WebSVN – VORC – Diff – /trunk/perl/RollerCon.pm

 use CGI qw/param header start_html url/;
 use CGI::Cookie;
 use DBI;
 use WebDB;
-our @EXPORT = qw( $ORCUSER getRCDBH getAccessLevels authDB max authenticate getShiftDepartment getDepartments convertDepartments convertTime getSchedule getRCid getSetting getUser getUserEmail getUserDerbyName getYears printRCHeader changeShift modShiftTime signUpCount signUpEligible findConflict changeLeadShift logit );
+our @EXPORT = qw( $ORCUSER getRCDBH getAccessLevels authDB max authenticate canView getShiftDepartment getClassID getDepartments convertDepartments convertTime getSchedule getRCid getSetting getUser getUserEmail getUserDerbyName getYears printRCHeader changeShift modShiftTime signUpCount signUpEligible findConflict changeLeadShift sendNewUserEMail logit );
 my $dbh = WebDB->connect ();
 sub getRCDBH {
   return $dbh;
+}
+our $ORCUSER;
-our $ORCUSER;
+use constant {
+    NOONE     => 0,
-use constant {
+    USER      => 1,
-    USER   => 1,
+    VOLUNTEER => 1,
-    LEAD   => 2,
+    LEAD      => 2,
+    MANAGER   => 3,
-    MANAGER  => 3,
+    DIRECTOR  => 4,
-    DIRECTOR  => 4,
+    SYSADMIN  => 5,
-    ADMIN  => 5
+    ADMIN     => 5
   };
 sub authDB {
 	my $src = shift;
 	my $id = shift;
 	my $pass = shift;
 	my $level = shift;
+	my $activationcode = shift // "";
 	my ($result, $encpass);
 	my $sth = $dbh->prepare("select * from official where email = ?");
 	$sth->execute($id);
 	} else {
 		$encpass = $pass;
+	}
 	my $tempDepartments = convertDepartments ($RCDBIDHASH->{department});
-	my $MAXACCESS = scalar keys %{ $tempDepartments } ? max ($RCDBIDHASH->{'access'}, values %{ $tempDepartments }) : $RCDBIDHASH->{'access'};
+	my $MAXACCESS = scalar keys %{ $tempDepartments } ? max ($RCDBIDHASH->{'access'}, values %{ $tempDepartments } ) : $RCDBIDHASH->{'access'};
 	if (!$RCDBIDHASH->{'RCid'}) {
 		$result->{ERRMSG} = "Email Address not found!";
 		$result->{cookie_string} = '';
 		$result->{RCid} = '';
+		logit(0, "Account not found: $id");
-		logit(0, "Account not found: $id");
+		$result->{authenticated} = 'false';
-		$result->{authenticated} = 'false';
+		return $result;
 	} elsif ($RCDBIDHASH->{'password'} ne $encpass) {
 		$result->{ERRMSG} = "Incorrect Password!";
 		$result->{cookie_string} = '';
 		$result->{RCid} = $RCDBIDHASH->{'RCid'};
+		logit($RCDBIDHASH->{'RCid'}, "Incorrect Password");
+		$result->{authenticated} = 'false';
+		return $result;
+  } elsif ($RCDBIDHASH->{'activation'} ne "active") {
+    # It's an inactive account...
+    if ($activationcode eq "resend") {
+      # warn "Resending activation code...";
+      sendNewUserEMail ("New User", $RCDBIDHASH);
+      $result->{ERRMSG} = "Activation code resent. Please check your email.";
+  		$result->{cookie_string} = "${id}&${encpass}&0";
+  		$result->{RCid} = $RCDBIDHASH->{'RCid'};
+  		logit($RCDBIDHASH->{'RCid'}, "Activation code resent.");
+  		$result->{authenticated} = 'inactive';
+  		return $result;
+    } elsif ($activationcode) {
+      # They sent an activation code
+      if ($activationcode eq $RCDBIDHASH->{'activation'}) {
+        # ...and it was good.
+        $dbh->do ("update official set activation = 'active', access = 1 where RCid = ? and activation = ?", undef, $RCDBIDHASH->{'RCid'}, $activationcode);
+        logit($RCDBIDHASH->{'RCid'}, "Activated their account and logged In");
+        # sendNewUserEMail ("Activate", $RCDBIDHASH);
+        $RCDBIDHASH->{'access'} = 1;
+        $RCDBIDHASH->{'activation'} = "active";
+        $MAXACCESS = max ($MAXACCESS, 1);
+      } else {
+        # ...but it wasn't good.
+        $result->{ERRMSG} = "Activation failed, invalid code submitted.";
+    		$result->{cookie_string} = "${id}&${encpass}&0";;
+    		$result->{RCid} = $RCDBIDHASH->{'RCid'};
+        logit($RCDBIDHASH->{'RCid'}, "Activation failed, invalid code submitted.");
+    		$result->{authenticated} = 'inactive';
+  	  	return $result;
+      }
+    } else {
+      # No activation code was submitted.
+  		$result->{ERRMSG} = "Inactive account! Please check your email for activation link/code." unless $result->{ERRMSG};
+  		$result->{cookie_string} = "${id}&${encpass}&0";
+  		$result->{RCid} = $RCDBIDHASH->{'RCid'};
+  		logit($RCDBIDHASH->{'RCid'}, "Login attempted without activation code.");
+  		$result->{authenticated} = 'inactive';
+  		return $result;
+    }
-		logit($RCDBIDHASH->{'RCid'}, "Incorrect Password");
+	}
 		$result->{authenticated} = 'false';
-	} elsif ($MAXACCESS < $level) {
+	if ($MAXACCESS < $level) {
 	  if (getSetting ("MAINTENANCE")) {
 	    $result->{ERRMSG} = "MAINTENANCE MODE: Logins are temporarily disabled.";
 	  } else {
 		$RCDBIDHASH->{department} = convertDepartments ($RCDBIDHASH->{department});
 		$RCDBIDHASH->{'access'} = max ($RCDBIDHASH->{'access'}, values %{$RCDBIDHASH->{department}});
 		$result->{cookie_string} = "${id}&${encpass}&$RCDBIDHASH->{'access'}";
 		$result->{RCid} = $RCDBIDHASH->{'RCid'};
 		logit($RCDBIDHASH->{'RCid'}, "Logged In") if $src eq "form";
-		$dbh->do ("update official set last_login = CONVERT_TZ(now(), 'America/Chicago', 'America/Los_Angeles') where RCid = ?", undef, $RCDBIDHASH->{'RCid'}) if $src eq "form";
+#		$dbh->do ("update official set last_login = CONVERT_TZ(now(), 'America/Chicago', 'America/Los_Angeles') where RCid = ?", undef, $RCDBIDHASH->{'RCid'}) if $src eq "form";
+		$dbh->do ("update official set last_login = now() where RCid = ?", undef, $RCDBIDHASH->{'RCid'}) if $src eq "form";
 		$result->{authenticated} = 'true';
 #		my @depts = map { s/-\d// } split /:/, $RCDBIDHASH->{department};
 #		my @depts = split /:/, $RCDBIDHASH->{department};
 	my $sth = $dbh->prepare("select * from official where email = '?'");
 	my $query = new CGI;
 # Check to see if the user has already logged in (there should be cookies with their authentication)?
 	my $RCAUTH = $query->cookie('RCAUTH');
-	$FORM{'ID'} = WebDB::trim $query->param('id') || '';
+	$FORM{'ID'} = WebDB::trim $query->param('userid') || '';
 	$FORM{'PASS'} = WebDB::trim $query->param('pass') || '';
+	$FORM{'SUB'} = $query->param('login') || '';
+	$FORM{'activate'} = WebDB::trim $query->param('activate') // '';
+	if ($RCAUTH) {
+		#We have an authenication cookie.  Double-check it
-	$FORM{'SUB'} = $query->param('login') || '';
+		my ($RCID, $RCPASS, $RCLVL) = split /&/, $RCAUTH;
 		$authenticated = authDB('cookie', $RCID, $RCPASS, $MINLEVEL, $FORM{'activate'});
-	if ($FORM{'SUB'}) {
+	} elsif ($FORM{'SUB'}) {
 		#a log in form was submited
 		if ($FORM{'SUB'} eq "Submit") {
-			$authenticated = authDB('form', $FORM{'ID'}, $FORM{'PASS'}, $MINLEVEL);
+			$authenticated = authDB('form', $FORM{'ID'}, $FORM{'PASS'}, $MINLEVEL, $FORM{'activate'});
 		} elsif ($FORM{'SUB'} eq "New User") {
-			# Print the new user form and exit
-		}
-	} elsif ($RCAUTH) {
-		#We have an authenication cookie.  Double-check it
-		my ($RCID, $RCPASS, $RCLVL) = split /&/, $RCAUTH;
+			# Print the new user form and exit
 		$authenticated = authDB('cookie', $RCID, $RCPASS, $MINLEVEL);
 	} else {
 # If we get here, the user has failed authentication; throw up the log-in screen and die.
-	my $RCAUTH_cookie = CGI::Cookie->new(-name=>'RCAUTH',-value=>"",-expires=>"now");
+	my $RCAUTH_cookie = CGI::Cookie->new(-name=>'RCAUTH',-value=>$authenticated->{cookie_string},-expires=>"+30m");
-if ($authenticated->{ERRMSG}) {
+  if ($authenticated->{ERRMSG}) {
-	$authenticated->{ERRMSG} = "<TR><TD colspan=2 align=center><font color=red><b>".$authenticated->{ERRMSG}."</b></font>&nbsp</TD></TR>";
+  	$authenticated->{ERRMSG} = "<TR><TD colspan=2 align=center><font color=red><b>".$authenticated->{ERRMSG}."</b></font>&nbsp</TD></TR>";
-	# Log the failed access attempt
+  	# Log the failed access attempt
-} else {
+  } else {
-	$authenticated->{ERRMSG} = "";
+  	$authenticated->{ERRMSG} = "";
-	# Since there was no ERRMSG, no need to log anything.
+  	# Since there was no ERRMSG, no need to log anything.
+  }
 	print header(-cookie=>$RCAUTH_cookie);
 	printRCHeader("Please Sign In");
 	print<<authpage;
-	<form action="$ENV{REQUEST_URI}" method=POST name=Req id=Req>
-		<TR><TD colspan=2 align=center><b><font size=+2>Please Sign In</font>
-		<TABLE>
-		</TD></TR>
-		<TR><TD colspan=2>&nbsp</TD></TR>
-		$authenticated->{ERRMSG}
-		<TR>
-			<TD align=right><B>Email Address:</TD><TD><INPUT type=text id=login name=id></TD>
-		</TR>
-		<TR>
-			<TD align=right><B>Password:</TD><TD><INPUT type=password name=pass></TD>
-		</TR>
+	<form action="$ENV{REQUEST_URI}" method=POST name=Req id=Req>
-		<TR><TD></TD><TD><INPUT type=submit name=login value=Submit></TD></TR>
-		<TR><TD colspan=2 align=center>&nbsp;</TD></TR>
-		<TR><TD colspan=2 align=center><A HREF="/schedule/manage_user.pl?submit=New%20User">[register as a new user]</A></TD></TR>
-		<TR><TD colspan=2 align=center><A HREF="/schedule/password_reset.pl">[reset your password]</A></TD></TR>
-	</TABLE>
-	</FORM>
-	<SCRIPT language="JavaScript">
-	<!--
-	document.getElementById("login").focus();
+		<TR><TD colspan=2 align=center><b><font size=+2>Please Sign In</font>
+		<TABLE>
+		</TD></TR>
+		<TR><TD colspan=2>&nbsp</TD></TR>
+		$authenticated->{ERRMSG}
+authpage
+  if ($authenticated->{authenticated} eq "inactive") {
+    print<<activationpage;
+      <TR><TD colspan=2 align=center>&nbsp;</TD></TR>
-	function Login () {
+      <TR><TD align=right><B>Activation Code:</TD><TD><INPUT type=text id=activate name=activate></TD></TR>
+      <TR><TD></TD><TD><INPUT type=submit name=login value=Submit></TD></TR>
+      <TR><TD colspan=2 align=center>&nbsp;</TD></TR>
+      <TR><TD colspan=2 align=center><A HREF='' onClick='document.getElementById("activate").value="resend"; Req.submit(); return false;'>[Resend your activation email]</A></TD></TR>
+      <TR><TD colspan=2 align=center><A HREF='' onClick="document.cookie = 'RCAUTH=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/'; location.href='/';">[Log Out]</A></TD></TR>
+      </TABLE></FORM>
+activationpage
+  } else {
+    print<<authpage2;
+  		<TR>
+  			<TD align=right><B>Email Address:</TD><TD><INPUT type=text id=login name=userid></TD>
+  		</TR>
+  		<TR>
+  			<TD align=right><B>Password:</TD><TD><INPUT type=password name=pass></TD>
+  		</TR>
+  		<TR><TD></TD><TD><input type=hidden name=activate id=activate value=$FORM{'activate'}><INPUT type=submit name=login value=Submit></TD></TR>
+  		<TR><TD colspan=2 align=center>&nbsp;</TD></TR>
+  		<TR><TD colspan=2 align=center><A HREF="/schedule/view_user.pl?submit=New%20User">[register as a new user]</A></TD></TR>
+  		<TR><TD colspan=2 align=center><A HREF="/schedule/password_reset.pl">[reset your password]</A></TD></TR>
+  	</TABLE>
+  	</FORM>
+  	<SCRIPT language="JavaScript">
+  	<!--
+  	document.getElementById("login").focus();
+  	function Login () {
-		document.getElementById('Req').action = "$ENV{SCRIPT_NAME}";
+  		document.getElementById('Req').action = "$ENV{SCRIPT_NAME}";
+  		document.getElementById('Req').submit.click();
-		document.getElementById('Req').submit.click();
+  		return true;
 		return true;
   	//-->
-	//-->
+  	</SCRIPT>
+authpage2
+}
+#foreach (keys %ENV) {
+#	print "$_: $ENV{$_}<br>";
+#}
+#	&JScript;
+	exit;
+}
+sub canView {
+	my $A = shift // "";
+	my $B = shift // "";
+	# Is A a lead or higher of one of B's Depts? (or they're looking at themselves)
+	# parameters should be a Hashref to the users' details
+	return 1 if $A->{access} > 4 or $A->{RCid} == $B->{RCid}; # viewer and target are the same person or it's a SysAdmin.
+	my $ADept = ref $A->{department} eq "HASH" ? $A->{department} : convertDepartments $A->{department};
+	my $BDept = ref $B->{department} eq "HASH" ? $B->{department} : convertDepartments $B->{department};
+	foreach (keys %{$BDept}) {
+		if ($ADept->{$_} > 1) { # A is a Lead or higher of one of B's departments
+			return 1;
 	</SCRIPT>
+	}
 authpage
 	if ($ADept->{MVP} >= RollerCon::VOLUNTEER and $B->{mvp_pass} = 1) {
-#foreach (keys %ENV) {
+	  # MVP Volunteers can see user details for people with MVP Passes
-#	print "$_: $ENV{$_}<br>";
+	  return 1;
 #}
+	return 0;
+}
-#	&JScript;
+sub getShiftDepartment {
-	exit;
+  my $shiftID = shift // "";
   my $dept;
-sub getShiftDepartment {
+  if ($shiftID =~ /^\d+$/) {
-  my $shiftID = shift // "";
+    ($dept) = $dbh->selectrow_array ("select dept from shift where id = ?", undef, $shiftID);
-  my $dept;
+  } else {
     my ($id, $role) = split /-/, $shiftID;
-  if ($shiftID =~ /^\d+$/) {
+    if ($role =~ /^CLA/) {
+      $dept = "CLA";
+    } else {
+      ($dept) = $dbh->selectrow_array ("select distinct department from staff_template where role like ?", undef, $role.'%');
+    }
+  }
+#  } elsif ($shiftID =~ /^\d+-ANN/) {
+#    $dept = "ANN";
+#  } else {
+#    $dept = "OFF";
+#  }
+  return $dept;
+}
+sub getClassID {
+  my $shift = shift // "";
+  return unless $shift =~ /^\d+$/;
+  my $shiftref = getShiftRef ($shift);
+  my ($classid) = $dbh->selectrow_array ("select id from class where date = ? and start_time = ? and location = ?", undef, $shiftref->{date}, $shiftref->{start_time}, $shiftref->{location});
+  return $classid unless !$classid;
+  warn "ERROR: No class.id found for shift $shiftref->{id}";
-    ($dept) = $dbh->selectrow_array ("select dept from shift where id = ?", undef, $shiftID);
+  return "";
   } else {
     my ($id, $role) = split /-/, $shiftID;
-    ($dept) = $dbh->selectrow_array ("select distinct department from staff_template where role like ?", undef, $role.'%');
+sub getShiftRef {
   my $time = shift || return;
   if ($time =~ / - /) {
     return join " - ", map { convertTime ($_) } split / - /, $time;
   }
+  $time =~ s/^(\d{1,2}:\d{2}):\d{2}$/$1/;
   if ($ORCUSER->{timeformat} eq "24hr") {
     if ($time =~ /^\d{1,2}:\d{2}$/) { return $time; }
   } else {
     my ($hr, $min) = split /:/, $time;
   my $where = scalar @whereclause ? "where ".join " and ", @whereclause : "";
   my @shifts;
   my $sth = $dbh->prepare("select * from (select id, date, dayofweek, track as location, time, role, teams, signup, 'OFF' as dept, volhours from v_shift_officiating where RCid = ? union
                                           select id, date, dayofweek, track as location, time, role, teams, signup, 'ANN' as dept, volhours from v_shift_announcer where RCid = ? union
+                                          select id, date, dayofweek, location, time, role, '' as teams, type as signup, dept, volhours from v_shift where RCid = ? union
-                                          select id, date, dayofweek, location, time, role, '' as teams, type as signup, dept, volhours from v_shift where RCid = ?) temp
+                                          select id, date, dayofweek, location, time, role, '' as teams, 'mvpclass' as signup, 'CLA' as dept, 0 as volhours from v_class_signup where RCid = ?) temp
                            $where order by date, time");
-  $sth->execute($RCid, $RCid, $RCid);
+  $sth->execute($RCid, $RCid, $RCid, $RCid);
   my $hours = 0;
   while (my $s = $sth->fetchrow_hashref) {
     my ($yyyy, $mm, $dd) = split /\-/, $s->{date};
 	  my $cutoff = DateTime->new(
   	if (!$s->{teams}) {
   	  # it's a time-based shift
   	  if ($s->{dept} eq "PER") {
         if ($RCid eq $ORCUSER->{RCid}) {
           # DROP
-  	      $s->{buttons} = $h->button ({ onClick=>"if (confirm('Really? You want to delete this personal time?')==true) { window.open('manage_personal_time.pl?choice=Delete&id=$s->{id}','Confirm Change','resizable,height=260,width=370'); return false; }" }, "DEL")."&nbsp;".$h->button ({ onClick=>"location.href='manage_personal_time.pl?choice=Update&id=$s->{id}'" }, "EDIT");
+  	      $s->{buttons} = $h->button ({ onClick=>"if (confirm('Really? You want to delete this personal time?')==true) { window.open('personal_time.pl?choice=Delete&id=$s->{id}','Confirm Change','resizable,height=260,width=370'); return false; }" }, "DEL")."&nbsp;".$h->button ({ onClick=>"location.href='personal_time.pl?choice=Update&id=$s->{id}'" }, "EDIT");
   	    } else {
   	      $s->{location} = "";
   	      $s->{role} = "";
+  	    }
       } elsif (($RCid == $ORCUSER->{RCid} and $s->{signup} !~ /^selected/ and $now < $cutoff) or ($ORCUSER->{department}->{$s->{dept}} >= 2 or $ORCUSER->{access} >= 5)) {
         # DROP
+        my ($shiftORclass, $linkargs) = ("shift", "");
+        if ($s->{dept} eq "CLA") {
+          $shiftORclass = "class";
+          $linkargs = "&role=$s->{role}";
+        }
-  		  $s->{buttons} = $h->button ({ onClick=>"if (confirm('Really? You want to drop this shift?')==true) { window.open('make_shift_change.pl?change=del&id=$s->{id}','Confirm Shift Change','resizable,height=260,width=370'); return false; }" }, "DROP");
+	   		$s->{buttons} = $h->button ({ onClick=>"if (confirm('Really? You want to drop this $shiftORclass?')==true) { window.open('make_shift_change.pl?change=del&RCid=$RCid&id=$s->{id}$linkargs','Confirm Class Change','resizable,height=260,width=370'); return false; }" }, "DROP");
 	   		if ($ORCUSER->{department}->{$s->{dept}} >= 2 or $ORCUSER->{access} >= 5) {
    		    # NO SHOW
- 	  	    $s->{buttons} .= "&nbsp;".$h->button ({ onClick=>"if (confirm('Really? They were a no show?')==true) { window.open('make_shift_change.pl?noshow=true&change=del&RCid=$RCid&id=$s->{id}','Confirm Shift Change','resizable,height=260,width=370'); return false; }" }, "NO SHOW");
+ 	  	    $s->{buttons} .= "&nbsp;".$h->button ({ onClick=>"if (confirm('Really? They were a no show?')==true) { window.open('make_shift_change.pl?noshow=true&change=del&RCid=$RCid&id=$s->{id}$linkargs','Confirm Shift Change','resizable,height=260,width=370'); return false; }" }, "NO SHOW");
+ 		    }
         $hours += $s->{volhours} unless $s->{dept} eq "CLA";
+  		}
 	  $sth = $dbh->prepare("select * from official where RCid = ?");
 	} else {
 	  $sth = $dbh->prepare("select * from official where email = ?");
+  }
 	$sth->execute($ID);
-	return $sth->fetchrow_hashref;
+	my $user = $sth->fetchrow_hashref;
+	map { $user->{$_} = "" unless $user->{$_} } keys %{$user};
+	return $user;
+}
 sub getUserEmail {
 	my $RCid = shift;
 #  my $logout = $h->a ({ href=>"index.pl", onClick=>"document.cookie = 'RCAUTH=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/';return true;" }, "[Log Out]");
   my $referrer = param ("referrer") ? param ("referrer") : $ENV{HTTP_REFERER};
   my $logout = (!$referrer or $referrer eq url) ? "" : $h->button ({ onClick=>"window.location.href='$referrer';" }, "Back")."&nbsp;";
   $logout .= url =~ /\/(index.pl)?$/ ? "" : $h->button ({ onClick=>"window.location.href='/schedule/';" }, "Home")."&nbsp;";
   $logout .= $h->button ({ onClick=>"document.cookie = 'RCAUTH=; expires=Thu, 01 Jan 1970 00:00:01 GMT; path=/'; location.href='/';" }, "Log Out");
-	my $loggedinas = $ORCUSER ? "Currently logged in as: ".$h->a ({ href=>"/schedule/manage_user.pl?submit=View&RCid=$ORCUSER->{RCid}" }, $ORCUSER->{derby_name}).$h->br.$logout : "";
+	my $loggedinas = $ORCUSER ? "Currently logged in as: ".$h->a ({ href=>"/schedule/view_user.pl?submit=View&RCid=$ORCUSER->{RCid}" }, $ORCUSER->{derby_name}).$h->br.$logout : "";
   print start_html (-title=>"vORC - $PAGE_TITLE", -style => {'src' => "/style.css"} );
 #rcheader
+}
 sub changeShift {
+	my ($change, $shift_id, $role, $user_id) = @_;
-	my ($change, $shift_id, $role, $user_id) = @_;
+#warn join " - ", $change, $shift_id, $role, $user_id;
 	my $leadership_change = 0;
 #	my $department = getShiftDepartment ($role ? $shift_id."-".$role : $shift_id);
 	my $department;
 	if ($shift_id =~ /^\d+$/) {
 		$department = getShiftDepartment ($role ? $shift_id."-".$role : $shift_id);
 	} else {
+		$department = "CLA";
+		if ($change eq "del") {
+		  ($shift_id, $role) = $dbh->selectrow_array ("select id, role from v_class_signup where date = ? and start_time = ? and location = ?", undef, split /\|/, $shift_id);
-		$department = "CLA";
+		} else {
+		  ($shift_id, $role) = $dbh->selectrow_array ("select id, concat('CLA-', max(substring_index(role, '-', -1)) +1) as role, count(role), capacity from v_class_signup where date = ? and start_time = ? and location = ? having capacity > count(role)", undef, split /\|/, $shift_id);
+		}
-		($shift_id) = $dbh->selectrow_array ("select min(id) from v_shift where date = ? and start_time = ? and location = ? and isnull(RCid) = 1", undef, split /\|/, $shift_id);
+    $role = "CLA-1" unless $role; # If no one has signed up for the class yet, the SQL above doesn't retrieve the first available
 	}
+#	my $game_based = $role ? "game" : "shift";
-	my $game_based = $role ? "game" : "shift";
+	my $game_based = $role =~ /^CLA-/ ? "class" : $role ? "game" : "shift";
 	my $sth;
-	if ($change eq "add" or $change eq "override") {
-  	my $taken;
-  	if ($game_based eq "game") {
+	if ($change eq "add" or $change eq "override") {
-  	  ($taken) = $dbh->selectrow_array ("select count(*) from assignment where Gid = ? and role = ?", undef, $shift_id, $role);
+  	my $taken;
+		if ($department eq "CLA") {
+  	  ($taken) = $shift_id ? 0 : 1;
-		} elsif ($department eq "CLA") {
+  	} elsif ($game_based eq "game") {
-  	  ($taken) = $shift_id ? 0 : 1;
+  	  ($taken) = $dbh->selectrow_array ("select count(*) from assignment where Gid = ? and role = ?", undef, $shift_id, $role);
   	} else {
   	  ($taken) = $dbh->selectrow_array ("select count(*) from shift where id = ? and isnull(assignee_id) = 0", undef, $shift_id);
+  	}
 	} elsif ($ORCUSER->{department}->{$department} >= 3) {
 	  # Managers can sign up for as many shifts within their own department as they like...
 	  $leadership_change = 1;
+	}
+  if ($change eq "add") {
+    if ($department eq "CLA" and getUser($user_id)->{mvp_pass} < 1) {
+      return "<br>Denied! User ($user_id) does not have an MVP Pass!<br>\n";
-  if ($change eq "add" and convertDepartments(getUser($user_id)->{department})->{$department} < 1) {
+    } elsif ($department ne "CLA" and convertDepartments(getUser($user_id)->{department})->{$department} < 1) {
+      return "<br>Denied! User ($user_id) is not a member of Department ($department)!<br>\n" unless $department eq "CMP";
 		return "<br>Denied! User ($user_id) is not a member of Department ($department)!<br>\n" unless $department eq "CMP";
+  }
   my $conflict = findConflict ($user_id, $shift_id, $game_based);
   if ($change eq "add" and $conflict) {
+		return "<br>Denied! There is a conflict ($conflict) with that shift's time!<br>\n";
+  }
-		return "<br>Denied! There is a conflict ($conflict) with that shift's time!<br>\n";
+  my $game_type;
-  }
+  if ($department ne "CLA") {
+   	($game_type) = $dbh->selectrow_array ("select type from ".$game_based." where id = ?", undef, $shift_id);
- 	my ($game_type) = $dbh->selectrow_array ("select type from ".$game_based." where id = ?", undef, $shift_id);
- 	if ($game_type =~ /^selected/ and !$leadership_change) {
+   	if ($game_type =~ /^selected/ and !$leadership_change) {
- 	  return "<br>Denied! Only leadership can make changes to 'selected staffing' shifts!<br>\n" unless $department eq "CMP";
+   	  return "<br>Denied! Only leadership can make changes to 'selected staffing' shifts!<br>\n" unless $department eq "CMP";
- 	}
+   	}
+   	if ($change eq "add" and $game_type eq "lead" and convertDepartments(getUser($user_id)->{department})->{$department} < 2 and $ORCUSER->{access} < 3) {
+   	  return "<br>Denied! Shift reserved for leadership staff!<br>\n";
+   	}
+  } else {
- 	if ($change eq "add" and $game_type eq "lead" and convertDepartments(getUser($user_id)->{department})->{$department} < 2 and $ORCUSER->{access} < 3) {
+    $game_type = "class";
  	  return "<br>Denied! Shift reserved for leadership staff!<br>\n";
 # 	my $MAXSHIFTS = getSetting ("MAX_SHIFT_SIGNUP_PER_DAY");
 	my $MAXSHIFTS = getSetting ("MAX_SHIFT_SIGNUP_PER_DAY_".$department);
 	$MAXSHIFTS = getSetting ("MAX_SHIFT_SIGNUP_PER_DAY") unless defined $MAXSHIFTS;
 	if ($game_type eq "lead" and $department eq "OFF") { $MAXSHIFTS = 99; }
+  my $daily_count;
-  my $daily_count;
+  if ($department eq "CLA") {
-  if ($department eq "CLA") {
+    # MVP Class Sign-up
-    # MVP Class Sign-up
+    $MAXSHIFTS = getSetting ("MAX_CLASS_SIGNUP");
-    $MAXSHIFTS = getSetting ("MAX_CLASS_SIGNUP");
+	  ($daily_count) = $dbh->selectrow_array ("select count(*) from v_class_signup where RCid = ?", undef, $user_id);
-	  ($daily_count) = $dbh->selectrow_array ("select count(*) from v_shift where RCid = ? and dept = 'CLA'", undef, $user_id);
+#	  ($daily_count) = $dbh->selectrow_array ("select count(*) from v_shift where RCid = ? and dept = 'CLA'", undef, $user_id);
 #  		}
 #    }
+  }
  	my @DBARGS;
-  if ($game_based eq "game") {
+  if ($game_based eq "game" or $game_based eq "class") {
   	if ($change eq "add" or $change eq "override") {
   		$sth = $dbh->prepare("insert into assignment (Gid, role, RCid) values (?, ?, ?)");
   	} elsif ($change eq "del") {
   		$sth = $dbh->prepare("delete from assignment where Gid = ? and role = ? and RCid= ?");
   print "<br>attempting to make DB changes...<br>";
   if ($sth->execute (@DBARGS)) {
   	$daily_count = signUpCount ($change, $user_id, $department) unless $leadership_change;
   	logit ($user_id, "Shift ".ucfirst($change).": $shift_id -> $role");
   	logit ($ORCUSER->{RCid}, "OVERRIDE: Shift ".ucfirst($change).": $shift_id -> $role") if $change eq "override";
+  	if ($department eq "CLA") {
+  	  print "Success!...<br>You've signed up for $daily_count class(es) (you're currently allowed to sign up for $MAXSHIFTS).<br>\n";
+  	} else {
-  	print "Success!...<br>You've signed up for $daily_count shifts today (you're currently allowed to sign up for $MAXSHIFTS per day).<br>\n";
+  	  print "Success!...<br>You've signed up for $daily_count shifts today (you're currently allowed to sign up for $MAXSHIFTS per day).<br>\n";
+  	}
   	return;
   } else {
+  	if ($department eq "CLA") {
+      return "<br><b>You did not get the class</b>, most likely because it filled up while you were looking.<br>\nERROR: ", $sth->errstr();
+  	} else {
-    return "<br><b>You did not get the shift</b>, most likely because someone else took it while you were looking.<br>\nERROR: ", $sth->errstr();
+      return "<br><b>You did not get the shift</b>, most likely because someone else took it while you were looking.<br>\nERROR: ", $sth->errstr();
+    }
+  }
+}
 sub modShiftTime {
 	return 0 unless $limit > 0;
 	my $limitkey = $dept ? "sign_ups_today_".$dept : "sign_ups_today";
 	if ($shifttype eq "class") {
+		($t->{id}) = $dbh->selectrow_array ("select id from v_class where date = ? and location = ? and start_time = ?", undef, $t->{date}, $t->{location}, $t->{start_time});
-		($t->{id}) = $dbh->selectrow_array ("select min(id) from v_shift where isnull(RCid) = 1 and dept = ? and date = ? and location = ? and start_time = ?", undef, "CLA", $t->{date}, $t->{location}, $t->{start_time});
+		$t->{dept} = "CLA";
-		$t->{dept} = "CLA";
+		$dept = "CLA";
 		$t->{type} = "open";
+	}
 	if (findConflict ($user->{RCid}, $t->{id}, $shifttype)) { return 0; }
 	if (!exists $user->{$limitkey}) {
 		$user->{$limitkey} = signUpCount('get', $user->{RCid}, $dept);
 			return 0;
+		}
 	} else {
     if ($dept eq "CLA") {
       # MVP Class Sign-up
+			return 0 unless $user->{mvp_pass};
       my $class_limit = getSetting ("MAX_CLASS_SIGNUP");
-			my ($class_count) = $dbh->selectrow_array ("select count(*) from v_shift where RCid = ? and dept = 'CLA'", undef, $user->{RCid});
+			my ($class_count) = $dbh->selectrow_array ("select count(*) from v_class_signup where RCid = ? and year(date) = year(now())", undef, $user->{RCid});
 			return 0 unless $class_count < $class_limit;
-    }
+    } else {
-	  if ($user->{department}->{$t->{dept}} < 1) { return 0; }
+	    if ($user->{department}->{$t->{dept}} < 1) { return 0; }
+	  }
 	  if ($t->{type} eq "lead" and $user->{department}->{$t->{dept}} < 2) { return 0; }
 	  if ($t->{type} eq "manager" and $user->{department}->{$t->{dept}} < 3) { return 0; }
     if ($t->{type} !~ /^selected/ and $user->{$limitkey} < $limit) {
 			return 1;
 		} else {
   	if ($conflicts) { return "OFF-".$gid; } # no need to keep looking...
     ($conflicts) = $dbh->selectrow_array ("select count(*) from v_shift_announcer where id = ? and RCid = ?", undef, $gid, $rcid);
   	if ($conflicts) { return "ANN-".$gid; } # no need to keep looking...
+    ($date, $start, $end) = $dbh->selectrow_array ("select distinct date, time, end_time from game where id = ?", undef, $gid);
+  } elsif ($type eq "class")  {
+    ($conflicts) = $dbh->selectrow_array ("select count(*) from v_class_signup where id = ? and RCid = ?", undef, $gid, $rcid);
+  	if ($conflicts) { return "CLA:".$gid; } # no need to keep looking...
+    ($date, $start, $end) = $dbh->selectrow_array ("select distinct date, start_time, end_time from v_class where id = ?", undef, $gid);
     ($date, $start, $end) = $dbh->selectrow_array ("select distinct date, time, end_time from game where id = ?", undef, $gid);
   } elsif ($type eq "personal")  {
     ($date, $start, $end) = @{ $gid };
   } else {
     ($date, $start, $end) = $dbh->selectrow_array ("select distinct date, start_time, end_time from shift where id = ?", undef, $gid);
   # Are they signed up for any games that would conflict with this one?
 #  my $sth = $dbh->prepare("select count(*) from v_shift_admin_view where id in (select id from game where date = (select date from game where id = ?) and ((time <= (select time from game where id = ?) and end_time > (select time from game where id = ?)) or (time > (select time from game where id = ?) and time < (select end_time from game where id = ?)))) and RCid = ?");
 #  my $sth = $dbh->prepare("select count(*) from v_shift_all where id in (select id from v_shift_all where date = (select date from v_shift_all where id = ?) and ((start_time <= (select start_time from v_shift_all where id = ?) and end_time > (select start_time from v_shift_all where id = ?)) or (start_time > (select start_time from v_shift_all where id = ?) and start_time < (select end_time from v_shift_all where id = ?)))) and RCid = ?");
   ($conflicts) = $dbh->selectrow_array ("select * from (
+    select concat(dept, '-', id) from v_shift          where date = ? and ((start_time <= ? and end_time > ?) or (start_time > ? and start_time < ?)) and RCid = ? union
-    select concat(dept, '-', id) from v_shift             where date = ? and ((start_time <= ? and end_time > ?) or (start_time > ? and start_time < ?)) and RCid = ? union
+    select concat('CLA:', id) from v_class_signup      where date = ? and ((start_time <= ? and end_time > ?) or (start_time > ? and start_time < ?)) and RCid = ? union
     select concat('ANN-', id) from v_shift_announcer   where date = ? and ((start_time <= ? and end_time > ?) or (start_time > ? and start_time < ?)) and RCid = ? union
     select concat('OFF-', id) from v_shift_officiating where date = ? and ((start_time <= ? and end_time > ?) or (start_time > ? and start_time < ?)) and RCid = ? ) alltables",
-    undef, $date, $start, $start, $start, $end, $rcid, $date, $start, $start, $start, $end, $rcid, $date, $start, $start, $start, $end, $rcid
+    undef, $date, $start, $start, $start, $end, $rcid, $date, $start, $start, $start, $end, $rcid, $date, $start, $start, $start, $end, $rcid, $date, $start, $start, $start, $end, $rcid
   );
 	my $msg = shift;
 	my $sth = $dbh->prepare("insert into log (RCid, event) values (?, ?)");
 	$sth->execute($RCid, $msg);
+}
+sub sendNewUserEMail {
+	my $context = shift;
+	my $data = shift;
+	use RCMailer;
+  use HTML::Tiny;
+  my $h = HTML::Tiny->new( mode => 'html' );
+  my $depts = getDepartments (); # HashRef of the department TLAs -> Display Names...
+  my $AccessLevel = getAccessLevels;
+	my $email = $data->{email};
+	my $subject = 'RollerCon VORC - New User';
+	my $body;
+	if ($context eq "New User") {
+    $subject .= " Request";
+    my $activationlink = url ()."?activate=".$data->{activation};
+	  $body = $h->p ("Greetings,");
+	  $body .= $h->p ("It appears as though you've registered a new account in RollerCon's VORC system with the following information:");
+	  $body .= $h->table ([
+	    $h->tr ([$h->td ("&nbsp;&nbsp;", "Derby Name:",    $data->{derby_name})]),
+	    $h->tr ([$h->td ("&nbsp;&nbsp;", "Real Name:",     $data->{real_name})]),
+	    $h->tr ([$h->td ("&nbsp;&nbsp;", "Pronouns:",      $data->{pronouns})]),
+	    $h->tr ([$h->td ("&nbsp;&nbsp;", "TShirt Size:",   $data->{tshirt})]),
+	    $h->tr ([$h->td ("&nbsp;&nbsp;", "Email Address:", $data->{email})]),
+	    $h->tr ([$h->td ("&nbsp;&nbsp;", "Phone:",         $data->{phone})])
+	  ]);
+    $body .= $h->p ("To validate that you've entered a real (and correct) email address (and that you're not a spam-bot), please click the following link:",
+      $h->a ({ HREF=>$activationlink }, "Activate my VORC Account!"), $h->br,
+      "Or you can copy/paste this into the 'Activation Code' box: ".$data->{activation}, $h->br,
+      "Once activated, you'll be able to log in. If you're looking to volunteer, some departments are automatically enabled. Others need to be manually reviewed and approved.",
+      "If you're looking to sign up for MVP Classes, your MVP Ticket needs to be confirmed. Once that happens, you'll receive another email.",
+      "If you're new to using vORC, you may want to read this:",
+      $h->a ({ HREF=>"https://volunteers.rollercon.com/info.html" }, "VORC User Info"),
+      "If you didn't make this request, well, you're still the only one who received this email, and you now have an account request.  You should probably let us know that someone is messing with you.",
+      $h->br,
+      "--RollerCon HQ".$h->br.'rollercon@gmail.com'.$h->br."rollercon.com");
+  } elsif ($context eq "Activate") {
+    $subject .= " Activated!";
+    my $tempDepartments = convertDepartments ($data->{department});
+    my $printableDepartments = join "\n", map { $depts->{$_}.": ".$AccessLevel->{$tempDepartments->{$_}} } sort keys %{$tempDepartments};
+    $body = "Greetings again,
+You have been approved to volunteer at RollerCon in the following departments:
+$printableDepartments
+You may log into vORC and begin signing up for shifts.  Please be considerate of others and don't hogger all of the shifts.  If you do, we will find you and randomly drop your shifts.
+https://volunteers.rollercon.com/schedule/
+Please note that you are limited to signing up to a number of shifts per day.  (Meaning, once you sign up for X shifts, you'll have to wait until tomorrow to sign up for more.)  Please understand, while you are a nice, concientious, and good-looking person yourself, who knows how to share, there are others out there that will hogger up all of the shifts.  As time goes by and we get closer to the event, we may lift the limit.  Who knows?
+If you've already signed up for your daily limit of shifts, and another shift REALLY strikes your fancy, try dropping one of your shifts.  That should allow you to pick up a different one.
+We'll be adding shifts over time, again to throttle how fast some people (not you, mind you) gobble up the shifts.  Check back, maybe even daily.
+If you're new to using vORC, you may want to read this:
+https://volunteers.rollercon.com/info.html
+If you didn't make this request, well, you're still the only one who received this email, and you now have an active account.  You should probably let us know that someone is messing with you.
+-RollerCon Management
+";
+  } else {
+    return;
+  }
+	# send the message
+	EmailUser ($email, $subject, $body);
+}

Subversion Repositories VORC

(root)/trunk/perl/RollerCon.pm – Rev 53 → 57