<?php
#Copyright 2008 Aaron Day-Williams <hide@address.com>
#
#This file is part of Generic Genetic Studies Database (GGSD).
#
#GGSD is free software: you can redistribute it and/or modify
#it under the terms of the GNU General Public License as published by
#the Free Software Foundation, either version 3 of the License, or
#(at your option) any later version.
#
#GGSD is distributed in the hope that it will be useful,
#but WITHOUT ANY WARRANTY; without even the implied warranty of
#MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
#GNU General Public License for more details.
#
#You should have received a copy of the GNU General Public License
#along with GGSD. If not, see <http://www.gnu.org/licenses/>.
header('Content-type: text/html');
session_cache_limiter('private');
session_start();
require 'sql_lib.inc';
require 'html_lib.inc';
require 'file_system_lib.inc';
#NAME define_individual_group.php
#TYPE PHP
#USES sql_lib.inc (authenticate insertIndividualGroup)
#PURPOSE To allow the user to dynamically define individual groups
#USAGE define_individual_group.php
#PARAMETERS
# authorized user auth_user int optional
# individual group name indiv_group_name string optional
# individual group desc indiv_group_desc string optional
#RETURNS
# success message string if success
# error message string if error
#DATASTRUCTURES No special datastructures
#FUNCTIONAL DESCRIPTION The script will authorized the user, then give a form to define
# an affections status.
#ASSUMPTIONS
#LIMITATIONS
#COMMENTS
#PRELIMINARY DESIGN
# 1 Get Args
# 2 Authorize User
# 3 Get Status Name
# 4 Insert Status Name
echo "<html>\n";
echo "<head>\n";
if (isset($_POST['end_session'])){echo " <META HTTP-EQUIV=Refresh CONTENT=\"$logout_refresh_time;URL=../right.html\">\n";}
else {echo " <META HTTP-EQUIV=Refresh CONTENT=\"$normal_refresh_time; URL=$_SERVER[SCRIPT_NAME]\">\n";}
echo " <title>Define Individual Groups</title>\n";
echo "</head>\n";
echo "<body bgcolor=\"white\">\n";
echo "<center><h3>Define Individual Group</h3></center>\n";
echo "<hr>\n";
printHomeNavBar();
echo"<br>\n";
#1 Get Args
$access_type_required = 'administrative';
$indiv_group_name = $_POST['individual_group_name'];
$indiv_group_desc = $_POST['individual_group_desc'];
$ret_val = connect();
if ($ret_val != '1')
{
$date = date('Y-m-d H:i:s');
echo "Error #1: $date<br>\n";
echo "Error in call to connect from define_individual_group.php<br>\n";
echo "$ret_val<br><br>\n";
echo "Please email the above error using the Comments/Help/Support link \n";
echo "in the left navigation bar.<br>\n";
echo "</body></html>\n";
exit;
}
#2 Authorize User
if (isset($_POST['end_session']))#if want to end session
{
#if (key_exists('files_on_server',$_SESSION))
# {
# $files_to_delete_array = $_SESSION['files_on_server'];
# $ret_val = deleteFiles($files_to_delete_array);
# if ($ret_val != '1')
# {
# $date = date('Y-m-d H:i:s');
# echo "Error #2: $date<br>\n";
# echo "Error in call to deleteFiles from define_individual_group.php<br>\n";
# echo "$ret_val<br><br>\n";
# echo "Please email the above error using Comments/Help/Support link \n";
# echo "in the left navigation bar.<br>\n";
# echo "</body></html>\n";
# session_unset();
# session_destroy();
# $ret_val = disconnect();
# exit;
# }#end error in call to deleteFiles
# }#end if files that need to be deleted
if (is_dir("../data/download_data/$_SESSION[user_name]"))
{
$ret_val = deleteExpiredFiles($_SESSION['user_name']);
if ($ret_val != '1')
{
$date = date('Y-m-d H:i:s');
echo "Error #3: $date<br>\n";
echo "Error in call to deleteExpiredFiles from define_individual_group.php<br>\n";
echo "$ret_val<br><br>\n";
echo "Please email the above error using Comments/Help/Support link \n";
echo "in the left navigation bar.<br>\n";
echo "</body></html>\n";
session_unset();
session_destroy();
$ret_val = disconnect();
exit;
}#end error in call to deleteExpiredFiles
}#end if user has own directory in download_data directory
session_unset();
session_destroy();
echo "You have successfully logged out of the system.<br>\n";
#echo "To log back in click on any of the links on the left navigation bar.<br>\n";
$ret_val = disconnect();
exit;
}#end if want to end session
else#don't want to end session
{
if ((!session_is_registered('user_name')) and (!session_is_registered('user_passwd')))
{
if ((!preg_match('/\w+/',$_POST['user_name'])) and (!preg_match('/\w+/',$_POST['user_passwd'])))
{
$ret_val = printLoginPage('define_individual_group.php');
if ($ret_val != '1')
{
$date = date('Y-m-d H:i:s');
echo "Error #4: $date<br>\n";
echo "Error in call to printLoginPage from define_individual_group.php<br>\n";
echo "$ret_val<br><br>\n";
echo "Please email the above error using Comments/Help/Support link \n";
echo "in the left navigation bar.<br>\n";
echo "</body></html>\n";
session_unset();
session_destroy();
$ret_val = disconnect();
exit;
}#end if error in call to printLoginPage
}#end if haven't started a session yet
else #have started a session
{
$auth_user = authenticate($_POST['user_name'],$_POST['user_passwd'],$_POST['rand'],$access_type_required,$_POST['database_id']);
if (($auth_user != '1') and ($auth_user != '0'))
{
$date = date('Y-m-d H:i:s');
echo "Error #5: $date<br>\n";
echo "Error in call to authenticate from define_individual_group.php<br>\n";
echo "$auth_user<br>\n";
echo "Please email the above error using Comments/Help/Support link \n";
echo "in the left navigation bar.<br>\n";
echo "</body></html>\n";
session_unset();
session_destroy();
$ret_val = disconnect();
exit;
}
if ($auth_user == '0')
{
echo "You are not an authorized user of this website!!<br><br>\n";
echo "You must be an authorized user to access the data contained in this site.\n";
echo "If you feel like you should be an authorized user, or want to see if you can\n";
echo "become an authorized user please contact $contact_person at \n";
echo "<a href=\"mailto:$contact_email\">$contact_email</a>\n";
echo "</body></html>\n";
session_unset();
session_destroy();
$ret_val = disconnect();
exit;
}
if ($auth_user == '1')
{
$_SESSION['user_name'] = $_POST['user_name'];
$_SESSION['user_passwd'] = $_POST['user_passwd'];
$_SESSION['database_id'] = $_POST['database_id'];
$_SESSION['rand'] = $_POST['rand'];
$_SESSION['entry_time'] = time();
session_write_close();
}
}#end else have user name an passwd
}#end if session variables not registered
else #session variable are registered
{
if ((time() - $_SESSION['entry_time']) > $session_expiration_time)#if session has expired
{
#if (key_exists('files_on_server',$_SESSION))
# {
# $files_to_delete_array = $_SESSION['files_on_server'];
# $ret_val = deleteFiles($files_to_delete_array);
# if ($ret_val != 1)
# {
# $date = date('Y-m-d H:i:s');
# echo "Error #6: $date<br>\n";
# echo "Error in call to deleteFiles from define_individual_group.php<br>\n";
# echo "$ret_val<br><br>\n";
# echo "Please email the above error using Comments/Help/Support link \n";
# echo "in the left navigation bar.<br>\n";
# session_unset();
# session_destroy();
# $ret_val = disconnect();
# exit;
# }#end if error in call to deleteFiles
# }#end if files that need to be deleted
if (is_dir("../data/download_data/$_SESSION[user_name]"))
{
$ret_val = deleteExpiredFiles($_SESSION['user_name']);
if ($ret_val != 1)
{
$date = date('Y-m-d H:i:s');
echo "Error #7: $date<br>\n";
echo "Error in call to deleteExpiredFiles from define_individual_group.php<br>\n";
echo "$ret_val<br><br>\n";
echo "Please email the above error using Comments/Help/Support link \n";
echo "in the left navigation bar.<br>\n";
session_unset();
session_destroy();
$ret_val = disconnect();
exit;
}#end if error in call to deleteExpiredFiles
}#end if user has a data directory
session_unset();
session_destroy();
echo "<b>Your Session has expired. You must log back into the system.</b><br><br><br>\n";
$ret_val = printLoginPage('define_individual_group.php');
if ($ret_val != '1')
{
$date = date('Y-m-d H:i:s');
echo "Error #8: $date<br>\n";
echo "Error in call to printLoginPage from define_individual_group.php<br>\n";
echo "$ret_val<br><br>\n";
echo "Please email the above error using Comments/Help/Support link \n";
echo "in the left navigation bar.<br>\n";
echo "</body></html>\n";
session_unset();
session_destroy();
$ret_val = disconnect();
exit;
}#end if error in call to printLoginPage
}#end if session has expired
else #session hasn't expired
{
if ((!session_is_registered('database_id')) and (!isset($_POST['database_id'])))
{
$ret_val = printDatabaseSelectPage('define_individual_group.php');
if ($ret_val != '1')
{
$date = date('Y-m-d H:i:s');
echo "Error #9: $date<br>\n";
echo "Error in call to printDatabaseSelectPage from define_individual_group.php<br>\n";
echo "$ret_val<br><br>\n";
echo "Please email the above error using Comments/Help/Support link \n";
echo "in the left navigation bar.<br>\n";
echo "</body></html>\n";
session_unset();
session_destroy();
$ret_val = disconnect();
exit;
}#end if error in call to printDatabaseSelectPage
}#end if the database id session variable isn't set and haven't selected
else #all the session variables are set
{
$user_name = $_SESSION['user_name'];
$user_passwd = $_SESSION['user_passwd'];
if (session_is_registered('database_id')){$database_id = $_SESSION['database_id'];}
else #set database id session variable
{
$database_id = $_POST['database_id'];
$_SESSION['database_id'] = $_POST['database_id'];
}#end else set database id session variable
$rand = $_SESSION['rand'];
$_SESSION['entry_time'] = time();
$auth_user = authenticate($user_name,$user_passwd,$rand,$access_type_required,$database_id);
if (($auth_user != '1') and ($auth_user != '0'))
{
$date = date('Y-m-d H:i:s');
echo "Error #10: $date<br>\n";
echo "Error in call to authenticate from define_individual_group.php<br>\n";
echo "$auth_user<br>\n";
echo "Please email the above error using Comments/Help/Support link \n";
echo "in the left navigation bar.<br>\n";
echo "</body></html>\n";
session_unset();
session_destroy();
$ret_val = disconnect();
exit;
}
if ($auth_user == '0')
{
echo "You are not an authorized user of this website!!<br><br>\n";
echo "You must be an authorized user to access the data contained in this site.\n";
echo "If you feel like you should be an authorized user, or want to see if you can\n";
echo "become an authorized user please contact $contact_person \n";
echo "at <a href=\"mailto:$contact_email\">$contact_email</a>\n";
echo "</body></html>\n";
session_unset();
session_destroy();
$ret_val = disconnect();
exit;
}
}#end else all the session variables are set
}#end else session hasn't expired
}#end else registered values
}#end else not ending session
if ($auth_user == '1')
{
$database_id = $_SESSION['database_id'];
#3 Get Status Name
if ((!preg_match('/\w+/',$indiv_group_name)) and
(!preg_match('/\w+/',$indiv_group_desc))
)
{
echo "<form action=\"define_individual_group.php\" name=\"form\" method=\"POST\" target=\"main\" onSubmit=\"return(Validate(this))\">\n";
echo "Please provide the name of the Individual Group to be inserted into the database below:<br><br>\n";
echo "<table>\n";
echo "<tr><td>Individual Group Name:</td><td><input type=\"textbox\" name=\"individual_group_name\" size=\"15\" maxlength=\"25\"></td></tr>\n";
echo "<tr><td> </td></tr>\n";
echo "<tr><td>Individual Group Description:</td><td><textarea name=\"individual_group_desc\" cols=\"75\" rows=\"20\" wrap=\"virtual\"></textarea></td></tr>\n";
echo "</table>\n";
echo "<br><br>\n";
echo "<center>\n";
echo "<input type=\"submit\" name=\"submit\" value=\"Insert Individual Group\">\n";
echo "<input type=\"reset\" name=\"reset\" value=\"Reset Name and Description\">\n";
echo "</form>\n";
echo "</center>\n";
echo "<br><br>\n";
$ret_val = printLogOutButton('define_individual_group.php');
echo "\n\n";
echo "<script>\n";
echo "function Validate(form)\n";
echo "{\n";
echo " var rv = false;\n";
echo " if (form.individual_group_name.value == \"\"){\n";
echo " alert(\"You must enter a Individual Group Name\");\n";
echo " return(false);}\n";
echo "\n";
echo " if (form.individual_group_desc.value == \"\"){\n";
echo " alert(\"You must enter a description for this individual group\");\n";
echo " return(false);}\n";
echo "\n";
echo " return(true);\n";
echo "}\n";
echo "</script>\n";
}#end if no individual_group_name
#4 Insert Status Name
if ((preg_match('/\w+/',$indiv_group_name)) and
(preg_match('/\w+/',$indiv_group_desc))
)
{
$rand = rand();
$tmp_log_file = "log_file_"."$rand".".txt";
$log_file_handle = fopen("../data/$tmp_log_file","w");
if (!$log_file_handle)
{
$date = date('Y-m-d H:i:s');
echo "Error #11: $date<br>\n";
echo "Error in call to fopen from define_individual_group.php<br>\n";
echo "Unable to open log file to keep track of when, what, and by whom data is altered in the database<br><br>\n";
echo "Please email the above error using the Comments/Help/Support link \n";
echo "on the left navigation bar.\n";
echo "</body></html>\n";
$ret_val = disconnect();
exit;
}#end error in call to fopen
$group_name = strtolower($indiv_group_name);
$ret_val = insertIndividualGroup($database_id,$group_name,$indiv_group_desc);
if ($ret_val != '1')
{
$date = date('Y-m-d H:i:s');
echo "Error #12: $date<br>\n";
echo "Error in call to insertIndividualGroup from define_individual_group.php<br>\n";
echo "$ret_val<br><br>\n";
echo "Please email the above error message using the Comments/Help/Support link \n";
echo "on the left navigation bar.\n";
fclose($log_file_handle);
chmod("../data/$tmp_log_file",0777);
$command = "cat ../data/$tmp_log_file >> ../data/log_file.txt";
exec($command,$output_array,$return_code);
$command = "rm ../data/$tmp_log_file";
exec($command,$output_array,$return_code);
$ret_val = disconnect();
exit;
}#end error in call to insertIndividualGroup
$date = date('Y-m-d H:i:s');
$log_file_statement = "$date:\t$_SESSION[user_name] Inserted new Individual Group into Database ID $database_id ";
$log_file_statement.= "with Individaul Group Name $group_name.\n";
fwrite($log_file_handle,$log_file_statement);
fclose($log_file_handle);
chmod("../data/$tmp_log_file",0777);
$command = "cat ../data/$tmp_log_file >> ../data/log_file.txt";
exec($command,$output_array,$return_code);
$command = "rm ../data/$tmp_log_file";
exec($command,$output_array,$return_code);
echo "Successfully added the Individual Group $indiv_group_name to the database.<br><br>\n";
echo "Now emailing all the users of the database to inform them of the new information in the database.<br>\n";
$database_rec_list = getDatabase($database_id);
if (!is_array($database_rec_list))
{
$date = date('Y-m-d H:i:s');
echo "Error #13: $date<br>\n";
echo "Error in call to getDatabase from define_individual_group.php<br>\n";
echo "$database_rec_list<br><br>\n";
echo "Please email the above error using the Comments/Help/Support link on the \n";
echo "left navigation bar.\n";
echo "</body></html>\n";
$ret_val = disconnect();
exit;
}#end error in call to getDatabase
$database_rec = $database_rec_list[0];
$user_rec_list = getAllUsers();
if (!is_array($user_rec_list))
{
$date = date('Y-m-d H:i:s');
echo "Error #14: $date<br>\n";
echo "Error in call to getAllUsers() from define_individual_group.php<br>\n";
echo "$user_rec_list<br><br>\n";
echo "Please email the above error using the Comments/Help/Support link on the \n";
echo "left navigation bar.\n";
echo "</body></html>\n";
$ret_val = disconnect();
exit;
}#end error in call to getAllUsers
foreach ($user_rec_list as $user_rec)
{
if ($user_rec['user_name'] == 'root') {$root_email = $user_rec['user_email'];}
}#end foreach user
$subject = "New Individual Group Defined in your Genetic Studies Database";
$message = "A new individual group named $indiv_group_name is now being tracked in the database $database_rec[database_name].";
$header = "From: $root_email";
$field_list = array('user_database_link_id');
$user_database_link_rec_list = tableQuery('user_database_link_table',$database_id,$field_list,'_','wildcard','all');
if (!is_array($user_database_link_rec_list))
{
$date = date('Y-m-d H:i:s');
echo"Error #15: $date<br>\n";
echo "Error in call to tableQuery from define_individual_group.php<br>\n";
echo "$user_database_link_rec_list<br><br>\n";
echo "Please email the above error using the Comments/Help/Support link on the \n";
echo "left navigation bar.\n";
echo "</body></html>\n";
$ret_val = disconnect();
exit;
}#end error in call to tableQuery
if (sizeof($user_database_link_rec_list) > '0')
{
foreach ($user_database_link_rec_list as $user_database_link_rec)
{
$user_id = $user_database_link_rec['user_id'];
$field_list = array('user_id');
$user_rec_list = getUser($user_id);
if (!is_array($user_rec_list))
{
$date = date('Y-m-d H:i:s');
echo "Error #16: $date<br>\n";
echo "Error in call to getUser from define_individual_group.php<br>\n";
echo "$user_rec_list<br><br>\n";
echo "Please email the above error using the Comments/Help/Support link on the \n";
echo "left navigation bar.\n";
echo "</body></html>\n";
$ret_val = disconnect();
exit;
}#end error in call to getUser
if (sizeof($user_rec_list) == '0') {continue;}
elseif (sizeof($user_rec_list) == '1') {$user_rec = $user_rec_list[0];}
else
{
$date = date('Y-m-d H:i:s');
echo "Error #17: $date<br>\n";
echo "Tried to send an update email to user id $user_id, but when queried the user table \n";
echo "with that id multiple records were returned.<br><br>\n";
echo "Please email the above error using the Comments/Help/Support link on the \n";
echo "left navigation bar.\n";
echo "</body></html>\n";
$ret_val = disconnect();
exit;
}#end error in data integrity
$user_email_address = $user_rec['user_email'];
$ret_val = mail($user_email_address,$subject,$message,$header);
#if (!$ret_val) {echo "Unable to send an update email to user $user_rec[user_name]<br>\n";}
#else {echo "Sent an update email to user $user_name<br>\n";}
}#end foreach user associated with database
}#end if have users associated with database
echo "Finished sending update emails to all the users<br>\n";
}#end if have indiv_group_name
}#end if (auth_user == '1')
$ret_val = disconnect();
echo "</body></html>\n";
?>