Portions created by the Initial Developer are Copyright (C) 2008-2019 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ //includes require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; //check permissions if (permission_exists('contact_view')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //action add or update if (is_uuid($_REQUEST["id"])) { $action = "update"; $contact_uuid = $_REQUEST["id"]; } else { $action = "add"; } //get http post variables and set them to php variables if (count($_POST) > 0) { $user_uuid = $_POST["user_uuid"]; $group_uuid = $_POST['group_uuid']; $contact_type = $_POST["contact_type"]; $contact_organization = $_POST["contact_organization"]; $contact_name_prefix = $_POST["contact_name_prefix"]; $contact_name_given = $_POST["contact_name_given"]; $contact_name_middle = $_POST["contact_name_middle"]; $contact_name_family = $_POST["contact_name_family"]; $contact_name_suffix = $_POST["contact_name_suffix"]; $contact_nickname = $_POST["contact_nickname"]; $contact_title = $_POST["contact_title"]; $contact_category = $_POST["contact_category"]; $contact_role = $_POST["contact_role"]; $contact_time_zone = $_POST["contact_time_zone"]; $contact_note = $_POST["contact_note"]; } //process the form data if (count($_POST) > 0 && strlen($_POST["persistformvar"]) == 0) { //set the uuid if ($action == "update") { $contact_uuid = $_POST["contact_uuid"]; } //validate the token $token = new token; if (!$token->validate($_SERVER['PHP_SELF'])) { message::add($text['message-invalid_token'],'negative'); header('Location: contacts.php'); exit; } //check for all required data $msg = ''; //if (strlen($contact_type) == 0) { $msg .= $text['message-required'].$text['label-contact_type']."
\n"; } //if (strlen($contact_organization) == 0) { $msg .= $text['message-required'].$text['label-contact_organization']."
\n"; } //if (strlen($contact_name_prefix) == 0) { $msg .= $text['message-required'].$text['label-contact_name_prefix']."
\n"; } //if (strlen($contact_name_given) == 0) { $msg .= $text['message-required'].$text['label-contact_name_given']."
\n"; } //if (strlen($contact_name_middle) == 0) { $msg .= $text['message-required'].$text['label-contact_name_middle']."
\n"; } //if (strlen($contact_name_family) == 0) { $msg .= $text['message-required'].$text['label-contact_name_family']."
\n"; } //if (strlen($contact_name_suffix) == 0) { $msg .= $text['message-required'].$text['label-contact_name_suffix']."
\n"; } //if (strlen($contact_nickname) == 0) { $msg .= $text['message-required'].$text['label-contact_nickname']."
\n"; } //if (strlen($contact_title) == 0) { $msg .= $text['message-required'].$text['label-contact_title']."
\n"; } //if (strlen($contact_role) == 0) { $msg .= $text['message-required'].$text['label-contact_role']."
\n"; } //if (strlen($contact_time_zone) == 0) { $msg .= $text['message-required'].$text['label-contact_time_zone']."
\n"; } //if (strlen($contact_note) == 0) { $msg .= $text['message-required'].$text['label-contact_note']."
\n"; } if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) { require_once "resources/header.php"; require_once "resources/persist_form_var.php"; echo "

\n"; echo "

\n"; echo $msg."
"; echo "

\n"; persistformvar($_POST); echo "

\n"; require_once "resources/footer.php"; return; } //add or update the database if ($_POST["persistformvar"] != "true") { //add the contact if ($action == "add" && permission_exists('contact_add')) { $contact_uuid = uuid(); $array['contacts'][0]['contact_uuid'] = $contact_uuid; message::add($text['message-add']); $location = "contact_edit.php?id=".urlencode($contact_uuid); } //update the contact if ($action == "update" && permission_exists('contact_edit')) { $array['contacts'][0]['contact_uuid'] = $contact_uuid; message::add($text['message-update']); $location = "contact_edit.php?id=".urlencode($contact_uuid); } //create array if (is_array($array) && @sizeof($array) != 0) { $array['contacts'][0]['domain_uuid'] = $_SESSION['domain_uuid']; $array['contacts'][0]['contact_type'] = $contact_type; $array['contacts'][0]['contact_organization'] = $contact_organization; $array['contacts'][0]['contact_name_prefix'] = $contact_name_prefix; $array['contacts'][0]['contact_name_given'] = $contact_name_given; $array['contacts'][0]['contact_name_middle'] = $contact_name_middle; $array['contacts'][0]['contact_name_family'] = $contact_name_family; $array['contacts'][0]['contact_name_suffix'] = $contact_name_suffix; $array['contacts'][0]['contact_nickname'] = $contact_nickname; $array['contacts'][0]['contact_title'] = $contact_title; $array['contacts'][0]['contact_category'] = $contact_category; $array['contacts'][0]['contact_role'] = $contact_role; $array['contacts'][0]['contact_time_zone'] = $contact_time_zone; $array['contacts'][0]['contact_note'] = $contact_note; $array['contacts'][0]['last_mod_date'] = 'now()'; $array['contacts'][0]['last_mod_user'] = $_SESSION['username']; $p = new permissions; } //assign the contact to the user that added the contact if ($action == "add" && !permission_exists('contact_user_add')) { $user_uuid = $_SESSION["user_uuid"]; } //add user to contact users table if (is_uuid($user_uuid) && (permission_exists('contact_user_add') || $action == "add")) { $contact_user_uuid = uuid(); $array['contact_users'][0]['domain_uuid'] = $domain_uuid; $array['contact_users'][0]['contact_user_uuid'] = $contact_user_uuid; $array['contact_users'][0]['contact_uuid'] = $contact_uuid; $array['contact_users'][0]['user_uuid'] = $user_uuid; $p->add('contact_user_add', 'temp'); } //assign the contact to the group if (is_uuid($group_uuid) && permission_exists('contact_group_add')) { $contact_group_uuid = uuid(); $array['contact_groups'][0]['contact_group_uuid'] = $contact_group_uuid; $array['contact_groups'][0]['domain_uuid'] = $domain_uuid; $array['contact_groups'][0]['contact_uuid'] = $contact_uuid; $array['contact_groups'][0]['group_uuid'] = $group_uuid; $p->add('contact_group_add', 'temp'); } //execute if (is_array($array) && @sizeof($array) != 0) { $database = new database; $database->app_name = 'contacts'; $database->app_uuid = '04481e0e-a478-c559-adad-52bd4174574c'; $database->save($array); unset($array); $p->delete('contact_user_add', 'temp'); $p->delete('contact_group_add', 'temp'); } //handle redirect if ($_POST['submit'] == $text['button-add']) { $location = "contact_edit.php?id=".urlencode($contact_uuid); } //redirect the browser header("Location: ".$location); exit; } } //pre-populate the form if (count($_GET) > 0 && $_POST["persistformvar"] != "true") { $contact_uuid = $_GET["id"]; $sql = "select * from v_contacts "; $sql .= "where domain_uuid = :domain_uuid "; $sql .= "and contact_uuid = :contact_uuid "; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $parameters['contact_uuid'] = $contact_uuid; $database = new database; $row = $database->select($sql, $parameters, 'row'); if (is_array($row) && @sizeof($row) != 0) { $contact_type = $row["contact_type"]; $contact_organization = $row["contact_organization"]; $contact_name_prefix = $row["contact_name_prefix"]; $contact_name_given = $row["contact_name_given"]; $contact_name_middle = $row["contact_name_middle"]; $contact_name_family = $row["contact_name_family"]; $contact_name_suffix = $row["contact_name_suffix"]; $contact_nickname = $row["contact_nickname"]; $contact_title = $row["contact_title"]; $contact_category = $row["contact_category"]; $contact_role = $row["contact_role"]; $contact_time_zone = $row["contact_time_zone"]; $contact_note = $row["contact_note"]; } unset($sql, $parameters, $row); } //get the users array $sql = "select * from v_users "; $sql .= "where domain_uuid = :domain_uuid "; $sql .= "order by username asc "; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $database = new database; $users = $database->select($sql, $parameters, 'all'); unset($sql, $parameters); //determine if contact assigned to a user if (is_array($users) && sizeof($users) != 0) { foreach($users as $user) { if ($user['contact_uuid'] == $contact_uuid) { $contact_user_uuid = $user['user_uuid']; break; } } } //get the users assigned to this contact $sql = "select u.username, u.user_uuid, a.contact_user_uuid from v_contacts as c, v_users as u, v_contact_users as a "; $sql .= "where c.contact_uuid = :contact_uuid "; $sql .= "and c.domain_uuid = :domain_uuid "; $sql .= "and u.user_uuid = a.user_uuid "; $sql .= "and c.contact_uuid = a.contact_uuid "; $sql .= "order by u.username asc "; $parameters['contact_uuid'] = $contact_uuid; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $database = new database; $contact_users = $database->select($sql, $parameters, 'all'); unset($sql, $parameters); //create token $object = new token; $token = $object->create($_SERVER['PHP_SELF']); //show the header require_once "resources/header.php"; if ($action == "update") { $document['title'] = $text['title-contact-edit']; } else if ($action == "add") { $document['title'] = $text['title-contact-add']; } //determine qr branding if ($_SESSION['theme']['qr_brand_type']['text'] == 'image' && $_SESSION['theme']['qr_brand_image']['text'] != '') { echo ""; $qr_option = "image: $('#img-buffer')[0],"; $qr_mode = '4'; $qr_size = '0.2'; } else if ($_SESSION['theme']['qr_brand_type']['text'] == 'text' && $_SESSION['theme']['qr_brand_text']['text'] != '') { $qr_option = 'label: "'.$_SESSION['theme']['qr_brand_text']['text'].'"'; $qr_mode = '2'; $qr_size = '0.05'; } else { echo ""; $qr_option = "image: $('#img-buffer')[0],"; $qr_mode = '4'; $qr_size = '0.2'; } //qr code generation $_GET['type'] = "text"; $qr_vcard = true; include "contacts_vcard.php"; echo ""; echo ""; echo ""; echo ""; //show the content echo "

\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "

"; switch ($action) { case "add": echo $text['header-contact-add']; break; case "update": echo $text['header-contact-edit']; break; } echo "

\n"; echo " \n"; if ($action == "update") { if (permission_exists('contact_time_add')) { //detect timer state (and start time) $sql = "select "; $sql .= "time_start "; $sql .= "from v_contact_times "; $sql .= "where domain_uuid = :domain_uuid "; $sql .= "and user_uuid = :user_uuid "; $sql .= "and contact_uuid = :contact_uuid "; $sql .= "and time_start is not null "; $sql .= "and time_stop is null "; $parameters['domain_uuid'] = $_SESSION['domain_uuid']; $parameters['user_uuid'] = $_SESSION['user']['user_uuid']; $parameters['contact_uuid'] = $contact_uuid; $database = new database; $time_start = $database->select($sql, $parameters, 'column'); $btn_mod = $time_start != '' ? "style='background-color: #3693df; background-image: none;'" : null; unset($sql, $parameters); echo " \n"; } echo " \n"; echo " \n"; } if ($action == "update" && is_dir($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/invoices')) { echo " \n"; } if ($action == "update" && is_dir($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/certificates')) { echo " \n"; } if ($action == "update" && permission_exists('user_edit') && is_uuid($contact_user_uuid)) { echo " \n"; } echo " \n"; echo "

\n"; switch ($action) { case "add" : echo $text['description-contact-add']; break; case "update" : echo $text['description-contact-edit']; break; } echo "

\n"; echo "

\n"; echo "\n"; echo "\n"; echo "\n"; if ($action == "update") { echo ""; echo "\n"; } echo "\n"; echo "

\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; if (permission_exists('contact_user_edit')) { echo " "; echo " "; echo " "; echo " "; } if (permission_exists('contact_group_view')) { echo ""; echo " "; echo " "; echo ""; } echo "\n"; echo " \n"; echo " \n"; echo "\n"; echo " \n"; echo " \n"; echo " "; echo "

\n"; echo " ".$text['label-contact_type']."\n"; echo "

\n"; if (is_array($_SESSION["contact"]["type"])) { sort($_SESSION["contact"]["type"]); echo " \n"; } else { echo " \n"; } //echo "
\n"; //echo $text['description-contact_type']."\n"; echo "

\n"; echo " ".$text['label-contact_organization']."\n"; echo "

\n"; echo " \n"; //echo "
\n"; //echo $text['description-contact_organization']."\n"; echo "

\n"; echo " ".$text['label-contact_name_prefix']."\n"; echo "

\n"; echo " \n"; //echo "
\n"; //echo $text['description-contact_name_prefix']."\n"; echo "

\n"; echo " ".$text['label-contact_name_given']."\n"; echo "

\n"; echo " \n"; //echo "
\n"; //echo $text['description-contact_name_given']."\n"; echo "

\n"; echo " ".$text['label-contact_name_middle']."\n"; echo "

\n"; echo " \n"; //echo "
\n"; //echo $text['description-contact_name_middle']."\n"; echo "

\n"; echo " ".$text['label-contact_name_family']."\n"; echo "

\n"; echo " \n"; //echo "
\n"; //echo $text['description-contact_name_family']."\n"; echo "

\n"; echo " ".$text['label-contact_name_suffix']."\n"; echo "

\n"; echo " \n"; //echo "
\n"; //echo $text['description-contact_name_suffix']."\n"; echo "

\n"; echo " ".$text['label-contact_nickname']."\n"; echo "

\n"; echo " \n"; //echo "
\n"; //echo $text['description-contact_nickname']."\n"; echo "

\n"; echo " ".$text['label-contact_title']."\n"; echo "

\n"; if (is_array($_SESSION["contact"]["title"])) { sort($_SESSION["contact"]["title"]); echo " \n"; } else { echo " \n"; } //echo "
\n"; //echo $text['description-contact_title']."\n"; echo "

\n"; echo " ".$text['label-contact_category']."\n"; echo "

\n"; if (is_array($_SESSION["contact"]["category"])) { sort($_SESSION["contact"]["category"]); echo " \n"; } else { echo " \n"; } //echo "
\n"; //echo $text['description-contact_category']."\n"; echo "

\n"; echo " ".$text['label-contact_role']."\n"; echo "

\n"; if (is_array($_SESSION["contact"]["role"])) { sort($_SESSION["contact"]["role"]); echo " \n"; } else { echo " \n"; } //echo "
\n"; //echo $text['description-contact_role']."\n"; echo "

\n"; echo " ".$text['label-contact_time_zone']."\n"; echo "

\n"; echo " \n"; //echo "
\n"; //echo $text['description-contact_time_zone']."\n"; echo "

".$text['label-users']."

"; if ($action == "update") { echo " \n"; foreach($contact_users as $field) { echo " \n"; echo " \n"; echo " \n"; echo " \n"; } echo "

".escape($field['username'])."

\n"; if (permission_exists('contact_user_delete')) { echo " $v_link_label_delete\n"; } echo "

\n"; } echo "
\n"; if (permission_exists('contact_user_add')) { echo " "; if ($action == "update") { echo " \n"; } unset($users); echo "
\n"; echo " ".$text['description-users']."\n"; } echo "

".$text['label-groups']."

"; $sql = "select "; $sql .= "g.*, "; $sql .= "cg.contact_group_uuid "; $sql .= "from "; $sql .= "v_groups as g, "; $sql .= "v_contact_groups as cg "; $sql .= "where "; $sql .= "cg.group_uuid = g.group_uuid "; $sql .= "and cg.domain_uuid = :domain_uuid "; $sql .= "and cg.contact_uuid = :contact_uuid "; $sql .= "and cg.group_uuid <> :group_uuid "; $sql .= "order by g.group_name asc "; $parameters['domain_uuid'] = $domain_uuid; $parameters['contact_uuid'] = $contact_uuid; $parameters['group_uuid'] = $_SESSION["user_uuid"]; $database = new database; $result = $database->select($sql, $parameters, 'all'); if (is_array($result) && @sizeof($result) != 0) { echo " \n"; foreach($result as $field) { if (strlen($field['group_name']) > 0) { echo "\n"; echo " \n"; echo " \n"; echo "\n"; $assigned_groups[] = $field['group_uuid']; } } echo "

".escape($field['group_name'])."

\n"; if (permission_exists('contact_group_delete') || if_group("superadmin")) { echo " $v_link_label_delete\n"; } echo "

\n"; echo "
\n"; } unset($sql, $parameters, $result, $field); if (permission_exists('contact_group_add') || if_group("superadmin")) { $sql = "select * from v_groups "; $sql .= "where domain_uuid = :domain_uuid "; $sql .= "or domain_uuid is null "; if (is_array($assigned_groups) && @sizeof($assigned_groups) != 0) { foreach ($assigned_groups as $index => $assigned_group) { $sql_where_and[] = "group_uuid <> :group_uuid_".$index." "; $parameters['group_uuid_'.$index] = $assigned_group; } if (is_array($sql_where_and) && @sizeof($sql_where_and) != 0) { $sql .= "and ".implode(' and ', $sql_where_and)." "; } } $sql .= "order by group_name asc "; $parameters['domain_uuid'] = $domain_uuid; $database = new database; $result = $database->select($sql, $parameters, 'all'); unset($sql, $sql_where_and, $index, $parameters, $assigned_groups, $assigned_group); if (is_array($result) && @sizeof($result) != 0) { echo " "; if ($action == "update") { echo " \n"; } echo "
"; } unset($result, $field); } echo " ".$text['description-groups']."\n"; echo "

\n"; echo " ".$text['label-contact_note']."\n"; echo "

\n"; echo " \n"; //echo "
\n"; //echo $text['description-contact_note']."\n"; echo "

\n"; if ($action == "update") { echo " \n"; } echo " \n"; echo "
"; echo " \n"; echo "

"; echo "

\n"; //echo "

\n"; if (permission_exists('contact_phone_view')) { require "contact_phones.php"; } if (permission_exists('contact_address_view')) { require "contact_addresses.php"; } if (permission_exists('contact_email_view')) { require "contact_emails.php"; } if (permission_exists('contact_url_view')) { require "contact_urls.php"; } if (permission_exists('contact_extension_view')) { require "contact_extensions.php"; } if (permission_exists('contact_relation_view')) { require "contact_relations.php"; } if (permission_exists('contact_note_view')) { require "contact_notes.php"; } if (permission_exists('contact_time_view')) { require "contact_times.php"; } if (permission_exists('contact_setting_view')) { require "contact_settings.php"; } if (permission_exists('contact_attachment_view')) { require "contact_attachments.php"; } echo "

\n"; echo "

"; echo "

"; //include the footer require_once "resources/footer.php"; ?>