science-ation/user_invite.php

<?
/* 
   This file is part of the 'Science Fair In A Box' project
   SFIAB Website: http://www.sfiab.ca

   Copyright (C) 2005 Sci-Tech Ontario Inc <info@scitechontario.org>
   Copyright (C) 2005 James Grant <james@lightbox.org>

   This program is free software; you can redistribute it and/or
   modify it under the terms of the GNU General Public
   License as published by the Free Software Foundation, version 2.

   This program is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
    General Public License for more details.

   You should have received a copy of the GNU General Public License
   along with this program; see the file COPYING.  If not, write to
   the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
   Boston, MA 02111-1307, USA.
*/
?>
<?
 require_once('common.inc.php');
 require_once('user.inc.php');

 user_auth_required('committee', 'admin');
 //include "judges.inc.php";

 /* AJAX query */
 if(intval($_POST['ajax']) == 1) {
 	/* Do ajax processing for this file */
	$email = mysql_real_escape_string($_POST['email']);
	$type = $_POST['role'];

	/* Sanity check type */
	if(!array_key_exists($type, $roles)) {
		echo "err\n";
		exit;
	}

	//we use username='email' because if we are INVITING someone, then
	//they pretty much have to user their email address as their username
	//otherwise the system has no way to send them the details
	$q = mysql_query("SELECT id,deleted FROM accounts WHERE username='$email' OR email='$email'");
	if(mysql_num_rows($q) == 0) {
		/* Account doesn't exist */
		echo "notexist\n";
		exit;
	}
	$account = mysql_fetch_assoc($q);

	if($account['deleted'] == 'yes') {
		echo "notexist\n";
		exit;
	}

	$u = user_load_by_accounts_id($account['id']);
	if(!$u) {
		//user_load_by_accounts_id returns false if there is no user record for this account for this conference
		echo "norole\n";
		exit;
	}

	if(!array_key_exists($type, $u['roles'])) {
		echo "norole\n";
		exit;
	}

	if($u['conferences_id'] != $conference['id']) {
		echo "noconference\n";
		exit;
	}

	echo "exist\n"; 
 	exit;
 }

 send_header("Invite Users",
 		array('Committee Main' => 'committee_main.php',
			'Administration' => 'admin/index.php'
			) );

?>
	<script type="text/javascript">
	var checkTimeout;

	function checkEmailLater() {
		clearTimeout(checkTimeout);
		checkTimeout=setTimeout('checkEmail()',500);
	}
	function checkEmail() {
		var url, email, role;

		role = $("#role").val();
		email = $("#email").val();

		if(email.length < 3 || role == "") {
			update_status("<?=i18n('Select a role and enter an email address')?>");
			$("#button").attr('disabled',true);
			$("#button").val('<?=i18n("Invite")?>');
			return true;
		}
		update_status("Checking...");
		$.post("user_invite.php",{ajax: 1, email: email, role: role},function(d) {
				var lines=d.split("\n");
				var response=lines[0];
//					alert(response);
				switch(response) {
				case "err":
					update_status("<?=i18n('Select a role and enter an email address')?>");
					$("#button").attr('disabled',true);
					$("#button").val('<?=i18n("Invite")?>');
					$("#action").val("err");
					break;
				case "notexist":
					update_status("<?=i18n('User not found.  Choose the \"Invite New User\" button below to create an account for this user and send them an email invite.')?>");
					$("#button").attr('disabled',false);
					$("#button").val('<?=i18n("Invite new user")?>');
					$("#action").val("invitenew");
					break;
				case "norole":
					update_status("<?=i18n('Account found without the selected role.<br />Choose the \"Invite existing account role\" button below add the selected role on this user\'s account and send them email notice of the change.')?>");
					$("#button").attr('disabled',false);
					$("#button").val('<?=i18n("Invite existing account to role")?>');
					$("#action").val("inviteexisting");
					break;
				case "exist":
					update_status("<?=i18n('This user and role already exist.  They cannot be invited.')?>");
					$("#button").attr('disabled',true);
					$("#button").val('<?=i18n("Cannot Invite")?>');
					$("#action").val("err");
					break;
				}

		});
		return true;
	}

	function update_status(text) {
		$("#status").html(text);
	}

	</script>
<?

 echo "<br />";
 $type = $_POST['type'];
 if(!$type) $type=$_GET['type'];

/*
//FIXME: commente dby james 2010-12-21 - we need ta better way to know which types we can invite
 $allowed_types = array('judge', 'volunteer');
 if($type == '') $type = $_GET['type'];
 if($type != '') {
	 if(!in_array($type, $allowed_types)) {
 		echo "Type $type not allowed for invite<br /><br/>";
		exit;
	}
 }
 */
// Hrm - at the moment, only committee members and admins can access this page anyway, so no need to worry about who's making this invitation - Jacob, 2012-02-10
$allowed_types = array(
	'judge' => 'Judge',
	'volunteer' => 'Volunteer',
	'committee' => 'Committee Memeber'
);

if($_POST['action']=="invitenew" && $_POST['email'] && $type != '') {
	 $newUser=user_invite($_POST['email'], null, $_POST['email'], $type);
	 if(is_array($newUser)) {
		echo happy(i18n("%1 successfully invited to be a %2",array($_POST['email'],$type)));
	 }
	 else {
		 echo error($newUser);
	 }
 }
 else if($_POST['action']=="inviteexisting" && $_POST['email'] && $type != '') {

	 $newUser=user_invite($_POST['email'], null, $_POST['email'], $type);
	 if(is_array($newUser)) {
		echo happy(i18n("%1 successfully invited to be a %2",array($_POST['email'],$type)));
	 }
	 else {
		 echo error($newUser);
	 }
 }


 echo "<br />\n";
 echo "<form method=\"post\" name=\"invite\" action=\"user_invite.php\">\n";
 echo "<input type=\"hidden\" name=\"action\" id=\"action\" value=\"invite\" />\n";
 echo "<table><tr><td>";
 echo i18n("Select a Role: ");
 echo "</td><td><select id=\"role\" name=\"type\" onChange=\"checkEmail();\">\n";
 echo "<option value=\"\" >".i18n('Choose')."</option>\n";
foreach($allowed_types as $rtype => $label){
	$sel = ($type == $rtype) ? ' selected="selected"' : '';
	echo "<option value=\"$rtype\"$sel>" . i18n($label) . "</option>\n";
}
 echo "</select></td></tr><tr><td>";
 echo i18n("Enter an Email: ");
 echo "</td><td><input type=\"text\" id=\"email\" name=\"email\" size=\"40\" onKeyUp=\"checkEmailLater();\" />";
 echo "</td></tr></table>";
 echo "<br />\n";
 echo "<div class=\"notice\" id=\"status\">".i18n('Select a role and enter an email address')."</div>";

 echo "<br />\n";
 echo "<input id=\"button\" type=\"submit\" disabled=\"disabled\" value=\"".i18n("Invite")."\" />\n";

 echo "</form>\n";


 send_footer();
?>