			{
 174				$code = explode( '_', $row['code'] );
 175				if( isset( $inner[ $code[0] ] ) )
 176				{
 177					$inner[ $code[0] ][] = $row;
 178				}
 179				else
 180				{
 181					$inner[ $code[0] ] = array();
 182					$inner[ $code[0] ][] = $row;
 183				}
 184			}
 185			foreach( $inner as $code => $data )
 186			{
 187				$cache = $this->registry->getObject('db')->cacheData( $data );
 188				$this->registry->getObject('template')->getPage()->addTag( 'permissions-' . $code , array( 'DATA', $cache ) );
 189			}
 190						
 191			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/editgroup.tpl.php', 'footer.tpl.php');
 192					
 193		}
 194	}
 195	
 196	private function deleteGroup( $id )
 197	{
 198		$sql = "UPDATE groups SET deleted=1 WHERE ID={$id}";
 199		$this->registry->getObject('db')->executeQuery( $sql );
 200		$this->registry->redirectUser( array('people', 'groups'), 'Group deleted', 'The user group has been removed from the system', true );
 201	}
 202			
 203	private function listPeople()
 204	{
 205		$sql = "SELECT ID as uid, IF( admin > 0, 'N/A', IF( member > 0, 'Yes', 'No' ) ) as member, ABS(admin-1) as newadmin, ABS(active-1) as newactive, ( SELECT GROUP_CONCAT(g.name SEPARATOR ', ' ) FROM groups g, group_memberships m WHERE g.ID=m.group AND m.user=u.ID AND g.deleted = 0) as groups, username, name, email, active, admin FROM users u WHERE deleted=0 ORDER BY name";
 206		$this->registry->getObject('db')->executeQuery( $sql );
 207		$peeps = array();
 208		$k = 0;
 209		while( $person = $this->registry->getObject('db')->getRows() )
 210		{
 211			$person['style'] = ( $k % 2) ? 'alt' : 'norm';
 212			$peeps[] = $person;
 213		}
 214		$cache = $this->registry->getObject('db')->cacheData( $peeps );
 215		$this->registry->getObject('template')->getPage()->addTag( 'people', array( 'DATA', $cache ) );
 216		$this->registry->getObject('template')->getPage()->setTitle( 'People ');
 217					
 218		$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/list.tpl.php', 'footer.tpl.php');
 219			
 220	}
 221	
 222	private function toggleActive( $id )
 223	{
 224		$sql = "UPDATE users SET active=1-active WHERE ID=" . $id ;
 225		$this->registry->getObject('db')->executeQuery( $sql );
 226		header('Location: ' . $this->registry->buildURL(array('people'), '', true ) );
 227		exit();
 228	}
 229	
 230	private function toggleAdministrator( $id )
 231	{
 232		$sql = "UPDATE users SET admin=1-admin WHERE ID=" . $id ;
 233		$this->registry->getObject('db')->executeQuery( $sql );
 234		header('Location: ' . $this->registry->buildURL(array('people'), '', true ) );
 235		exit();
 236	}
 237	
 238	private function createUser()
 239	{
 240		if( isset( $_POST['create_user'] ) )
 241		{
 242			$insert = array();
 243			$insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
 244			$insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
 245			$insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
 246			$insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
 247			$insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
 248			$insert['password_hash'] = md5( $_POST['password_hash'] );
 249			$insert['active'] = 1;
 250			$insert['banned'] = 0;
 251			$insert['admin'] = 1;
 252			$insert['deleted'] = 0;
 253			$this->registry->getObject('db')->insertRecords( 'users', $insert );
 254			$id = $this->registry->getObject('db')->lastInsertID();
 255						
 256			if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
 257			{
 258				$sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
 259				foreach( $_POST['group'] as $gid )
 260				{
 261					$sql .= " ({$id}, {$gid} ),";
 262				}
 263				// remove last char from sql
 264				$sql = substr_replace($sql ,"",-1);
 265				$this->registry->getObject('db')->executeQuery( $sql );
 266			}	
 267			
 268			$this->registry->redirectUser( array('people'), 'User created', 'The user account has been saved', true );
 269			
 270		}
 271		else
 272		{
 273			$sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
 274			$cache = $this->registry->getObject('db')->cacheQuery( $sql );
 275			$this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );	
 276			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/create.tpl.php', 'footer.tpl.php');
 277		}
 278	}
 279	
 280	private function createMember()
 281	{
 282		$sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
 283		$cache = $this->registry->getObject('db')->cacheQuery( $sql );
 284		$this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );	
 285		
 286		if( isset( $_POST['create_user'] ) )
 287		{
 288			// create the account
 289			$required = array( 'username' => 'Username', 'password' => 'Password', 'confirm_password' => 'Confirm password', 'first_name' => 'First Name', 'last_name' => 'Last Name', 'organisation' => 'Organisation', 'address' => 'Address', 'city' => 'City', 'county' =>'County', 'postcode' =>'Postcode', 'email' => 'Email address', 'phone' => 'Telephone number' );
 290			$required = array();
 291			//$required = array( 'username' => 'Username', 'first_name' => 'First Name', 'last_name' => 'Last Name' );
 292			$errors = array();
 293			foreach( array_keys( $required ) as $r )
 294			{
 295				if( ! isset( $_POST[ $r ]) || $_POST[ $r ] == '' )
 296				{
 297					$processable = false;
 298					$error = array();
 299					$error['errora'] = $required[ $r ] . " is a required field";
 300					$errors[] = $error;
 301				}
 302				
 303				if( isset( $_POST['email'] ) && $r == 'email' )
 304				{
 305					if( !preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})^", $_POST['email'] ) )
 306					{
 307						$error['errora'] = $required[ $r ] . " is an invalid email address. Please try again.";
 308						$errors[] = $error;
 309					}
 310				}
 311				
 312				if( isset( $_POST['username'] ) && $r == 'username' )
 313				{
 314					$username = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
 315					$sql = "SELECT * FROM users WHERE username = '{$username}'";
 316					$this->registry->getObject('db')->executeQuery($sql);
 317					if( $this->registry->getObject('db')->numRows() > 0 )
 318					{
 319						$error['errora'] = $required[ $r ] . " is already taken. Please try again.";
 320						$errors[] = $error;
 321					}
 322				}
 323				
 324				if(  isset( $_POST['confirm_password'] ) && $r == 'confirm_password' )
 325				{
 326					if( $_POST['password'] != $_POST['confirm_password'] )
 327					{
 328						$error['errora'] = $required[ $r ] . " does not match your password. Please try again.";
 329						$errors[] = $error;
 330					}
 331				}
 332				
 333				if(  isset( $_POST['password'] ) && $r == 'password' )
 334				{
 335					if( strlen( $_POST['password'] ) < 6 )
 336					{
 337						$error['errora'] = $required[ $r ] . " is too short, it must be at least 6 characters.";
 338						$errors[] = $error;
 339					}
 340				}
 341			}
 342							
 343			if( empty( $errors ) )
 344			{
 345				$insert = array();
 346				$insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
 347				$insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
 348				$insert['title'] = $this->registry->getObject('db')->sanitizeData( $_POST['title'] );
 349				$insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
 350				$insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
 351				$insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
 352				$insert['password_hash'] = md5( $_POST['password'] );
 353				$insert['active'] = 1;
 354				$insert['banned'] = 0;
 355				$insert['admin'] = 0;
 356				$insert['deleted'] = 0;
 357				if( isset( $_POST['confirm_member'] ) && $_POST['confirm_member'] == 1 )
 358				{
 359					$insert['member'] = 1;
 360				}
 361				else
 362				{
 363					$insert['member'] = 0;
 364				}
 365				$this->registry->getObject('db')->insertRecords( 'users', $insert );
 366				$id = $this->registry->getObject('db')->lastInsertID();
 367				
 368				$insert = array();
 369				$insert['user_id'] = $id;
 370				$insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
 371				$insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
 372				$insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
 373				$insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
 374				$insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
 375				$insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
 376				$insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
 377				$insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
 378				$insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
 379				//$insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
 380				//$insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
 381				$insert['website'] = $this->registry->getObject('db')->sanitizeData( $_POST['website'] );
 382				$insert['mobile'] = $this->registry->getObject('db')->sanitizeData( $_POST['mobile'] );
 383				
 384				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
 385				{
 386					$insert['kind'] = serialize( $_POST['kind'] );
 387				}
 388				
 389				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
 390				{
 391					$insert['interests'] = serialize( $_POST['interests'] );
 392				}
 393				
 394				if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
 395				{
 396					$insert['networks'] = serialize( $_POST['networks'] );
 397				}
 398				
 399				if( isset( $_POST['voluntary'] ) )
 400				{
 401					$insert['voluntary'] = $this->registry->getObject('db')->sanitizeData( $_POST['voluntary'] );
 402				}
 403				
 404				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
 405				{
 406					$insert['areas'] = serialize( $_POST['areas'] );
 407				}
 408				
 409				if( isset( $_POST['declaration'] ) )
 410				{
 411					$insert['declaration'] = $this->registry->getObject('db')->sanitizeData( $_POST['declaration'] );
 412				}
 413				
 414				$this->registry->getObject('db')->insertRecords( 'users_extra', $insert );
 415				
 416				if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
 417				{
 418					$sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
 419					foreach( $_POST['group'] as $gid )
 420					{
 421						$sql .= " ({$id}, {$gid} ),";
 422					}
 423					// remove last char from sql
 424					$sql = substr_replace($sql ,"",-1);
 425					$this->registry->getObject('db')->executeQuery( $sql );
 426				}	
 427				
 428				require_once( ACP_PATH . 'controllers/goldvision/controller.php');
 429				$controller = new GoldVisionController();
 430				
 431				$summary = str_replace( '&', '&amp;', $_POST['organisation'] ) ;
 432				$phone_number = str_replace( '&', '&amp;',  $_POST['phone'] );
 433				$address_1 = str_replace( '&', '&amp;',  $_POST['address'] );
 434				$address_2 = str_replace( '&', '&amp;',  $_POST['address_linetwo'] );
 435				$town = str_replace( '&', '&amp;',  $_POST['city'] );
 436				$county = str_replace( '&', '&amp;', $_POST['county'] );
 437				$postcode = str_replace( '&', '&amp;', $_POST['postcode'] );
 438				$website = str_replace( '&', '&amp;', $_POST['website'] );
 439				
 440				$interests = array();
 441				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
 442				{
 443					if( $_POST['organisation_type'] == 'individual' || $_POST['organisation_type'] == 'voluntary' || $_POST['organisation_type'] == 'social' )
 444					{
 445						foreach( $_POST['interests'] as $interest => $details )
 446						{
 447							switch( $interest )
 448							{								
 449								case 'age':
 450									$interests[] = '2';
 451									break;
 452								case 'asylum':
 453									$interests[] = '21';
 454									break;
 455								case 'disability':
 456									$interests[] = '58';
 457									break;
 458								case 'gender':
 459									$interests[] = '63';
 460									break;
 461								case 'gypsies':
 462									$interests[] = '47';
 463									break;
 464								case 'rights':
 465									$interests[] = '25';
 466									break;
 467								case 'migrants':
 468									$interests[] = '49';
 469									break;
 470								case 'race':
 471									$interests[] = '114';
 472									break;
 473								case 'religon':
 474									$interests[] = '64';
 475									break;
 476								case 'sexual':
 477									$interests[] = '115';
 478									break;
 479								case 'transgender':
 480									$interests[] = '61';
 481									break;										
 482							}
 483						}  
 484					}
 485					else
 486					{
 487						foreach( $_POST['interests'] as $interest => $details )
 488						{
 489							switch( $interest )
 490							{
 491								case 'age':
 492									$interests[] = '137';
 493									break;
 494								case 'asylum':
 495									$interests[] = '21';
 496									break;
 497								case 'disability':
 498									$interests[] = '59';
 499									break;
 500								case 'gender':
 501									$interests[] = '138';
 502									break;
 503								case 'gypsies':
 504									$interests[] = '47';
 505									break;
 506								case 'rights':
 507									$interests[] = '25';
 508									break;
 509								case 'migrants':
 510									$interests[] = '49';
 511									break;
 512								case 'race':
 513									$interests[] = '139';
 514									break;
 515								case 'religon':
 516									$interests[] = '144';
 517									break;
 518								case 'sexual':
 519									$interests[] = '140';
 520									break;
 521								case 'transgender':
 522									$interests[] = '61';
 523									break;											
 524							}
 525						}  
 526					}					
 527				}
 528				
 529				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
 530				{
 531					foreach( $_POST['areas'] as $area => $details )
 532					{
 533						switch( $area )
 534						{
 535							case 'bath':
 536								$interests[] = '101';
 537								break;
 538							case 'bristol':
 539								$interests[] = '96'; 
 540								break;
 541							case 'bournemouth':
 542								$interests[] = '102';
 543								break;
 544							case 'cornwall':
 545								$interests[] = '99'; 
 546								break;
 547							case 'devon':
 548								$interests[] = '106';
 549								break;
 550							case 'dorset':
 551								$interests[] = '108'; 
 552								break;
 553							case 'gloucestershire':
 554								$interests[] = '110';
 555								break;
 556							case 'north_somerset':
 557								$interests[] = '103'; 
 558								break;
 559							case 'plymouth':
 560								$interests[] = '104'; 
 561								break;
 562							case 'poole':
 563								$interests[] = '105';
 564								break;
 565							case 'somerset':
 566								$interests[] = '95';
 567								break;
 568							case 'south_gloucestershire':
 569								$interests[] = '107';
 570								break;
 571							case 'swindon':
 572								$interests[] = '109';
 573								break;
 574							case 'torbay':
 575								$interests[] = '111'; 
 576								break;
 577							case 'wiltshire':
 578								$interests[] = '100';
 579								break;
 580							case 'west_of_england':
 581								$interests[] = '98'; 
 582								break;
 583							case 'sw_region':
 584								$interests[] = '94';
 585								break;
 586							case 'outside_region':
 587								$interests[] = '97';
 588								break;																	
 589						}
 590					}					
 591				}	
 592				
 593				switch( $_POST['organisation_type'] )
 594				{
 595					case 'individual':
 596						$type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
 597						break;
 598					case 'private':
 599						$type = "c62b0abd-ddb7-4d4a-ad4a-599fd5af215b";
 600						break;	
 601					case 'public':
 602						$type = "29490b9f-8873-44a8-ac7e-bcbec693af3b";
 603						break;	
 604					case 'voluntary':
 605						$type = "3506df8e-3192-40ef-bc64-8b03e1e80445";
 606						break;	
 607					case 'social':
 608						$type = "b4ea47d6-714f-4555-b134-e7e6de53916a";
 609						break;	
 610					default:
 611						$type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
 612						break;	
 613				}
 614				
 615				// ind data
 616				$firstName = str_replace( '&', '&amp;', $_POST['first_name'] ) ;
 617				$lastName = str_replace( '&', '&amp;', $_POST['last_name'] ) ;
 618				$title = str_replace( '&', '&amp;', $_POST['title'] ) ;
 619				$jobTitle = str_replace( '&', '&amp;', $_POST['job_title'] ) ;
 620				$mobile = str_replace( '&', '&amp;', $_POST['mobile'] ) ;
 621				$email = str_replace( '&', '&amp;', $_POST['email'] ) ;
 622				$events = '';
 623				$newsletter = 0;
 624				$volun = '';
 625				$share = 0;
 626				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
 627				{
 628					//echo '<pre>' . print_r( $_POST['kind'], true ) . '</pre>'; exit();
 629					foreach( $_POST['kind'] as $k => $v )
 630					{
 631						if( $k == 'events' )
 632						{
 633							$events = "1a26da8a-90f5-4527-a8eb-551df1970e49"; 
 634						}
 635						
 636						if( $k == 'newsletter' )
 637						{
 638							$newsletter = 1; 
 639						}
 640					}
 641				}
 642				
 643				if( isset($_POST['voluntary']) && $_POST['voluntary'] == 'yes' )
 644				{
 645					$volun = "edfd31f5-170d-4a72-a820-6c2591a84ef8"; 
 646				}
 647				else
 648				{
 649					$volun = "065b7934-5313-4656-857a-7e382fc312fe"; 
 650				}
 651				
 652				if( isset($_POST['declaration']) && $_POST['declaration'] == 'yes' )
 653				{
 654					$share = 1;
 655				}
 656				else
 657				{
 658					$share = 0;
 659				}
 660			
 661				if( $controller->isOrganisationInGoldVision( $_POST['organisation'] ) )
 662				{
 663					// organisation exists
 664					$orgID = $controller->getOrgID();
 665					// update it
 666					$controller->updateOrganisationInGV( $orgID, $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
 667										
 668					if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
 669					{
 670						// contact not exist: create it													
 671						$indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
 672					
 673						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 674						{
 675							
 676							$controller->createInterest( $interests, $indID );
 677							/*
 678							foreach( $interests as $interest => $tag )
 679							{
 680								$controller->createInterest( $tag, $indID );
 681							}*/
 682						}
 683						
 684					}
 685					else
 686					{
 687						// contact exists; update it
 688						$contactID = $controller->getContactID();
 689						$controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
 690						
 691						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 692						{
 693							$controller->createInterest( $interests, $contactID );
 694							/*
 695							foreach( $interests as $interest => $tag )
 696							{
 697								$controller->createInterest( $tag, $indID );
 698							}*/
 699						}
 700					}		
 701					
 702				}
 703				else
 704				{
 705					// create new organisation		
 706					$orgID = $controller->createOrganisationInGV( $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
 707					
 708					if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
 709					{
 710						// create new contact				
 711						$indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
 712						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 713						{
 714							$controller->createInterest( $interests, $indID );
 715						}
 716						
 717					}
 718					else
 719					{
 720						// update existing contact
 721						$contactID = $controller->getContactID();
 722						$controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
 723						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
 724						{
 725							$controller->createInterest( $interests, $contactID );
 726						}
 727					}
 728															
 729				}
 730				
 731				$this->registry->redirectUser( array('people'), 'Member created', 'The member account has been saved', true );
 732				
 733			}
 734			else
 735			{
 736				$this->registry->getObject('template')->getPage()->addTag( 'message', 'Sorry, there were some errors with your attempt to create an account. Please correct the errors below and try again.' );
 737				$this->registry->getObject('template')->addTemplateBit( 'form_errors', 'people/errors.tpl.php' );
 738								
 739				$this->registry->getObject('template')->getPage()->addTag( 'form_username', $_POST['username'] );
 740				$this->registry->getObject('template')->getPage()->addTag( 'form_password', $_POST['password'] );
 741				$this->registry->getObject('template')->getPage()->addTag( 'form_confirm_password', $_POST['confirm_password'] );
 742				$this->registry->getObject('template')->getPage()->addTag( 'form_first_name', $_POST['first_name'] );
 743				$this->registry->getObject('template')->getPage()->addTag( 'form_last_name', $_POST['last_name'] );
 744				$this->registry->getObject('template')->getPage()->addTag( 'form_title', $_POST['title'] );
 745				$this->registry->getObject('template')->getPage()->addTag( 'form_organisation', $_POST['organisation'] );
 746				$this->registry->getObject('template')->getPage()->addTag( 'form_website', $_POST['website'] );
 747				$this->registry->getObject('template')->getPage()->addTag( 'form_job_title', $_POST['job_title'] );
 748				$this->registry->getObject('template')->getPage()->addTag( 'form_address', $_POST['address'] );
 749				$this->registry->getObject('template')->getPage()->addTag( 'form_address_linetwo', $_POST['address_linetwo'] );
 750				$this->registry->getObject('template')->getPage()->addTag( 'form_city', $_POST['city'] );
 751				$this->registry->getObject('template')->getPage()->addTag( 'form_county', $_POST['county'] );
 752				$this->registry->getObject('template')->getPage()->addTag( 'form_postcode', $_POST['postcode'] );
 753				$this->registry->getObject('template')->getPage()->addTag( 'form_email', $_POST['email'] );
 754				$this->registry->getObject('template')->getPage()->addTag( 'form_phone', $_POST['phone'] );
 755				$this->registry->getObject('template')->getPage()->addTag( 'form_mobile', $_POST['mobile'] );
 756																
 757				if( isset( $_POST['group'] ) && is_array($_POST['group']) && count( $_POST['group'] ) > 0 )
 758				{
 759					foreach( $_POST['group'] as $k => $v )
 760					{
 761						$this->registry->getObject('template')->getPage()->addTag( 'nbd_opt_' . $v, 'checked="checked"' );
 762					}
 763				}
 764								
 765				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
 766				{
 767					foreach( $_POST['kind'] as $k => $v )
 768					{
 769						$this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
 770					}
 771				}
 772				
 773				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
 774				{
 775					foreach( $_POST['interests'] as $k => $v )
 776					{
 777						$this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
 778					}
 779				}
 780				
 781				if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
 782				{
 783					foreach( $_POST['networks'] as $k => $v )
 784					{
 785						$this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
 786					}
 787				}
 788				
 789				if( isset( $_POST['voluntary'] ) )
 790				{
 791					if( $_POST['voluntary'] == 'yes' )
 792					{
 793						$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
 794					}
 795					else
 796					{
 797						$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
 798					}
 799				}
 800				
 801				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
 802				{
 803					foreach( $_POST['areas'] as $k => $v )
 804					{
 805						$this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
 806					}
 807				}
 808				
 809				if( isset( $_POST['declaration'] ) )
 810				{
 811					if( $_POST['declaration'] == 'yes' )
 812					{
 813						$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
 814					}
 815					else
 816					{
 817						$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
 818					}
 819				}
 820				
 821				if( isset( $_POST['organisation_type'] ) )
 822				{
 823					$this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $_POST['organisation_type'], 'selected="selected"' );
 824				}
 825					
 826				if( isset( $_POST['confirm_member'] ) )
 827				{
 828					$this->registry->getObject('template')->getPage()->addTag( 'form_confirm_member', 'checked="checked"' );
 829				}	
 830								
 831				$cache = $this->registry->getObject('db')->cacheData( $errors );
 832				$this->registry->getObject('template')->getPage()->addTag( 'errors', array( 'DATA', $cache ) );
 833				$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/create-member.tpl.php', 'footer.tpl.php');	
 834			}
 835			
 836		}
 837		else
 838		{
 839			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/create-member.tpl.php', 'footer.tpl.php');
 840		}
 841	}
 842	/*
 843	private function createMember()
 844	{
 845		if( isset( $_POST['create_user'] ) )
 846		{
 847			$insert = array();
 848			$insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
 849			$insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
 850			$insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['name'] );
 851			$insert['password_hash'] = md5( $_POST['password_hash'] );
 852			$insert['active'] = 1;
 853			$insert['banned'] = 0;
 854			$insert['admin'] = 0;
 855			$insert['deleted'] = 0;
 856			if( isset( $_POST['confirm_member'] ) && $_POST['confirm_member'] == 1 )
 857			{
 858				$insert['member'] = 1;
 859			}
 860			else
 861			{
 862				$insert['member'] = 0;
 863			}
 864			$this->registry->getObject('db')->insertRecords( 'users', $insert );
 865			$id = $this->registry->getObject('db')->lastInsertID();
 866			
 867			$insert = array();
 868			$insert['user_id'] = $id;
 869			$insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
 870			$insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
 871			$insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
 872			$insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
 873			$insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
 874			$insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
 875			$insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
 876			$insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
 877			$insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
 878			$insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
 879			$insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
 880			$this->registry->getObject('db')->insertRecords( 'users_extra', $insert );
 881			
 882			if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
 883			{
 884				$sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
 885				foreach( $_POST['group'] as $gid )
 886				{
 887					$sql .= " ({$id}, {$gid} ),";
 888				}
 889				// remove last char from sql
 890				$sql = substr_replace($sql ,"",-1);
 891				$this->registry->getObject('db')->executeQuery( $sql );
 892			}	
 893						
 894			$this->registry->redirectUser( array('people'), 'Member created', 'The member account has been saved', true );
 895			
 896		}
 897		else
 898		{
 899			$sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
 900			$cache = $this->registry->getObject('db')->cacheQuery( $sql );
 901			$this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );	
 902			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/create-member.tpl.php', 'footer.tpl.php');
 903		}
 904	}*/
 905	
 906	private function deleteUser( $user )
 907	{
 908		$changes = array();
 909		$changes['deleted'] = 1;
 910		$changes['active'] =0;
 911		$changes['banned'] = 1;
 912		$changes['admin'] = 0;
 913		$this->registry->getObject('db')->updateRecords( 'users', $changes, 'ID=' . $user );
 914		
 915		$this->registry->redirectUser( array('people'), 'User deleted', 'The user account has been removed from the system', true );
 916			
 917	}
 918	
 919	private function editUser( $id )
 920	{
 921		$sql = "SELECT * FROM users WHERE admin = 1 AND ID=" . $id;
 922		$this->registry->getObject('db')->executeQuery( $sql );
 923		if( $this->registry->getObject('db')->numRows() > 0 )
 924		{
 925			if( isset( $_POST['edit_user'] ) )
 926			{
 927				$insert = array();
 928				$insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
 929				$insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
 930				$insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
 931				$insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
 932				$insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
 933				if( $_POST['password_hash'] != '' )
 934				{
 935					$insert['password_hash'] = md5( $_POST['password_hash'] );
 936				}
 937				$this->registry->getObject('db')->updateRecords( 'users', $insert, 'ID=' . $id );
 938				
 939				if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
 940				{
 941					$sql = "DELETE FROM group_memberships WHERE user=" .$id;
 942					$this->registry->getObject('db')->executeQuery( $sql );
 943					
 944					$sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
 945					foreach( $_POST['group'] as $gid )
 946					{
 947						$sql .= " ({$id}, {$gid} ),";
 948					}
 949					// remove last char from sql
 950					$sql = substr_replace($sql ,"",-1);
 951					$this->registry->getObject('db')->executeQuery( $sql );
 952				}	
 953									
 954				$this->registry->redirectUser( array('people'), 'User edited', 'Changes to the user account have been saved', true );
 955				
 956			}
 957			else
 958			{
 959				$sql = "SELECT * FROM users WHERE ID=" . $id;
 960				$this->registry->getObject('db')->executeQuery( $sql );
 961				$data = $this->registry->getObject('db')->getRows();
 962				$this->registry->getObject('template')->dataToTags( $data, 'user_' );
 963				
 964				$sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
 965				$cache = $this->registry->getObject('db')->cacheQuery( $sql );
 966				$this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );	
 967		
 968				$sql = "SELECT `group` FROM group_memberships WHERE user=" . $id;
 969				$this->registry->getObject('db')->executeQuery($sql);
 970				while ( $row = $this->registry->getObject('db')->getRows() )
 971				{
 972					$this->registry->getObject('template')->getPage()->addPPTag( 'nbd_opt_' . $row['group'], "checked='checked'");
 973				}
 974						
 975				$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/edit.tpl.php', 'footer.tpl.php');
 976				
 977			
 978			}
 979		}
 980		else
 981		{
 982			$this->editMember( $id );
 983		}
 984		
 985		
 986	}
 987					
 988			
 989			
 990	private function editMember( $id )
 991	{
 992		$sql = "SELECT u.*, e.* FROM users u, users_extra e WHERE e.user_id=u.ID AND u.ID={$id}";
 993		$this->registry->getObject('db')->executeQuery( $sql );
 994		if( $this->registry->getObject('db')->numRows() == 1 )
 995		{
 996			$data = $this->registry->getObject('db')->getRows();
 997		}	
 998		else
 999		{
1000			echo 'Error editing member';
1001			exit();
1002		}
1003			
1004		if( isset( $_POST['edit_user'] ) )
1005		{
1006			
1007			require_once( ACP_PATH . 'controllers/goldvision/controller.php');
1008				$controller = new GoldVisionController();
1009				
1010				$summary = str_replace( '&', '&amp;', $_POST['organisation'] ) ;
1011				$phone_number = str_replace( '&', '&amp;',  $_POST['phone'] );
1012				$address_1 = str_replace( '&', '&amp;',  $_POST['address'] );
1013				$address_2 = str_replace( '&', '&amp;',  $_POST['address_linetwo'] );
1014				$town = str_replace( '&', '&amp;',  $_POST['city'] );
1015				$county = str_replace( '&', '&amp;', $_POST['county'] );
1016				$postcode = str_replace( '&', '&amp;', $_POST['postcode'] );
1017				$website = str_replace( '&', '&amp;', $_POST['website'] );
1018				
1019				$interests = array();
1020				if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
1021				{
1022					if( $_POST['organisation_type'] == 'individual' || $_POST['organisation_type'] == 'voluntary' || $_POST['organisation_type'] == 'social' )
1023					{
1024						foreach( $_POST['interests'] as $interest => $details )
1025						{
1026							switch( $interest )
1027							{								
1028								case 'age':
1029									$interests[] = '2';
1030									break;
1031								case 'asylum':
1032									$interests[] = '21';
1033									break;
1034								case 'disability':
1035									$interests[] = '58';
1036									break;
1037								case 'gender':
1038									$interests[] = '63';
1039									break;
1040								case 'gypsies':
1041									$interests[] = '47';
1042									break;
1043								case 'rights':
1044									$interests[] = '25';
1045									break;
1046								case 'migrants':
1047									$interests[] = '49';
1048									break;
1049								case 'race':
1050									$interests[] = '114';
1051									break;
1052								case 'religon':
1053									$interests[] = '64';
1054									break;
1055								case 'sexual':
1056									$interests[] = '115';
1057									break;
1058								case 'transgender':
1059									$interests[] = '61';
1060									break;										
1061							}
1062						}  
1063					}
1064					else
1065					{
1066						foreach( $_POST['interests'] as $interest => $details )
1067						{
1068							switch( $interest )
1069							{
1070								case 'age':
1071									$interests[] = '137';
1072									break;
1073								case 'asylum':
1074									$interests[] = '21';
1075									break;
1076								case 'disability':
1077									$interests[] = '59';
1078									break;
1079								case 'gender':
1080									$interests[] = '138';
1081									break;
1082								case 'gypsies':
1083									$interests[] = '47';
1084									break;
1085								case 'rights':
1086									$interests[] = '25';
1087									break;
1088								case 'migrants':
1089									$interests[] = '49';
1090									break;
1091								case 'race':
1092									$interests[] = '139';
1093									break;
1094								case 'religon':
1095									$interests[] = '144';
1096									break;
1097								case 'sexual':
1098									$interests[] = '140';
1099									break;
1100								case 'transgender':
1101									$interests[] = '61';
1102									break;											
1103							}
1104						}  
1105					}					
1106				}
1107				
1108				if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
1109				{
1110					foreach( $_POST['areas'] as $area => $details )
1111					{
1112						switch( $area )
1113						{
1114							case 'bath':
1115								$interests[] = '101';
1116								break;
1117							case 'bristol':
1118								$interests[] = '96'; 
1119								break;
1120							case 'bournemouth':
1121								$interests[] = '102';
1122								break;
1123							case 'cornwall':
1124								$interests[] = '99'; 
1125								break;
1126							case 'devon':
1127								$interests[] = '106';
1128								break;
1129							case 'dorset':
1130								$interests[] = '108'; 
1131								break;
1132							case 'gloucestershire':
1133								$interests[] = '110';
1134								break;
1135							case 'north_somerset':
1136								$interests[] = '103'; 
1137								break;
1138							case 'plymouth':
1139								$interests[] = '104'; 
1140								break;
1141							case 'poole':
1142								$interests[] = '105';
1143								break;
1144							case 'somerset':
1145								$interests[] = '95';
1146								break;
1147							case 'south_gloucestershire':
1148								$interests[] = '107';
1149								break;
1150							case 'swindon':
1151								$interests[] = '109';
1152								break;
1153							case 'torbay':
1154								$interests[] = '111'; 
1155								break;
1156							case 'wiltshire':
1157								$interests[] = '100';
1158								break;
1159							case 'west_of_england':
1160								$interests[] = '98'; 
1161								break;
1162							case 'sw_region':
1163								$interests[] = '94';
1164								break;
1165							case 'outside_region':
1166								$interests[] = '97';
1167								break;																	
1168						}
1169					}					
1170				}	
1171				
1172				switch( $_POST['organisation_type'] )
1173				{
1174					case 'individual':
1175						$type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
1176						break;
1177					case 'private':
1178						$type = "c62b0abd-ddb7-4d4a-ad4a-599fd5af215b";
1179						break;	
1180					case 'public':
1181						$type = "29490b9f-8873-44a8-ac7e-bcbec693af3b";
1182						break;	
1183					case 'voluntary':
1184						$type = "3506df8e-3192-40ef-bc64-8b03e1e80445";
1185						break;	
1186					case 'social':
1187						$type = "b4ea47d6-714f-4555-b134-e7e6de53916a";
1188						break;	
1189					default:
1190						$type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
1191						break;	
1192				}
1193				
1194				// ind data
1195				$firstName = str_replace( '&', '&amp;', $_POST['first_name'] ) ;
1196				$lastName = str_replace( '&', '&amp;', $_POST['last_name'] ) ;
1197				$title = str_replace( '&', '&amp;', $_POST['title'] ) ;
1198				$jobTitle = str_replace( '&', '&amp;', $_POST['job_title'] ) ;
1199				$mobile = str_replace( '&', '&amp;', $_POST['mobile'] ) ;
1200				$email = str_replace( '&', '&amp;', $_POST['email'] ) ;
1201				$events = '';
1202				$newsletter = 0;
1203				$volun = '';
1204				$share = 0;
1205				if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
1206				{
1207					//echo '<pre>' . print_r( $_POST['kind'], true ) . '</pre>'; exit();
1208					foreach( $_POST['kind'] as $k => $v )
1209					{
1210						if( $k == 'events' )
1211						{
1212							$events = "1a26da8a-90f5-4527-a8eb-551df1970e49"; 
1213						}
1214						
1215						if( $k == 'newsletter' )
1216						{
1217							$newsletter = 1; 
1218						}
1219					}
1220				}
1221				
1222				if( isset($_POST['voluntary']) && $_POST['voluntary'] == 'yes' )
1223				{
1224					$volun = "edfd31f5-170d-4a72-a820-6c2591a84ef8"; 
1225				}
1226				else
1227				{
1228					$volun = "065b7934-5313-4656-857a-7e382fc312fe"; 
1229				}
1230				
1231				if( isset($_POST['declaration']) && $_POST['declaration'] == 'yes' )
1232				{
1233					$share = 1;
1234				}
1235				else
1236				{
1237					$share = 0;
1238				}
1239			
1240				if( $controller->isOrganisationInGoldVision( $_POST['organisation'] ) )
1241				{
1242					// organisation exists
1243					$orgID = $controller->getOrgID();
1244					// update it
1245					$controller->updateOrganisationInGV( $orgID, $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
1246										
1247					if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
1248					{
1249						// contact not exist: create it													
1250						$indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
1251					
1252						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
1253						{
1254							
1255							$controller->createInterest( $interests, $indID );
1256							/*
1257							foreach( $interests as $interest => $tag )
1258							{
1259								$controller->createInterest( $tag, $indID );
1260							}*/
1261						}
1262						
1263					}
1264					else
1265					{
1266						// contact exists; update it
1267						$contactID = $controller->getContactID();
1268						$controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
1269						
1270						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
1271						{
1272							$controller->createInterest( $interests, $contactID );
1273							/*
1274							foreach( $interests as $interest => $tag )
1275							{
1276								$controller->createInterest( $tag, $indID );
1277							}*/
1278						}
1279					}		
1280					
1281				}
1282				else
1283				{
1284					// create new organisation		
1285					$orgID = $controller->createOrganisationInGV( $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
1286					
1287					if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
1288					{
1289						// create new contact				
1290						$indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
1291						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
1292						{
1293							$controller->createInterest( $interests, $indID );
1294						}
1295						
1296					}
1297					else
1298					{
1299						// update existing contact
1300						$contactID = $controller->getContactID();
1301						$controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
1302						if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
1303						{
1304							$controller->createInterest( $interests, $contactID );
1305						}
1306					}
1307															
1308				}
1309								
1310			
1311			$insert = array();
1312			$insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
1313			$insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
1314			$insert['title'] = $this->registry->getObject('db')->sanitizeData( $_POST['title'] );
1315			$insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
1316			$insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
1317			$insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
1318			if( $_POST['password_hash'] != '' )
1319			{
1320				$insert['password_hash'] = md5($_POST['password_hash'] );
1321			}
1322			$insert['active'] = 1;
1323			$insert['banned'] = 0;
1324			$insert['admin'] = 0;
1325			$insert['deleted'] = 0;
1326			if( isset( $_POST['confirm_member'] ) && $_POST['confirm_member'] == 1 )
1327			{
1328				$insert['member'] = 1;
1329			}
1330			else
1331			{
1332				$insert['member'] = 0;
1333			}
1334			$this->registry->getObject('db')->updateRecords( 'users', $insert, 'ID=' . $id );
1335			
1336			$insert = array();
1337			$insert['user_id'] = $id;
1338			$insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
1339			$insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
1340			$insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
1341			$insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
1342			$insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
1343			$insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
1344			$insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
1345			$insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
1346			$insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
1347			//$insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
1348			//$insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
1349			$insert['website'] = $this->registry->getObject('db')->sanitizeData( $_POST['website'] );
1350			$insert['mobile'] = $this->registry->getObject('db')->sanitizeData( $_POST['mobile'] );
1351			
1352			if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
1353			{
1354				$insert['kind'] = serialize( $_POST['kind'] );
1355			}
1356			
1357			if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
1358			{
1359				$insert['interests'] = serialize( $_POST['interests'] );
1360			}
1361			
1362			if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
1363			{
1364				$insert['networks'] = serialize( $_POST['networks'] );
1365			}
1366			
1367			if( isset( $_POST['voluntary'] ) )
1368			{
1369				$insert['voluntary'] = $this->registry->getObject('db')->sanitizeData( $_POST['voluntary'] );
1370			}
1371			
1372			if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
1373			{
1374				$insert['areas'] = serialize( $_POST['areas'] );
1375			}
1376			
1377			if( isset( $_POST['declaration'] ) )
1378			{
1379				$insert['declaration'] = $this->registry->getObject('db')->sanitizeData( $_POST['declaration'] );
1380			}
1381			
1382			$sql = "SELECT * FROM users_extra WHERE user_id = {$id} LIMIT 1";
1383			$this->registry->getObject('db')->executeQuery( $sql );
1384			if( $this->registry->getObject('db')->numRows() == 1 )
1385			{
1386				$this->registry->getObject('db')->updateRecords( 'users_extra', $insert, 'user_id=' . $id );
1387			}
1388			else
1389			{
1390				$this->registry->getObject('db')->insertRecords( 'users_extra', $insert );
1391			}
1392			
1393			if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
1394			{
1395				$sql = "DELETE FROM group_memberships WHERE user=" .$id;
1396				$this->registry->getObject('db')->executeQuery( $sql );
1397				
1398				$sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
1399				foreach( $_POST['group'] as $gid )
1400				{
1401					$sql .= " ({$id}, {$gid} ),";
1402				}
1403				// remove last char from sql
1404				$sql = substr_replace($sql ,"",-1);
1405				$this->registry->getObject('db')->executeQuery( $sql );
1406			}	
1407		
1408			$this->registry->redirectUser( array('people'), 'Member edited', 'Changes to the member account have been saved', true );
1409				
1410		}
1411		else
1412		{
1413			$sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
1414			$cache = $this->registry->getObject('db')->cacheQuery( $sql );
1415			$this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );	
1416			
1417			$sql = "SELECT `group` FROM group_memberships WHERE user=" . $id;
1418			$this->registry->getObject('db')->executeQuery($sql);
1419			while ( $row = $this->registry->getObject('db')->getRows() )
1420			{
1421				$this->registry->getObject('template')->getPage()->addPPTag( 'nbd_opt_' . $row['group'], "checked='checked'");
1422			}
1423			
1424			$sql = "SELECT u.*, e.* FROM users u LEFT JOIN users_extra e ON e.user_id = u.ID WHERE u.ID=" . $id;
1425			$this->registry->getObject('db')->executeQuery( $sql );
1426			$data = $this->registry->getObject('db')->getRows();
1427			$this->registry->getObject('template')->dataToTags( $data, 'user_' );
1428			
1429			$kind = unserialize( $data['kind'] );
1430			if( isset( $kind ) && is_array($kind) && count( $kind ) > 0 )
1431			{
1432				foreach( $kind as $k => $v )
1433				{
1434					$this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
1435				}
1436			}
1437			
1438			$interests = unserialize( $data['interests'] );
1439					
1440			if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
1441			{
1442				foreach( $interests as $k => $v )
1443				{
1444					$this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
1445				}
1446			}
1447			
1448			$networks = unserialize( $data['networks'] );	
1449			if( isset( $networks ) && is_array($networks) && count( $networks ) > 0 )
1450			{
1451				foreach( $networks as $k => $v )
1452				{
1453					$this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
1454				}
1455			}
1456							
1457			if( $data['voluntary'] == 'yes' )
1458			{
1459				$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
1460			}
1461			else
1462			{
1463				$this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
1464			}
1465				
1466			$areas = unserialize( $data['areas'] );	
1467			if( isset( $areas ) && is_array($areas) && count( $areas ) > 0 )
1468			{
1469				foreach( $areas as $k => $v )
1470				{
1471					$this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
1472				}
1473			}
1474						
1475			if( $data['declaration'] == 'yes' )
1476			{
1477				$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
1478			}
1479			else
1480			{
1481				$this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
1482			}
1483				
1484						
1485			if( $data['member'] == 1 )
1486			{
1487				$this->registry->getObject('template')->getPage()->addTag( 'nbd_membership_confirmed', 'checked="checked"' );
1488			}	
1489					
1490			$this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $data['organisation_type'], 'selected="selected"' );
1491			
1492			$this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/edit-member.tpl.php', 'footer.tpl.php');
1493		}
1494					
1495	}
1496}
1497
1498
1499?>