Portions created by the Initial Developer are Copyright (C) 2008-2012 the Initial Developer. All Rights Reserved. Contributor(s): Mark J Crane */ require_once "root.php"; require_once "resources/require.php"; require_once "resources/check_auth.php"; if (permission_exists('contact_edit')) { //access granted } else { echo "access denied"; exit; } //add multi-lingual support $language = new text; $text = $language->get(); //handle removal of contact group if ($_GET['a'] == 'delete') { $contact_uuid = $_GET["id"]; $contact_group_uuid = $_GET["cgid"]; $sql = "delete from v_contact_groups "; $sql .= "where contact_uuid = '".$contact_uuid."' "; $sql .= "and contact_group_uuid = '".$contact_group_uuid."' "; $db->exec(check_sql($sql)); unset($sql); $_SESSION["message"] = $text['message-update']; header("Location: contact_edit.php?id=".$contact_uuid); exit; } //action add or update if (isset($_REQUEST["id"])) { $action = "update"; $contact_uuid = check_str($_REQUEST["id"]); } else { $action = "add"; } //get http post variables and set them to php variables if (count($_POST)>0) { $contact_type = check_str($_POST["contact_type"]); $contact_organization = check_str($_POST["contact_organization"]); $contact_name_prefix = check_str($_POST["contact_name_prefix"]); $contact_name_given = check_str($_POST["contact_name_given"]); $contact_name_middle = check_str($_POST["contact_name_middle"]); $contact_name_family = check_str($_POST["contact_name_family"]); $contact_name_suffix = check_str($_POST["contact_name_suffix"]); $contact_nickname = check_str($_POST["contact_nickname"]); $contact_title = check_str($_POST["contact_title"]); $contact_category = check_str($_POST["contact_category"]); $contact_role = check_str($_POST["contact_role"]); $contact_time_zone = check_str($_POST["contact_time_zone"]); $contact_note = check_str($_POST["contact_note"]); } if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) { $msg = ''; if ($action == "update") { $contact_uuid = check_str($_POST["contact_uuid"]); } //check for all required data //if (strlen($contact_type) == 0) { $msg .= $text['message-required'].$text['label-contact_type']."
\n"; } //if (strlen($contact_organization) == 0) { $msg .= $text['message-required'].$text['label-contact_organization']."
\n"; } //if (strlen($contact_name_prefix) == 0) { $msg .= $text['message-required'].$text['label-contact_name_prefix']."
\n"; } //if (strlen($contact_name_given) == 0) { $msg .= $text['message-required'].$text['label-contact_name_given']."
\n"; } //if (strlen($contact_name_middle) == 0) { $msg .= $text['message-required'].$text['label-contact_name_middle']."
\n"; } //if (strlen($contact_name_family) == 0) { $msg .= $text['message-required'].$text['label-contact_name_family']."
\n"; } //if (strlen($contact_name_suffix) == 0) { $msg .= $text['message-required'].$text['label-contact_name_suffix']."
\n"; } //if (strlen($contact_nickname) == 0) { $msg .= $text['message-required'].$text['label-contact_nickname']."
\n"; } //if (strlen($contact_title) == 0) { $msg .= $text['message-required'].$text['label-contact_title']."
\n"; } //if (strlen($contact_role) == 0) { $msg .= $text['message-required'].$text['label-contact_role']."
\n"; } //if (strlen($contact_time_zone) == 0) { $msg .= $text['message-required'].$text['label-contact_time_zone']."
\n"; } //if (strlen($contact_note) == 0) { $msg .= $text['message-required'].$text['label-contact_note']."
\n"; } if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) { require_once "resources/header.php"; require_once "resources/persist_form_var.php"; echo "

\n"; echo "

\n"; echo $msg."
"; echo "

\n"; persistformvar($_POST); echo "

\n"; require_once "resources/footer.php"; return; } //add or update the database if ($_POST["persistformvar"] != "true") { if ($action == "add") { $contact_uuid = uuid(); $sql = "insert into v_contacts "; $sql .= "( "; $sql .= "domain_uuid, "; $sql .= "contact_uuid, "; $sql .= "contact_type, "; $sql .= "contact_organization, "; $sql .= "contact_name_prefix, "; $sql .= "contact_name_given, "; $sql .= "contact_name_middle, "; $sql .= "contact_name_family, "; $sql .= "contact_name_suffix, "; $sql .= "contact_nickname, "; $sql .= "contact_title, "; $sql .= "contact_category, "; $sql .= "contact_role, "; $sql .= "contact_time_zone, "; $sql .= "contact_note "; $sql .= ") "; $sql .= "values "; $sql .= "( "; $sql .= "'".$_SESSION['domain_uuid']."', "; $sql .= "'".$contact_uuid."', "; $sql .= "'".$contact_type."', "; $sql .= "'".$contact_organization."', "; $sql .= "'".$contact_name_prefix."', "; $sql .= "'".$contact_name_given."', "; $sql .= "'".$contact_name_middle."', "; $sql .= "'".$contact_name_family."', "; $sql .= "'".$contact_name_suffix."', "; $sql .= "'".$contact_nickname."', "; $sql .= "'".$contact_title."', "; $sql .= "'".$contact_category."', "; $sql .= "'".$contact_role."', "; $sql .= "'".$contact_time_zone."', "; $sql .= "'".$contact_note."' "; $sql .= ")"; $db->exec(check_sql($sql)); unset($sql); $_SESSION["message"] = $text['message-add']; $location = "contact_edit.php?id=".$contact_uuid; } //if ($action == "add") //if contact is shared, remove contact group record containing user's uuid if ($_POST['contact_shared'] == 'true') { $sql = "delete from v_contact_groups "; $sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "and contact_uuid = '".$contact_uuid."' "; $sql .= "and group_uuid = '".$_SESSION["user_uuid"]."' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); unset($prep_statement, $sql); $group_uuid = $_POST['group_uuid']; } //if private contact, delete any groups currently assigned, set group uuid to user's uuid else { $sql = "delete from v_contact_groups "; $sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "and contact_uuid = '".$contact_uuid."' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); unset($prep_statement, $sql); $group_uuid = $_SESSION["user_uuid"]; } //handle insertion of contact group (or private contact, if not shared) if ($group_uuid != '') { $sql = "insert into v_contact_groups "; $sql .= "( "; $sql .= "contact_group_uuid, "; $sql .= "domain_uuid, "; $sql .= "contact_uuid, "; $sql .= "group_uuid "; $sql .= ") "; $sql .= "values "; $sql .= "( "; $sql .= "'".uuid()."', "; $sql .= "'".$domain_uuid."', "; $sql .= "'".$contact_uuid."', "; $sql .= "'".$group_uuid."' "; $sql .= ") "; $db->exec(check_sql($sql)); unset($sql); } if ($action == "update") { $sql = "update v_contacts set "; $sql .= "contact_type = '".$contact_type."', "; $sql .= "contact_organization = '".$contact_organization."', "; $sql .= "contact_name_prefix = '".$contact_name_prefix."', "; $sql .= "contact_name_given = '".$contact_name_given."', "; $sql .= "contact_name_middle = '".$contact_name_middle."', "; $sql .= "contact_name_family = '".$contact_name_family."', "; $sql .= "contact_name_suffix = '".$contact_name_suffix."', "; $sql .= "contact_nickname = '".$contact_nickname."', "; $sql .= "contact_title = '".$contact_title."', "; $sql .= "contact_category = '".$contact_category."', "; $sql .= "contact_role = '".$contact_role."', "; $sql .= "contact_time_zone = '".$contact_time_zone."', "; $sql .= "contact_note = '".$contact_note."' "; $sql .= "where domain_uuid = '".$domain_uuid."' "; $sql .= "and contact_uuid = '".$contact_uuid."' "; $db->exec(check_sql($sql)); unset($sql); $_SESSION["message"] = $text['message-update']; $location = "contact_edit.php?id=".$contact_uuid; } //if ($action == "update") //handle redirect if ($_POST['submit'] == $text['button-add']) { $group_uuid = $_POST['group_uuid']; //insert $location = "contact_edit.php?id=".$contact_uuid; } header("Location: ".$location); return; } //if ($_POST["persistformvar"] != "true") } //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) //pre-populate the form if (count($_GET) > 0 && $_POST["persistformvar"] != "true") { $contact_uuid = $_GET["id"]; $sql = "select * from v_contacts "; $sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' "; $sql .= "and contact_uuid = '$contact_uuid' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); foreach ($result as &$row) { $contact_type = $row["contact_type"]; $contact_organization = $row["contact_organization"]; $contact_name_prefix = $row["contact_name_prefix"]; $contact_name_given = $row["contact_name_given"]; $contact_name_middle = $row["contact_name_middle"]; $contact_name_family = $row["contact_name_family"]; $contact_name_suffix = $row["contact_name_suffix"]; $contact_nickname = $row["contact_nickname"]; $contact_title = $row["contact_title"]; $contact_category = $row["contact_category"]; $contact_role = $row["contact_role"]; $contact_time_zone = $row["contact_time_zone"]; $contact_note = $row["contact_note"]; } unset ($prep_statement); } //show the header require_once "resources/header.php"; if ($action == "update") { $document['title'] = $text['title-contact-edit']; } else if ($action == "add") { $document['title'] = $text['title-contact-add']; } // qr code generation $_GET['type'] = "text"; $qr_vcard = true; include "contacts_vcard.php"; echo ""; echo ""; echo ""; echo ""; echo ""; //show the content echo "

\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "

"; switch ($action) { case "add" : echo $text['header-contact-add']; break; case "update" : echo $text['header-contact-edit']; break; } echo "	\n"; echo " \n"; if ($action == "update") { echo " \n"; echo " \n"; } if ($action == "update" && is_dir($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/invoices')) { echo " \n"; } if ($action == "update" && is_dir($_SERVER["DOCUMENT_ROOT"].PROJECT_PATH.'/app/certificates')) { echo " \n"; } echo " \n"; echo "
\n"; switch ($action) { case "add" : echo $text['description-contact-add']; break; case "update" : echo $text['description-contact-edit']; break; } echo " \n"; echo "

\n"; echo "\n"; echo "\n"; echo "\n"; if ($action == "update") { echo ""; echo "\n"; } echo "\n"; echo "

\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; //determine if contact is shared or private if ($action == 'update') { $sql = "select count(*) as num_rows from v_contact_groups "; $sql .= "where domain_uuid = '".$domain_uuid."' "; $sql .= "and contact_uuid = '".$contact_uuid."' "; $sql .= "and group_uuid = '".$_SESSION["user_uuid"]."' "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $row = $prep_statement->fetch(PDO::FETCH_ASSOC); $contact_shared = ($row['num_rows'] > 0) ? 'false' : 'true'; unset ($sql, $prep_statement, $row); } else { //private by default on contact add, unless being done by a superadmin from a different domain $contact_shared = ($_SESSION['groups'][0]['domain_uuid'] != $_SESSION['domain_uuid']) ? 'true' : 'false'; } //disable shared change if user (superadmin) is accessing a foreign domain $contact_shared_disabled = ($_SESSION['groups'][0]['domain_uuid'] != $_SESSION['domain_uuid']) ? "disabled='disabled'" : null; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "

\n"; echo " ".$text['label-contact_type']."\n"; echo "	\n"; if (is_array($_SESSION["contact"]["type"])) { sort($_SESSION["contact"]["type"]); echo " \n"; } else { echo " \n"; } // echo " \n"; // echo $text['description-contact_type']."\n"; echo "
\n"; echo " ".$text['label-contact_organization']."\n"; echo "	\n"; echo " \n"; // echo " \n"; // echo $text['description-contact_organization']."\n"; echo "
\n"; echo " ".$text['label-contact_name_prefix']."\n"; echo "	\n"; echo " \n"; // echo " \n"; // echo $text['description-contact_name_prefix']."\n"; echo "
\n"; echo " ".$text['label-contact_name_given']."\n"; echo "	\n"; echo " \n"; // echo " \n"; // echo $text['description-contact_name_given']."\n"; echo "
\n"; echo " ".$text['label-contact_name_middle']."\n"; echo "	\n"; echo " \n"; // echo " \n"; // echo $text['description-contact_name_middle']."\n"; echo "
\n"; echo " ".$text['label-contact_name_family']."\n"; echo "	\n"; echo " \n"; // echo " \n"; // echo $text['description-contact_name_family']."\n"; echo "
\n"; echo " ".$text['label-contact_name_suffix']."\n"; echo "	\n"; echo " \n"; // echo " \n"; // echo $text['description-contact_name_suffix']."\n"; echo "
\n"; echo " ".$text['label-contact_nickname']."\n"; echo "	\n"; echo " \n"; // echo " \n"; // echo $text['description-contact_nickname']."\n"; echo "
\n"; echo " ".$text['label-contact_title']."\n"; echo "	\n"; if (is_array($_SESSION["contact"]["title"])) { sort($_SESSION["contact"]["title"]); echo " \n"; } else { echo " \n"; } // echo " \n"; // echo $text['description-contact_title']."\n"; echo "
\n"; echo " ".$text['label-contact_category']."\n"; echo "	\n"; if (is_array($_SESSION["contact"]["category"])) { sort($_SESSION["contact"]["category"]); echo " \n"; } else { echo " \n"; } // echo " \n"; // echo $text['description-contact_category']."\n"; echo "
\n"; echo " ".$text['label-contact_role']."\n"; echo "	\n"; if (is_array($_SESSION["contact"]["role"])) { sort($_SESSION["contact"]["role"]); echo " \n"; } else { echo " \n"; } // echo " \n"; // echo $text['description-contact_role']."\n"; echo "
\n"; echo " ".$text['label-contact_time_zone']."\n"; echo "	\n"; echo " \n"; // echo " \n"; // echo $text['description-contact_time_zone']."\n"; echo "
\n"; echo " ".$text['label-shared']."\n"; echo "	\n"; echo " \n"; if ($contact_shared_disabled != '') { echo " "; } echo " \n"; echo $text['description-shared']."\n"; echo "

"; if (permission_exists('contact_group_view')) { echo "

\n"; echo "\n"; echo ""; echo " "; echo " "; echo ""; echo "

".$text['label-groups']."

"; $sql = "select "; $sql .= "g.*, "; $sql .= "cg.contact_group_uuid "; $sql .= "from "; $sql .= "v_groups as g, "; $sql .= "v_contact_groups as cg "; $sql .= "where "; $sql .= "cg.group_uuid = g.group_uuid "; $sql .= "and cg.domain_uuid = '".$domain_uuid."' "; $sql .= "and cg.contact_uuid = '".$contact_uuid."' "; $sql .= "and cg.group_uuid <> '".$_SESSION["user_uuid"]."' "; $sql .= "order by g.group_name asc "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); $result_count = count($result); if ($result_count > 0) { echo " \n"; foreach($result as $field) { if (strlen($field['group_name']) > 0) { echo "\n"; echo " \n"; echo " \n"; echo "\n"; $assigned_groups[] = $field['group_uuid']; } } echo "

".$field['group_name']."

\n"; if (permission_exists('contact_group_delete') || if_group("superadmin")) { echo " $v_link_label_delete\n"; } echo "

\n"; echo "
\n"; } unset($sql, $prep_statement, $result, $field); if (permission_exists('contact_group_add') || if_group("superadmin")) { $sql = "select * from v_groups "; $sql .= "where domain_uuid = '".$domain_uuid."' "; $sql .= "or domain_uuid is null "; if (sizeof($assigned_groups) > 0) { $sql .= "and group_uuid not in ('".implode("','",$assigned_groups)."') "; } $sql .= "order by group_name asc "; $prep_statement = $db->prepare(check_sql($sql)); $prep_statement->execute(); $result = $prep_statement->fetchAll(PDO::FETCH_NAMED); $result_count = count($result); if ($result_count > 0) { echo " "; if ($action == "update") { echo " \n"; } echo "
"; } unset($sql, $prep_statement, $result, $field); } echo " ".$text['description-groups']."\n"; echo "

\n"; echo "

"; } echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo "\n"; echo " \n"; echo " \n"; echo " "; echo "

\n"; echo " ".$text['label-contact_note']."\n"; echo "	\n"; echo " ".$contact_note."\n"; // echo " \n"; // echo $text['description-contact_note']."\n"; echo "
\n"; if ($action == "update") { echo " \n"; } echo " "; echo " \n"; echo "

"; echo "

\n"; //echo "

\n"; if (permission_exists('contact_phone_view')) { require "contact_phones.php"; } if (permission_exists('contact_address_view')) { require "contact_addresses.php"; } if (permission_exists('contact_email_view')) { require "contact_emails.php"; } if (permission_exists('contact_url_view')) { require "contact_urls.php"; } if (permission_exists('contact_extension_view')) { require "contact_extensions.php"; } if (permission_exists('contact_relation_view')) { require "contact_relations.php"; } if (permission_exists('contact_note_view')) { require "contact_notes.php"; } if (permission_exists('contact_setting_view')) { require "contact_settings.php"; } echo "

\n"; echo "

"; echo "

"; //include the footer require_once "resources/footer.php"; ?>