diff --git a/app/contacts/contacts.php b/app/contacts/contacts.php index 938db50b15..453a61157c 100644 --- a/app/contacts/contacts.php +++ b/app/contacts/contacts.php @@ -43,17 +43,24 @@ $language = new text; $text = $language->get(); -//includes and title - $document['title'] = $text['title-contacts']; - require_once "resources/header.php"; +//get posted data + if (is_array($_POST['contacts'])) { + $action = $_POST['action']; + $search = $_POST['search']; + $contacts = $_POST['contacts']; + } -//get the search criteria - $search_all = strtolower($_GET["search_all"]); - $phone_number = $_GET["phone_number"]; - -//get variables used to control the order - $order_by = $_GET["order_by"]; - $order = $_GET["order"]; +//delete the contacts + if (permission_exists('contact_delete')) { + if ($action == 'delete' && is_array($contacts) && @sizeof($contacts) != 0) { + //delete + $obj = new contacts; + $obj->delete($contacts); + //redirect + header('Location: contacts.php'.($search != '' ? '?search='.urlencode($search) : null)); + exit; + } + } //retrieve current user's assigned groups (uuids) foreach ($_SESSION['groups'] as $group_data) { @@ -114,6 +121,41 @@ } unset($sql, $parameters, $result); +//get variables used to control the order + $order_by = $_GET["order_by"]; + $order = $_GET["order"]; + +//add the search term + $search = strtolower($_GET["search"]); + if (strlen($search) > 0) { + if (is_numeric($search)) { + $sql_search .= "and contact_uuid in ( "; + $sql_search .= " select contact_uuid from v_contact_phones "; + $sql_search .= " where phone_number like :search "; + $sql_search .= ") "; + } + else { + $sql_search .= "and contact_uuid in ( "; + $sql_search .= " select contact_uuid from v_contacts "; + $sql_search .= " where domain_uuid = :domain_uuid "; + $sql_search .= " and ( "; + $sql_search .= " lower(contact_organization) like :search or "; + $sql_search .= " lower(contact_name_given) like :search or "; + $sql_search .= " lower(contact_name_family) like :search or "; + $sql_search .= " lower(contact_nickname) like :search or "; + $sql_search .= " lower(contact_title) like :search or "; + $sql_search .= " lower(contact_category) like :search or "; + $sql_search .= " lower(contact_role) like :search or "; + $sql_search .= " lower(contact_url) like :search or "; + $sql_search .= " lower(contact_time_zone) like :search or "; + $sql_search .= " lower(contact_note) like :search or "; + $sql_search .= " lower(contact_type) like :search "; + $sql_search .= " ) "; + $sql_search .= ") "; + } + $parameters['search'] = '%'.$search.'%'; + } + //build query for paging and list $sql = "select count(*) "; $sql .= "from v_contacts as c "; @@ -146,55 +188,18 @@ $sql .= ") "; $parameters['user_uuid'] = $_SESSION['user_uuid']; } - if (strlen($phone_number) > 0) { - $phone_number = preg_replace('{\D}', '', $phone_number); - $sql .= "and contact_uuid in ( "; - $sql .= " select contact_uuid from v_contact_phones "; - $sql .= " where phone_number like :phone_number "; - $sql .= ") "; - $parameters['phone_number'] = '%'.$phone_number.'%'; - } - else { - if (strlen($search_all) > 0) { - if (is_numeric($search_all)) { - $sql .= "and contact_uuid in ( "; - $sql .= " select contact_uuid from v_contact_phones "; - $sql .= " where phone_number like :search_all "; - $sql .= ") "; - } - else { - $sql .= "and contact_uuid in ( "; - $sql .= " select contact_uuid from v_contacts "; - $sql .= " where domain_uuid = :domain_uuid "; - $sql .= " and ( "; - $sql .= " lower(contact_organization) like :search_all or "; - $sql .= " lower(contact_name_given) like :search_all or "; - $sql .= " lower(contact_name_family) like :search_all or "; - $sql .= " lower(contact_nickname) like :search_all or "; - $sql .= " lower(contact_title) like :search_all or "; - $sql .= " lower(contact_category) like :search_all or "; - $sql .= " lower(contact_role) like :search_all or "; - $sql .= " lower(contact_url) like :search_all or "; - $sql .= " lower(contact_time_zone) like :search_all or "; - $sql .= " lower(contact_note) like :search_all or "; - $sql .= " lower(contact_type) like :search_all "; - $sql .= " ) "; - $sql .= ") "; - } - $parameters['search_all'] = '%'.$search_all.'%'; - } - } + $sql .= $sql_search; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $database = new database; $num_rows = $database->select($sql, $parameters, 'column'); //prepare to page the results $rows_per_page = ($_SESSION['domain']['paging']['numeric'] != '') ? $_SESSION['domain']['paging']['numeric'] : 50; - $param = ""; + $param = "&search=".$search; $page = $_GET['page']; if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; } - list($paging_controls_mini, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page, true); //top - list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page); //bottom + list($paging_controls, $rows_per_page) = paging($num_rows, $param, $rows_per_page); //bottom + list($paging_controls_mini, $rows_per_page) = paging($num_rows, $param, $rows_per_page, true); //top $offset = $rows_per_page * $page; //get the list @@ -217,9 +222,16 @@ $contacts = $database->select($sql, $parameters, 'all'); unset($sql, $parameters); -//styles - echo "\n"; - -//ticket attachment layer echo "\n"; //show the content - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; + if (permission_exists('contact_delete') && $contacts) { + echo button::create(['type'=>'button','label'=>$text['button-delete'],'icon'=>$_SESSION['theme']['button_icon_delete'],'onclick'=>"if (confirm('".$text['confirm-delete']."')) { list_action_set('delete'); list_form_submit('form_list'); } else { this.blur(); return false; }"]); + } + echo "\n"; + echo ""; + echo button::create(['label'=>$text['button-search'],'icon'=>$_SESSION['theme']['button_icon_search'],'type'=>'submit','id'=>'btn_search','style'=>($search != '' ? 'display: none;' : null)]); + echo button::create(['label'=>$text['button-reset'],'icon'=>$_SESSION['theme']['button_icon_reset'],'type'=>'button','id'=>'btn_reset','link'=>'contacts.php','style'=>($search == '' ? 'display: none;' : null)]); if ($paging_controls_mini != '') { - echo " \n"; + echo " ".$paging_controls_mini.""; } - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "
\n"; - echo " ".$text['header-contacts']." (".$num_rows.")\n"; - echo "

"; - echo " 		\n"; - echo "
\n"; - echo " \n"; - echo " \n"; + echo "
\n"; + echo "
".$text['header-contacts']." (".$num_rows.")
\n"; + echo "
\n"; if (permission_exists('contact_add')) { - echo "\n"; + echo button::create(['type'=>'button','label'=>$text['button-add'],'icon'=>$_SESSION['theme']['button_icon_add'],'link'=>'contact_edit.php']); } - echo " \n"; - echo "
".$paging_controls_mini."
\n"; - echo " ".$text['description-contacts']."

\n"; - echo "
\n"; - echo "
\n"; + if (permission_exists('contact_add')) { + echo button::create(['type'=>'button','label'=>$text['button-import'],'icon'=>'file-import','link'=>'contact_import.php','style'=>'margin-left: 15px;']); + } + echo " \n"; + echo " \n"; + echo "
\n"; + echo "\n"; - $c = 0; - $row_style["0"] = "row_style0"; - $row_style["1"] = "row_style1"; + echo $text['description-contacts']."\n"; + echo "

\n"; - echo "\n"; - echo "\n"; + echo "\n"; + echo "\n"; + echo "\n"; + + echo "
\n"; + echo "\n"; + if (permission_exists('contact_delete')) { + echo " \n"; + } echo th_order_by('contact_type', $text['label-contact_type'], $order_by, $order); echo th_order_by('contact_organization', $text['label-contact_organization'], $order_by, $order); - echo "\n"; + echo "\n"; echo th_order_by('contact_name_given', $text['label-contact_name_given'], $order_by, $order); echo th_order_by('contact_name_family', $text['label-contact_name_family'], $order_by, $order); - echo th_order_by('contact_nickname', $text['label-contact_nickname'], $order_by, $order); - echo th_order_by('contact_title', $text['label-contact_title'], $order_by, $order); - echo th_order_by('contact_role', $text['label-contact_role'], $order_by, $order); - echo "\n"; - echo "\n"; + echo th_order_by('contact_nickname', $text['label-contact_nickname'], $order_by, $order, null, "class='hide-xs'"); + echo th_order_by('contact_title', $text['label-contact_title'], $order_by, $order, null, "class='hide-sm-dn'"); + echo th_order_by('contact_role', $text['label-contact_role'], $order_by, $order, null, "class='hide-sm-dn'"); + echo "\n"; + if (permission_exists('contact_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { + echo " \n"; + } echo "\n"; if (is_array($contacts) && @sizeof($contacts) != 0) { + $x = 0; foreach($contacts as $row) { - $tr_link = "href='contact_edit.php?id=".escape($row['contact_uuid'])."&query_string=".urlencode($_SERVER["QUERY_STRING"])."'"; - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; + if (permission_exists('contact_delete')) { + echo " \n"; + } + echo " \n"; + echo " \n"; + echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; - echo " \n"; + if (permission_exists('contact_edit') && $_SESSION['theme']['list_row_edit_button']['boolean'] == 'true') { + echo " \n"; + } echo "\n"; - if ($c==0) { $c=1; } else { $c=0; } - } //end foreach - unset($contacts, $row); - } //end if results + $x++; + } + unset($contacts); + } - echo "\n"; - echo "\n"; - echo "\n"; + echo "
\n"; + echo " \n"; + echo "    "; - echo "$v_link_label_add"; - echo "  
".ucwords(escape($row['contact_type']))." ".escape($row['contact_organization'])." "; + if (permission_exists('contact_edit')) { + $list_row_url = "contact_edit.php?id=".urlencode($row['contact_uuid'])."&query_string=".urlencode($_SERVER["QUERY_STRING"]); + } + echo "
\n"; + echo " \n"; + echo " \n"; + echo " ".ucwords(escape($row['contact_type']))." ".escape($row['contact_organization'])." "; if (is_uuid($row['contact_attachment_uuid'])) { - echo ""; + echo ""; } echo " ".escape($row['contact_name_given'])." ".escape($row['contact_name_family'])." ".escape($row['contact_nickname'])." ".escape($row['contact_title'])." ".escape($row['contact_role'])." "; - if (is_array($contact_sync_sources[$row['contact_uuid']]) && sizeof($contact_sync_sources[$row['contact_uuid']]) > 0) { - foreach ($contact_sync_sources[$row['contact_uuid']] as $contact_sync_source) { - switch ($contact_sync_source) { - case 'google': echo "".$text["; break; - } + echo " ".escape($row['contact_name_given'])." ".escape($row['contact_name_family'])." ".escape($row['contact_nickname'])." ".escape($row['contact_title'])." ".escape($row['contact_role'])." "; + if (is_array($contact_sync_sources[$row['contact_uuid']]) && @sizeof($contact_sync_sources[$row['contact_uuid']]) != 0) { + foreach ($contact_sync_sources[$row['contact_uuid']] as $contact_sync_source) { + switch ($contact_sync_source) { + case 'google': echo "".$text["; break; } } - else { echo " "; } - echo " "; - echo "$v_link_label_edit"; - echo "$v_link_label_delete"; + } + else { + echo " "; + } echo " "; + echo button::create(['type'=>'button','title'=>$text['button-edit'],'icon'=>$_SESSION['theme']['button_icon_edit'],'link'=>$list_row_url]); + echo "
\n"; - echo " $v_link_label_add"; - echo "
\n"; + echo "
\n"; + echo "
".$paging_controls."
\n"; - echo ""; + echo "\n"; - echo $paging_controls; - echo "

"; - - echo ""; + echo "\n"; //javascript echo "\n"; //include the footer require_once "resources/footer.php"; -?> +?> \ No newline at end of file diff --git a/app/contacts/resources/classes/contacts.php b/app/contacts/resources/classes/contacts.php new file mode 100644 index 0000000000..139c05fc9d --- /dev/null +++ b/app/contacts/resources/classes/contacts.php @@ -0,0 +1,144 @@ + + Portions created by the Initial Developer are Copyright (C) 2008-2019 + the Initial Developer. All Rights Reserved. + + Contributor(s): + Mark J Crane +*/ + +//define the contacts class +if (!class_exists('contacts')) { + class contacts { + + /** + * declare private variables + */ + private $app_name; + private $app_uuid; + private $permission_prefix; + private $list_page; + private $tables; + private $uuid_prefix; + + /** + * called when the object is created + */ + public function __construct() { + + //assign private variables + $this->app_name = 'contacts'; + $this->app_uuid = '04481e0e-a478-c559-adad-52bd4174574c'; + $this->permission_prefix = 'contact_'; + $this->list_page = 'contacts.php'; + $this->tables[] = 'contact_addresses'; + $this->tables[] = 'contact_attachments'; + $this->tables[] = 'contact_emails'; + $this->tables[] = 'contact_groups'; + $this->tables[] = 'contact_notes'; + $this->tables[] = 'contact_phones'; + $this->tables[] = 'contact_relations'; + $this->tables[] = 'contact_settings'; + $this->tables[] = 'contact_times'; + $this->tables[] = 'contact_urls'; + $this->tables[] = 'contact_users'; + $this->tables[] = 'contacts'; + $this->uuid_prefix = 'contact_'; + + } + + /** + * called when there are no references to a particular object + * unset the variables used in the class + */ + public function __destruct() { + foreach ($this as $key => $value) { + unset($this->$key); + } + } + + /** + * delete records + */ + public function delete($records) { + if (permission_exists($this->permission_prefix.'delete')) { + + //add multi-lingual support + $language = new text; + $text = $language->get(); + + //validate the token + $token = new token; + if (!$token->validate($_SERVER['PHP_SELF'])) { + message::add($text['message-invalid_token'],'negative'); + header('Location: '.$this->list_page); + exit; + } + + //delete multiple records + if (is_array($records) && @sizeof($records) != 0) { + + //build the delete array + foreach ($records as $x => $record) { + if ($record['checked'] == 'true' && is_uuid($record['uuid'])) { + if (is_array($this->tables) && @sizeof($this->tables) != 0) { + foreach ($this->tables as $table) { + $array[$table][$x][$this->uuid_prefix.'uuid'] = $record['uuid']; + $array[$table][$x]['domain_uuid'] = $_SESSION['domain_uuid']; + } + } + } + } + + //delete the checked rows + if (is_array($array) && @sizeof($array) != 0) { + + //grant temp permissions + $p = new permissions; + $database = new database; + foreach ($this->tables as $table) { + $p->add($database->singular($table).'_delete', 'temp'); + } + + //execute delete + $database = new database; + $database->app_name = $this->app_name; + $database->app_uuid = $this->app_uuid; + $database->delete($array); + unset($array); + + //revoke temp permissions + $database = new database; + foreach ($this->tables as $table) { + $p->delete($database->singular($table).'_delete', 'temp'); + } + + //set message + message::add($text['message-delete']); + } + unset($records); + } + } + } //method + + } //class +} + +?> \ No newline at end of file