Session = $this->App->useSession();
$this->setId($this->App->getHTTPParameter('member_id', 'POST'));
if($this->getIsAvalidMemberId()){
// IF the user is requesting a token,
// we want to return right after
switch($this->getState()){
case 'token-request':
$this->_submitTokenRequest();
return FALSE;
}
$this->_setInitialFieldsAndLogos();
// Check what have changed
switch($this->getState()){
case 'edit-info':
$this->_editSelectedInformation();
break;
case 'edit-logo':
$this->_editSmallOrLargeLogo();
break;
case 'edit-link':
$this->_editMemberProduct();
break;
case 'add-link':
$this->_createMemberProduct();
break;
case 'delete-link':
$this->_deleteMemberProduct();
break;
case 'add-contact':
$this->_submitNewMaintainer();
break;
}
}
}
/**
* Creating an Email in HTML format
* */
public function createEmail($_to, $_subject, $_body){
if($this->App->is_staging()){
$_to = 'webdev@eclipse.org';
}
$from = 'webmaster@eclipse.org';
$headers = "MIME-Version: 1.0" . PHP_EOL;
$headers .= 'Content-Type: text/plain; charset=UTF-8' . PHP_EOL;
$headers .= 'From: ' . $from . PHP_EOL .
'Reply-To: ' . $from . PHP_EOL;
mail($_to, $_subject, $_body, $headers);
}
/**
* GETTERS
* */
/**
* Getting the member's current short description
* @param string
* */
public function getMemberProduct(){
return $this->member_product;
}
/**
* Getting the member's current short description
* @param string
* */
public function getMemberShortDescription(){
return stripslashes($this->member_short_description);
}
/**
* Getting the member's current long description
* @param string
* */
public function getMemberLongDescription(){
return stripslashes($this->member_long_description);
}
/**
* Getting the member's current url
* @param string
* */
public function getMemberUrl(){
return $this->member_url;
}
public function getMemberLogo($_size){
if($_size == 'small'){
return $this->member_small_logo;
}
if($_size == 'large'){
return $this->member_large_logo;
}
}
/**
* Get the Success or Error Mesage
* @return string
* */
public function getStatusMessage() {
// Make sure we have a session
session_start();
$html = "";
$messages = $_SESSION['eclipse']['status_message'];
if(!empty($messages)){
foreach($messages as $type => $msgs) {
foreach($msgs as $m) {
$html .= '' . $m . '
';
}
}
unset($_SESSION['eclipse']['status_message']);
session_destroy();
return $html;
}
}
public function getState() {
if (is_null($this->state)) {
$this->state = $this->App->getHTTPParameter('state', 'GET');
}
return $this->state;
}
/**
* Get the token submitted by the user
* @parem string
* */
public function getToken(){
if (!$this->token) {
$this->_setToken();
}
return $this->token;
}
/**
* Fetch the user ID using the Friend's class
* @param string
* */
public function fetchUserEmail(){
if ($this->getToken() != "") {
$mail = $this->_fetchEmailBasedOnToken();
}
if(empty($mail) && $this->Session->isLoggedIn()){
$Friend = $this->Session->getFriend();
$mail = $Friend->getEmail();
}
return !empty($mail) ? $mail : "";
}
/**
* Query to fetch the Member's maintainers
* @param array
* */
public function fetchMemberMaintainers($_users = ""){
$_email = $this->App->returnQuotedString($this->App->sqlSanitize($this->fetchUserEmail()));
$_member_id = $this->App->returnQuotedString($this->App->sqlSanitize($this->id));
if (!empty($_member_id)) {
$sql = 'SELECT
p.PersonID, p.FName, p.LName, p.EMail, p.Phone,
group_concat("",
CASE oc.Relation
WHEN "MPE" THEN "Membership Page Editor"
WHEN "DE" THEN "Delegate"
WHEN "MA" THEN "Marketing"
WHEN "CR" THEN "Company Representative"
END) as Type
FROM People as p
LEFT JOIN OrganizationContacts as oc
ON p.PersonID = oc.PersonID ';
if ($_users == EDITMEMBERSHIP_LOGGED_IN_USER) {
$sql .= 'WHERE p.EMail = '. $_email;
}
else {
$sql .= 'WHERE p.EMail IN
(SELECT
p.Email
FROM OrganizationContacts as oc
LEFT JOIN People as p
ON oc.PersonID = p.PersonID
WHERE OrganizationID = ' . $_member_id . '
)';
}
$sql .= 'AND (oc.Relation = "CR" OR oc.Relation = "MA" OR oc.Relation = "DE" OR oc.Relation = "MPE")
AND OrganizationID = ' . $_member_id . '
GROUP BY p.PersonID';
$result = $this->App->foundation_sql($sql);
// Build the array containing the Employees of this Member
$_contacts = array();
while ($row = mysql_fetch_assoc($result)) {
$_contacts[$row['PersonID']]['PersonID'] = $row['PersonID'];
$_contacts[$row['PersonID']]['FName'] = $row['FName'];
$_contacts[$row['PersonID']]['LName'] = $row['LName'];
$_contacts[$row['PersonID']]['EMail'] = $row['EMail'];
$_contacts[$row['PersonID']]['Phone'] = ($row['Phone'] != NULL ? $row['Phone'] : 'N/A');
$_contacts[$row['PersonID']]['Type'] = ($row['Type'] != NULL ? $row['Type'] : 'N/A');
}
}
return !empty($_contacts) ? $_contacts : array();
}
/**
* Content of the page on first load
* Depending on if the user has the rights
* to edit the page or not
* @return string
*/
public function outputPage() {
$html = "";
ob_start();
if ($this->getIsAvalidMemberId() === FALSE) {
$this->setMemberName("Invalid Member ID");
include($_SERVER['DOCUMENT_ROOT'] . '/membership/content/en_showMemberInvalid.php');
return ob_get_clean();
exit;
}
switch($this->validateUser()) {
case TRUE:
$this->_editPage();
break;
case FALSE:
print 'Request access to edit the '. $this->getMemberName() .' Membership Page
';
print $this->getStatusMessage();
include($_SERVER['DOCUMENT_ROOT'] . '/membership/content/en_token_request.php');
break;
}
return ob_get_clean();
}
/**
* Set the success or error message
* @param string
* */
public function setStatusMessage($_message = '', $_type = 'success') {
// Make sure we have a session
session_start();
$alert_type = array('success', 'warning', 'danger', 'info');
if(!in_array($_type, $alert_type)) {
$_type = 'warning';
}
$_SESSION['eclipse']['status_message'][$_type][] = $_message;
}
/**
* Is the user a valid maintainer for org?
*
* @return boolean
*/
public function isMaintainer() {
$member_id = $this->id;
$email = $this->fetchUserEmail();
if (!empty($email) && !empty($member_id)) {
$member_id = $this->App->returnQuotedString($this->App->sqlSanitize($member_id));
$email = $this->App->returnQuotedString($this->App->sqlSanitize($email));
$sql = 'SELECT p.EMail FROM OrganizationContacts as oc
LEFT JOIN People as p
ON oc.PersonID = p.PersonID
WHERE oc.OrganizationID = ' . $member_id . '
AND p.EMail = ' . $email . '
AND (oc.Relation = "CR" OR oc.Relation = "MA" OR oc.Relation = "DE" OR oc.Relation = "MPE")';
$result = $this->App->foundation_sql($sql);
while ($row = mysql_fetch_assoc($result)) {
$return = TRUE;
break;
}
}
return !empty($return) ? TRUE : FALSE;
}
/**
* Validate token
*
* @return boolean
*/
public function validateToken() {
$member_id = $this->id;
$token = $this->getToken();
$email = $this->fetchUserEmail();
if (!empty($email) && !empty($member_id) && !empty($token)) {
$token = $this->App->returnQuotedString($this->App->sqlSanitize($token));
$member_id = $this->App->returnQuotedString($this->App->sqlSanitize($member_id));
$email = $this->App->returnQuotedString($this->App->sqlSanitize($email));
$subnet = $this->App->returnQuotedString($this->App->sqlSanitize($this->App->getSubnet()));
// Check to see if the token is there and valid
$sql = 'SELECT ValidUntil FROM OrganizationTokens WHERE Token = ' . $token
. ' and OrganizationID = ' . $member_id
. ' and Email = ' . $email
. ' and Subnet = ' . $subnet;
$result = $this->App->eclipse_sql($sql);
while ($row = mysql_fetch_assoc($result)) {
// Check to see if the token has expired
$current_time = date('Y-m-d H:i:s');
if ($row['ValidUntil'] > $current_time) {
$return = TRUE;
break;
}
}
}
return !empty($return) ? TRUE : FALSE;
}
/**
* Is logged-in user an admin?
*
* @return boolean
*/
public function isAdmin(){
$admins = array(
'pmisingnameu8g' => 'perri.lavergne@eclipse-foundation.org',
'zfazli' => 'zahra.fazli@eclipse-foundation.org',
'webdev' => 'webdev@eclipse.org',
'cwitt' => 'christie.witt@eclipse-foundation.org'
);
$Friend = $this->Session->getFriend();
$friend_uid = strtolower($Friend->getUID());
$friend_email = strtolower($Friend->getEmail());
$valid = FALSE;
// Is the user an admin?
foreach ($admins as $username => $email) {
if ($friend_uid === $username && $friend_email === $email) {
$valid = TRUE;
break;
}
}
return !empty($valid) ? TRUE : FALSE;
}
/**
* Validate the user
* - Check if the logged in user is a maintainer of the selected Member
* - Check if the token submitted is valid
* - Returns the state of the user ($user_state)
* @param string
* */
public function validateUser(){
$valid = FALSE;
// Is the logged in user an admin?
if ($this->isAdmin()) {
$valid = TRUE;
}
// Is the user a maintainer?
if (!$valid && $this->isMaintainer()) {
$valid = TRUE;
}
// Is this a valid token for the user?
if (!$valid && $this->validateToken()) {
$valid = TRUE;
}
return !empty($valid) ? TRUE : FALSE;
}
/**
* This function insert a new product in the OrganizationProducts table
* */
private function _createMemberProduct(){
$productFields = array(
'org_id' => filter_var($this->App->getHTTPParameter("new_member_product_organization_id", "POST"), FILTER_SANITIZE_NUMBER_INT),
'name' => filter_var($this->App->getHTTPParameter("new_member_product_name", "POST"), FILTER_SANITIZE_STRING),
'description' => filter_var($this->App->getHTTPParameter("new_member_product_description", "POST"), FILTER_SANITIZE_STRING),
'url' => filter_var($this->App->getHTTPParameter("new_member_product_url", "POST"), FILTER_SANITIZE_URL)
);
// Define default error message
$message = '';
$message_type = 'danger';
// Check if id and url is not empty
// Description can be empty
if(empty($productFields['name'])){
$message .= 'ERROR, The Name field is empty.
';
}
if(empty($productFields['url'])){
$message .= 'ERROR, The URL field is empty.
';
}
if (!empty($productFields['url']) && !empty($productFields['name']) && !empty($productFields['org_id'])) {
$sql = 'INSERT INTO OrganizationProducts (OrganizationID,name,description,product_url)
VALUES ('.
$this->App->returnQuotedString($this->App->sqlSanitize($productFields['org_id'])).','.
$this->App->returnQuotedString($this->App->sqlSanitize($productFields['name'])).','.
$this->App->returnQuotedString($this->App->sqlSanitize($productFields['description'])).','.
$this->App->returnQuotedString($this->App->sqlSanitize($productFields['url'])).
')';
$result = $this->App->eclipse_sql($sql);
$message = 'SUCCESS, a new link has been created.';
$message_type = 'success';
}
// SET MESSAGE
$this->setStatusMessage($message, $message_type);
// Get the most up to date product data
$this->_setMemberProduct($this->fetchMemberProducts());
$this->_redirectTo('#open_tab_edit-links');
}
/**
* Edit the Member products (links)
* */
private function _editMemberProduct(){
$product = array(
'id' => filter_var($this->App->getHTTPParameter("member_product_id", "POST"), FILTER_SANITIZE_NUMBER_INT),
'name' => filter_var($this->App->getHTTPParameter("member_product_name", "POST"), FILTER_SANITIZE_STRING),
'description' => filter_var($this->App->getHTTPParameter("member_product_description", "POST"), FILTER_SANITIZE_STRING),
'url' => filter_var($this->App->getHTTPParameter("member_product_url", "POST"), FILTER_SANITIZE_URL)
);
// Define default error message
$message = 'ERROR, one of your fields is empty.';
$message_type = 'danger';
// Check if id and url is not empty
// Description can be empty
if(empty($product['name'])){
$message .= 'ERROR, The Name field is empty.
';
}
if(empty($product['url'])){
$message .= 'ERROR, The URL field is empty.
';
}
if (!empty($product['id']) && !empty($product['url']) && !empty($product['name'])) {
$sql = 'UPDATE OrganizationProducts SET
name = ' . $this->App->returnQuotedString($this->App->sqlSanitize($product['name'])) . ',
description = ' . $this->App->returnQuotedString($this->App->sqlSanitize($product['description'])) . ',
product_url = ' . $this->App->returnQuotedString($this->App->sqlSanitize($product['url'])) . '
WHERE
ProductID = ' . $this->App->returnQuotedString($this->App->sqlSanitize($product['id']));
$result = $this->App->eclipse_sql($sql);
$message = 'SUCCESS, your product has been changed.';
$message_type = 'success';
}
// SET MESSAGE
$this->setStatusMessage($message, $message_type);
// Get the most up to date product data
$this->_setMemberProduct($this->fetchMemberProducts());
$this->_redirectTo('#open_tab_edit-links');
}
/**
* Content of the Edit Page
* @return string
* */
private function _editPage(){
$token = $this->getToken();
if(!empty($token)) {
$this->token_url = '&token=' . $token;
}
print 'Edit '. $this->getMemberName() .' Membership Page
';
print $this->getStatusMessage();
include($_SERVER['DOCUMENT_ROOT'] . '/membership/content/en_editMember.php');
}
/**
* This function deletes member products
* */
private function _deleteMemberProduct(){
$product_id = filter_var($this->App->getHTTPParameter("member_product_id", "POST"), FILTER_SANITIZE_STRING);
// Define default error message
$message = 'ERROR, your link has not been deleted.';
$message_type = 'danger';
$is_part_of_product_list = FALSE;
$products = $this->fetchMemberProducts();
foreach($products as $product){
if($product_id == $product['id']){
$is_part_of_product_list = TRUE;
break;
}
}
if($is_part_of_product_list && !empty($product_id)) {
$sql = 'DELETE FROM OrganizationProducts
WHERE ProductID = ' . $product_id;
$result = $this->App->eclipse_sql($sql);
$message = 'SUCCESS, your link has been deleted.';
$message_type = 'success';
}
// SET MESSAGE
$this->setStatusMessage($message, $message_type);
// Get the most up to date product data
$this->_setMemberProduct($this->fetchMemberProducts());
$this->_redirectTo('#open_tab_edit-links');
}
/**
* Update/Edit the Member's information
* */
private function _editSelectedInformation(){
// Set the member's information
$short_desc = filter_var($this->App->getHTTPParameter("member_short_description", "POST"), FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_HIGH);
$long_desc = filter_var(strip_tags($this->App->getHTTPParameter("member_long_description", "POST"), '
- '), FILTER_DEFAULT, FILTER_FLAG_STRIP_HIGH);
$url = filter_var($this->App->getHTTPParameter("member_url", "POST") , FILTER_SANITIZE_URL);
$id = $this->id;
// Define default error message
$message = 'ERROR, one of your fields is empty.';
$message_type = 'danger';
if(!empty($id) && !empty($short_desc) && !empty($long_desc) && !empty($url)){
// Update the Members Descriptions and url in the database
$sql = "INSERT INTO OrganizationInformation
(OrganizationID,short_description,long_description,company_url,small_width,small_height,large_width,large_height)
VALUES
(". $this->App->returnQuotedString($this->App->sqlSanitize($id)) .",
". $this->App->returnQuotedString($this->App->sqlSanitize($short_desc)) .",
". $this->App->returnQuotedString($this->App->sqlSanitize($long_desc)) .",
". $this->App->returnQuotedString($this->App->sqlSanitize($url)) .",
0,0,0,0)
ON DUPLICATE KEY
UPDATE
OrganizationID = " . $this->App->returnQuotedString($this->App->sqlSanitize($id)) . ",
short_description = ". $this->App->returnQuotedString($this->App->sqlSanitize($short_desc)) .",
long_description = ". $this->App->returnQuotedString($this->App->sqlSanitize($long_desc)) .",
company_url = ". $this->App->returnQuotedString($this->App->sqlSanitize($url));
$result = $this->App->eclipse_sql($sql);
// Get the most up to date text fields
$this->_setMemberTextFields($short_desc,$long_desc,$url);
// Define success message
$message = 'SUCCESS, your information has changed.';
$message_type = 'success';
}
// SET MESSAGE
$this->setStatusMessage($message, $message_type);
$this->_redirectTo('#open_tab_edit-member-info');
}
// EDIT IMAGES
/**
* Edit the current logo
* This function is being used for the Small logo and Large logo
* */
private function _editSmallOrLargeLogo(){
$_param = $this->App->getHTTPParameter('logo-size', 'POST');
$_logo = $this->App->getHTTPParameter('member_'.$_param.'_logo', 'FILES');
// Define default message
$message = 'ERROR, no image has been submitted.';
$message_type = 'danger';
if(empty($_logo['tmp_name']) || empty($_logo['type'])){
$this->setStatusMessage($message, $message_type);
return;
}
$logo_mime = $_logo['type'];
$logo_tmp_name = $_logo['tmp_name'];
$logo_error = $_logo['error'];
$_id = $this->App->sqlSanitize($this->id);
// Error #0 = No errors.
if($logo_error == 0){
$logo_info = getimagesize($logo_tmp_name);
$logo_width = $logo_info[0];
$logo_height = $logo_info[1];
$max_size = 0;
// Check if the submitted logo is the small or large one
if($_param == 'small'){
$max_size = 120;
}
if($_param == 'large'){
$max_size = 200;
}
// Resize the image if needed
$logo_resize = $this->_resize_image($logo_tmp_name, $logo_width, $logo_height, $logo_info[2], $max_size);
imagepng($logo_resize, $logo_tmp_name, 9, PNG_ALL_FILTERS);
$logo_mime = $this->App->sqlSanitize('image/png');
// Get the image ready for blob
$file_open = fopen($logo_tmp_name, 'rb');
$file_raw = fread($file_open, filesize($logo_tmp_name));
fclose($file_open);
$logo_blob = addslashes($file_raw);
// Get the width and height of the new logo
$image = imagecreatefromstring($file_raw);
$width = $this->App->sqlSanitize(imagesx($image));
$height = $this->App->sqlSanitize(imagesy($image));
$other_param = ($_param == 'small' ? 'large' : 'small');
$sql = "INSERT INTO OrganizationInformation
(
OrganizationID,
company_url,
".$_param."_mime,
".$_param."_width,
".$other_param."_width,
".$_param."_height,
".$other_param."_height,
".$_param."_logo
)
VALUES
(
". $this->App->returnQuotedString($this->App->sqlSanitize($_id)) .",
'http://',
'". $logo_mime ."',
". $this->App->returnQuotedString($this->App->sqlSanitize($width)) .",
'0',
". $this->App->returnQuotedString($this->App->sqlSanitize($height)) .",
'0',
'".$logo_blob."'
)
ON DUPLICATE KEY
UPDATE
OrganizationID = '". $this->App->sqlSanitize($_id) ."',
company_url = 'http://',
".$_param."_mime = '". $logo_mime ."',
".$_param."_width = ". $this->App->returnQuotedString($this->App->sqlSanitize($width)) .",
".$other_param."_width = '0',
".$_param."_height = ". $this->App->returnQuotedString($this->App->sqlSanitize($height)) .",
".$other_param."_height = 0,
".$_param."_logo = '". $logo_blob ."'";
$result = $this->App->eclipse_sql($sql);
$message = 'SUCCESS, you have submitted a new logo.';
$message_type = 'success';
$new_image = '
).')
';
$this->_setMemberLogo($new_image, $_param);
}
// SET MESSAGE
$this->setStatusMessage($message, $message_type);
$this->_redirectTo('#open_tab_edit-logos');
}
/**
* Validate that the token
* */
private function _fetchEmailBasedOnToken(){
$token = $this->App->returnQuotedString($this->App->sqlSanitize($this->getToken()));
$sql = 'SELECT *
FROM OrganizationTokens
WHERE Token = ' . $token;
$result = $this->App->eclipse_sql($sql);
// Put the results in an array
$email_array = array();
while ($row = mysql_fetch_assoc($result)) {
$email_array['EMail'] = $row['Email'];
}
$email = $this->App->returnQuotedString($this->App->sqlSanitize($email_array['EMail']));
$sql_people = 'SELECT EMail
FROM People
WHERE EMail = ' . $email;
$result_people = $this->App->foundation_sql($sql_people);
$uid_array = array();
while ($row = mysql_fetch_assoc($result_people)) {
$uid_array['EMail'] = $row['EMail'];
}
return $uid_array['EMail'];
}
/**
* Redirect the user to the same page after submit a form
* */
private function _redirectTo($_anchor){
header("Location: https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . $_anchor, 302);
exit;
}
/**
* Resize an image/logo
* @param string
* */
private function _resize_image($_tmp_name,$_width,$_height,$_type,$_max){
$logo_resize = imagecreatetruecolor($_width, $_height);
$new_height = $_height;
$new_width = $_width;
if( $_width > $_max || $_height > $_max ) {
if( $_width < $_height ){
$new_height = $_max;
$aspect = $_width/$_height;
$new_width = $new_height * $aspect;
}else{
$new_width = $_max;
$aspect = $_height/$_width;
$new_height = $new_width * $aspect;
}
}
$logo_resize = imagecreatetruecolor($new_width, $new_height);
switch( $_type ) { //$_logo_info[2]
case IMAGETYPE_GIF: $image = imagecreatefromgif($_tmp_name); break;
case IMAGETYPE_JPEG: $image = imagecreatefromjpeg($_tmp_name); break;
case IMAGETYPE_PNG:
imagealphablending($logo_resize, FALSE);
imagesavealpha($logo_resize, TRUE);
$image = imagecreatefrompng($_tmp_name);
$transparent = imagecolorallocatealpha($logo_resize, 255, 255, 255, 127);
imagefilledrectangle($logo_resize, 0, 0, $new_width, $new_height, $transparent);
break;
}
imagecopyresampled($logo_resize, $image, 0, 0, 0, 0, $new_width, $new_height, $_width, $_height);
return $logo_resize;
}
/**
* Set the initial values of text fields and logos
* on first page load
* @param string
* */
private function _setInitialFieldsAndLogos(){
// Fetch the member's information from database
$memberInfo = $this->fetchProfile();
// Set current information
$this->_setMemberTextFields($memberInfo['body'],$memberInfo['full_text'],$memberInfo['website']);
// Set the current small and large logo
$this->_setMemberLogo($memberInfo['small_logo_link'], 'small');
$this->_setMemberLogo($memberInfo['large_logo_link'], 'large');
// Set the current products
$this->_setMemberProduct($this->fetchMemberProducts());
}
/**
* SETTERS
* */
/**
* Setting all the current text fields
* @param string
* */
private function _setMemberTextFields($_short_desc, $_long_desc, $_url){
$this->_setMemberShortDescription($_short_desc);
$this->_setMemberLongDescription($_long_desc);
$this->_setMemberUrl($_url);
}
/**
* Setting all the current text fields
* @param string
* */
private function _setMemberProduct($_val){
$this->member_product = $_val;
}
/**
* Setting the member's current short description
* @param string
* */
private function _setMemberShortDescription($_val){
$this->member_short_description = $_val;
}
/**
* Setting the member's current long description
* @param string
* */
private function _setMemberLongDescription($_val){
$this->member_long_description = $_val;
}
/**
* Setting the member's current url
* @param string
* */
private function _setMemberUrl($_val){
$this->member_url = $_val;
}
/**
* Setting the current logo
* @param string
* */
private function _setMemberLogo($_val, $_size){
if($_size == 'small'){
$this->member_small_logo = $_val;
}
if($_size == 'large'){
$this->member_large_logo = $_val;
}
}
/**
* Set the token submitted by the user
* */
private function _setToken(){
$token = filter_var($this->App->getHTTPParameter('token', 'GET'), FILTER_SANITIZE_STRING);
if(!empty($token)){
$this->token = $token;
}
}
/**
* Submit a new maintainer for the specified member
* */
private function _submitNewMaintainer(){
$newMaintainerFields = array(
'first_name' => array('name' => 'first name', 'value' => filter_var($this->App->getHTTPParameter("new_maintainer_first_name", "POST"), FILTER_SANITIZE_STRING)),
'last_name' => array('name' => 'last name','value' => filter_var($this->App->getHTTPParameter("new_maintainer_last_name", "POST"), FILTER_SANITIZE_STRING)),
'email' => array('name' => 'email address','value' => filter_var($this->App->getHTTPParameter("new_maintainer_email", "POST"), FILTER_SANITIZE_EMAIL)),
'phone' => array('name' => 'phone number','value' => filter_var($this->App->getHTTPParameter("new_maintainer_phone", "POST"), FILTER_SANITIZE_STRING)),
'role' => array('name' => 'contact role','value' => filter_var_array($this->App->getHTTPParameter("new_maintainer_type", "POST"), FILTER_SANITIZE_STRING)),
);
// Fetch the current user's email and uid
$user = $this->fetchMemberMaintainers(EDITMEMBERSHIP_LOGGED_IN_USER);
foreach ($user as $u){
$currentUserFullName = $u['FName'] . " " . $u['LName'];
$currentUserEmail = $u['EMail'];
break;
}
$status_message = "";
$message_type = "danger";
$good_to_send = FALSE;
$is_company_rep = FALSE;
foreach($newMaintainerFields as $field) {
if($field['value'] == "") {
$status_message .= "Please enter a valid " . $field['name'] . ".
";
}
}
$maintainers = $this->fetchMemberMaintainers();
// Check if email is not empty
if ($newMaintainerFields['email']['value'] != "" && !empty($newMaintainerFields['role']['value'])) {
// Check if the email submitted matches with one already on record
// And already has the submitted role
foreach ($maintainers as $maintainer) {
if (($newMaintainerFields['email']['value'] == $maintainer['EMail'])) {
$roles = explode(",", $maintainer['Type']);
foreach ($newMaintainerFields['role']['value'] as $newRole) {
if (in_array($newRole, $roles)) {
$status_message .= $newMaintainerFields['email']['value'] . " is already a ". $newRole .".
";
}
}
break;
}
}
}
if($status_message == ""){
// All new maintainers are to be sent to Perri
$to = "membership-admin@eclipse.org";
$email_subject = "New Maintainer Request for " . $this->getMemberName(). "";
$email_body = $currentUserFullName . " has requested for a new maintainer to be added to " . $this->getMemberName() . '.';
$email_body .= PHP_EOL.PHP_EOL."Here are the information of the new maintainer:";
$email_body .= PHP_EOL."Member Name: " . $this->getMemberName();
$email_body .= PHP_EOL."First Name: " . $newMaintainerFields['first_name']['value'];
$email_body .= PHP_EOL."Last Name: " . $newMaintainerFields['last_name']['value'];
$email_body .= PHP_EOL."Email Address: " . $newMaintainerFields['email']['value'];
$email_body .= PHP_EOL."Phone Number: " . $newMaintainerFields['phone']['value'];
$email_body .= PHP_EOL."Contact Type: ";
foreach ($newMaintainerFields['role']['value'] as $role) {
if ($role == 'Company Representative (CR)') {
$is_company_rep = TRUE;
}
$email_body .= PHP_EOL . $role . ',';
}
$email_body .= PHP_EOL.PHP_EOL."Please verify this information and add the new maintainer if required.";
$email_body .= PHP_EOL.PHP_EOL."For more information about this request please contact:";
$email_body .= PHP_EOL."Name: " . $currentUserFullName;
$email_body .= PHP_EOL."Email: " . $currentUserEmail;
if ($is_company_rep === TRUE) {
$email_body .= PHP_EOL."NOTE: This person has been designated as a Company Representative.
PLEASE MAKE SURE THE COMPANY HAS ONLY 1 COMPANY REPRESENTATIVE.
THIS IS NOT AUTOMATED AND MUST BE VERIFIED WITH THE COMPANY AND
UPDATED MANUALLY IN BOTH THE DATABASE AND THE CRM.";
}
$this->createEmail($to, $email_subject, $email_body);
$status_message = "Thank you.
Your changes will be reviewed by the Eclipse Foundation's membership
management, and you may be contacted to provide further information.";
$message_type = "success";
}
$this->setStatusMessage($status_message, $message_type);
$this->_redirectTo('#open_tab_view-contacts');
}
/**
* Submit a token by email to the user
* The token will be valid for only 24 hours
* */
private function _submitTokenRequest(){
// Check if it's ok to send the token
// By verifying the email address submitted
$email_to = filter_var($this->App->getHTTPParameter("token_request_email", "POST"), FILTER_SANITIZE_EMAIL);
$emails = $this->fetchMemberMaintainers();
$good_to_send = FALSE;
foreach ($emails as $email){
if($email['EMail'] == $email_to){
$good_to_send = TRUE;
break;
}
}
// Default status message is the error message
$message = "The email address ". $email_to ." is not defined
as a maintainer for the member ". $this->getMemberName() .".
Please contact membership-admin@eclipse.org
if you think you should have access and be defined as a maintainer.";
$message_type = 'danger';
if($good_to_send){
//Generate the token
$token = $this->App->sqlSanitize(bin2hex(openssl_random_pseudo_bytes(32)));
$token_quoted = $this->App->returnQuotedString($token);
$token_is_valid_until = $this->App->returnQuotedString($this->App->sqlSanitize(date('Y-m-d H:i:s', strtotime('+1 day', time()))));
$subnet = $this->App->returnQuotedString($this->App->sqlSanitize($this->App->getSubnet()));
$memberId = $this->App->returnQuotedString($this->App->sqlSanitize($this->id));
$email_to = $this->App->returnQuotedString($email_to);
// Add a new entry in the OrganizationTokens table
$sql = 'INSERT INTO OrganizationTokens
(OrganizationID, Token, Email,
Subnet, ValidUntil)
values(' . $memberId . ', '. $token_quoted . ', ' . $email_to . ',
'. $subnet .', '. $token_is_valid_until .')';
$result = $this->App->eclipse_sql($sql);
// Send an email
$domain = $_SERVER['HTTP_HOST'];
$email_subject = 'Your token to modify the member page of ' . $this->getMemberName();
$email_body = 'You have been granted 24 hours to edit the '. $this->getMemberName() .' member page.'.
PHP_EOL. PHP_EOL .'Please use the following link to make the edits:'.
PHP_EOL.'https://'. $domain .'/membership/editMember.php?member_id='. $this->id .'&token='. $token .
PHP_EOL. PHP_EOL .'For more information, please contact membership-admin@eclipse.org.';
$this->createEmail($email_to, $email_subject, $email_body);
// Set the status message to success if the token has been sent
$message = 'An email has been sent
to ' . $email_to . '.
Please verify your inbox.';
$message_type = 'success';
}
$this->setStatusMessage($message, $message_type);
}
}