Subversion Repositories ORC

#!/usr/bin/perl

use strict;

use cPanelUserConfig;

use RollerCon;

use CGI qw/param cookie header start_html url/;

use Email::Valid;

use WebDB;

use HTML::Tiny;

our $h = HTML::Tiny->new( mode => 'html' );

my ($FORM, $cookie_string, $ERRMSG);

my @ERRORS;

my $dbh = WebDB->connect ();

my $depts = getDepartments (); # HashRef of the department TLAs -> Display Names...

my $AccessLevel = getAccessLevels;

my @tshirtOptions = ("", "MS", "MM", "ML", "MXL", "M2X", "M3X");

# The page's form might be submitted as a POST or a GET (or both?)

#  The initial _view_ likely comes as a GET request (making it easier to embed in an HREF as a URL)

#  Unpack any values sent in the GET and add them to the FORM hash

$FORM->{'SUB'} = param ('submit') // '';

$FORM->{'RCid'} = param ('RCid') // '';

$FORM->{referer} = param ("referer") // "";

if ($FORM->{'SUB'} eq '') {

	if ($ENV{'REQUEST_URI'}) {

		my ($g, $keep) = split /\?/, $ENV{'REQUEST_URI'};

		if ($keep) {

			foreach (split /&/, $keep) {

				my ($k, $v) = split /=/;

				$k =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

				$v =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;

				$k eq "submit" ? $FORM->{'SUB'} = $v : $FORM->{$k} = $v;

			}

		}

	}

}

# Keep track of the original referrer for the 'back' link/button

my $goback;

if ($FORM->{referer}) {

	$goback = $FORM->{referer};

} else {

	$goback = $ENV{HTTP_REFERER};

}

if ($FORM->{'SUB'} eq "Save") {

	process_form ($FORM);

} elsif ($FORM->{'SUB'} eq "New User") {

  display_form ("New", "New User"); # blank form

} elsif ($FORM->{'RCid'}) {

  display_form ($FORM->{'RCid'}, $FORM->{'SUB'});

} else {

 	$cookie_string = authenticate (1);

 	my ($EM, $PWD, $AL) = split /&/, $cookie_string;

 	display_form (getUser ($EM)->{'RCid'}, "View");

}

sub process_form {

  my $F = shift // "";

  push @ERRORS, "Tried to save an empty form." and return unless $F;

	$F->{email}       = lc WebDB::trim param ('email')   // '';

	$F->{password}    = WebDB::trim param ('password')   // '';

	$F->{derby_name}  = WebDB::trim param ('derby_name') // '';

	$F->{real_name}   = WebDB::trim param ('real_name')  // '';

	$F->{pronouns}    = WebDB::trim param ('pronouns')   // '';

	$F->{tshirt}      = WebDB::trim param ('tshirt')   // '';

	$F->{phone}       = WebDB::trim param ('phone')      // '';

#	$F->{level}       = param ('level')      // '';

#	$F->{type}        = param ('type')       // '';

	$F->{RCid}        = param ('RCid')       // '';

	$F->{access}      = param ('access')     // 0;

#	$F->{clinic_pass} = defined param ('clinic_pass') ? 1 : 0;

	$F->{department}  = join ":", map { "$_-".param ("DEPT-".$_) } map { s/^DEPT-//; $_ } grep { param ($_) ne "" } grep { /^DEPT-/ } param ;

  if ($F->{RCid} eq "New") {

  # Saving a new User...

    # But first let's do some error checking...0

		if (!$F->{password})   { push @ERRORS, "Blank Password!"; }

		if (!$F->{real_name})  { push @ERRORS, "Blank Real Name!"; }

		if (!$F->{derby_name}) { $F->{derby_name} = $F->{real_name}; } # If they leave derby_name blank, use their real_name

		if (checkDupes ('derby_name', $F->{derby_name})) { push @ERRORS, "Derby Name already in use. Pick a different one."; $F->{derby_name} = ""; }

#		if (!$F->{level})      { $F->{level} = "B"; } # People keep leaving level blank.  Default 'em if they do.

#		if (!$F->{type})       { $F->{type} = "official"; } # and now they left the other drop-down blank!!!

		if (!$F->{email})      { push @ERRORS, "Blank Email (User-ID)!"; } else {

			$F->{email} =~ s/\s+//g; # make sure people aren't accidentally including spaces

			$F->{email} = lc $F->{email}; # sometimes people capitalize their email addresses and that's annoying...

			if (! Email::Valid->address (-address => $F->{email}, -mxcheck => 1, -tldcheck => 1)) { push @ERRORS, "Mal-formatted (or fake) Email Address!"; $F->{email} = ""; }

		}

		if (checkDupes ('email', $F->{email})) { push @ERRORS, "Email Address already in use. Pick a different one."; $F->{email} = ""; }

    if (!$F->{department}) { push @ERRORS, "You need to request at least one Department!"; }

		if (scalar @ERRORS) {

			$ERRMSG = join $h->br, @ERRORS;

			display_form ("New", "New User", $ERRMSG);

			return;

		} else {

			# We have a correctly formatted email address with a mail host record, go ahead and add the user

#			my $sth = $dbh->prepare ("insert into official (email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, password(?), ?, ?, ?, ?, ?, ?, ?, ?)");

			my $sth = $dbh->prepare ("insert into official (email, password, derby_name, real_name, pronouns, tshirt, phone, access, department, added) values (?, password(?), ?, ?, ?, ?, ?, ?, ?, CONVERT_TZ(now(), 'America/Chicago', 'America/Los_Angeles'))");

#			$sth->execute ($F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, 0, $F->{department}, 0);

			$sth->execute ($F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, 0, $F->{department});

			$sth = $dbh->prepare ("select RCid from official where email = ?");

			$sth->execute ($F->{email});

			($F->{RCid}) = $sth->fetchrow_array;

			logit ($F->{RCid}, "New User Registration");

			sendEMail ("New User", $F);

			$cookie_string = authenticate (1);

		}

	} else {

		$cookie_string = authenticate (1);

		my ($EM, $PWD, $AL) = split /&/, $cookie_string;

		if (lc $EM eq lc $F->{email} and $AL < 5) { # They're editing their own record (and not a sysadmin).

			# Don't let users change their own clinic_pass setting...

#		  $F->{clinic_pass} = getUser($EM)->{clinic_pass};

			my $DBDepts = getUser($EM)->{department};

		  if ($F->{department} ne $DBDepts) {

		  	# They're trying to change one of their own departments.

		  	my $FORMDepts = convertDepartments $F->{department};

		  	$DBDepts =   convertDepartments $DBDepts;

		  	map { $FORMDepts->{$_} = 0 } keys %{$FORMDepts};  # the only change to a dept should be a request to be added

				map { do { delete $DBDepts->{$_} } if $DBDepts->{$_} == 0 and !defined $FORMDepts->{$_} } keys %{$DBDepts};  # or they can retract their request

		  	map { $FORMDepts->{$_} = $DBDepts->{$_} } keys %{$DBDepts};  # otherwise, keep the same depts as are in the DB

		  	$F->{department} = convertDepartments $FORMDepts;

		  }

      if ($F->{password}) { # They've possibly included an updated password.

#    		my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?)");

#    		$sth->execute ($F->{RCid}, $EM, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass})

    		my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, pronouns, tshirt, phone, access, department, added, last_login) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?, ?)");

    		$sth->execute ($F->{RCid}, lc $EM, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, $F->{access}, $F->{department}, getUser($EM)->{added}, getUser($EM)->{last_login})

    			or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";

    	} else { # No password was included, just keep the existing one.

#    		my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");

#    		$sth->execute($F->{RCid}, $EM, $PWD, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass})

    		my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, pronouns, tshirt, phone, access, department, added, last_login) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");

    		$sth->execute($F->{RCid}, lc $EM, $PWD, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, $F->{access}, $F->{department}, getUser($EM)->{added}, getUser($EM)->{last_login})

    			or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";

    	}

			if ($ERRMSG) {

				logit ($F->{RCid}, "DB ERROR: Updating Self Details: $ERRMSG");

			} else {

				logit ($F->{RCid}, "Updated User Details");

			}

		} elsif ($AL > 1) { # A lead or higher is updating someone else's record

		  use List::Util qw/sum/;

		  if (sum (values %{ convertDepartments ($F->{department}) }) > 0 and $F->{access} == 0) {

		    # activating a user for the first time...

		    $F->{access} = 1;

		    sendEMail ("Activate", $F);

		  }

			if ($FORM->{password}) {

#				my $sth = $dbh->prepare ("replace into official (RCid, email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?)");

#				$sth->execute ($F->{RCid}, $F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass})

				my $sth = $dbh->prepare ("replace into official (RCid, email, password, derby_name, real_name, pronouns, tshirt, phone, access, department, added, last_login) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?, ?)");

				$sth->execute ($F->{RCid}, $F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, $F->{access}, $F->{department}, getUser($F->{email})->{added}, getUser($F->{email})->{last_login})

					or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";

			} else {

#				my $sth = $dbh->prepare ("update official set email = ?, derby_name = ?, real_name = ?, phone = ?, level = ?, type = ?, access = ?, department = ?, clinic_pass = ? where RCid = ?");

#				$sth->execute ($F->{email}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass}, $F->{RCid})

				my $sth = $dbh->prepare ("update official set email = ?, derby_name = ?, real_name = ?, pronouns = ?, tshirt = ?, phone = ?, access = ?, department = ? where RCid = ?");

				$sth->execute ($F->{email}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, $F->{access}, $F->{department}, $F->{RCid})

					or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";

			}

			if ($ERRMSG) {

				logit ($F->{RCid}, "DB ERROR: Updating Someone Else: $ERRMSG");

			} else {

				logit ($F->{RCid}, "Updated User Details (by ".getUser($EM)->{derby_name}.")");

				logit (getUser($EM)->{RCid}, "Updated User Details: ".$F->{derby_name}." (".$F->{RCid}.")");

			}

		} else {

			$ERRMSG = "Attempting to update someone else's record, and you don't have permission to do that.";

			logit ($F->{RCid}, "FAIL: ($EM) doesn't have access to update ($F->{email})'s record");

		}

	}

	$F->{password} = "*******";

	$F->{buttons}		= $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{RCid} }).$h->input ({ type=>"submit", name=>"submit", value=>"Edit" });

#	my $checked = $F->{clinic_pass} ? "checked" : "";

#	$F->{clinic_pass}	= "<INPUT type='checkbox' name='clinic_pass' $checked disabled readonly>";

	$F->{department} = convertDepartments ($F->{department});

	display_form ($F->{RCid}, "View");

}

sub display_form {

  my $RCID = shift // "";

  my $view = shift; # // "New User";

  my $errors = shift // "";

  my $F;

  if ($view eq 'Edit') {

  	$cookie_string = authenticate (1);

  	my ($EM, $PWD, $AL) = split /&/, $cookie_string;

  	$F = getUser ($RCID);

  	my $currentuser = getUser ($EM);

#  	$currentuser->{department} = convertDepartments ($currentuser->{department});

#  	if (lc $EM eq lc $F->{email} or $AL > 1) {

  	if (canView ($currentuser, $F)) {

  	  # Editing your own record OR you're a lead/higher

  		if (lc $EM eq lc $F->{email} or $currentuser->{access} < $F->{access}) {

  		  # If you're editing your own record, or someone who has higher access than you, make access level read-only

  			$F->{access}			= $h->input ({ type=>"hidden", name=>"access", value=>$F->{access} }).$AccessLevel->{$F->{access}};

  		} else {

  			$F->{access}			= $h->select ({ name=>"access" }, [map { $F->{access} == $_ ? $h->option ({ value=>$_, selected=>[] }, $AccessLevel->{$_}) : $h->option ({ value=>$_ }, $AccessLevel->{$_}) } (-1..$currentuser->{access})]);

  		}

#  		my $checked = $F->{clinic_pass} ? "checked" : "";

#  		if ($currentuser->{access} > 2) {

#  			$F->{clinic_pass} = "<INPUT type='checkbox' name='clinic_pass' value=$F->{clinic_pass} $checked>";

#  		} else {

#  			$F->{clinic_pass} = "<INPUT type='checkbox' name='clinic_pass' $checked disabled readonly>";

#  		}

#  		$F->{email}      = $h->input ({ type=>"text", name=>"email", value=>$F->{email}, readonly=>[] });

  		$F->{email}      = $F->{email}.$h->input ({ type=>"hidden", name=>"email", value=>$F->{email} });

  		if ($currentuser->{RCid} eq $F->{RCid} or $currentuser->{access} > 4) {

  			$F->{password}   = $h->input ({ type=>"password", name=>"password" });

  			$F->{derby_name} = $h->input ({ type=>"text", name=>"derby_name", value=>$F->{derby_name} });

  			$F->{real_name}  = $h->input ({ type=>"text", name=>"real_name", value=>$F->{real_name} });

  			$F->{pronouns}   = $h->input ({ type=>"text", name=>"pronouns", value=>$F->{pronouns} });

  			$F->{tshirt}     = $h->select ({ name=>"tshirt" }, [map { $F->{tshirt} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } @tshirtOptions] );

  			$F->{phone}      = $h->input ({ type=>"text", name=>"phone", value=>$F->{phone} });

  		} else {

  			$F->{password}   = '*******';

  		}

#  		$F->{level}      = "<SELECT NAME=level>".selectOptions ($F->{level}, [qw(AA A B C)])."</SELECT>";

#  		$F->{type}       = "<SELECT NAME=type>".selectOptions ($F->{type}, [qw(official nso referee)])."</SELECT>";

  		$F->{RCid}       = $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{RCid} })."$F->{RCid} ";

  		$F->{buttons}		 = join " ", $h->input ({ type=>"submit", name=>"submit", value=>"Save" }), $h->input ({ type=>"reset", value=>"Reset" }), $h->input ({ type=>"submit", name=>"submit", value=>"Cancel" });

    	$F->{department} = convertDepartments ($F->{department});

    	$currentuser->{department} = convertDepartments ($currentuser->{department});

    	foreach my $k (keys %{$depts}) {

    	  next if $k eq "CMP";

    	  if ($currentuser->{access} > 4) {

    	    # SysAdmin can change anyone's department level

    	    $F->{department}->{$k} = $h->select ({ name=>"DEPT-".$k }, [ $h->option ({ value=>"" }, ""), map { $_ eq $F->{department}->{$k} ? $h->option ({ value=>$_, selected=>[] }, $AccessLevel->{$_}) : $h->option ({ value=>$_ }, $AccessLevel->{$_}) } (0..4) ]);

    	  } elsif ($currentuser->{department}->{$k} > 1 and $currentuser->{department}->{$k} > $F->{department}->{$k}) {

    	    # Department Leads and above can change someone's level within the dept (up to their own level -1)

    	    $F->{department}->{$k} = $h->select ({ name=>"DEPT-".$k }, [ $h->option ({ value=>"" }, ""), map { $_ eq $F->{department}->{$k} ? $h->option ({ value=>$_, selected=>[] }, $AccessLevel->{$_}) : $h->option ({ value=>$_ }, $AccessLevel->{$_}) } (0..$currentuser->{department}->{$k}-1) ]);

    	  } else {

    	    # Or it's your own record, you can still submit a request to be added to the dept.

    	    if (!defined $F->{department}->{$k}) {

            $F->{department}->{$k} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$k", value=>0 }), $h->span ({ class=>"slider round" })]);

          } elsif ($F->{department}->{$k} == 0) {

            $F->{department}->{$k} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$k", value=>0, checked=>[] }), $h->span ({ class=>"slider round" })]);

          }

    	  }

    	}

  	} else {

  		$ERRMSG = "Attempting to update someone else's record, and you don't have permission to do that.";

  	}

  } elsif ($view eq 'New User') {

    $errors .= $h->br."NOTE: You will not be able to login until your account has been reviewed and approved. Watch your email for notification.";

  	# Skip authentication

 		$F->{email}      = $h->input ({ type=>"text", name=>"email", value=>$F->{email} });

 		$F->{password}   = $h->input ({ type=>"password", name=>"password" });

 		$F->{derby_name} = $h->input ({ type=>"text", name=>"derby_name", value=>$F->{derby_name} });

 		$F->{real_name}  = $h->input ({ type=>"text", name=>"real_name", value=>$F->{real_name} });

		$F->{pronouns}   = $h->input ({ type=>"text", name=>"pronouns", value=>$F->{pronouns} });

		$F->{tshirt}     = $h->select ({ name=>"tshirt" }, [map { $F->{tshirt} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } @tshirtOptions] );

 		$F->{phone}      = $h->input ({ type=>"text", name=>"phone", value=>$F->{phone} });

#  	$F->{level}      = "<SELECT NAME=level>".selectOptions ($F->{level}, ["", qw(AA A B C)])."</SELECT>";

#  	$F->{type}       = "<SELECT NAME=type>".selectOptions ($F->{type}, ["", qw(official nso referee)])."</SELECT>";

 		$F->{RCid}         = $h->input ({ type=>"hidden", name=>"RCid", value=>"New" })."TBD ";

  	$F->{access}			= $h->input ({ type=>"hidden", name=>"access", value=>0 })."0";

#  	$F->{clinic_pass}	= "<INPUT type='checkbox' name='clinic_pass' disabled readonly>";

  	foreach (keys %{$depts}) {

  	  next if $_ eq "CMP";

  	  if (defined param ("DEPT-$_")) {

  	    $F->{department}->{$_} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$_", value=>0, checked=>[] }), $h->span ({ class=>"slider round" })]);

  	  } else {

  	    $F->{department}->{$_} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$_", value=>0 }), $h->span ({ class=>"slider round" })]);

  	  }

  	}

  	$F->{buttons}		= $h->input ({ type=>"submit", name=>"submit", value=>"Save" })." ".$h->input ({ type=>"reset", value=>"Reset" })." ".$h->input ({ type=>"submit", name=>"submit", value=>"Cancel" });

  	$cookie_string = '';

  } elsif ($view eq 'View' or $view eq 'Cancel' or !$view) {

  	$cookie_string = authenticate (1);

  	my ($EM, $PWD, $AL) = split /&/, $cookie_string;

  	if (!$view) {

      $F->{'RCid'} = getUser ($EM)->{'RCid'};

  	}

  	# Check to make sure they're only looking up their own ID unless they're a lead or higher

  	my $currentuser = getUser ($EM);

    my	$targetuser = getUser ($RCID);

  	if (canView ($currentuser, $targetuser)) {

    	$F = $targetuser;

    	$F->{department} = convertDepartments ($F->{department});

      $F->{access} = $AccessLevel->{$F->{access}};

    	$F->{'password'} = "*******";

      $F->{buttons}		= $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{'RCid'} }).$h->input ({ type=>"submit", name=>"submit", value=>"Edit" });

#    	my $checked = $F->{clinic_pass} ? "checked" : "";

#    	$F->{clinic_pass}	= "<INPUT type='checkbox' name='clinic_pass' value=$F->{clinic_pass} $checked disabled readonly>";

  	} else {

  	  logit ($currentuser->{RCid}, "SECURITY: $currentuser->{derby_name} attempted to view another user's ($RCID) info");

  	  $errors = "Unauthorized attempt to view another user.  This has been logged.";

    	$F->{email}      = " ";

    	$F->{password}   = " ";

    	$F->{derby_name} = " ";

    	$F->{real_name}  = " ";

    	$F->{pronouns}      = " ";

    	$F->{tshirt}      = " ";

    	$F->{phone}      = " ";

#    	$F->{level}      = " ";

#    	$F->{type}       = " ";

    	$F->{RCid}       = " ";

    	$F->{access}			= " ";

#    	$F->{clinic_pass}	= " ";

    	$F->{buttons}		 = " ";

    }

#  	if (lc $EM eq lc $F->{email} or $AL > 1) {

#      $F->{buttons}		= $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{'RCid'} }).$h->input ({ type=>"submit", name=>"submit", value=>"Edit" });

#  	} else {

#  		$F->{buttons} = "";

#  	}

  } #else {

  #	$cookie_string = authenticate(1);

  #	$FORM->{email}      = " ";

  #	$FORM->{password}   = " ";

  #	$FORM->{derby_name} = " ";

  #	$FORM->{real_name}  = " ";

  #	$FORM->{phone}      = " ";

  #	$FORM->{level}      = " ";

  #	$FORM->{type}       = " ";

  #	$FORM->{RCid}         = " ";

  #	$FORM->{access}			= " ";

  #	$FORM->{clinic_pass}	= " ";

  #	$FORM->{buttons}		= " ";

  #}

  #---------------START THE HTML--------------------

  my $RCAUTH_cookie = cookie (-name=>'RCAUTH',-value=>"$cookie_string",-expires=>"+30m");

  print header (-cookie=>$RCAUTH_cookie);

  #foreach (keys %ENV) {

  #	print "$_: $ENV{$_}\n<br>";

  #}

  if ($errors) {

  	$errors = $h->div ({ class=>"error" }, $errors);

  } else {

  	$errors = "";

  }

  my @printDepartments = ( $h->div ({ class=>"index", style=>"display: unset;" }, $h->p ({ class=>"heading" }, "Department Access:")) );

  foreach (sort grep { !/^PER$/ } keys %{$F->{department}}) {

    push @printDepartments, $h->div ({ class=>"rTableRow" }, [

      $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, $depts->{$_}.":", $F->{department}->{$_} =~ /^\d$/ ? $AccessLevel->{$F->{department}->{$_}} : $F->{department}->{$_}),

    ]);

  }

  printRCHeader ("User Manager");

  print $errors;

  print $h->form ({ action=>url, method=>'POST', name=>'Req' },[

    $h->input ({ type=>"hidden", name=>"referer", value=>$goback }),

    $h->div ({ class=>"index" }, [$h->p ({ class=>"heading" }, "User Details:"),

      $h->div ({ class=>"rTable", style=>"min-width: 0%;" },[

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "User-ID / Email Address: ", $F->{email}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "Password: ",                $F->{password}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "Derby Name: ",              $F->{derby_name}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "Real Name: ",               $F->{real_name}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "Pronouns: ",                $F->{pronouns}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "TShirt Size: ",             $F->{tshirt}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "Phone: ",                   $F->{phone}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "Database ID: ",             $F->{RCid}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "User Added: ",              $F->{added}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "Last Login: ",              $F->{last_login}) ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr", style=>"font-size: unset;" }, "vORC Access Level: ",       $F->{access}) ]),

        @printDepartments,

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCell" }, " ") ]),

        $h->div ({ class=>"rTableRow" },[ $h->div ({ class=>"rTableCellr" }, $h->a ({ href=>$goback }, "[go back]"), $F->{buttons}) ])

      ])

    ])

  ]); #  print $h->close('form');

  print $h->div ({ class=>"index" }, [$h->p ({ class=>"heading" }, "Schedule:"), getSchedule ($RCID)]) unless $RCID !~ /^\d+$/;

  print $h->div ({ class=>"index" }, [$h->p ({ class=>"heading" }, "Recent Activity:"), getLog ($RCID)]) unless $RCID !~ /^\d+$/;

  print $h->close ('html');

}

#sub selectOptions {

#	my $selectedOption = shift;

#	my $options = shift;

#	return join " ", map { $selectedOption eq $_ ?

#	                        $h->option ({ value=>$_, selected=>[] }, $_) :

#													$h->option ({ value=>$_ }, $_)

#						 					} @$options;

#}

sub sendEMail {

	my $context = shift;

	my $data = shift;

	use RCMailer;

	my $email = $data->{email};

	my $subject = 'RollerCon Volunteer Schedule Manager - New User';

	my $body;

	if ($context eq "New User") {

    $subject .= " Request";

	  $body = "Greetings,

It appears as though you've registered a new account to Volunteer at RollerCon with the following information:

		Derby Name: $data->{derby_name}

		Real Name: 	$data->{real_name}

		Pronouns: 	$data->{pronouns}

		TShirt Size: $data->{tshirt}

		Email Address: $data->{email}

		Phone: $data->{phone}

Please be patient while our Admins are reviewing your account request.  Each user is manually approved to help ensure robots, spiders, and shift hoggers don't get in.

YOU WILL NOT BE ABLE TO LOG IN UNTIL YOU RECEIVE ANOTHER EMAIL STATING YOUR ACCOUNT REQUEST HAS BEEN APPROVED!

Once approved, you'll be able to log in and view the schedule and sign up for shifts.  Please be considerate of others and don't hogger all of the shifts.  If you do, we will find you and randomly drop your shifts.

If you're new to using vORC, you may want to read this:

https://volunteers.rollercon.com/info.html

If you didn't make this request, well, you're still the only one who received this email, and you now have an account request.  You should probably let us know that someone is messing with you.

-RollerCon Management

";

  } elsif ($context eq "Activate") {

    $subject .= " Activated!";

    my $tempDepartments = convertDepartments ($data->{department});

    my $printableDepartments = join "\n", map { $depts->{$_}.": ".$AccessLevel->{$tempDepartments->{$_}} } sort keys %{$tempDepartments};

    $body = "Greetings again,

You have been approved to volunteer at RollerCon in the following departments:

$printableDepartments

You may log into vORC and begin signing up for shifts.  Please be considerate of others and don't hogger all of the shifts.  If you do, we will find you and randomly drop your shifts.

https://volunteers.rollercon.com/schedule/

Please note that you are limited to signing up to a limnited number of shifts per day.  (Meaning, once you sign up for X shifts, you'll have to wait until tomorrow to sign up for more.)  Please understand, while you are a nice, concientious, and good-looking person yourself, who knows how to share, there are others out there that will hogger up all of the shifts.  As time goes by and we get closer to the event, we may lift the limit.  Who knows?

If you've already signed up for your daily limit of shifts, and another shift REALLY strikes your fancy, try dropping one of your shifts.  That should allow you to pick up a different one.

We'll be adding shifts over time, again to throttle how fast some people (not you, mind you) gobble up the shifts.  Check back, maybe even daily.

If you're new to using vORC, you may want to read this:

https://volunteers.rollercon.com/info.html

If you didn't make this request, well, you're still the only one who received this email, and you now have an active account.  You should probably let us know that someone is messing with you.

-RollerCon Management

";

  } else {

    return;

  }

	# send the message

	EmailUser ($email, $subject, $body);

}

sub checkDupes {

  my $field = shift;

  my $nametocheck = shift;

  my $han = $dbh->prepare("select RCid from official where $field = ?");

  $han->execute($nametocheck);

  my ($rcid) = $han->fetchrow();

  return $rcid;

}

sub canView {

	my $A = shift // "";

	my $B = shift // "";

	# Is A a lead or higher of one of B's Depts? (or they're looking at themselves)

	# parameters should be a Hashref to the users' details

	return 1 if $A->{access} > 4 or $A->{RCid} == $B->{RCid}; # viewer and target are the same person or it's a SysAdmin.

	my $ADept = convertDepartments $A->{department};

	my $BDept = convertDepartments $B->{department};

	foreach (keys %{$BDept}) {

		if ($ADept->{$_} > 1) { # A is a Lead or higher of one of B's departments

			return 1;

		}

	}

	return 0;

}

sub getLog {

  my $RCID = shift;

  my @activity_log;

  my $alog = $dbh->prepare("select timestamp, event from v_log where RCid = ? limit 10");

  $alog->execute($RCID);

  while (my @logs = $alog->fetchrow_array) {

  	push @activity_log, $h->li ({ class=>"shaded" }, join " ", @logs);

  }

  return $h->ul ([@activity_log]).$h->h5 ($h->a ({ href=>"log.pl?filter-RCid=".$RCID }, "[Entire log history]"));

}