diff --git a/app/contacts/contacts.php b/app/contacts/contacts.php index 82c32cdb71..437787f0fe 100644 --- a/app/contacts/contacts.php +++ b/app/contacts/contacts.php @@ -26,6 +26,7 @@ require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; +require_once "resources/paging.php"; if (permission_exists('contact_view')) { //access granted } @@ -39,9 +40,8 @@ else { $text = $language->get(); //includes and title - require_once "resources/header.php"; $document['title'] = $text['title-contacts']; - require_once "resources/paging.php"; + require_once "resources/header.php"; //get the search criteria $search_all = strtolower(check_str($_GET["search_all"])); @@ -51,17 +51,155 @@ else { $order_by = check_str($_GET["order_by"]); $order = check_str($_GET["order"]); +//retrieve current user's assigned groups (uuids) + foreach ($_SESSION['groups'] as $group_data) { + $user_group_uuids[] = $group_data['group_uuid']; + } + //add user's uuid to group uuid list to include private (non-shared) contacts + $user_group_uuids[] = $_SESSION["user_uuid"]; + +//get contact sync sources + $sql = "select "; + $sql .= "contact_uuid, "; + $sql .= "contact_setting_value "; + $sql .= "from "; + $sql .= "v_contact_settings "; + $sql .= "where "; + $sql .= "domain_uuid = '".$_SESSION['domain_uuid']."' "; + $sql .= "and contact_setting_category = 'sync' "; + $sql .= "and contact_setting_subcategory = 'source' "; + $sql .= "and contact_setting_name = 'array' "; + $sql .= "and contact_setting_value <> '' "; + $sql .= "and contact_setting_value is not null "; + if (sizeof($user_group_uuids) > 0) { + $sql .= "and ( \n"; //only contacts assigned to current user's group(s) and those not assigned to any group + $sql .= " contact_uuid in ( \n"; + $sql .= " select contact_uuid from v_contact_groups "; + $sql .= " where group_uuid in ('".implode("','", $user_group_uuids)."') "; + $sql .= " and domain_uuid = '".$_SESSION['domain_uuid']."' "; + $sql .= " ) \n"; + $sql .= " or \n"; + $sql .= " contact_uuid not in ( \n"; + $sql .= " select contact_uuid from v_contact_groups "; + $sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' "; + $sql .= " ) \n"; + $sql .= ") \n"; + } + $prep_statement = $db->prepare(check_sql($sql)); + $prep_statement->execute(); + $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); + if (count($result) > 0) { + foreach($result as $row) { + $contact_sync_sources[$row['contact_uuid']][] = $row['contact_setting_value']; + } + } + unset ($sql, $prep_statement, $result); + +//build query for paging and list + $sql = "select count(*) as num_rows "; + $sql .= "from v_contacts as c "; + $sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; + if (sizeof($user_group_uuids) > 0) { + $sql .= "and ( \n"; //only contacts assigned to current user's group(s) and those not assigned to any group + $sql .= " contact_uuid in ( \n"; + $sql .= " select contact_uuid from v_contact_groups "; + $sql .= " where group_uuid in ('".implode("','", $user_group_uuids)."') "; + $sql .= " and domain_uuid = '".$_SESSION['domain_uuid']."' "; + $sql .= " ) \n"; + $sql .= " or \n"; + $sql .= " contact_uuid not in ( \n"; + $sql .= " select contact_uuid from v_contact_groups "; + $sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' "; + $sql .= " ) \n"; + $sql .= ") \n"; + } + if (strlen($phone_number) > 0) { + $phone_number = preg_replace('{\D}', '', $phone_number); + $sql .= "and contact_uuid in ( "; + $sql .= " select contact_uuid from v_contact_phones "; + $sql .= " where phone_number like '%".$phone_number."%' "; + $sql .= ") \n"; + } + else { + if (strlen($search_all) > 0) { + if (is_numeric($search_all)) { + $sql .= "and contact_uuid in ( \n"; + $sql .= " select contact_uuid from v_contact_phones "; + $sql .= " where phone_number like '%".$search_all."%' "; + $sql .= ") \n"; + } + else { + $sql .= "and contact_uuid in ( \n"; + $sql .= " select contact_uuid from v_contacts "; + $sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' \n"; + $sql .= " and ( \n"; + $sql .= " lower(contact_organization) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_name_given) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_name_family) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_nickname) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_title) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_category) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_role) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_email) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_url) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_time_zone) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_note) like '%".$search_all."%' or \n"; + $sql .= " lower(contact_type) like '%".$search_all."%' \n"; + $sql .= " ) \n"; + $sql .= ") \n"; + } + } + } + $prep_statement = $db->prepare($sql); + if ($prep_statement) { + $prep_statement->execute(); + $row = $prep_statement->fetch(PDO::FETCH_ASSOC); + if ($row['num_rows'] > 0) { + $num_rows = $row['num_rows']; + } + else { + $num_rows = '0'; + } + } + +//prepare to page the results + $rows_per_page = 100; + $param = ""; + $page = $_GET['page']; + if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; } + list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page); + $offset = $rows_per_page * $page; + +//get the list + $sql = str_replace('count(*) as num_rows', '*', $sql); // modify query created above + if (strlen($order_by) > 0) { + $sql .= "order by ".$order_by." ".$order." "; + } + else { + $sql .= "order by contact_organization asc, contact_name_given asc, contact_name_family asc "; + } + $sql .= "limit ".$rows_per_page." offset ".$offset." "; + $prep_statement = $db->prepare(check_sql($sql)); + $prep_statement->execute(); + $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); + $result_count = count($result); + unset ($prep_statement, $sql); + //show the content - echo "\n"; + echo "
\n"; echo " \n"; - echo " \n"; - echo " \n"; + echo "
\n"; - echo " ".$text['header-contacts']."
\n"; + echo " 		\n"; + echo " ".$text['header-contacts']."\n"; + echo "

"; echo " ".$text['description-contacts']."

\n"; echo " 		\n"; - echo "
\n"; - echo " \n"; - echo " \n"; + echo "
\n"; + echo $paging_controls; + echo " \n"; + echo " \n"; + echo " \n"; + echo " \n"; if (permission_exists('contact_add')) { echo "\n"; } @@ -71,140 +209,6 @@ else { echo "
\n"; echo "
\n"; - //retrieve current user's assigned groups (uuids) - foreach ($_SESSION['groups'] as $group_data) { - $user_group_uuids[] = $group_data['group_uuid']; - } - //add user's uuid to group uuid list to include private (non-shared) contacts - $user_group_uuids[] = $_SESSION["user_uuid"]; - - //get contact sync sources - $sql = "select "; - $sql .= "contact_uuid, "; - $sql .= "contact_setting_value "; - $sql .= "from "; - $sql .= "v_contact_settings "; - $sql .= "where "; - $sql .= "domain_uuid = '".$_SESSION['domain_uuid']."' "; - $sql .= "and contact_setting_category = 'sync' "; - $sql .= "and contact_setting_subcategory = 'source' "; - $sql .= "and contact_setting_name = 'array' "; - $sql .= "and contact_setting_value <> '' "; - $sql .= "and contact_setting_value is not null "; - if (sizeof($user_group_uuids) > 0) { - $sql .= "and ( \n"; //only contacts assigned to current user's group(s) and those not assigned to any group - $sql .= " contact_uuid in ( \n"; - $sql .= " select contact_uuid from v_contact_groups "; - $sql .= " where group_uuid in ('".implode("','", $user_group_uuids)."') "; - $sql .= " and domain_uuid = '".$_SESSION['domain_uuid']."' "; - $sql .= " ) \n"; - $sql .= " or \n"; - $sql .= " contact_uuid not in ( \n"; - $sql .= " select contact_uuid from v_contact_groups "; - $sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' "; - $sql .= " ) \n"; - $sql .= ") \n"; - } - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - if (count($result) > 0) { - foreach($result as $row) { - $contact_sync_sources[$row['contact_uuid']][] = $row['contact_setting_value']; - } - } - unset ($sql, $prep_statement, $result); - - //build query for paging and list - $sql = "select count(*) as num_rows "; - $sql .= "from v_contacts as c "; - $sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; - if (sizeof($user_group_uuids) > 0) { - $sql .= "and ( \n"; //only contacts assigned to current user's group(s) and those not assigned to any group - $sql .= " contact_uuid in ( \n"; - $sql .= " select contact_uuid from v_contact_groups "; - $sql .= " where group_uuid in ('".implode("','", $user_group_uuids)."') "; - $sql .= " and domain_uuid = '".$_SESSION['domain_uuid']."' "; - $sql .= " ) \n"; - $sql .= " or \n"; - $sql .= " contact_uuid not in ( \n"; - $sql .= " select contact_uuid from v_contact_groups "; - $sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' "; - $sql .= " ) \n"; - $sql .= ") \n"; - } - if (strlen($phone_number) > 0) { - $phone_number = preg_replace('{\D}', '', $phone_number); - $sql .= "and contact_uuid in ( "; - $sql .= " select contact_uuid from v_contact_phones "; - $sql .= " where phone_number like '%".$phone_number."%' "; - $sql .= ") \n"; - } - else { - if (strlen($search_all) > 0) { - if (is_numeric($search_all)) { - $sql .= "and contact_uuid in ( \n"; - $sql .= " select contact_uuid from v_contact_phones "; - $sql .= " where phone_number like '%".$search_all."%' "; - $sql .= ") \n"; - } - else { - $sql .= "and contact_uuid in ( \n"; - $sql .= " select contact_uuid from v_contacts "; - $sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' \n"; - $sql .= " and ( \n"; - $sql .= " lower(contact_organization) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_name_given) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_name_family) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_nickname) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_title) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_category) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_role) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_email) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_url) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_time_zone) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_note) like '%".$search_all."%' or \n"; - $sql .= " lower(contact_type) like '%".$search_all."%' \n"; - $sql .= " ) \n"; - $sql .= ") \n"; - } - } - } - if (strlen($order_by) > 0) { - $sql .= "order by ".$order_by." ".$order." "; - } - else { - $sql .= "order by contact_organization asc, contact_name_given asc, contact_name_family asc "; - } - $prep_statement = $db->prepare($sql); - if ($prep_statement) { - $prep_statement->execute(); - $row = $prep_statement->fetch(PDO::FETCH_ASSOC); - if ($row['num_rows'] > 0) { - $num_rows = $row['num_rows']; - } - else { - $num_rows = '0'; - } - } - - //prepare to page the results - $rows_per_page = 150; - $param = ""; - $page = $_GET['page']; - if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; } - list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page); - $offset = $rows_per_page * $page; - - //get the list - $sql = str_replace('count(*) as num_rows', '*', $sql); // modify query created above - $sql .= "limit ".$rows_per_page." offset ".$offset." "; - $prep_statement = $db->prepare(check_sql($sql)); - $prep_statement->execute(); - $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); - $result_count = count($result); - unset ($prep_statement, $sql); - $c = 0; $row_style["0"] = "row_style0"; $row_style["1"] = "row_style1"; @@ -256,21 +260,15 @@ else { } //end if results echo "\n"; - echo "\n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo " \n"; - echo "
 $paging_controls"; - echo "$v_link_label_add"; - echo "
\n"; + echo "\n"; + echo " $v_link_label_add"; echo "\n"; echo "\n"; echo ""; - echo "

"; + + echo $paging_controls; + echo "

"; //include the footer require_once "resources/footer.php";