PageRenderTime 58ms CodeModel.GetById 19ms RepoModel.GetById 1ms app.codeStats 0ms

/trunk/manage/controllers/people/controller.php

https://bitbucket.org/pooshonk/esw
PHP | 1499 lines | 1238 code | 148 blank | 113 comment | 219 complexity | a35f827ed0fd860c907f60affd84327f MD5 | raw file
Possible License(s): LGPL-2.1
  1. <?php
  2. class Peoplecontroller{
  3. private $registry;
  4. public function __construct( PeacockCarterFrameworkRegistry $registry, $directCall )
  5. {
  6. $this->registry = $registry;
  7. if( $this->registry->getObject('authenticate')->isAuthorised('users') == true )
  8. {
  9. $this->registry->getObject('adminmenubuilder')->buildMenu( 'people' );
  10. if( $this->registry->getURLBit(1) != '' )
  11. {
  12. switch( $this->registry->getURLBit(1) )
  13. {
  14. case 'toggle-admin':
  15. $this->toggleAdministrator( intval( $this->registry->getURLBit(2) ) );
  16. break;
  17. case 'toggle-active':
  18. $this->toggleActive( intval( $this->registry->getURLBit(2) ) );
  19. break;
  20. case 'create':
  21. $this->createUser();
  22. break;
  23. case 'create-member':
  24. $this->createMember();
  25. break;
  26. case 'delete':
  27. $this->deleteUser( intval( $this->registry->getURLBit(2) ) );
  28. break;
  29. case 'delete-group':
  30. $this->deleteGroup( intval( $this->registry->getURLBit(2) ) );
  31. break;
  32. case 'edit':
  33. $this->editUser( intval( $this->registry->getURLBit(2) ) );
  34. break;
  35. case 'edit-member':
  36. $this->editMember( intval( $this->registry->getURLBit(2) ) );
  37. break;
  38. case 'edit-group':
  39. $this->editGroup( intval( $this->registry->getURLBit(2) ) );
  40. break;
  41. case 'create-group':
  42. $this->createGroup();
  43. break;
  44. case 'groups':
  45. $this->listGroups();
  46. break;
  47. default:
  48. break;
  49. }
  50. }
  51. else
  52. {
  53. $this->listPeople();
  54. }
  55. }
  56. else
  57. {
  58. $this->registry->getObject('authenticate')->redirectToAuthorised('primary');
  59. }
  60. }
  61. private function listGroups()
  62. {
  63. $sql = "SELECT * FROM groups WHERE deleted = 0";
  64. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  65. $this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );
  66. $this->registry->getObject('template')->buildFromTemplates( 'header.tpl.php', 'people/listgroups.tpl.php', 'footer.tpl.php' );
  67. }
  68. private function createGroup()
  69. {
  70. if( isset( $_POST['create_group'] ) )
  71. {
  72. $insert = array();
  73. $insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['name'] );
  74. $insert['deleted'] = 0;
  75. $this->registry->getObject('db')->insertRecords( 'groups', $insert );
  76. $id = $this->registry->getObject('db')->lastInsertID();
  77. if( isset( $_POST['permission'] ) && is_array( $_POST['permission'] ) && count( $_POST['permission'] ) > 0 )
  78. {
  79. $sql = "INSERT INTO permission_group_associations (`permission`, `group` ) VALUES ";
  80. foreach( $_POST['permission'] as $pid )
  81. {
  82. $sql .= " ({$pid}, {$id} ),";
  83. }
  84. // remove last char from sql
  85. $sql = substr_replace($sql ,"",-1);
  86. $this->registry->getObject('db')->executeQuery( $sql );
  87. }
  88. $this->registry->redirectUser( array('people', 'groups'), 'Group created', 'The group has been saved.', true );
  89. }
  90. else
  91. {
  92. $sql = "SELECT code as outer_code, description as area FROM permissions WHERE code REGEXP '^[A-Za-z0-9]+$'";
  93. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  94. $this->registry->getObject('template')->getPage()->addTag( 'areas', array( 'SQL', $cache ) );
  95. $sql = "SELECT p.ID as inner_perm_id, p.description as perm_description, p.code FROM permissions p ORDER BY p.code ASC";
  96. $this->registry->getObject('db')->executeQuery( $sql );
  97. $inner = array();
  98. while ( $row = $this->registry->getObject('db')->getRows() )
  99. {
  100. $code = explode( '_', $row['code'] );
  101. if( isset( $inner[ $code[0] ] ) )
  102. {
  103. $inner[ $code[0] ][] = $row;
  104. }
  105. else
  106. {
  107. $inner[ $code[0] ] = array();
  108. $inner[ $code[0] ][] = $row;
  109. }
  110. }
  111. foreach( $inner as $code => $data )
  112. {
  113. $cache = $this->registry->getObject('db')->cacheData( $data );
  114. $this->registry->getObject('template')->getPage()->addTag( 'permissions-' . $code , array( 'DATA', $cache ) );
  115. }
  116. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/creategroup.tpl.php', 'footer.tpl.php');
  117. }
  118. }
  119. private function editGroup( $id )
  120. {
  121. if( isset( $_POST['edit_group'] ) )
  122. {
  123. $insert = array();
  124. $insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['name'] );
  125. $this->registry->getObject('db')->updateRecords( 'groups', $insert, 'ID=' . $id );
  126. if( isset( $_POST['permission'] ) && is_array( $_POST['permission'] ) && count( $_POST['permission'] ) > 0 )
  127. {
  128. $sql = "DELETE FROM permission_group_associations WHERE `group`=" .$id;
  129. $this->registry->getObject('db')->executeQuery( $sql );
  130. $sql = "INSERT INTO permission_group_associations (`permission`, `group` ) VALUES ";
  131. foreach( $_POST['permission'] as $pid )
  132. {
  133. $sql .= " ({$pid}, {$id} ),";
  134. }
  135. // remove last char from sql
  136. $sql = substr_replace($sql ,"",-1);
  137. $this->registry->getObject('db')->executeQuery( $sql );
  138. }
  139. $this->registry->redirectUser( array('people', 'groups'), 'Group edited', 'Changes to the group have been saved', true );
  140. }
  141. else
  142. {
  143. $sql = "SELECT * FROM groups WHERE ID=" . $id;
  144. $this->registry->getObject('db')->executeQuery( $sql );
  145. $data = $this->registry->getObject('db')->getRows();
  146. $this->registry->getObject('template')->dataToTags( $data, 'group_' );
  147. $sql = "SELECT code as outer_code, description as area FROM permissions WHERE code REGEXP '^[A-Za-z0-9]+$'";
  148. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  149. $this->registry->getObject('template')->getPage()->addTag( 'areas', array( 'SQL', $cache ) );
  150. $sql = "SELECT IF( (SELECT COUNT(*) FROM permission_group_associations a WHERE a.group={$id} AND a.permission=p.ID)>0 ,'checked=\'checked\'','' ) as checker, p.ID as inner_perm_id, p.description as perm_description, p.code FROM permissions p ORDER BY p.code ASC";
  151. $this->registry->getObject('db')->executeQuery( $sql );
  152. $inner = array();
  153. while ( $row = $this->registry->getObject('db')->getRows() )
  154. {
  155. $code = explode( '_', $row['code'] );
  156. if( isset( $inner[ $code[0] ] ) )
  157. {
  158. $inner[ $code[0] ][] = $row;
  159. }
  160. else
  161. {
  162. $inner[ $code[0] ] = array();
  163. $inner[ $code[0] ][] = $row;
  164. }
  165. }
  166. foreach( $inner as $code => $data )
  167. {
  168. $cache = $this->registry->getObject('db')->cacheData( $data );
  169. $this->registry->getObject('template')->getPage()->addTag( 'permissions-' . $code , array( 'DATA', $cache ) );
  170. }
  171. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/editgroup.tpl.php', 'footer.tpl.php');
  172. }
  173. }
  174. private function deleteGroup( $id )
  175. {
  176. $sql = "UPDATE groups SET deleted=1 WHERE ID={$id}";
  177. $this->registry->getObject('db')->executeQuery( $sql );
  178. $this->registry->redirectUser( array('people', 'groups'), 'Group deleted', 'The user group has been removed from the system', true );
  179. }
  180. private function listPeople()
  181. {
  182. $sql = "SELECT ID as uid, IF( admin > 0, 'N/A', IF( member > 0, 'Yes', 'No' ) ) as member, ABS(admin-1) as newadmin, ABS(active-1) as newactive, ( SELECT GROUP_CONCAT(g.name SEPARATOR ', ' ) FROM groups g, group_memberships m WHERE g.ID=m.group AND m.user=u.ID AND g.deleted = 0) as groups, username, name, email, active, admin FROM users u WHERE deleted=0 ORDER BY name";
  183. $this->registry->getObject('db')->executeQuery( $sql );
  184. $peeps = array();
  185. $k = 0;
  186. while( $person = $this->registry->getObject('db')->getRows() )
  187. {
  188. $person['style'] = ( $k % 2) ? 'alt' : 'norm';
  189. $peeps[] = $person;
  190. }
  191. $cache = $this->registry->getObject('db')->cacheData( $peeps );
  192. $this->registry->getObject('template')->getPage()->addTag( 'people', array( 'DATA', $cache ) );
  193. $this->registry->getObject('template')->getPage()->setTitle( 'People ');
  194. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/list.tpl.php', 'footer.tpl.php');
  195. }
  196. private function toggleActive( $id )
  197. {
  198. $sql = "UPDATE users SET active=1-active WHERE ID=" . $id ;
  199. $this->registry->getObject('db')->executeQuery( $sql );
  200. header('Location: ' . $this->registry->buildURL(array('people'), '', true ) );
  201. exit();
  202. }
  203. private function toggleAdministrator( $id )
  204. {
  205. $sql = "UPDATE users SET admin=1-admin WHERE ID=" . $id ;
  206. $this->registry->getObject('db')->executeQuery( $sql );
  207. header('Location: ' . $this->registry->buildURL(array('people'), '', true ) );
  208. exit();
  209. }
  210. private function createUser()
  211. {
  212. if( isset( $_POST['create_user'] ) )
  213. {
  214. $insert = array();
  215. $insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  216. $insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
  217. $insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
  218. $insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  219. $insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  220. $insert['password_hash'] = md5( $_POST['password_hash'] );
  221. $insert['active'] = 1;
  222. $insert['banned'] = 0;
  223. $insert['admin'] = 1;
  224. $insert['deleted'] = 0;
  225. $this->registry->getObject('db')->insertRecords( 'users', $insert );
  226. $id = $this->registry->getObject('db')->lastInsertID();
  227. if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
  228. {
  229. $sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
  230. foreach( $_POST['group'] as $gid )
  231. {
  232. $sql .= " ({$id}, {$gid} ),";
  233. }
  234. // remove last char from sql
  235. $sql = substr_replace($sql ,"",-1);
  236. $this->registry->getObject('db')->executeQuery( $sql );
  237. }
  238. $this->registry->redirectUser( array('people'), 'User created', 'The user account has been saved', true );
  239. }
  240. else
  241. {
  242. $sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
  243. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  244. $this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );
  245. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/create.tpl.php', 'footer.tpl.php');
  246. }
  247. }
  248. private function createMember()
  249. {
  250. $sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
  251. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  252. $this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );
  253. if( isset( $_POST['create_user'] ) )
  254. {
  255. // create the account
  256. $required = array( 'username' => 'Username', 'password' => 'Password', 'confirm_password' => 'Confirm password', 'first_name' => 'First Name', 'last_name' => 'Last Name', 'organisation' => 'Organisation', 'address' => 'Address', 'city' => 'City', 'county' =>'County', 'postcode' =>'Postcode', 'email' => 'Email address', 'phone' => 'Telephone number' );
  257. $required = array();
  258. //$required = array( 'username' => 'Username', 'first_name' => 'First Name', 'last_name' => 'Last Name' );
  259. $errors = array();
  260. foreach( array_keys( $required ) as $r )
  261. {
  262. if( ! isset( $_POST[ $r ]) || $_POST[ $r ] == '' )
  263. {
  264. $processable = false;
  265. $error = array();
  266. $error['errora'] = $required[ $r ] . " is a required field";
  267. $errors[] = $error;
  268. }
  269. if( isset( $_POST['email'] ) && $r == 'email' )
  270. {
  271. if( !preg_match( "^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})^", $_POST['email'] ) )
  272. {
  273. $error['errora'] = $required[ $r ] . " is an invalid email address. Please try again.";
  274. $errors[] = $error;
  275. }
  276. }
  277. if( isset( $_POST['username'] ) && $r == 'username' )
  278. {
  279. $username = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  280. $sql = "SELECT * FROM users WHERE username = '{$username}'";
  281. $this->registry->getObject('db')->executeQuery($sql);
  282. if( $this->registry->getObject('db')->numRows() > 0 )
  283. {
  284. $error['errora'] = $required[ $r ] . " is already taken. Please try again.";
  285. $errors[] = $error;
  286. }
  287. }
  288. if( isset( $_POST['confirm_password'] ) && $r == 'confirm_password' )
  289. {
  290. if( $_POST['password'] != $_POST['confirm_password'] )
  291. {
  292. $error['errora'] = $required[ $r ] . " does not match your password. Please try again.";
  293. $errors[] = $error;
  294. }
  295. }
  296. if( isset( $_POST['password'] ) && $r == 'password' )
  297. {
  298. if( strlen( $_POST['password'] ) < 6 )
  299. {
  300. $error['errora'] = $required[ $r ] . " is too short, it must be at least 6 characters.";
  301. $errors[] = $error;
  302. }
  303. }
  304. }
  305. if( empty( $errors ) )
  306. {
  307. $insert = array();
  308. $insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  309. $insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
  310. $insert['title'] = $this->registry->getObject('db')->sanitizeData( $_POST['title'] );
  311. $insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
  312. $insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  313. $insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  314. $insert['password_hash'] = md5( $_POST['password'] );
  315. $insert['active'] = 1;
  316. $insert['banned'] = 0;
  317. $insert['admin'] = 0;
  318. $insert['deleted'] = 0;
  319. if( isset( $_POST['confirm_member'] ) && $_POST['confirm_member'] == 1 )
  320. {
  321. $insert['member'] = 1;
  322. }
  323. else
  324. {
  325. $insert['member'] = 0;
  326. }
  327. $this->registry->getObject('db')->insertRecords( 'users', $insert );
  328. $id = $this->registry->getObject('db')->lastInsertID();
  329. $insert = array();
  330. $insert['user_id'] = $id;
  331. $insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
  332. $insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
  333. $insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
  334. $insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
  335. $insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
  336. $insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
  337. $insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
  338. $insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
  339. $insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
  340. //$insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
  341. //$insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
  342. $insert['website'] = $this->registry->getObject('db')->sanitizeData( $_POST['website'] );
  343. $insert['mobile'] = $this->registry->getObject('db')->sanitizeData( $_POST['mobile'] );
  344. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  345. {
  346. $insert['kind'] = serialize( $_POST['kind'] );
  347. }
  348. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  349. {
  350. $insert['interests'] = serialize( $_POST['interests'] );
  351. }
  352. if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
  353. {
  354. $insert['networks'] = serialize( $_POST['networks'] );
  355. }
  356. if( isset( $_POST['voluntary'] ) )
  357. {
  358. $insert['voluntary'] = $this->registry->getObject('db')->sanitizeData( $_POST['voluntary'] );
  359. }
  360. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  361. {
  362. $insert['areas'] = serialize( $_POST['areas'] );
  363. }
  364. if( isset( $_POST['declaration'] ) )
  365. {
  366. $insert['declaration'] = $this->registry->getObject('db')->sanitizeData( $_POST['declaration'] );
  367. }
  368. $this->registry->getObject('db')->insertRecords( 'users_extra', $insert );
  369. if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
  370. {
  371. $sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
  372. foreach( $_POST['group'] as $gid )
  373. {
  374. $sql .= " ({$id}, {$gid} ),";
  375. }
  376. // remove last char from sql
  377. $sql = substr_replace($sql ,"",-1);
  378. $this->registry->getObject('db')->executeQuery( $sql );
  379. }
  380. require_once( ACP_PATH . 'controllers/goldvision/controller.php');
  381. $controller = new GoldVisionController();
  382. $summary = str_replace( '&', '&amp;', $_POST['organisation'] ) ;
  383. $phone_number = str_replace( '&', '&amp;', $_POST['phone'] );
  384. $address_1 = str_replace( '&', '&amp;', $_POST['address'] );
  385. $address_2 = str_replace( '&', '&amp;', $_POST['address_linetwo'] );
  386. $town = str_replace( '&', '&amp;', $_POST['city'] );
  387. $county = str_replace( '&', '&amp;', $_POST['county'] );
  388. $postcode = str_replace( '&', '&amp;', $_POST['postcode'] );
  389. $website = str_replace( '&', '&amp;', $_POST['website'] );
  390. $interests = array();
  391. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  392. {
  393. if( $_POST['organisation_type'] == 'individual' || $_POST['organisation_type'] == 'voluntary' || $_POST['organisation_type'] == 'social' )
  394. {
  395. foreach( $_POST['interests'] as $interest => $details )
  396. {
  397. switch( $interest )
  398. {
  399. case 'age':
  400. $interests[] = '2';
  401. break;
  402. case 'asylum':
  403. $interests[] = '21';
  404. break;
  405. case 'disability':
  406. $interests[] = '58';
  407. break;
  408. case 'gender':
  409. $interests[] = '63';
  410. break;
  411. case 'gypsies':
  412. $interests[] = '47';
  413. break;
  414. case 'rights':
  415. $interests[] = '25';
  416. break;
  417. case 'migrants':
  418. $interests[] = '49';
  419. break;
  420. case 'race':
  421. $interests[] = '114';
  422. break;
  423. case 'religon':
  424. $interests[] = '64';
  425. break;
  426. case 'sexual':
  427. $interests[] = '115';
  428. break;
  429. case 'transgender':
  430. $interests[] = '61';
  431. break;
  432. }
  433. }
  434. }
  435. else
  436. {
  437. foreach( $_POST['interests'] as $interest => $details )
  438. {
  439. switch( $interest )
  440. {
  441. case 'age':
  442. $interests[] = '137';
  443. break;
  444. case 'asylum':
  445. $interests[] = '21';
  446. break;
  447. case 'disability':
  448. $interests[] = '59';
  449. break;
  450. case 'gender':
  451. $interests[] = '138';
  452. break;
  453. case 'gypsies':
  454. $interests[] = '47';
  455. break;
  456. case 'rights':
  457. $interests[] = '25';
  458. break;
  459. case 'migrants':
  460. $interests[] = '49';
  461. break;
  462. case 'race':
  463. $interests[] = '139';
  464. break;
  465. case 'religon':
  466. $interests[] = '144';
  467. break;
  468. case 'sexual':
  469. $interests[] = '140';
  470. break;
  471. case 'transgender':
  472. $interests[] = '61';
  473. break;
  474. }
  475. }
  476. }
  477. }
  478. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  479. {
  480. foreach( $_POST['areas'] as $area => $details )
  481. {
  482. switch( $area )
  483. {
  484. case 'bath':
  485. $interests[] = '101';
  486. break;
  487. case 'bristol':
  488. $interests[] = '96';
  489. break;
  490. case 'bournemouth':
  491. $interests[] = '102';
  492. break;
  493. case 'cornwall':
  494. $interests[] = '99';
  495. break;
  496. case 'devon':
  497. $interests[] = '106';
  498. break;
  499. case 'dorset':
  500. $interests[] = '108';
  501. break;
  502. case 'gloucestershire':
  503. $interests[] = '110';
  504. break;
  505. case 'north_somerset':
  506. $interests[] = '103';
  507. break;
  508. case 'plymouth':
  509. $interests[] = '104';
  510. break;
  511. case 'poole':
  512. $interests[] = '105';
  513. break;
  514. case 'somerset':
  515. $interests[] = '95';
  516. break;
  517. case 'south_gloucestershire':
  518. $interests[] = '107';
  519. break;
  520. case 'swindon':
  521. $interests[] = '109';
  522. break;
  523. case 'torbay':
  524. $interests[] = '111';
  525. break;
  526. case 'wiltshire':
  527. $interests[] = '100';
  528. break;
  529. case 'west_of_england':
  530. $interests[] = '98';
  531. break;
  532. case 'sw_region':
  533. $interests[] = '94';
  534. break;
  535. case 'outside_region':
  536. $interests[] = '97';
  537. break;
  538. }
  539. }
  540. }
  541. switch( $_POST['organisation_type'] )
  542. {
  543. case 'individual':
  544. $type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
  545. break;
  546. case 'private':
  547. $type = "c62b0abd-ddb7-4d4a-ad4a-599fd5af215b";
  548. break;
  549. case 'public':
  550. $type = "29490b9f-8873-44a8-ac7e-bcbec693af3b";
  551. break;
  552. case 'voluntary':
  553. $type = "3506df8e-3192-40ef-bc64-8b03e1e80445";
  554. break;
  555. case 'social':
  556. $type = "b4ea47d6-714f-4555-b134-e7e6de53916a";
  557. break;
  558. default:
  559. $type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
  560. break;
  561. }
  562. // ind data
  563. $firstName = str_replace( '&', '&amp;', $_POST['first_name'] ) ;
  564. $lastName = str_replace( '&', '&amp;', $_POST['last_name'] ) ;
  565. $title = str_replace( '&', '&amp;', $_POST['title'] ) ;
  566. $jobTitle = str_replace( '&', '&amp;', $_POST['job_title'] ) ;
  567. $mobile = str_replace( '&', '&amp;', $_POST['mobile'] ) ;
  568. $email = str_replace( '&', '&amp;', $_POST['email'] ) ;
  569. $events = '';
  570. $newsletter = 0;
  571. $volun = '';
  572. $share = 0;
  573. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  574. {
  575. //echo '<pre>' . print_r( $_POST['kind'], true ) . '</pre>'; exit();
  576. foreach( $_POST['kind'] as $k => $v )
  577. {
  578. if( $k == 'events' )
  579. {
  580. $events = "1a26da8a-90f5-4527-a8eb-551df1970e49";
  581. }
  582. if( $k == 'newsletter' )
  583. {
  584. $newsletter = 1;
  585. }
  586. }
  587. }
  588. if( isset($_POST['voluntary']) && $_POST['voluntary'] == 'yes' )
  589. {
  590. $volun = "edfd31f5-170d-4a72-a820-6c2591a84ef8";
  591. }
  592. else
  593. {
  594. $volun = "065b7934-5313-4656-857a-7e382fc312fe";
  595. }
  596. if( isset($_POST['declaration']) && $_POST['declaration'] == 'yes' )
  597. {
  598. $share = 1;
  599. }
  600. else
  601. {
  602. $share = 0;
  603. }
  604. if( $controller->isOrganisationInGoldVision( $_POST['organisation'] ) )
  605. {
  606. // organisation exists
  607. $orgID = $controller->getOrgID();
  608. // update it
  609. $controller->updateOrganisationInGV( $orgID, $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
  610. if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
  611. {
  612. // contact not exist: create it
  613. $indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
  614. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  615. {
  616. $controller->createInterest( $interests, $indID );
  617. /*
  618. foreach( $interests as $interest => $tag )
  619. {
  620. $controller->createInterest( $tag, $indID );
  621. }*/
  622. }
  623. }
  624. else
  625. {
  626. // contact exists; update it
  627. $contactID = $controller->getContactID();
  628. $controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
  629. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  630. {
  631. $controller->createInterest( $interests, $contactID );
  632. /*
  633. foreach( $interests as $interest => $tag )
  634. {
  635. $controller->createInterest( $tag, $indID );
  636. }*/
  637. }
  638. }
  639. }
  640. else
  641. {
  642. // create new organisation
  643. $orgID = $controller->createOrganisationInGV( $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
  644. if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
  645. {
  646. // create new contact
  647. $indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
  648. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  649. {
  650. $controller->createInterest( $interests, $indID );
  651. }
  652. }
  653. else
  654. {
  655. // update existing contact
  656. $contactID = $controller->getContactID();
  657. $controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
  658. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  659. {
  660. $controller->createInterest( $interests, $contactID );
  661. }
  662. }
  663. }
  664. $this->registry->redirectUser( array('people'), 'Member created', 'The member account has been saved', true );
  665. }
  666. else
  667. {
  668. $this->registry->getObject('template')->getPage()->addTag( 'message', 'Sorry, there were some errors with your attempt to create an account. Please correct the errors below and try again.' );
  669. $this->registry->getObject('template')->addTemplateBit( 'form_errors', 'people/errors.tpl.php' );
  670. $this->registry->getObject('template')->getPage()->addTag( 'form_username', $_POST['username'] );
  671. $this->registry->getObject('template')->getPage()->addTag( 'form_password', $_POST['password'] );
  672. $this->registry->getObject('template')->getPage()->addTag( 'form_confirm_password', $_POST['confirm_password'] );
  673. $this->registry->getObject('template')->getPage()->addTag( 'form_first_name', $_POST['first_name'] );
  674. $this->registry->getObject('template')->getPage()->addTag( 'form_last_name', $_POST['last_name'] );
  675. $this->registry->getObject('template')->getPage()->addTag( 'form_title', $_POST['title'] );
  676. $this->registry->getObject('template')->getPage()->addTag( 'form_organisation', $_POST['organisation'] );
  677. $this->registry->getObject('template')->getPage()->addTag( 'form_website', $_POST['website'] );
  678. $this->registry->getObject('template')->getPage()->addTag( 'form_job_title', $_POST['job_title'] );
  679. $this->registry->getObject('template')->getPage()->addTag( 'form_address', $_POST['address'] );
  680. $this->registry->getObject('template')->getPage()->addTag( 'form_address_linetwo', $_POST['address_linetwo'] );
  681. $this->registry->getObject('template')->getPage()->addTag( 'form_city', $_POST['city'] );
  682. $this->registry->getObject('template')->getPage()->addTag( 'form_county', $_POST['county'] );
  683. $this->registry->getObject('template')->getPage()->addTag( 'form_postcode', $_POST['postcode'] );
  684. $this->registry->getObject('template')->getPage()->addTag( 'form_email', $_POST['email'] );
  685. $this->registry->getObject('template')->getPage()->addTag( 'form_phone', $_POST['phone'] );
  686. $this->registry->getObject('template')->getPage()->addTag( 'form_mobile', $_POST['mobile'] );
  687. if( isset( $_POST['group'] ) && is_array($_POST['group']) && count( $_POST['group'] ) > 0 )
  688. {
  689. foreach( $_POST['group'] as $k => $v )
  690. {
  691. $this->registry->getObject('template')->getPage()->addTag( 'nbd_opt_' . $v, 'checked="checked"' );
  692. }
  693. }
  694. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  695. {
  696. foreach( $_POST['kind'] as $k => $v )
  697. {
  698. $this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
  699. }
  700. }
  701. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  702. {
  703. foreach( $_POST['interests'] as $k => $v )
  704. {
  705. $this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
  706. }
  707. }
  708. if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
  709. {
  710. foreach( $_POST['networks'] as $k => $v )
  711. {
  712. $this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
  713. }
  714. }
  715. if( isset( $_POST['voluntary'] ) )
  716. {
  717. if( $_POST['voluntary'] == 'yes' )
  718. {
  719. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
  720. }
  721. else
  722. {
  723. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
  724. }
  725. }
  726. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  727. {
  728. foreach( $_POST['areas'] as $k => $v )
  729. {
  730. $this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
  731. }
  732. }
  733. if( isset( $_POST['declaration'] ) )
  734. {
  735. if( $_POST['declaration'] == 'yes' )
  736. {
  737. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
  738. }
  739. else
  740. {
  741. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
  742. }
  743. }
  744. if( isset( $_POST['organisation_type'] ) )
  745. {
  746. $this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $_POST['organisation_type'], 'selected="selected"' );
  747. }
  748. if( isset( $_POST['confirm_member'] ) )
  749. {
  750. $this->registry->getObject('template')->getPage()->addTag( 'form_confirm_member', 'checked="checked"' );
  751. }
  752. $cache = $this->registry->getObject('db')->cacheData( $errors );
  753. $this->registry->getObject('template')->getPage()->addTag( 'errors', array( 'DATA', $cache ) );
  754. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/create-member.tpl.php', 'footer.tpl.php');
  755. }
  756. }
  757. else
  758. {
  759. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/create-member.tpl.php', 'footer.tpl.php');
  760. }
  761. }
  762. /*
  763. private function createMember()
  764. {
  765. if( isset( $_POST['create_user'] ) )
  766. {
  767. $insert = array();
  768. $insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  769. $insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
  770. $insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['name'] );
  771. $insert['password_hash'] = md5( $_POST['password_hash'] );
  772. $insert['active'] = 1;
  773. $insert['banned'] = 0;
  774. $insert['admin'] = 0;
  775. $insert['deleted'] = 0;
  776. if( isset( $_POST['confirm_member'] ) && $_POST['confirm_member'] == 1 )
  777. {
  778. $insert['member'] = 1;
  779. }
  780. else
  781. {
  782. $insert['member'] = 0;
  783. }
  784. $this->registry->getObject('db')->insertRecords( 'users', $insert );
  785. $id = $this->registry->getObject('db')->lastInsertID();
  786. $insert = array();
  787. $insert['user_id'] = $id;
  788. $insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
  789. $insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
  790. $insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
  791. $insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
  792. $insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
  793. $insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
  794. $insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
  795. $insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
  796. $insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
  797. $insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
  798. $insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
  799. $this->registry->getObject('db')->insertRecords( 'users_extra', $insert );
  800. if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
  801. {
  802. $sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
  803. foreach( $_POST['group'] as $gid )
  804. {
  805. $sql .= " ({$id}, {$gid} ),";
  806. }
  807. // remove last char from sql
  808. $sql = substr_replace($sql ,"",-1);
  809. $this->registry->getObject('db')->executeQuery( $sql );
  810. }
  811. $this->registry->redirectUser( array('people'), 'Member created', 'The member account has been saved', true );
  812. }
  813. else
  814. {
  815. $sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
  816. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  817. $this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );
  818. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/create-member.tpl.php', 'footer.tpl.php');
  819. }
  820. }*/
  821. private function deleteUser( $user )
  822. {
  823. $changes = array();
  824. $changes['deleted'] = 1;
  825. $changes['active'] =0;
  826. $changes['banned'] = 1;
  827. $changes['admin'] = 0;
  828. $this->registry->getObject('db')->updateRecords( 'users', $changes, 'ID=' . $user );
  829. $this->registry->redirectUser( array('people'), 'User deleted', 'The user account has been removed from the system', true );
  830. }
  831. private function editUser( $id )
  832. {
  833. $sql = "SELECT * FROM users WHERE admin = 1 AND ID=" . $id;
  834. $this->registry->getObject('db')->executeQuery( $sql );
  835. if( $this->registry->getObject('db')->numRows() > 0 )
  836. {
  837. if( isset( $_POST['edit_user'] ) )
  838. {
  839. $insert = array();
  840. $insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  841. $insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
  842. $insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
  843. $insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  844. $insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  845. if( $_POST['password_hash'] != '' )
  846. {
  847. $insert['password_hash'] = md5( $_POST['password_hash'] );
  848. }
  849. $this->registry->getObject('db')->updateRecords( 'users', $insert, 'ID=' . $id );
  850. if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
  851. {
  852. $sql = "DELETE FROM group_memberships WHERE user=" .$id;
  853. $this->registry->getObject('db')->executeQuery( $sql );
  854. $sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
  855. foreach( $_POST['group'] as $gid )
  856. {
  857. $sql .= " ({$id}, {$gid} ),";
  858. }
  859. // remove last char from sql
  860. $sql = substr_replace($sql ,"",-1);
  861. $this->registry->getObject('db')->executeQuery( $sql );
  862. }
  863. $this->registry->redirectUser( array('people'), 'User edited', 'Changes to the user account have been saved', true );
  864. }
  865. else
  866. {
  867. $sql = "SELECT * FROM users WHERE ID=" . $id;
  868. $this->registry->getObject('db')->executeQuery( $sql );
  869. $data = $this->registry->getObject('db')->getRows();
  870. $this->registry->getObject('template')->dataToTags( $data, 'user_' );
  871. $sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
  872. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  873. $this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );
  874. $sql = "SELECT `group` FROM group_memberships WHERE user=" . $id;
  875. $this->registry->getObject('db')->executeQuery($sql);
  876. while ( $row = $this->registry->getObject('db')->getRows() )
  877. {
  878. $this->registry->getObject('template')->getPage()->addPPTag( 'nbd_opt_' . $row['group'], "checked='checked'");
  879. }
  880. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/edit.tpl.php', 'footer.tpl.php');
  881. }
  882. }
  883. else
  884. {
  885. $this->editMember( $id );
  886. }
  887. }
  888. private function editMember( $id )
  889. {
  890. $sql = "SELECT u.*, e.* FROM users u, users_extra e WHERE e.user_id=u.ID AND u.ID={$id}";
  891. $this->registry->getObject('db')->executeQuery( $sql );
  892. if( $this->registry->getObject('db')->numRows() == 1 )
  893. {
  894. $data = $this->registry->getObject('db')->getRows();
  895. }
  896. else
  897. {
  898. echo 'Error editing member';
  899. exit();
  900. }
  901. if( isset( $_POST['edit_user'] ) )
  902. {
  903. require_once( ACP_PATH . 'controllers/goldvision/controller.php');
  904. $controller = new GoldVisionController();
  905. $summary = str_replace( '&', '&amp;', $_POST['organisation'] ) ;
  906. $phone_number = str_replace( '&', '&amp;', $_POST['phone'] );
  907. $address_1 = str_replace( '&', '&amp;', $_POST['address'] );
  908. $address_2 = str_replace( '&', '&amp;', $_POST['address_linetwo'] );
  909. $town = str_replace( '&', '&amp;', $_POST['city'] );
  910. $county = str_replace( '&', '&amp;', $_POST['county'] );
  911. $postcode = str_replace( '&', '&amp;', $_POST['postcode'] );
  912. $website = str_replace( '&', '&amp;', $_POST['website'] );
  913. $interests = array();
  914. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  915. {
  916. if( $_POST['organisation_type'] == 'individual' || $_POST['organisation_type'] == 'voluntary' || $_POST['organisation_type'] == 'social' )
  917. {
  918. foreach( $_POST['interests'] as $interest => $details )
  919. {
  920. switch( $interest )
  921. {
  922. case 'age':
  923. $interests[] = '2';
  924. break;
  925. case 'asylum':
  926. $interests[] = '21';
  927. break;
  928. case 'disability':
  929. $interests[] = '58';
  930. break;
  931. case 'gender':
  932. $interests[] = '63';
  933. break;
  934. case 'gypsies':
  935. $interests[] = '47';
  936. break;
  937. case 'rights':
  938. $interests[] = '25';
  939. break;
  940. case 'migrants':
  941. $interests[] = '49';
  942. break;
  943. case 'race':
  944. $interests[] = '114';
  945. break;
  946. case 'religon':
  947. $interests[] = '64';
  948. break;
  949. case 'sexual':
  950. $interests[] = '115';
  951. break;
  952. case 'transgender':
  953. $interests[] = '61';
  954. break;
  955. }
  956. }
  957. }
  958. else
  959. {
  960. foreach( $_POST['interests'] as $interest => $details )
  961. {
  962. switch( $interest )
  963. {
  964. case 'age':
  965. $interests[] = '137';
  966. break;
  967. case 'asylum':
  968. $interests[] = '21';
  969. break;
  970. case 'disability':
  971. $interests[] = '59';
  972. break;
  973. case 'gender':
  974. $interests[] = '138';
  975. break;
  976. case 'gypsies':
  977. $interests[] = '47';
  978. break;
  979. case 'rights':
  980. $interests[] = '25';
  981. break;
  982. case 'migrants':
  983. $interests[] = '49';
  984. break;
  985. case 'race':
  986. $interests[] = '139';
  987. break;
  988. case 'religon':
  989. $interests[] = '144';
  990. break;
  991. case 'sexual':
  992. $interests[] = '140';
  993. break;
  994. case 'transgender':
  995. $interests[] = '61';
  996. break;
  997. }
  998. }
  999. }
  1000. }
  1001. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  1002. {
  1003. foreach( $_POST['areas'] as $area => $details )
  1004. {
  1005. switch( $area )
  1006. {
  1007. case 'bath':
  1008. $interests[] = '101';
  1009. break;
  1010. case 'bristol':
  1011. $interests[] = '96';
  1012. break;
  1013. case 'bournemouth':
  1014. $interests[] = '102';
  1015. break;
  1016. case 'cornwall':
  1017. $interests[] = '99';
  1018. break;
  1019. case 'devon':
  1020. $interests[] = '106';
  1021. break;
  1022. case 'dorset':
  1023. $interests[] = '108';
  1024. break;
  1025. case 'gloucestershire':
  1026. $interests[] = '110';
  1027. break;
  1028. case 'north_somerset':
  1029. $interests[] = '103';
  1030. break;
  1031. case 'plymouth':
  1032. $interests[] = '104';
  1033. break;
  1034. case 'poole':
  1035. $interests[] = '105';
  1036. break;
  1037. case 'somerset':
  1038. $interests[] = '95';
  1039. break;
  1040. case 'south_gloucestershire':
  1041. $interests[] = '107';
  1042. break;
  1043. case 'swindon':
  1044. $interests[] = '109';
  1045. break;
  1046. case 'torbay':
  1047. $interests[] = '111';
  1048. break;
  1049. case 'wiltshire':
  1050. $interests[] = '100';
  1051. break;
  1052. case 'west_of_england':
  1053. $interests[] = '98';
  1054. break;
  1055. case 'sw_region':
  1056. $interests[] = '94';
  1057. break;
  1058. case 'outside_region':
  1059. $interests[] = '97';
  1060. break;
  1061. }
  1062. }
  1063. }
  1064. switch( $_POST['organisation_type'] )
  1065. {
  1066. case 'individual':
  1067. $type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
  1068. break;
  1069. case 'private':
  1070. $type = "c62b0abd-ddb7-4d4a-ad4a-599fd5af215b";
  1071. break;
  1072. case 'public':
  1073. $type = "29490b9f-8873-44a8-ac7e-bcbec693af3b";
  1074. break;
  1075. case 'voluntary':
  1076. $type = "3506df8e-3192-40ef-bc64-8b03e1e80445";
  1077. break;
  1078. case 'social':
  1079. $type = "b4ea47d6-714f-4555-b134-e7e6de53916a";
  1080. break;
  1081. default:
  1082. $type = "df33cd86-6861-4e0f-93b3-d4c6bcf3a0f3";
  1083. break;
  1084. }
  1085. // ind data
  1086. $firstName = str_replace( '&', '&amp;', $_POST['first_name'] ) ;
  1087. $lastName = str_replace( '&', '&amp;', $_POST['last_name'] ) ;
  1088. $title = str_replace( '&', '&amp;', $_POST['title'] ) ;
  1089. $jobTitle = str_replace( '&', '&amp;', $_POST['job_title'] ) ;
  1090. $mobile = str_replace( '&', '&amp;', $_POST['mobile'] ) ;
  1091. $email = str_replace( '&', '&amp;', $_POST['email'] ) ;
  1092. $events = '';
  1093. $newsletter = 0;
  1094. $volun = '';
  1095. $share = 0;
  1096. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  1097. {
  1098. //echo '<pre>' . print_r( $_POST['kind'], true ) . '</pre>'; exit();
  1099. foreach( $_POST['kind'] as $k => $v )
  1100. {
  1101. if( $k == 'events' )
  1102. {
  1103. $events = "1a26da8a-90f5-4527-a8eb-551df1970e49";
  1104. }
  1105. if( $k == 'newsletter' )
  1106. {
  1107. $newsletter = 1;
  1108. }
  1109. }
  1110. }
  1111. if( isset($_POST['voluntary']) && $_POST['voluntary'] == 'yes' )
  1112. {
  1113. $volun = "edfd31f5-170d-4a72-a820-6c2591a84ef8";
  1114. }
  1115. else
  1116. {
  1117. $volun = "065b7934-5313-4656-857a-7e382fc312fe";
  1118. }
  1119. if( isset($_POST['declaration']) && $_POST['declaration'] == 'yes' )
  1120. {
  1121. $share = 1;
  1122. }
  1123. else
  1124. {
  1125. $share = 0;
  1126. }
  1127. if( $controller->isOrganisationInGoldVision( $_POST['organisation'] ) )
  1128. {
  1129. // organisation exists
  1130. $orgID = $controller->getOrgID();
  1131. // update it
  1132. $controller->updateOrganisationInGV( $orgID, $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
  1133. if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
  1134. {
  1135. // contact not exist: create it
  1136. $indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
  1137. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  1138. {
  1139. $controller->createInterest( $interests, $indID );
  1140. /*
  1141. foreach( $interests as $interest => $tag )
  1142. {
  1143. $controller->createInterest( $tag, $indID );
  1144. }*/
  1145. }
  1146. }
  1147. else
  1148. {
  1149. // contact exists; update it
  1150. $contactID = $controller->getContactID();
  1151. $controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
  1152. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  1153. {
  1154. $controller->createInterest( $interests, $contactID );
  1155. /*
  1156. foreach( $interests as $interest => $tag )
  1157. {
  1158. $controller->createInterest( $tag, $indID );
  1159. }*/
  1160. }
  1161. }
  1162. }
  1163. else
  1164. {
  1165. // create new organisation
  1166. $orgID = $controller->createOrganisationInGV( $summary, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website, $type );
  1167. if( ! $controller->isContactInGoldVision( $_POST['email'], $orgID ) )
  1168. {
  1169. // create new contact
  1170. $indID = $controller->createContact( $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share );
  1171. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  1172. {
  1173. $controller->createInterest( $interests, $indID );
  1174. }
  1175. }
  1176. else
  1177. {
  1178. // update existing contact
  1179. $contactID = $controller->getContactID();
  1180. $controller->updateContact( $contactID, $firstName, $lastName, $orgID, $title, $jobTitle, $mobile, $email, $events, $volun, $newsletter, $share, $address_1, $address_2, $town, $county, $postcode, $phone_number, $website );
  1181. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  1182. {
  1183. $controller->createInterest( $interests, $contactID );
  1184. }
  1185. }
  1186. }
  1187. $insert = array();
  1188. $insert['username'] = $this->registry->getObject('db')->sanitizeData( $_POST['username'] );
  1189. $insert['email'] = $this->registry->getObject('db')->sanitizeData( $_POST['email'] );
  1190. $insert['title'] = $this->registry->getObject('db')->sanitizeData( $_POST['title'] );
  1191. $insert['firstName'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] );
  1192. $insert['lastName'] = $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  1193. $insert['name'] = $this->registry->getObject('db')->sanitizeData( $_POST['first_name'] ) . ' ' . $this->registry->getObject('db')->sanitizeData( $_POST['last_name'] );
  1194. if( $_POST['password_hash'] != '' )
  1195. {
  1196. $insert['password_hash'] = md5($_POST['password_hash'] );
  1197. }
  1198. $insert['active'] = 1;
  1199. $insert['banned'] = 0;
  1200. $insert['admin'] = 0;
  1201. $insert['deleted'] = 0;
  1202. if( isset( $_POST['confirm_member'] ) && $_POST['confirm_member'] == 1 )
  1203. {
  1204. $insert['member'] = 1;
  1205. }
  1206. else
  1207. {
  1208. $insert['member'] = 0;
  1209. }
  1210. $this->registry->getObject('db')->updateRecords( 'users', $insert, 'ID=' . $id );
  1211. $insert = array();
  1212. $insert['user_id'] = $id;
  1213. $insert['organisation'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation'] );
  1214. $insert['organisation_type'] = $this->registry->getObject('db')->sanitizeData( $_POST['organisation_type'] );
  1215. $insert['job_title'] = $this->registry->getObject('db')->sanitizeData( $_POST['job_title'] );
  1216. $insert['phone'] = $this->registry->getObject('db')->sanitizeData( $_POST['phone'] );
  1217. $insert['address'] = $this->registry->getObject('db')->sanitizeData( $_POST['address'] );
  1218. $insert['address_linetwo'] = $this->registry->getObject('db')->sanitizeData( $_POST['address_linetwo'] );
  1219. $insert['city'] = $this->registry->getObject('db')->sanitizeData( $_POST['city'] );
  1220. $insert['county'] = $this->registry->getObject('db')->sanitizeData( $_POST['county'] );
  1221. $insert['postcode'] = $this->registry->getObject('db')->sanitizeData( $_POST['postcode'] );
  1222. //$insert['nature'] = $this->registry->getObject('db')->sanitizeData( $_POST['nature'] );
  1223. //$insert['employees'] = $this->registry->getObject('db')->sanitizeData( $_POST['employees'] );
  1224. $insert['website'] = $this->registry->getObject('db')->sanitizeData( $_POST['website'] );
  1225. $insert['mobile'] = $this->registry->getObject('db')->sanitizeData( $_POST['mobile'] );
  1226. if( isset( $_POST['kind'] ) && is_array($_POST['kind']) && count( $_POST['kind'] ) > 0 )
  1227. {
  1228. $insert['kind'] = serialize( $_POST['kind'] );
  1229. }
  1230. if( isset( $_POST['interests'] ) && is_array($_POST['interests']) && count( $_POST['interests'] ) > 0 )
  1231. {
  1232. $insert['interests'] = serialize( $_POST['interests'] );
  1233. }
  1234. if( isset( $_POST['networks'] ) && is_array($_POST['networks']) && count( $_POST['networks'] ) > 0 )
  1235. {
  1236. $insert['networks'] = serialize( $_POST['networks'] );
  1237. }
  1238. if( isset( $_POST['voluntary'] ) )
  1239. {
  1240. $insert['voluntary'] = $this->registry->getObject('db')->sanitizeData( $_POST['voluntary'] );
  1241. }
  1242. if( isset( $_POST['areas'] ) && is_array($_POST['areas']) && count( $_POST['areas'] ) > 0 )
  1243. {
  1244. $insert['areas'] = serialize( $_POST['areas'] );
  1245. }
  1246. if( isset( $_POST['declaration'] ) )
  1247. {
  1248. $insert['declaration'] = $this->registry->getObject('db')->sanitizeData( $_POST['declaration'] );
  1249. }
  1250. $sql = "SELECT * FROM users_extra WHERE user_id = {$id} LIMIT 1";
  1251. $this->registry->getObject('db')->executeQuery( $sql );
  1252. if( $this->registry->getObject('db')->numRows() == 1 )
  1253. {
  1254. $this->registry->getObject('db')->updateRecords( 'users_extra', $insert, 'user_id=' . $id );
  1255. }
  1256. else
  1257. {
  1258. $this->registry->getObject('db')->insertRecords( 'users_extra', $insert );
  1259. }
  1260. if( isset( $_POST['group'] ) && is_array( $_POST['group'] ) && count( $_POST['group'] ) > 0 )
  1261. {
  1262. $sql = "DELETE FROM group_memberships WHERE user=" .$id;
  1263. $this->registry->getObject('db')->executeQuery( $sql );
  1264. $sql = "INSERT INTO group_memberships (`user`, `group` ) VALUES ";
  1265. foreach( $_POST['group'] as $gid )
  1266. {
  1267. $sql .= " ({$id}, {$gid} ),";
  1268. }
  1269. // remove last char from sql
  1270. $sql = substr_replace($sql ,"",-1);
  1271. $this->registry->getObject('db')->executeQuery( $sql );
  1272. }
  1273. $this->registry->redirectUser( array('people'), 'Member edited', 'Changes to the member account have been saved', true );
  1274. }
  1275. else
  1276. {
  1277. $sql = "SELECT * FROM groups WHERE deleted = 0 ORDER BY name";
  1278. $cache = $this->registry->getObject('db')->cacheQuery( $sql );
  1279. $this->registry->getObject('template')->getPage()->addTag( 'groups', array( 'SQL', $cache ) );
  1280. $sql = "SELECT `group` FROM group_memberships WHERE user=" . $id;
  1281. $this->registry->getObject('db')->executeQuery($sql);
  1282. while ( $row = $this->registry->getObject('db')->getRows() )
  1283. {
  1284. $this->registry->getObject('template')->getPage()->addPPTag( 'nbd_opt_' . $row['group'], "checked='checked'");
  1285. }
  1286. $sql = "SELECT u.*, e.* FROM users u LEFT JOIN users_extra e ON e.user_id = u.ID WHERE u.ID=" . $id;
  1287. $this->registry->getObject('db')->executeQuery( $sql );
  1288. $data = $this->registry->getObject('db')->getRows();
  1289. $this->registry->getObject('template')->dataToTags( $data, 'user_' );
  1290. $kind = unserialize( $data['kind'] );
  1291. if( isset( $kind ) && is_array($kind) && count( $kind ) > 0 )
  1292. {
  1293. foreach( $kind as $k => $v )
  1294. {
  1295. $this->registry->getObject('template')->getPage()->addTag( 'form_kind_' . $k, 'checked="checked"' );
  1296. }
  1297. }
  1298. $interests = unserialize( $data['interests'] );
  1299. if( isset( $interests ) && is_array($interests) && count( $interests ) > 0 )
  1300. {
  1301. foreach( $interests as $k => $v )
  1302. {
  1303. $this->registry->getObject('template')->getPage()->addTag( 'form_interests_' . $k, 'checked="checked"' );
  1304. }
  1305. }
  1306. $networks = unserialize( $data['networks'] );
  1307. if( isset( $networks ) && is_array($networks) && count( $networks ) > 0 )
  1308. {
  1309. foreach( $networks as $k => $v )
  1310. {
  1311. $this->registry->getObject('template')->getPage()->addTag( 'form_networks_' . $k, 'checked="checked"' );
  1312. }
  1313. }
  1314. if( $data['voluntary'] == 'yes' )
  1315. {
  1316. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_yes', 'checked="checked"' );
  1317. }
  1318. else
  1319. {
  1320. $this->registry->getObject('template')->getPage()->addTag( 'form_voluntary_no', 'checked="checked"' );
  1321. }
  1322. $areas = unserialize( $data['areas'] );
  1323. if( isset( $areas ) && is_array($areas) && count( $areas ) > 0 )
  1324. {
  1325. foreach( $areas as $k => $v )
  1326. {
  1327. $this->registry->getObject('template')->getPage()->addTag( 'form_areas_' . $k, 'checked="checked"' );
  1328. }
  1329. }
  1330. if( $data['declaration'] == 'yes' )
  1331. {
  1332. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_yes', 'checked="checked"' );
  1333. }
  1334. else
  1335. {
  1336. $this->registry->getObject('template')->getPage()->addTag( 'form_declaration_no', 'checked="checked"' );
  1337. }
  1338. if( $data['member'] == 1 )
  1339. {
  1340. $this->registry->getObject('template')->getPage()->addTag( 'nbd_membership_confirmed', 'checked="checked"' );
  1341. }
  1342. $this->registry->getObject('template')->getPage()->addTag( 'nbd_' . $data['organisation_type'], 'selected="selected"' );
  1343. $this->registry->getObject('template')->buildFromTemplates('header.tpl.php', 'people/edit-member.tpl.php', 'footer.tpl.php');
  1344. }
  1345. }
  1346. }
  1347. ?>