Location: PHPKode > projects > Jethro Pastoral Ministry Manager > jethro-pmm/db_objects/staff_member.class.php
<?php
include_once 'db_objects/person.class.php';
class Staff_Member extends Person
{
	function _getFields()
	{
		return Array(
			'username'	=> Array(
									'type'		=> 'text',
									'width'		=> 30,
									'maxlength'	=> 255,
									'allow_empty'	=> false,
								   ),
			'password'		=> Array(
									'type'		=> 'text',
									'width'		=> 30,
									'maxlength'	=> 255,
									'allow_empty'	=> false,
									'note'		=> 'Passwords must be at least 6 characters and contain letters and numbers',
								   ),
			'active'			=> Array(
									'type'		=> 'select',
									'options'	=> Array(
													'0'	=> 'No',
													'1'	=> 'Yes',
												   ),
									'default'	=> '1',
						   ),
			'is_admin'		=> Array(
									'type'		=> 'select',
									'options'	=> Array(
													'0'	=> 'No',
													'1'	=> 'Yes',
												   ),
									'default'	=> '0',
									'label'		=> 'System Administrator?',
						   ),

		);

	}


	function getInitSQL()
	{
		return "
			CREATE TABLE `staff_member` (
			  `id` int(11) NOT NULL default '0',
			  `username` varchar(255) collate latin1_general_ci NOT NULL default '',
			  `password` varchar(255) collate latin1_general_ci NOT NULL default '',
			  `active` tinyint(3) unsigned NOT NULL default '0',
			  `htpasswd` varchar(255) collate latin1_general_ci NOT NULL default '',
			  `is_admin` tinyint(1) unsigned NOT NULL default '0',
			  PRIMARY KEY  (`id`)
			) ENGINE=InnoDB DEFAULT CHARSET=latin1 COLLATE=latin1_general_ci;
		";
	}

	function getTasks($type='all')
	{
		$date_exp = '';
		switch ($type) {
			case 'now':
				$date_exp = 'AND action_date <= DATE(NOW())';
				break;
			case 'later':
				$date_exp = 'AND action_date > DATE(NOW())';
		}
		$db =& $GLOBALS['db'];
		$sql = 'SELECT 
					an.id, an.subject, pn.personid, an.action_date, 
					CONCAT(p.first_name, '.$db->quote(' ').', p.last_name) as name, 
					'.$db->quote('person').' as type
				FROM abstract_note an
						JOIN (person_note pn JOIN person p ON pn.personid = p.id) ON an.id = pn.id
				WHERE an.assignee = '.$db->quote($this->id).'
					AND an.status = '.$db->quote('pending').'
					'.$date_exp.'
				ORDER BY action_date ASC';
		$person_res = $db->queryAll($sql, null, null, true);
		check_db_result($person_res);

		$sql = 'SELECT 
				an.id, an.subject, fn.familyid, an.action_date,
					CONCAT(f.family_name, '.$db->quote(' Family').') as name, 
					'.$db->quote('family').' as type
				FROM abstract_note an
						JOIN (family_note fn JOIN family f ON fn.familyid = f.id) ON an.id = fn.id
				WHERE an.assignee = '.$db->quote($this->id).'
					AND an.status = '.$db->quote('pending').'
					'.$date_exp.'
				ORDER BY action_date ASC';
		$family_res = $db->queryAll($sql, null, null, true);
		check_db_result($family_res);


		return $family_res + $person_res;

	}


	function printFieldInterface($name, $prefix='')
	{
		switch ($name) {
			case 'password':
				if (($GLOBALS['user_system']->getCurrentUser('id') == $this->id) || $GLOBALS['user_system']->getCurrentUser('is_admin')) {
					?>
					<input type="password" name="<?php echo $prefix.$name.'1'; ?>" /><br />
					<input type="password" name="<?php echo $prefix.$name.'2'; ?>" /><br />
					<p class="field-note">Enter once, then again to confirm</p>
					<?php
				} else {
					?>
					<p class="small">A user's password can only be edited by system administrators or the user themselves</p>
					<?php
				}
				break;
			case 'is_admin':
				if ($GLOBALS['user_system']->getCurrentUser('is_admin')) {
					parent::printFieldInterface($name, $prefix);
				} else {
					$this->printFieldValue($name);
					?>
					<p class="field-note">Only system administrators can edit this field</p>
					<?php
				}
				break;
			default:
				parent::printFieldInterface($name, $prefix);
		}
	}


	function processFieldInterface($name, $prefix='')
	{
		switch ($name)
		{
			case 'password':
				if (!empty($_REQUEST[$prefix.$name.'1'])) {
					$val = $_REQUEST[$prefix.$name.'1'];
					if ($val == $_REQUEST[$prefix.$name.'2']) {
						$this->setValue($name, crypt($val));
						$this->_tmp['raw_password'] = $val; // only saved in this script execution
					} else {
						trigger_error('Password and password confirmation do not match; Password not saved.');
					}
				}
				break;

			case 'is_admin':
				if (!$GLOBALS['user_system']->getCurrentUser('is_admin')) {
					return;
				}
				// fall through
			default:
				parent::processFieldInterface($name, $prefix);
		}
	}


	function getValue($name)
	{
		if ($name == 'raw_password') return array_get($this->_tmp, 'raw_password');
		return parent::getValue($name);
	}


	function _createFinal()
	{
		$res = parent::_createFinal();
		if ($res) {
			$GLOBALS['system']->runHooks('staff_member_created', $this);
		}
		return $res;
	}

	function save()
	{
		// Only admins can edit staff other than themselves
		if (!empty($GLOBALS['JETHRO_INSTALLING']) || ($GLOBALS['user_system']->getCurrentUser('id') == $this->id) || $GLOBALS['user_system']->getCurrentUser('is_admin')) {
			$res = parent::save();
			$GLOBALS['system']->runHooks('staff_member_updated', $this);
			return $res;
		} else {
			trigger_error('Permission denied to set field on staff member');
			return FALSE;
		}
	}

}
?>
100% Free PHP Newsletter Script! Download now!
Return current item: Jethro Pastoral Ministry Manager