requireLogin(); $app->sslOn(); require_once 'codebase/lib/PageNumbers.inc.php'; require_once 'codebase/lib/Cache.inc.php'; require_once 'codebase/lib/SortOrder.inc.php'; require_once 'codebase/lib/HTML.inc.php'; require_once 'models/Participant.inc.php'; /******************************************************************** * CONFIG ********************************************************************/ // Titles and navigation header. $nav->add(_("Participants"), null); // Instantiate a sorting object with the default sort and order. Add SQL for each column. $so = new SortOrder('participant_tbl.participant_id', 'DESC'); $so->asc_widget = ''; $so->desc_widget = ''; $so->setColumn('participant_tbl.participant_id', 'participant_tbl.participant_id ASC', 'participant_tbl.participant_id DESC'); $so->setColumn('participant_tbl.phone', 'participant_tbl.phone ASC', 'participant_tbl.phone DESC'); $so->setColumn('participant_tbl.status', 'participant_tbl.status ASC', 'participant_tbl.status DESC'); $so->setColumn('participant_tbl.last_active_datetime', 'participant_tbl.last_active_datetime ASC', 'participant_tbl.last_active_datetime DESC'); $so->setColumn('participant_tbl.added_datetime', 'participant_tbl.added_datetime ASC', 'participant_tbl.added_datetime DESC'); $so->setColumn('participant_tbl.added_by_user_id', 'participant_tbl.added_by_user_id ASC', 'participant_tbl.added_by_user_id DESC'); $so->setColumn('participant_tbl.modified_datetime', 'participant_tbl.modified_datetime ASC', 'participant_tbl.modified_datetime DESC'); $so->setColumn('participant_tbl.modified_by_user_id', 'participant_tbl.modified_by_user_id ASC', 'participant_tbl.modified_by_user_id DESC'); // Instantiate page numbers. Total items are set and calculation is done in the getList method. $page = new PageNumbers(); $page->setPerPage(getFormData('per_page'), 100); $page->setPageNumber(getFormData('page_number')); // Query parameters to retain always. $app->carryQuery(array( 'filter___///__', )); // Query parameters to retain only locally. $locally_carried_queries = array( 'q', ); /******************************************************************** * MAIN ********************************************************************/ // We may want to use the add/edit interface from another script, so this // allows us to remember which page we came from so we can go back there. if (getFormData('boomerang', false) && isset($_SERVER['HTTP_REFERER'])) { $app->setBoomerangURL($_SERVER['HTTP_REFERER'], 'participant'); } if (getFormData('break_list_cache', false)) { // Remove any stale cached list data. $cache->delete('participant list'); } // What action to take. switch (getFormData('op')) { case 'add' : // Bounce the user if they don't have permission to create a record. Participant::requireAllow('create'); // Initialize variables for the form template. $frm = getAddFields(); $nav->add(_("Add new participant")); $main_template = 'participant_form.inc.html'; break; case 'edit' : // Bounce the user if they don't have permission to update a record. Participant::requireAllow('update'); // Initialize variables for the form template. $frm = getEditFields(getFormData('participant_id')); $nav->add(_("Edit Participant")); $main_template = 'participant_form.inc.html'; break; case 'del' : $app->requireValidCSRFToken(); // Bounce the user if they don't have permission to delete the specified record. Participant::requireAllow('delete', Participant::get(array('participant_id' => getFormData('participant_id')), 1)); if ($del_row = Participant::get(array('participant_id' => getFormData('participant_id')), 1)) { Participant::delete(getFormData('participant_id')); $app->raiseMsg(sprintf(_("The participant %s has been deleted."), $del_row['phone']), MSG_SUCCESS, __FILE__, __LINE__); } if ($app->validBoomerangURL('participant')) { // Display boomerang page. $app->dieBoomerangURL('participant', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); break; case 'insert' : $app->requireValidCSRFToken(); if (getFormData('account_id')) { // Bounce the user if they don't have permission to create a record under the specified account_id. Participant::requireAllow('create', array(array('account_id' => getFormData('account_id')))); } else { // Bounce the user if they don't have permission to create a record at all. Participant::requireAllow('create'); } if (getFormdata('btn_cancel', false)) { if ($app->validBoomerangURL('participant')) { // Display boomerang page. $app->dieBoomerangURL('participant', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } $fv = validateInput($fv); if ($fv->anyErrors()) { $frm = getAddFields(); $frm = array_merge($frm, getFormData()); $nav->add(_("Add new participant")); $main_template = 'participant_form.inc.html'; } else { $participant_id = Participant::insert(getFormData()); $app->raiseMsg(sprintf(_("The participant %s has been added."), getFormData('phone')), MSG_SUCCESS, __FILE__, __LINE__); if (getFormdata('btn_repeat', false)) { // Display function again. $app->dieURL($_SERVER['PHP_SELF'] . '?op=add', $locally_carried_queries); } else if ($app->validBoomerangURL('participant')) { // Display boomerang page. $app->dieBoomerangURL('participant', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } break; case 'update' : $app->requireValidCSRFToken(); if (getFormData('account_id')) { // Bounce the user if they don't have permission to update the specified record or don't have permission to assign this record to the specified account_id. $check_rows = array_merge(Participant::get(array('participant_id' => getFormData('participant_id')), 1), array(array('account_id' => getFormData('account_id')))); Participant::requireAllow('update', $check_rows); } else { // Bounce the user if they don't have permission to update the specified record. Participant::requireAllow('update', Participant::get(array('participant_id' => getFormData('participant_id')), 1)); } if (getFormdata('btn_reset', false)) { $app->raiseMsg(_("Saved values have been reloaded."), MSG_NOTICE, __FILE__, __LINE__); $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&participant_id=' . getFormData('participant_id'), $locally_carried_queries); } if (getFormdata('btn_cancel', false)) { // Remove lock $lock->select('participant_tbl', 'participant_id', getFormData('participant_id')); $lock->remove(); if ($app->validBoomerangURL('participant')) { // Display boomerang page. $app->dieBoomerangURL('participant', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } $fv = validateInput($fv); if ($fv->anyErrors()) { $frm = getEditFields(getFormData('participant_id')); $frm = array_merge($frm, getFormData()); $nav->add(_("Edit Participant")); $main_template = 'participant_form.inc.html'; } else { Participant::update(getFormData()); $app->raiseMsg(sprintf(_("The participant %s has been updated."), getFormData('phone')), MSG_SUCCESS, __FILE__, __LINE__); if (getFormdata('btn_repeat', false)) { // Display edit function with next available ID. $qid = $db->query("SELECT participant_id FROM participant_tbl WHERE participant_id > '" . $db->escapeString(getFormData('participant_id')) . "' ORDER BY participant_id ASC LIMIT 1"); if (list($next_id) = mysql_fetch_row($qid)) { $app->dieURL($_SERVER['PHP_SELF'] . '?op=edit&participant_id=' . $next_id, $locally_carried_queries); } else { $app->raiseMsg(_("Cannot edit next, the end of the list was reached"), MSG_NOTICE, __FILE__, __LINE__); } } else if ($app->validBoomerangURL('participant')) { // Display boomerang page. $app->dieBoomerangURL('participant', $locally_carried_queries); } // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); } break; case 'import' : $app->requireValidCSRFToken(); if (getFormData('account_id')) { // Bounce the user if they don't have permission to create a record under the specified account_id. Participant::requireAllow('create', array(array('account_id' => getFormData('account_id')))); } else { // Bounce the user if they don't have permission to create a record at all. Participant::requireAllow('create'); } Participant::bulkInsert(getFormData('import_phones')); // Display default page. $app->dieURL($_SERVER['PHP_SELF'], $locally_carried_queries); break; default : // Bounce the user if they don't have permission to list records. Participant::requireAllow('read'); // If the user does not have access to 'any' record, limit by their account_id. $where_clause = ''; if (!$acl->check('user_id:' . $auth->get('user_id'), 'participant:read', 'any')) { $where_clause = "WHERE participant_tbl.account_id = '" . $db->escapeString($auth->get('account_id')) . "'"; } $list = Participant::getPaginatedList($where_clause); $main_template = 'participant_list.inc.html'; break; } /******************************************************************** * OUTPUT ********************************************************************/ include 'header.inc.html'; $app->carryQuery($locally_carried_queries); include $main_template; include 'footer.inc.html'; /******************************************************************** * FUNCTIONS ********************************************************************/ /* * * * @access public * @param * @return * @author Quinn Comendant * @version 1.0 * @since 16 Nov 2014 17:45:40 */ function validateInput($fv) { // $fv->notEmpty('participant_id', sprintf(_("%s cannot be blank."), _("Participant ID"))); // $fv->numericRange('participant_id', 0, 16777215, sprintf(_("%s must be a number between %d and %d."), _("Participant ID"), 0, 16777215)); // $fv->isInteger('participant_id', sprintf(_("%s must be an integer."), _("Participant ID"))); $fv->notEmpty('phone', sprintf(_("%s cannot be blank."), _("Phone"))); $fv->checkRegex('phone', '/^\+\d+$/', true, sprintf(_("%s must be in full international format including ‘+’ and country-code with no spaces, e.g., +5215591961439 or +14155551212."), _("Phone"))); $fv->stringLength('phone', 0, 20, sprintf(_("%s must be %d-to-%d characters in length."), _("Phone"), 0, 20)); $fv->validatePhone('phone'); return $fv; } /* * * * @access public * @param * @return * @author Quinn Comendant * @version 1.0 * @since 16 Nov 2014 17:45:40 */ function getAddFields() { // Set default values for the reset of the fields. return Participant::merge(array( 'new_op' => 'insert', 'submit_buttons' => array( array('name' => 'btn_submit', 'value' => _("Add new participant"), 'class' => 'small button', 'accesskey' => 's'), array('name' => 'btn_repeat', 'value' => _("Add & repeat"), 'class' => 'small button secondary', 'accesskey' => 'r'), array('name' => 'btn_cancel', 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'), ), )); } /* * * * @access public * @param * @return * @author Quinn Comendant * @version 1.0 * @since 16 Nov 2014 17:45:40 */ function getEditFields($id) { global $lock, $locally_carried_queries; $db =& DB::getInstance(); $app =& App::getInstance(); $lock->select('participant_tbl', 'participant_id', $id); if ($lock->isLocked() && !$lock->isMine()) { $lock->dieErrorPage(); } // Get the information for the form. if (!$frm = Participant::get(array('participant_id' => $id))) { $app->logMsg('Could not find record with participant_id: ' . $id, LOG_WARNING, __FILE__, __LINE__); $app->raiseMsg(sprintf(_("The requested record %s could not be found."), $id), MSG_ERR, __FILE__, __LINE__); $app->dieBoomerangURL('participant', $locally_carried_queries); } // Lock this record. $lock->set('participant_tbl', 'participant_id', $id, $frm['phone']); // Set misc values for the form. return Participant::merge(array( 'new_op' => 'update', 'submit_buttons' => array( array('name' => 'btn_submit', 'value' => _("Save changes"), 'class' => 'small button', 'accesskey' => 's'), array('name' => 'btn_repeat', 'value' => _("Save & edit next"), 'class' => 'small button secondary', 'accesskey' => 'e'), array('name' => 'btn_reset', 'value' => _("Reset"), 'class' => 'small button secondary', 'accesskey' => 'r'), array('name' => 'btn_cancel', 'value' => _("Cancel"), 'class' => 'small button secondary', 'accesskey' => 'c'), ), ), $frm); }