-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathhandle_signups_ajax.php
305 lines (251 loc) · 10.5 KB
/
handle_signups_ajax.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
<?php
// this script processes a signup addition or removal request. If the
// process fails for some reason it responds with "FAILURE: reason". On
// success it responds with "SUCCESS<data>" where <data> is the updated
// HTML for the opening to which the signup was attached.
require_once('../../config.php');
require_once($CFG->libdir.'/moodlelib.php');
/////////////////////////////////////////////////////////////////////////////////////////
// locally defined functions
// This function returns true. It is called by various included files
// to make sure they're actually in the signup sheet world - i.e. to
// prevent them from being (usefully) used directly from the web. E.g.
// if (! verify_in_signup_sheets()) { die("not in signup_sheets"); }
function verify_in_signup_sheets() {
return true;
}
require_login();
include_once 'sus_lib.php';
$DEBUG=0;
if ($DEBUG > 0)
{
echo 'FAILURE: ';
}
/////////////////////////////////////////////////////////////////////////////////////////
// input validation
log_debug_r(4,$_REQUEST);
$contextid = clean_param($_REQUEST['contextid'],PARAM_INT); // determines what course
$access_id = clean_param($_REQUEST['access'],PARAM_CLEAN);
$sheet_id = clean_param($_REQUEST['sheet'],PARAM_CLEAN);
$opening_id = clean_param($_REQUEST['opening'],PARAM_CLEAN);
$action = clean_param($_REQUEST['action'],PARAM_CLEAN);
$actionsource = clean_param($_REQUEST['actionsource'],PARAM_CLEAN);
$username = clean_param($_REQUEST['username'],PARAM_CLEAN);
$admincomment = clean_param($_REQUEST['admincomment'],PARAM_CLEAN);
$signup_id = clean_param($_REQUEST['signup'],PARAM_CLEAN);
log_debug(1,"
contextid is $contextid
access_id is $access_id
sheet_id is $sheet_id
opening_id is $opening_id
action is $action
actionsource is $actionsource
username is $username
signup_id is $signup_id
");
/////////////////////////////////////////////////////////////////////////////////////////
// processing
$user_is_sheet_admin = userHasAdminAccess($USER->id,$sheet_id);
if ($action == 'addsignup')
{
$user_has_signup_access = userHasSignupAccess($USER->id,$sheet_id,$access_id);
if ((! $user_has_signup_access) && (! $user_is_sheet_admin) )
{
echo "FAILURE: you do not have signup access to this sheet and you are not a sheet admin";
exit;
}
$for_user = $USER->id;
if ($username)
{
if (! $user_is_sheet_admin)
{
echo "FAILURE: you are not a sheet admin and so cannot sign up other users";
exit;
}
$for_user = $username;
}
$su = newSignup($opening_id,$for_user);
if (! $su)
{
echo "FAILURE: could not create signup for user $for_user";
exit;
}
// add signup
$signup = newSignup($opening_id,$for_user);
if ($admincomment)
{
$signup->admin_comment = $admincomment;
}
$ns_id = addSignup($signup);
// if user is not admin
// get info for that opening
// check that max sign-ups is not exceeded
// if it is
// remove the just added signup and alert user
if (! $user_is_sheet_admin)
{
$op = getOpenings($sheet_id,$opening_id);
if ($op->o_num_signups > $op->o_max_signups)
{
removeSignup($ns_id);
echo "FAILURE: opening is fully-booked";
exit;
}
}
$sheet_complex = getStructuredSheetData($sheet_id,0,$opening_id);
$su_user_data = $sheet_complex->openings[0]->signups_by_user[$signup->signup_user_id]->user;
log_debug_r(2,$su_user_data);
$confirmation_message = "
You are signed up for {$sheet_complex->s_name}.\n\n ".ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-');
$admin_message = "{$su_user_data->usr_firstname} {$su_user_data->usr_lastname} has signed up for the ".
ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-')." opening on ".$sheet_complex->s_name.".";
if ($sheet_complex->openings[0]->o_name)
{
$confirmation_message .= "\n ".$sheet_complex->openings[0]->o_name;
$admin_message .= "\n ".$sheet_complex->openings[0]->o_name;
}
if ($sheet_complex->openings[0]->o_description)
{
$confirmation_message .= "\n ".$sheet_complex->openings[0]->o_description;
$admin_message .= "\n ".$sheet_complex->openings[0]->o_description;
}
if ($sheet_complex->openings[0]->o_location)
{
$confirmation_message .= "\n\nYou're meeting at ".$sheet_complex->openings[0]->o_location;
$admin_message .= "\n\nThe meeting is at ".$sheet_complex->openings[0]->o_location;
}
$mail_error = mailAlerts($sheet_complex,$signup->signup_user_id,
sus_block_name()." - {$sheet_complex->s_name} at ".ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-'),
$confirmation_message,
"Glow SUS- {$su_user_data->usr_firstname} {$su_user_data->usr_lastname} signed up for ".$sheet_complex->s_name,
$admin_message);
if (! $mail_error)
{
include_once 'cal_lib.php'; // for openingDisplay below
$new_opening_html = openingDisplay($sheet_complex->openings[0],
($user_is_sheet_admin && ($actionsource != 'do_signup')),
$sheet_complex->s_flag_private_signups);
echo 'SUCCESS';
if ($actionsource == 'sheet_edit_opening_form')
{
$sep = '___|||---';
echo $ns_id . $sep;
echo $sheet_complex->openings[0]->signups_by_id[$ns_id]->user->usr_firstname . $sep
. $sheet_complex->openings[0]->signups_by_id[$ns_id]->user->usr_lastname . $sep;
echo $admincomment . $sep . mktime();
} else
{
echo $new_opening_html;
}
}
exit;
} else if ($action == 'removesignup')
{
if (! $signup_id)
{
echo 'FAILURE: no signup specified';
exit;
}
$sheet_complex = getStructuredSheetData($sheet_id,0,$opening_id,$signup_id);
$su = $sheet_complex->openings[0]->signups_by_id[$signup_id];
$su_user_data = $su->user;
// log_debug_r(-1,$su);
// user either has to own the given signup (i.e. be the one signed up) or be an admin of the sheet for that signup
$removal_success = 0;
if ($user_is_sheet_admin)
{
$removal_success = removeSignup($signup_id);
} else
{
if ($su->su_signup_user_id == $USER->id)
{
$removal_success = removeSignup($signup_id);
}
}
if ($removal_success)
{
$confirmation_message = "\nSignup cancelled for {$sheet_complex->s_name}.\n\n ".ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-');
$admin_message = "Cancelled {$su_user_data->usr_firstname} {$su_user_data->usr_lastname} signup for the ".
ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-')." opening on ".$sheet_complex->s_name.".\n";
if ($sheet_complex->openings[0]->o_name)
{
$confirmation_message .= "\n ".$sheet_complex->openings[0]->o_name;
$admin_message .= "\n ".$sheet_complex->openings[0]->o_name;
}
if ($sheet_complex->openings[0]->o_description)
{
$confirmation_message .= "\n ".$sheet_complex->openings[0]->o_description;
$admin_message .= "\n ".$sheet_complex->openings[0]->o_description;
}
$mail_error = mailAlerts($sheet_complex,$su->su_signup_user_id,
sus_block_name()." - signup cancelled on {$sheet_complex->s_name} at ".ymd_hm_a($sheet_complex->openings[0]->o_begin_datetime,'-'),
$confirmation_message,
sus_block_name()." - cancelled {$su_user_data->usr_firstname} {$su_user_data->usr_lastname} signup for ".$sheet_complex->s_name,
$admin_message);
include_once 'cal_lib.php'; // for openingDisplay below
$sheet_complex = getStructuredSheetData($sheet_id,0,$opening_id);
log_debug_r(4,$sheet_complex);
$new_opening_html = openingDisplay($sheet_complex->openings[0],($user_is_sheet_admin && ($actionsource != 'do_signup')),$sheet_complex->s_flag_private_signups);
echo 'SUCCESS';
echo $new_opening_html;
exit;
} else
{
echo 'FAILURE: could not remove';
exit;
}
} else
{
echo 'FAILURE: unknown action $action';
exit;
}
////////////////////////////////////////////////////////////////////////////////////////////////
# takes:
# a sheet complex
# subject for signee alert
# body for signee alert
# subject for admin alert
# body for admin alert
# does: send alert email to the signee and admin as appropriate
# returns: true on all success, false on 1 or more failures
function mailAlerts($sheet_complex,$signup_user_id,$sign_subj,$sign_body,$admin_subj,$admin_body)
{
$mail_error = false;
$su_user_data = $sheet_complex->openings[0]->signups_by_user[$signup_user_id]->user;
// log_debug_r(-2,$su_user_data);
if (! simpleEmail($su_user_data->usr_email, $sign_subj, $sign_body)) {
echo 'FAILURE: signup handled, but no confirmation email sent';
$mail_error = true;
}
if ($sheet_complex->s_flag_alert_owner_signup || $sheet_complex->s_flag_alert_admin_signup)
{
$users_to_alert = getSheetOwnerAndAdmins($sheet_complex->s_id);
$owner = $users_to_alert[0];
// trim off owner xor admins as necessary
if (! $sheet_complex->s_flag_alert_owner_signup)
{
array_shift($users_to_alert);
} else if (! $sheet_complex->s_flag_alert_admin_signup)
{
$users_to_alert = array(array_shift($users_to_alert));
}
// CSW 200/02/24 : modify owner info to make mail message clearer
$owner->firstname = sus_block_name();
$owner->lastname = 'Admin';
// NOTE: ideally the message would be from a noreply address,
// any change to the owner email address causes a silent and
// inexplicable mail deliver failure
$mailresult = true;
foreach ($users_to_alert as $u)
{
$mailresult = $mailresult && email_to_user($u, $owner, $admin_subj, $admin_body);
}
if (! $mailresult)
{
echo 'FAILURE: signup handled, but admin alerts failed';
$mail_error = true;
}
}
return $mail_error;
}
?>