<?php
require_once './global.php';
require_once INCLUDES.'/Controller.php';
require_once INCLUDES.'/PM.php';
class PrivateCase_Controller extends Controller
{
private $user_id;
private $post_hash;
private $redirect;
public function __construct($action)
{
$Template = Registry::instance()->Template;
header('Content-Type: text/html; charset=UTF-8');
$user_id = (int) request('user_id');
if ($user_id)
{
if (!(($user_id == $_SESSION['user']['id'] AND
$_SESSION['user']['permissions'] & CAN_SEE_OWN_PRIVATE_CASE) OR
($user_id != $_SESSION['user']['id'] AND
$_SESSION['user']['permissions'] & CAN_SEE_PRIVATE_CASE)))
{
die($Template->l('You don\'t have the right to see this private case!'));
}
$this->mode = 'view';
$this->user_id = $user_id;
$Template->assign('user_id', $user_id);
$this->redirect = WEB_ROOT.'/privatecase.php?user_id='.$user_id;
}
else
{
die($Template->l('Query error!'));
}
parent::__construct($action);
}
public function view($action_report = "")
{
$violations=FALSE;
$violtypes=FALSE;
$DB = Registry::instance()->DB;
// first get violation types
$evaltypes = $DB->getAll("SELECT `id`, `description`, `points` FROM ".PREFIX."evaluation_types ORDER BY `id` ASC");
//second get list of violations
$evaluations = $DB->getAll("
SELECT
`e`.`id`,
`e`.`date`,
`e`.`comment`,
`e`.`publication_link`,
`u`.`username` AS `investigated`,
`et`.`description`,
`et`.`points`,
`m`.`username` AS `moderator`
FROM
`".PREFIX."evaluations` e,
`".PREFIX."users` u,
`".PREFIX."users` m,
`".PREFIX."evaluation_types` et
WHERE
`e`.`user_id`=`u`.`id`
AND
`e`.`evaluation_type_id`=`et`.`id`
AND `e`.`moderator_id` = `m`.`id`
AND `u`.`id`='".request("user_id")."';");
//print_r($evaluations);
$total_points = 0;
if ($evaluations)
{
for($i=0;$i<count($evaluations);$i++)
{
$total_points += $evaluations[$i]["points"];
}
}
$actions = $DB->getAll("SELECT `more_or_less`, `than_value`, `move_to_usergroup` FROM `".PREFIX."action_list`;");
$usergroups = $DB->getAll("SELECT `id`, `title` FROM ".PREFIX."usergroups ORDER BY `id` ASC");
$Template = Registry::instance()->Template;
$Template->assign('total_points', $total_points);
$Template->assign('user_id', request('user_id'));
$Template->assign('evaluations', $evaluations);
$Template->assign('evaltypes', $evaltypes);
$Template->assign('action_report', $action_report);
$Template->assign('actions', $actions);
$Template->assign('usergroups', $usergroups);
$Template->display('privatecase.tpl');
}
public function index()
{
$Template = Registry::instance()->Template;
die($Template->l('This action is not supported!'));
}
public function add()
{
$evaluations=FALSE;
$evaltypes=FALSE;
$DB = Registry::instance()->DB;
$Template = Registry::instance()->Template;
if(!($_SESSION['user']['permissions'] & CAN_EDIT_PRIVATE_CASE))
die($Template->l('You don\'t have the right to add evaluations!'));
$evaluation = array
(
'user_id' => request("user_id"),
'moderator_id' => $_SESSION['user']['id'],
'evaluation_type_id' => request("evaltype"),
'date' => date('Y-m-d'),
'comment' => request("modercomment"),
'publication_link' => request("publink"),
);
$result = $DB->autoExecute(PREFIX.'evaluations', $evaluation, DB_AUTOQUERY_INSERT);
$PM = new PM;
$total_points = $DB->getOne("
SELECT
SUM(`".PREFIX."evaluation_types`.`points`)
FROM
`".PREFIX."evaluations`,
`".PREFIX."users`,
`".PREFIX."evaluation_types`
WHERE
`".PREFIX."evaluations`.`user_id`=`".PREFIX."users`.`id`
AND
`".PREFIX."evaluations`.`evaluation_type_id`=`".PREFIX."evaluation_types`.`id`
AND
`".PREFIX."users`.`id`='".request("user_id")."';");
//echo($total_weight);
$evaltypecap = $DB->getAll("
SELECT
`".PREFIX."evaluation_types`.`description`,
`".PREFIX."evaluation_types`.`points`
FROM
`".PREFIX."evaluation_types`
WHERE
`".PREFIX."evaluation_types`.`id` = ".request("evaltype"));
//perform all action as in list
$actions = $DB->getAll("SELECT `more_or_less`, `than_value`, `move_to_usergroup` FROM `".PREFIX."action_list`;");
$action_done = FALSE;
$action_report = $Template->l("No actions executed.");
foreach ($actions as $action)
{
switch ($action["more_or_less"])
{
case "0":
if ($total_points <= (int)$action["than_value"])
{
$current_ug = $DB->getOne("SELECT `usergroup_id` FROM `".PREFIX."users` WHERE `id` = ".request("user_id"));
if ($current_ug != $action["move_to_usergroup"])
{
$data["usergroup_id"] = $action["move_to_usergroup"];
$DB->autoExecute(PREFIX.'users', $data, DB_AUTOQUERY_UPDATE, 'id = '.request("user_id"));
$action_done = TRUE;
}
}
break;
case "1":
if ($total_points >= (int)$action["than_value"])
{
$current_ug = $DB->getOne("SELECT `usergroup_id` FROM `".PREFIX."users` WHERE `id` = ".request("user_id"));
if ($current_ug != $action["move_to_usergroup"])
{
$data["usergroup_id"] = $action["move_to_usergroup"];
$DB->autoExecute(PREFIX.'users', $data, DB_AUTOQUERY_UPDATE, 'id = '.request("user_id"));
$action_done = TRUE;
}
}
}
if ($action_done)
{
//prepare message on action done
$usergroup = $DB->getOne("SELECT `title` FROM `".PREFIX."usergroups` WHERE `id` = ".$action["move_to_usergroup"].";");
$action_report = $Template->l("User was moved to group [b]USERGROUP[/b].");
$action_report = str_replace("USERGROUP", $usergroup, $action_report);
break;
}
}
//print_r($violtypecap);
$clean = array();
$clean['user_id'] = (int) $_SESSION['user']['id'];
$clean['receiver_id'] = (int) request("user_id");
$clean['sent_unixtime'] = NOW;
$clean['unread'] = 1;
$clean['title'] = $Template->l("Report on act evaluation");
$temp = $Template->l("[u]Act evaluation report[/u]<br /><br />Date: [b]CURRDATE[/b]<br />Type: [b]VIOLTYPE[/b]<br />Points: [b]1WEIGHT[/b]<br />Total points: [b]TOTALWEIGHT[/b]<br />Comment: [b]ACOMMENT[/b]<br />Publication link: [b]PUBLINK[/b]<br />Moderator: [b]ADMIN[/b]<br />Consequences: [b]CONSEQ1[/b]");
$temp = str_replace("<br />", "\r\n", $temp);
$temp = str_replace("CURRDATE", date('Y-m-d'), $temp);
$temp = str_replace("VIOLTYPE", $Template->l($evaltypecap[0]["description"]), $temp);
$temp = str_replace("1WEIGHT", $evaltypecap[0]["points"], $temp);
$temp = str_replace("TOTALWEIGHT", $total_points, $temp);
$temp = str_replace("ACOMMENT", request("modercomment"), $temp);
$temp = str_replace("PUBLINK", "[url]".request("publink")."[/url]", $temp);
$temp = str_replace("ADMIN", "[url=".WEB_ROOT."/users/".$_SESSION['user']['id']."]".$_SESSION['user']['username']."[/url]", $temp);
$temp = str_replace("CONSEQ1", $action_report, $temp);
//echo $temp;
$clean['content'] = $temp;
//print_r($clean);
// $result=FALSE;
$PMres = $PM->add($clean);
if (!$result&&!$PMres)
{
return FALSE;
}
else
{
$this->view($action_report);
}
}
public function edit()
{
die($Template->l('This action is not supported!'));
}
public function delete()
{
$DB = Registry::instance()->DB;
$Template = Registry::instance()->Template;
if(!($_SESSION['user']['permissions'] & CAN_EDIT_PRIVATE_CASE))
die($Template->l('You don\'t have the right to remove evaluations!'));
$result = $DB->query('
DELETE FROM '.PREFIX.'evaluations
WHERE id = ?
', request("eval_id"));
if (!$result)
{
return FALSE;
}
else
{
$this->view();
}
}
}
new PrivateCase_Controller(request('action'));
?>