| Line 31... |
Line 31... |
| 31 |
# Unpack any values sent in the GET and add them to the FORM hash
|
31 |
# Unpack any values sent in the GET and add them to the FORM hash
|
| 32 |
$FORM->{'SUB'} = param ('submit') // '';
|
32 |
$FORM->{'SUB'} = param ('submit') // '';
|
| 33 |
$FORM->{'RCid'} = param ('RCid') // '';
|
33 |
$FORM->{'RCid'} = param ('RCid') // '';
|
| 34 |
$FORM->{referer} = param ("referer") // "";
|
34 |
$FORM->{referer} = param ("referer") // "";
|
| 35 |
if ($FORM->{'SUB'} eq '') {
|
35 |
if ($FORM->{'SUB'} eq '') {
|
| 36 |
if ($ENV{'REQUEST_URI'}) {
|
36 |
if ($ENV{'REQUEST_URI'}) {
|
| 37 |
my ($g, $keep) = split /\?/, $ENV{'REQUEST_URI'};
|
37 |
my ($g, $keep) = split /\?/, $ENV{'REQUEST_URI'};
|
| 38 |
if ($keep) {
|
38 |
if ($keep) {
|
| 39 |
foreach (split /&/, $keep) {
|
39 |
foreach (split /&/, $keep) {
|
| 40 |
my ($k, $v) = split /=/;
|
40 |
my ($k, $v) = split /=/;
|
| 41 |
$k =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
41 |
$k =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
| 42 |
$v =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
42 |
$v =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg;
|
| 43 |
$k eq "submit" ? $FORM->{'SUB'} = $v : $FORM->{$k} = $v;
|
43 |
$k eq "submit" ? $FORM->{'SUB'} = $v : $FORM->{$k} = $v;
|
| 44 |
}
|
44 |
}
|
| 45 |
}
|
45 |
}
|
| 46 |
}
|
46 |
}
|
| 47 |
}
|
47 |
}
|
| Line 48... |
Line 48... |
| 48 |
|
48 |
|
| 49 |
# Keep track of the original referrer for the 'back' link/button
|
49 |
# Keep track of the original referrer for the 'back' link/button
|
| 50 |
my $goback;
|
50 |
my $goback;
|
| 51 |
if ($FORM->{referer}) {
|
51 |
if ($FORM->{referer}) {
|
| 52 |
$goback = $FORM->{referer};
|
52 |
$goback = $FORM->{referer};
|
| 53 |
} else {
|
53 |
} else {
|
| 54 |
$goback = $ENV{HTTP_REFERER};
|
54 |
$goback = $ENV{HTTP_REFERER};
|
| Line 55... |
Line 55... |
| 55 |
}
|
55 |
}
|
| 56 |
|
56 |
|
| 57 |
|
57 |
|
| 58 |
if ($FORM->{'SUB'} eq "Save") {
|
58 |
if ($FORM->{'SUB'} eq "Save") {
|
| 59 |
process_form ($FORM);
|
59 |
process_form ($FORM);
|
| 60 |
} elsif ($FORM->{'SUB'} eq "New User") {
|
60 |
} elsif ($FORM->{'SUB'} eq "New User") {
|
| 61 |
display_form ("New", "New User"); # blank form
|
61 |
display_form ("New", "New User"); # blank form
|
| 62 |
} elsif ($FORM->{'RCid'}) {
|
62 |
} elsif ($FORM->{'RCid'}) {
|
| 63 |
display_form ($FORM->{'RCid'}, $FORM->{'SUB'});
|
63 |
display_form ($FORM->{'RCid'}, $FORM->{'SUB'});
|
| 64 |
} else {
|
64 |
} else {
|
| 65 |
$cookie_string = authenticate (1);
|
65 |
$cookie_string = authenticate (1);
|
| Line 66... |
Line 66... |
| 66 |
my ($EM, $PWD, $AL) = split /&/, $cookie_string;
|
66 |
my ($EM, $PWD, $AL) = split /&/, $cookie_string;
|
| 67 |
display_form (getUser ($EM)->{'RCid'}, "View");
|
67 |
display_form (getUser ($EM)->{'RCid'}, "View");
|
| 68 |
}
|
68 |
}
|
| Line 69... |
Line 69... |
| 69 |
|
69 |
|
| 70 |
|
70 |
|
| 71 |
sub process_form {
|
71 |
sub process_form {
|
| 72 |
my $F = shift // "";
|
72 |
my $F = shift // "";
|
| 73 |
push @ERRORS, "Tried to save an empty form." and return unless $F;
|
73 |
push @ERRORS, "Tried to save an empty form." and return unless $F;
|
| 74 |
|
74 |
|
| 75 |
$F->{email} = lc WebDB::trim param ('email') // '';
|
75 |
$F->{email} = lc WebDB::trim param ('email') // '';
|
| 76 |
$F->{password} = WebDB::trim param ('password') // '';
|
76 |
$F->{password} = WebDB::trim param ('password') // '';
|
| 77 |
$F->{derby_name} = WebDB::trim param ('derby_name') // '';
|
77 |
$F->{derby_name} = WebDB::trim param ('derby_name') // '';
|
| 78 |
$F->{real_name} = WebDB::trim param ('real_name') // '';
|
78 |
$F->{real_name} = WebDB::trim param ('real_name') // '';
|
| 79 |
$F->{pronouns} = WebDB::trim param ('pronouns') // '';
|
79 |
$F->{pronouns} = WebDB::trim param ('pronouns') // '';
|
| 80 |
$F->{tshirt} = WebDB::trim param ('tshirt') // '';
|
80 |
$F->{tshirt} = WebDB::trim param ('tshirt') // '';
|
| 81 |
$F->{phone} = WebDB::trim param ('phone') // '';
|
81 |
$F->{phone} = WebDB::trim param ('phone') // '';
|
| 82 |
$F->{timeformat} = WebDB::trim param ('timeformat') // '24hr';
|
82 |
$F->{timeformat} = WebDB::trim param ('timeformat') // '24hr';
|
| Line 83... |
Line 83... |
| 83 |
# $F->{level} = param ('level') // '';
|
83 |
# $F->{level} = param ('level') // '';
|
| 84 |
# $F->{type} = param ('type') // '';
|
84 |
# $F->{type} = param ('type') // '';
|
| 85 |
$F->{RCid} = param ('RCid') // '';
|
85 |
$F->{RCid} = param ('RCid') // '';
|
| 86 |
$F->{access} = param ('access') // 0;
|
86 |
$F->{access} = param ('access') // 0;
|
| 87 |
# $F->{mvp_pass} = defined param ('mvp_pass') ? 1 : 0;
|
87 |
# $F->{mvp_pass} = defined param ('mvp_pass') ? 1 : 0;
|
| 88 |
$F->{department} = join ":", map { "$_-".param ("DEPT-".$_) } map { s/^DEPT-//; $_ } grep { param ($_) ne "" } grep { /^DEPT-/ } param ;
|
88 |
$F->{department} = join ":", map { "$_-".param ("DEPT-".$_) } map { s/^DEPT-//; $_ } grep { param ($_) ne "" } grep { /^DEPT-/ } param ;
|
| 89 |
|
89 |
|
| 90 |
if ($F->{RCid} eq "New") {
|
90 |
if ($F->{RCid} eq "New") {
|
| 91 |
# Saving a new User...
|
91 |
# Saving a new User...
|
| 92 |
# But first let's do some error checking...0
|
92 |
# But first let's do some error checking...0
|
| 93 |
if (!$F->{password}) { push @ERRORS, "Blank Password!"; }
|
93 |
if (!$F->{password}) { push @ERRORS, "Blank Password!"; }
|
| 94 |
if (!$F->{real_name}) { push @ERRORS, "Blank Full Name!"; }
|
94 |
if (!$F->{real_name}) { push @ERRORS, "Blank Full Name!"; }
|
| 95 |
if (!$F->{derby_name}) { $F->{derby_name} = $F->{real_name}; } # If they leave derby_name blank, use their real_name
|
95 |
if (!$F->{derby_name}) { $F->{derby_name} = $F->{real_name}; } # If they leave derby_name blank, use their real_name
|
| 96 |
if (checkDupes ('derby_name', $F->{derby_name})) { push @ERRORS, "Derby Name already in use. Pick a different one."; $F->{derby_name} = ""; }
|
96 |
if (checkDupes ('derby_name', $F->{derby_name})) { push @ERRORS, "Derby Name already in use. Pick a different one."; $F->{derby_name} = ""; }
|
| 97 |
# if (!$F->{level}) { $F->{level} = "B"; } # People keep leaving level blank. Default 'em if they do.
|
97 |
# if (!$F->{level}) { $F->{level} = "B"; } # People keep leaving level blank. Default 'em if they do.
|
| 98 |
# if (!$F->{type}) { $F->{type} = "official"; } # and now they left the other drop-down blank!!!
|
98 |
# if (!$F->{type}) { $F->{type} = "official"; } # and now they left the other drop-down blank!!!
|
| Line 99... |
Line 99... |
| 99 |
if (!$F->{email}) { push @ERRORS, "Blank Email (User-ID)!"; } else {
|
99 |
if (!$F->{email}) { push @ERRORS, "Blank Email (User-ID)!"; } else {
|
| 100 |
$F->{email} =~ s/\s+//g; # make sure people aren't accidentally including spaces
|
100 |
$F->{email} =~ s/\s+//g; # make sure people aren't accidentally including spaces
|
| 101 |
$F->{email} = lc $F->{email}; # sometimes people capitalize their email addresses and that's annoying...
|
101 |
$F->{email} = lc $F->{email}; # sometimes people capitalize their email addresses and that's annoying...
|
| 102 |
if (! Email::Valid->address (-address => $F->{email}, -mxcheck => 1, -tldcheck => 1)) { push @ERRORS, "Mal-formatted (or fake) Email Address!"; $F->{email} = ""; }
|
102 |
if (! Email::Valid->address (-address => $F->{email}, -mxcheck => 1, -tldcheck => 1)) { push @ERRORS, "Mal-formatted (or fake) Email Address!"; $F->{email} = ""; }
|
| 103 |
}
|
103 |
}
|
| 104 |
if (checkDupes ('email', $F->{email})) { push @ERRORS, "Email Address already in use. Pick a different one."; $F->{email} = ""; }
|
104 |
if (checkDupes ('email', $F->{email})) { push @ERRORS, "Email Address already in use. Pick a different one."; $F->{email} = ""; }
|
| 105 |
# if (!$F->{department}) { push @ERRORS, "You need to request at least one Department!"; }
|
105 |
# if (!$F->{department}) { push @ERRORS, "You need to request at least one Department!"; }
|
| 106 |
|
106 |
|
| 107 |
if (scalar @ERRORS) {
|
107 |
if (scalar @ERRORS) {
|
| 108 |
$ERRMSG = join $h->br, @ERRORS;
|
108 |
$ERRMSG = join $h->br, @ERRORS;
|
| 109 |
display_form ("New", "New User", $ERRMSG, $F);
|
109 |
display_form ("New", "New User", $ERRMSG, $F);
|
| 110 |
return;
|
110 |
return;
|
| 111 |
} else {
|
111 |
} else {
|
| 112 |
# We have a correctly formatted email address with a mail host record, go ahead and add the user
|
112 |
# We have a correctly formatted email address with a mail host record, go ahead and add the user
|
| 113 |
|
113 |
|
| 114 |
# Check to see if any of the departments they've requested are set to autoapprove.
|
114 |
# Check to see if any of the departments they've requested are set to autoapprove.
|
| 115 |
$F->{department} = convertDepartments $F->{department};
|
115 |
$F->{department} = convertDepartments $F->{department};
|
| 116 |
use tableViewer;
|
116 |
use tableViewer;
|
| 117 |
map { $F->{department}->{$_} = inArray ($_, \@AUTODEPTS) } keys %{$F->{department}};
|
117 |
map { $F->{department}->{$_} = inArray ($_, \@AUTODEPTS) } keys %{$F->{department}};
|
| 118 |
$F->{department} = convertDepartments $F->{department};
|
118 |
$F->{department} = convertDepartments $F->{department};
|
| 119 |
|
119 |
|
| 120 |
# my $sth = $dbh->prepare ("insert into official (email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, password(?), ?, ?, ?, ?, ?, ?, ?, ?)");
|
120 |
# my $sth = $dbh->prepare ("insert into official (email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, password(?), ?, ?, ?, ?, ?, ?, ?, ?)");
|
| 121 |
my $sth = $dbh->prepare ("insert into official (email, password, derby_name, real_name, pronouns, tshirt, phone, timeformat, access, department, added, activation) values (?, password(?), ?, ?, ?, ?, ?, ?, ?, ?, CONVERT_TZ(now(), 'America/Chicago', 'America/Los_Angeles'), md5(rand()))");
|
121 |
my $sth = $dbh->prepare ("insert into official (email, password, derby_name, real_name, pronouns, tshirt, phone, timeformat, access, department, added, activation) values (?, password(?), ?, ?, ?, ?, ?, ?, ?, ?, CONVERT_TZ(now(), 'America/Chicago', 'America/Los_Angeles'), md5(rand()))");
|
| 122 |
|
122 |
|
| 123 |
# $sth->execute ($F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, 0, $F->{department}, 0);
|
123 |
# $sth->execute ($F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, 0, $F->{department}, 0);
|
| 124 |
$sth->execute ($F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, $F->{timeformat}, 0, $F->{department});
|
124 |
$sth->execute ($F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, $F->{timeformat}, 0, $F->{department});
|
| 125 |
|
125 |
|
| 126 |
$sth = $dbh->prepare ("select RCid, activation from official where email = ?");
|
126 |
$sth = $dbh->prepare ("select RCid, activation from official where email = ?");
|
| 127 |
$sth->execute ($F->{email});
|
127 |
$sth->execute ($F->{email});
|
| 128 |
($F->{RCid}, $F->{activation}) = $sth->fetchrow_array;
|
128 |
($F->{RCid}, $F->{activation}) = $sth->fetchrow_array;
|
| - |
|
129 |
$dbh->do ("replace into RCid_ticket_link select official.RCid, v_ticket.id from official join v_ticket on official.email = v_ticket.email and official.real_name = v_ticket.full_name where official.RCid = ?", undef, $F->{RCid});
|
| - |
|
130 |
logit ($F->{RCid}, "New User Registration");
|
| - |
|
131 |
sendNewUserEMail ("New User", $F);
|
| - |
|
132 |
$cookie_string = authenticate (1);
|
| - |
|
133 |
}
|
| - |
|
134 |
} else {
|
| - |
|
135 |
$cookie_string = authenticate (1);
|
| - |
|
136 |
my ($EM, $PWD, $AL) = split /&/, $cookie_string;
|
| - |
|
137 |
|
| - |
|
138 |
my $OG = getUser ($F->{RCid});
|
| - |
|
139 |
if ($F->{derby_name} ne $OG->{derby_name} and checkDupes ('derby_name', $F->{derby_name})) { push @ERRORS, "Derby Name already in use. Pick a different one."; $F->{derby_name} = ""; }
|
| 129 |
$dbh->do ("replace into RCid_ticket_link select official.RCid, v_ticket.id from official join v_ticket on official.email = v_ticket.email and official.real_name = v_ticket.full_name where official.RCid = ?", undef, $F->{RCid});
|
140 |
if ($F->{email} ne $OG->{email} and checkDupes ('email', $F->{email})) { push @ERRORS, "Email Address already in use. Pick a different one."; $F->{email} = ""; }
|
| Line 130... |
Line 141... |
| 130 |
logit ($F->{RCid}, "New User Registration");
|
141 |
if (!$F->{real_name}) { push @ERRORS, "Blank Full Name!"; }
|
| 131 |
sendNewUserEMail ("New User", $F);
|
142 |
if (scalar @ERRORS) {
|
| 132 |
$cookie_string = authenticate (1);
|
143 |
$ERRMSG = join $h->br, @ERRORS;
|
| 133 |
}
|
144 |
display_form ($F->{RCid}, "Edit", $ERRMSG, $F);
|
| 134 |
} else {
|
145 |
return;
|
| 135 |
$cookie_string = authenticate (1);
|
146 |
}
|
| 136 |
my ($EM, $PWD, $AL) = split /&/, $cookie_string;
|
147 |
|
| 137 |
if (lc $EM eq lc $F->{email} and $AL < 5) { # They're editing their own record (and not a sysadmin).
|
148 |
if (lc $EM eq lc $F->{email} and $AL < 5) { # They're editing their own record (and not a sysadmin).
|
| 138 |
|
149 |
|
| 139 |
# Don't let users change their own mvp_pass setting...
|
150 |
# Don't let users change their own mvp_pass setting...
|
| 140 |
# $F->{mvp_pass} = getUser($EM)->{mvp_pass};
|
151 |
# $F->{mvp_pass} = getUser($EM)->{mvp_pass};
|
| 141 |
my $DBDepts = getUser($EM)->{department};
|
152 |
my $DBDepts = getUser($EM)->{department};
|
| 142 |
if ($F->{department} ne $DBDepts) {
|
153 |
if ($F->{department} ne $DBDepts) {
|
| 143 |
# They're trying to change one of their own departments.
|
154 |
# They're trying to change one of their own departments.
|
| 144 |
my $FORMDepts = convertDepartments $F->{department};
|
155 |
my $FORMDepts = convertDepartments $F->{department};
|
| 145 |
$DBDepts = convertDepartments $DBDepts;
|
156 |
$DBDepts = convertDepartments $DBDepts;
|
| Line 146... |
Line 157... |
| 146 |
# the only change to a dept should be a request to be added, some depts are auto-approved.
|
157 |
# the only change to a dept should be a request to be added, some depts are auto-approved.
|
| 147 |
use tableViewer;
|
158 |
use tableViewer;
|
| 148 |
map { $FORMDepts->{$_} = inArray ($_, \@AUTODEPTS) } keys %{$FORMDepts};
|
159 |
map { $FORMDepts->{$_} = inArray ($_, \@AUTODEPTS) } keys %{$FORMDepts};
|
| 149 |
# or they can retract their request
|
160 |
# or they can retract their request
|
| 150 |
map { do { delete $DBDepts->{$_} } if $DBDepts->{$_} == 0 and !defined $FORMDepts->{$_} } keys %{$DBDepts};
|
161 |
map { do { delete $DBDepts->{$_} } if $DBDepts->{$_} == 0 and !defined $FORMDepts->{$_} } keys %{$DBDepts};
|
| 151 |
# otherwise, keep the same depts as are in the DB (or have been auto-approved...)
|
162 |
# otherwise, keep the same depts as are in the DB (or have been auto-approved...)
|
| 152 |
map { $FORMDepts->{$_} = max ($DBDepts->{$_}, $FORMDepts->{$_}) } keys %{$DBDepts};
|
163 |
map { $FORMDepts->{$_} = max ($DBDepts->{$_}, $FORMDepts->{$_}) } keys %{$DBDepts};
|
| 153 |
$F->{department} = convertDepartments $FORMDepts;
|
164 |
$F->{department} = convertDepartments $FORMDepts;
|
| 154 |
}
|
165 |
}
|
| 155 |
|
166 |
|
| 156 |
if ($F->{password}) { # They've possibly included an updated password.
|
167 |
if ($F->{password}) { # They've possibly included an updated password.
|
| 157 |
# my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?)");
|
168 |
# my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?)");
|
| 158 |
# $sth->execute ($F->{RCid}, $EM, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass})
|
169 |
# $sth->execute ($F->{RCid}, $EM, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass})
|
| 159 |
my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, pronouns, tshirt, phone, activation, timeformat, access, department, added, last_login) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
170 |
my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, pronouns, tshirt, phone, activation, timeformat, access, department, added, last_login) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
| 160 |
$sth->execute ($F->{RCid}, lc $EM, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, getUser($EM)->{activation}, $F->{timeformat}, $F->{access}, $F->{department}, getUser($EM)->{added}, getUser($EM)->{last_login})
|
171 |
$sth->execute ($F->{RCid}, lc $EM, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, getUser($EM)->{activation}, $F->{timeformat}, $F->{access}, $F->{department}, getUser($EM)->{added}, getUser($EM)->{last_login})
|
| 161 |
or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";
|
172 |
or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";
|
| 162 |
} else { # No password was included, just keep the existing one.
|
173 |
} else { # No password was included, just keep the existing one.
|
| 163 |
# my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
174 |
# my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
| 164 |
# $sth->execute($F->{RCid}, $EM, $PWD, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass})
|
175 |
# $sth->execute($F->{RCid}, $EM, $PWD, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass})
|
| 165 |
my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, pronouns, tshirt, phone, activation, timeformat, access, department, added, last_login) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
176 |
my $sth = $dbh->prepare("replace into official (RCid, email, password, derby_name, real_name, pronouns, tshirt, phone, activation, timeformat, access, department, added, last_login) values (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
| 166 |
$sth->execute($F->{RCid}, lc $EM, $PWD, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, getUser($EM)->{activation}, $F->{timeformat}, $F->{access}, $F->{department}, getUser($EM)->{added}, getUser($EM)->{last_login})
|
177 |
$sth->execute($F->{RCid}, lc $EM, $PWD, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, getUser($EM)->{activation}, $F->{timeformat}, $F->{access}, $F->{department}, getUser($EM)->{added}, getUser($EM)->{last_login})
|
| 167 |
or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";
|
178 |
or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";
|
| 168 |
}
|
179 |
}
|
| 169 |
|
180 |
|
| 170 |
if ($ERRMSG) {
|
181 |
if ($ERRMSG) {
|
| 171 |
logit ($F->{RCid}, "DB ERROR: Updating Self Details: $ERRMSG");
|
182 |
logit ($F->{RCid}, "DB ERROR: Updating Self Details: $ERRMSG");
|
| 172 |
} else {
|
183 |
} else {
|
| 173 |
logit ($F->{RCid}, "Updated User Details");
|
184 |
logit ($F->{RCid}, "Updated User Details");
|
| 174 |
}
|
185 |
}
|
| 175 |
} elsif ($AL > 1) { # A lead or higher is updating someone else's record
|
186 |
} elsif ($AL > 1) { # A lead or higher is updating someone else's record
|
| 176 |
|
187 |
|
| 177 |
# use List::Util qw/sum/;
|
188 |
# use List::Util qw/sum/;
|
| 178 |
# if (sum (values %{ convertDepartments ($F->{department}) }) > 0 and $F->{access} == 0) {
|
189 |
# if (sum (values %{ convertDepartments ($F->{department}) }) > 0 and $F->{access} == 0) {
|
| 179 |
# if ($F->{department} and sum (values %{ convertDepartments ($F->{department}) }) > 0 and $F->{access} == 1) {
|
190 |
# if ($F->{department} and sum (values %{ convertDepartments ($F->{department}) }) > 0 and $F->{access} == 1) {
|
| 180 |
# activating a user for the first time...
|
191 |
# activating a user for the first time...
|
| 181 |
# $F->{access} = 1;
|
192 |
# $F->{access} = 1;
|
| 182 |
# sendNewUserEMail ("Activate", $F);
|
193 |
# sendNewUserEMail ("Activate", $F);
|
| 183 |
# }
|
194 |
# }
|
| 184 |
|
195 |
|
| 185 |
if ($FORM->{password}) {
|
196 |
if ($FORM->{password}) {
|
| 186 |
# my $sth = $dbh->prepare ("replace into official (RCid, email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?)");
|
197 |
# my $sth = $dbh->prepare ("replace into official (RCid, email, password, derby_name, real_name, phone, level, type, access, department, clinic_pass) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?)");
|
| 187 |
# $sth->execute ($F->{RCid}, $F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass})
|
198 |
# $sth->execute ($F->{RCid}, $F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass})
|
| 188 |
my $sth = $dbh->prepare ("replace into official (RCid, email, password, derby_name, real_name, pronouns, tshirt, phone, activation, timeformat, access, department, added, last_login) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
199 |
my $sth = $dbh->prepare ("replace into official (RCid, email, password, derby_name, real_name, pronouns, tshirt, phone, activation, timeformat, access, department, added, last_login) values (?, ?, password(?), ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");
|
| 189 |
$sth->execute ($F->{RCid}, $F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, getUser($F->{email})->{activation}, $F->{timeformat}, $F->{access}, $F->{department}, getUser($F->{email})->{added}, getUser($F->{email})->{last_login})
|
200 |
$sth->execute ($F->{RCid}, $F->{email}, $F->{password}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, getUser($F->{email})->{activation}, $F->{timeformat}, $F->{access}, $F->{department}, getUser($F->{email})->{added}, getUser($F->{email})->{last_login})
|
| 190 |
or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";
|
201 |
or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";
|
| 191 |
} else {
|
202 |
} else {
|
| 192 |
# my $sth = $dbh->prepare ("update official set email = ?, derby_name = ?, real_name = ?, phone = ?, level = ?, type = ?, access = ?, department = ?, clinic_pass = ? where RCid = ?");
|
203 |
# my $sth = $dbh->prepare ("update official set email = ?, derby_name = ?, real_name = ?, phone = ?, level = ?, type = ?, access = ?, department = ?, clinic_pass = ? where RCid = ?");
|
| 193 |
# $sth->execute ($F->{email}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass}, $F->{RCid})
|
204 |
# $sth->execute ($F->{email}, $F->{derby_name}, $F->{real_name}, $F->{phone}, $F->{level}, $F->{type}, $F->{access}, $F->{department}, $F->{clinic_pass}, $F->{RCid})
|
| 194 |
my $sth = $dbh->prepare ("update official set email = ?, derby_name = ?, real_name = ?, pronouns = ?, tshirt = ?, phone = ?, timeformat = ?, access = ?, department = ? where RCid = ?");
|
205 |
my $sth = $dbh->prepare ("update official set email = ?, derby_name = ?, real_name = ?, pronouns = ?, tshirt = ?, phone = ?, timeformat = ?, access = ?, department = ? where RCid = ?");
|
| 195 |
$sth->execute ($F->{email}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, $F->{timeformat}, $F->{access}, $F->{department}, $F->{RCid})
|
206 |
$sth->execute ($F->{email}, $F->{derby_name}, $F->{real_name}, $F->{pronouns}, $F->{tshirt}, $F->{phone}, $F->{timeformat}, $F->{access}, $F->{department}, $F->{RCid})
|
| 196 |
or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";
|
207 |
or $ERRMSG = "ERROR: Can't execute SQL statement: ".$sth->errstr()."\n";
|
| 197 |
}
|
208 |
}
|
| 198 |
if ($ERRMSG) {
|
209 |
if ($ERRMSG) {
|
| 199 |
logit ($F->{RCid}, "DB ERROR: Updating Someone Else: $ERRMSG");
|
210 |
logit ($F->{RCid}, "DB ERROR: Updating Someone Else: $ERRMSG");
|
| 200 |
} else {
|
211 |
} else {
|
| 201 |
logit ($F->{RCid}, "Updated User Details (by ".getUser($EM)->{derby_name}.")");
|
212 |
logit ($F->{RCid}, "Updated User Details (by ".getUser($EM)->{derby_name}.")");
|
| 202 |
logit (getUser($EM)->{RCid}, "Updated User Details: ".$F->{derby_name}." (".$F->{RCid}.")");
|
213 |
logit (getUser($EM)->{RCid}, "Updated User Details: ".$F->{derby_name}." (".$F->{RCid}.")");
|
| 203 |
}
|
214 |
}
|
| 204 |
} else {
|
215 |
} else {
|
| 205 |
$ERRMSG = "Attempting to update someone else's record, and you don't have permission to do that.";
|
216 |
$ERRMSG = "Attempting to update someone else's record, and you don't have permission to do that.";
|
| 206 |
logit ($F->{RCid}, "FAIL: ($EM) doesn't have access to update ($F->{email})'s record");
|
217 |
logit ($F->{RCid}, "FAIL: ($EM) doesn't have access to update ($F->{email})'s record");
|
| 207 |
}
|
218 |
}
|
| Line 208... |
Line 219... |
| 208 |
}
|
219 |
}
|
| 209 |
$F->{password} = "*******";
|
220 |
$F->{password} = "*******";
|
| Line 210... |
Line 221... |
| 210 |
$F->{buttons} = $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{RCid} }).$h->input ({ type=>"submit", name=>"submit", value=>"Edit" });
|
221 |
$F->{buttons} = $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{RCid} }).$h->input ({ type=>"submit", name=>"submit", value=>"Edit" });
|
| 211 |
# if ($F->{mvp_pass}) {
|
222 |
# if ($F->{mvp_pass}) {
|
| 212 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>1, readonly=>[], disabled=>[], checked=>[] }), $h->span ({ class=>"slider round" })]);
|
223 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>1, readonly=>[], disabled=>[], checked=>[] }), $h->span ({ class=>"slider round" })]);
|
| 213 |
# } else {
|
224 |
# } else {
|
| 214 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>0, readonly=>[], disabled=>[] }), $h->span ({ class=>"slider round" })]);
|
225 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>0, readonly=>[], disabled=>[] }), $h->span ({ class=>"slider round" })]);
|
| Line 215... |
Line 226... |
| 215 |
# }
|
226 |
# }
|
| 216 |
$F->{department} = convertDepartments ($F->{department});
|
227 |
$F->{department} = convertDepartments ($F->{department});
|
| 217 |
$dbh->do ("replace into RCid_ticket_link select official.RCid, v_ticket.id from official join v_ticket on official.email = v_ticket.email and official.real_name = v_ticket.full_name where official.RCid = ?", undef, $F->{RCid});
|
228 |
$dbh->do ("replace into RCid_ticket_link select official.RCid, v_ticket.id from official join v_ticket on official.email = v_ticket.email and official.real_name = v_ticket.full_name where official.RCid = ?", undef, $F->{RCid});
|
| 218 |
|
229 |
|
| 219 |
display_form ($F->{RCid}, "View");
|
230 |
display_form ($F->{RCid}, "View");
|
| 220 |
}
|
231 |
}
|
| 221 |
|
232 |
|
| 222 |
sub display_form {
|
233 |
sub display_form {
|
| 223 |
my $RCID = shift // "";
|
234 |
my $RCID = shift // "";
|
| 224 |
my $view = shift; # // "New User";
|
235 |
my $view = shift; # // "New User";
|
| 225 |
my $errors = shift // "";
|
236 |
my $errors = shift // "";
|
| 226 |
my $F = shift; # // "";
|
237 |
my $F = shift; # // "";
|
| 227 |
|
238 |
|
| 228 |
if ($view eq 'Edit') {
|
239 |
if ($view eq 'Edit') {
|
| 229 |
$cookie_string = authenticate (1);
|
240 |
$cookie_string = authenticate (1);
|
| 230 |
my ($EM, $PWD, $AL) = split /&/, $cookie_string;
|
241 |
my ($EM, $PWD, $AL) = split /&/, $cookie_string;
|
| 231 |
$F = getUser ($RCID);
|
242 |
$F = getUser ($RCID);
|
| 232 |
my $currentuser = getUser ($EM);
|
243 |
my $currentuser = getUser ($EM);
|
| 233 |
# $currentuser->{department} = convertDepartments ($currentuser->{department});
|
244 |
# $currentuser->{department} = convertDepartments ($currentuser->{department});
|
| 234 |
|
245 |
|
| 235 |
# if (lc $EM eq lc $F->{email} or $AL > 1) {
|
246 |
# if (lc $EM eq lc $F->{email} or $AL > 1) {
|
| 236 |
if (canView ($currentuser, $F)) {
|
247 |
if (canView ($currentuser, $F)) {
|
| 237 |
# Editing your own record OR you're a lead/higher
|
248 |
# Editing your own record OR you're a lead/higher
|
| 238 |
if (lc $EM eq lc $F->{email} or $currentuser->{access} < $F->{access}) {
|
249 |
if (lc $EM eq lc $F->{email} or $currentuser->{access} < $F->{access}) {
|
| 239 |
# If you're editing your own record, or someone who has higher access than you, make access level read-only
|
250 |
# If you're editing your own record, or someone who has higher access than you, make access level read-only
|
| 240 |
$F->{access} = $h->input ({ type=>"hidden", name=>"access", value=>$F->{access} }).$AccessLevel->{$F->{access}};
|
251 |
$F->{access} = $h->input ({ type=>"hidden", name=>"access", value=>$F->{access} }).$AccessLevel->{$F->{access}};
|
| 241 |
} else {
|
252 |
} else {
|
| 242 |
$F->{access} = $h->select ({ name=>"access" }, [map { $F->{access} == $_ ? $h->option ({ value=>$_, selected=>[] }, $AccessLevel->{$_}) : $h->option ({ value=>$_ }, $AccessLevel->{$_}) } (-1..$currentuser->{access})]);
|
253 |
$F->{access} = $h->select ({ name=>"access" }, [map { $F->{access} == $_ ? $h->option ({ value=>$_, selected=>[] }, $AccessLevel->{$_}) : $h->option ({ value=>$_ }, $AccessLevel->{$_}) } (-1..$currentuser->{access})]);
|
| 243 |
}
|
254 |
}
|
| 244 |
if ($currentuser->{access} > 2) { #this would be the place to test for other types of managers that can update the MVP Pass setting
|
255 |
if ($currentuser->{access} > 2) { #this would be the place to test for other types of managers that can update the MVP Pass setting
|
| 245 |
# if ($F->{mvp_pass}) {
|
256 |
# if ($F->{mvp_pass}) {
|
| 246 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>1, checked=>[] }), $h->span ({ class=>"slider round" })]);
|
257 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>1, checked=>[] }), $h->span ({ class=>"slider round" })]);
|
| 247 |
# } else {
|
258 |
# } else {
|
| 248 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>0 }), $h->span ({ class=>"slider round" })]);
|
259 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>0 }), $h->span ({ class=>"slider round" })]);
|
| 249 |
# }
|
260 |
# }
|
| 250 |
if ($F->{MVPid}) {
|
261 |
if ($F->{MVPid}) {
|
| 251 |
$F->{MVPid} .= "->link to change...<-";
|
262 |
$F->{MVPid} .= "->link to change...<-";
|
| 252 |
}
|
263 |
}
|
| 253 |
} else {
|
264 |
} else {
|
| 254 |
# if ($F->{mvp_pass}) {
|
265 |
# if ($F->{mvp_pass}) {
|
| 255 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>1, readonly=>[], disabled=>[], checked=>[] }), $h->span ({ class=>"slider round" })]);
|
266 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>1, readonly=>[], disabled=>[], checked=>[] }), $h->span ({ class=>"slider round" })]);
|
| 256 |
# } else {
|
267 |
# } else {
|
| 257 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>0, readonly=>[], disabled=>[] }), $h->span ({ class=>"slider round" })]);
|
268 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>0, readonly=>[], disabled=>[] }), $h->span ({ class=>"slider round" })]);
|
| 258 |
# }
|
269 |
# }
|
| 259 |
}
|
270 |
}
|
| 260 |
if ($AL == 5) {
|
271 |
if ($AL == 5) {
|
| 261 |
$F->{email} = $h->input ({ type=>"text", name=>"email", value=>$F->{email} });
|
272 |
$F->{email} = $h->input ({ type=>"text", name=>"email", value=>$F->{email} });
|
| 262 |
} else {
|
273 |
} else {
|
| 263 |
$F->{email} = $F->{email}.$h->input ({ type=>"hidden", name=>"email", value=>$F->{email} });
|
274 |
$F->{email} = $F->{email}.$h->input ({ type=>"hidden", name=>"email", value=>$F->{email} });
|
| 264 |
}
|
275 |
}
|
| 265 |
if ($currentuser->{RCid} eq $F->{RCid} or $currentuser->{access} > 4) {
|
276 |
if ($currentuser->{RCid} eq $F->{RCid} or $currentuser->{access} > 4) {
|
| 266 |
$F->{password} = $h->input ({ type=>"password", name=>"password" });
|
277 |
$F->{password} = $h->input ({ type=>"password", name=>"password" });
|
| 267 |
$F->{derby_name} = $h->input ({ type=>"text", name=>"derby_name", value=>$F->{derby_name} });
|
278 |
$F->{derby_name} = $h->input ({ type=>"text", name=>"derby_name", value=>$F->{derby_name} });
|
| 268 |
$F->{real_name} = $h->input ({ type=>"text", name=>"real_name", value=>$F->{real_name} });
|
279 |
$F->{real_name} = $h->input ({ type=>"text", name=>"real_name", value=>$F->{real_name} });
|
| 269 |
$F->{pronouns} = $h->input ({ type=>"text", name=>"pronouns", value=>$F->{pronouns} });
|
280 |
$F->{pronouns} = $h->input ({ type=>"text", name=>"pronouns", value=>$F->{pronouns} });
|
| 270 |
$F->{tshirt} = $h->select ({ name=>"tshirt" }, [map { $F->{tshirt} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } @tshirtOptions] );
|
281 |
$F->{tshirt} = $h->select ({ name=>"tshirt" }, [map { $F->{tshirt} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } @tshirtOptions] );
|
| 271 |
$F->{phone} = $h->input ({ type=>"text", name=>"phone", value=>$F->{phone} });
|
282 |
$F->{phone} = $h->input ({ type=>"text", name=>"phone", value=>$F->{phone} });
|
| 272 |
$F->{timeformat} = $h->select ({ name=>"timeformat" }, [map { $F->{timeformat} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } qw(24hr ampm)] );
|
283 |
$F->{timeformat} = $h->select ({ name=>"timeformat" }, [map { $F->{timeformat} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } qw(24hr ampm)] );
|
| 273 |
} else {
|
284 |
} else {
|
| 274 |
$F->{password} = '*******';
|
285 |
$F->{password} = '*******';
|
| 275 |
}
|
286 |
}
|
| 276 |
# $F->{level} = "<SELECT NAME=level>".selectOptions ($F->{level}, [qw(AA A B C)])."</SELECT>";
|
287 |
# $F->{level} = "<SELECT NAME=level>".selectOptions ($F->{level}, [qw(AA A B C)])."</SELECT>";
|
| 277 |
# $F->{type} = "<SELECT NAME=type>".selectOptions ($F->{type}, [qw(official nso referee)])."</SELECT>";
|
288 |
# $F->{type} = "<SELECT NAME=type>".selectOptions ($F->{type}, [qw(official nso referee)])."</SELECT>";
|
| 278 |
$F->{RCid} = $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{RCid} })."$F->{RCid} ";
|
289 |
$F->{RCid} = $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{RCid} })."$F->{RCid} ";
|
| 279 |
$F->{buttons} = join " ", $h->input ({ type=>"submit", name=>"submit", value=>"Save" }), $h->input ({ type=>"reset", value=>"Reset" }), $h->input ({ type=>"submit", name=>"submit", value=>"Cancel" });
|
290 |
$F->{buttons} = join " ", $h->input ({ type=>"submit", name=>"submit", value=>"Save" }), $h->input ({ type=>"reset", value=>"Reset" }), $h->input ({ type=>"submit", name=>"submit", value=>"Cancel" });
|
| 280 |
|
291 |
|
| 281 |
$F->{department} = convertDepartments ($F->{department});
|
292 |
$F->{department} = convertDepartments ($F->{department});
|
| 282 |
$currentuser->{department} = convertDepartments ($currentuser->{department});
|
293 |
$currentuser->{department} = convertDepartments ($currentuser->{department});
|
| 283 |
foreach my $k (keys %{$depts}) {
|
294 |
foreach my $k (keys %{$depts}) {
|
| 284 |
next if $k eq "CMP";
|
295 |
next if $k eq "CMP";
|
| 285 |
if ($currentuser->{access} > 4) {
|
296 |
if ($currentuser->{access} > 4) {
|
| 286 |
# SysAdmin can change anyone's department level
|
297 |
# SysAdmin can change anyone's department level
|
| 287 |
$F->{department}->{$k} = $h->select ({ name=>"DEPT-".$k }, [ $h->option ({ value=>"" }, ""), map { $_ eq $F->{department}->{$k} ? $h->option ({ value=>$_, selected=>[] }, $AccessLevel->{$_}) : $h->option ({ value=>$_ }, $AccessLevel->{$_}) } (0..4) ]);
|
298 |
$F->{department}->{$k} = $h->select ({ name=>"DEPT-".$k }, [ $h->option ({ value=>"" }, ""), map { $_ eq $F->{department}->{$k} ? $h->option ({ value=>$_, selected=>[] }, $AccessLevel->{$_}) : $h->option ({ value=>$_ }, $AccessLevel->{$_}) } (0..4) ]);
|
| 288 |
} elsif ($currentuser->{department}->{$k} > 1 and $currentuser->{department}->{$k} > $F->{department}->{$k}) {
|
299 |
} elsif ($currentuser->{department}->{$k} > 1 and $currentuser->{department}->{$k} > $F->{department}->{$k}) {
|
| 289 |
# Department Leads and above can change someone's level within the dept (up to their own level -1)
|
300 |
# Department Leads and above can change someone's level within the dept (up to their own level -1)
|
| Line 290... |
Line 301... |
| 290 |
$F->{department}->{$k} = $h->select ({ name=>"DEPT-".$k }, [ $h->option ({ value=>"" }, ""), map { $_ eq $F->{department}->{$k} ? $h->option ({ value=>$_, selected=>[] }, $AccessLevel->{$_}) : $h->option ({ value=>$_ }, $AccessLevel->{$_}) } (0..$currentuser->{department}->{$k}-1) ]);
|
301 |
$F->{department}->{$k} = $h->select ({ name=>"DEPT-".$k }, [ $h->option ({ value=>"" }, ""), map { $_ eq $F->{department}->{$k} ? $h->option ({ value=>$_, selected=>[] }, $AccessLevel->{$_}) : $h->option ({ value=>$_ }, $AccessLevel->{$_}) } (0..$currentuser->{department}->{$k}-1) ]);
|
| 291 |
} else {
|
302 |
} else {
|
| 292 |
# Or it's your own record, you can still submit a request to be added to the dept.
|
303 |
# Or it's your own record, you can still submit a request to be added to the dept.
|
| 293 |
if (!defined $F->{department}->{$k}) {
|
304 |
if (!defined $F->{department}->{$k}) {
|
| 294 |
$F->{department}->{$k} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$k", value=>0 }), $h->span ({ class=>"slider round" })]) unless !inArray ($k, \@AUTODEPTS);
|
305 |
$F->{department}->{$k} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$k", value=>0 }), $h->span ({ class=>"slider round" })]) unless !inArray ($k, \@AUTODEPTS);
|
| 295 |
} elsif ($F->{department}->{$k} == 0) {
|
306 |
} elsif ($F->{department}->{$k} == 0) {
|
| 296 |
$F->{department}->{$k} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$k", value=>0, checked=>[] }), $h->span ({ class=>"slider round" })]);
|
307 |
$F->{department}->{$k} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$k", value=>0, checked=>[] }), $h->span ({ class=>"slider round" })]);
|
| 297 |
}
|
308 |
}
|
| 298 |
}
|
309 |
}
|
| 299 |
}
|
310 |
}
|
| 300 |
} else {
|
311 |
} else {
|
| 301 |
$ERRMSG = "Attempting to update someone else's record, and you don't have permission to do that.";
|
312 |
$ERRMSG = "Attempting to update someone else's record, and you don't have permission to do that.";
|
| 302 |
}
|
313 |
}
|
| 303 |
|
314 |
|
| 304 |
} elsif ($view eq 'New User') {
|
315 |
} elsif ($view eq 'New User') {
|
| 305 |
$errors .= $h->br."NOTE: You will not be able to sign-up for things until your account has been reviewed and approved. Watch your email for notification.";
|
316 |
$errors .= $h->br."NOTE: You will not be able to sign-up for things until your account has been reviewed and approved. Watch your email for notification.";
|
| Line 306... |
Line 317... |
| 306 |
# Skip authentication
|
317 |
# Skip authentication
|
| 307 |
$F->{email} = $h->input ({ type=>"text", name=>"email", value=>$F->{email} });
|
318 |
$F->{email} = $h->input ({ type=>"text", name=>"email", value=>$F->{email} });
|
| 308 |
$F->{password} = $h->input ({ type=>"password", name=>"password" });
|
319 |
$F->{password} = $h->input ({ type=>"password", name=>"password" });
|
| 309 |
$F->{derby_name} = $h->input ({ type=>"text", name=>"derby_name", value=>$F->{derby_name} });
|
320 |
$F->{derby_name} = $h->input ({ type=>"text", name=>"derby_name", value=>$F->{derby_name} });
|
| 310 |
$F->{real_name} = $h->input ({ type=>"text", name=>"real_name", value=>$F->{real_name} });
|
321 |
$F->{real_name} = $h->input ({ type=>"text", name=>"real_name", value=>$F->{real_name} });
|
| 311 |
$F->{pronouns} = $h->input ({ type=>"text", name=>"pronouns", value=>$F->{pronouns} });
|
322 |
$F->{pronouns} = $h->input ({ type=>"text", name=>"pronouns", value=>$F->{pronouns} });
|
| 312 |
$F->{tshirt} = $h->select ({ name=>"tshirt" }, [map { $F->{tshirt} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } @tshirtOptions] );
|
323 |
$F->{tshirt} = $h->select ({ name=>"tshirt" }, [map { $F->{tshirt} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } @tshirtOptions] );
|
| 313 |
$F->{phone} = $h->input ({ type=>"text", name=>"phone", value=>$F->{phone} });
|
324 |
$F->{phone} = $h->input ({ type=>"text", name=>"phone", value=>$F->{phone} });
|
| 314 |
$F->{timeformat} = $h->select ({ name=>"timeformat" }, [map { $F->{timeformat} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } qw(24hr ampm)] );
|
325 |
$F->{timeformat} = $h->select ({ name=>"timeformat" }, [map { $F->{timeformat} eq $_ ? $h->option ({ selected=>[] }, $_) : $h->option ($_) } qw(24hr ampm)] );
|
| 315 |
# $F->{level} = "<SELECT NAME=level>".selectOptions ($F->{level}, ["", qw(AA A B C)])."</SELECT>";
|
326 |
# $F->{level} = "<SELECT NAME=level>".selectOptions ($F->{level}, ["", qw(AA A B C)])."</SELECT>";
|
| 316 |
# $F->{type} = "<SELECT NAME=type>".selectOptions ($F->{type}, ["", qw(official nso referee)])."</SELECT>";
|
327 |
# $F->{type} = "<SELECT NAME=type>".selectOptions ($F->{type}, ["", qw(official nso referee)])."</SELECT>";
|
| 317 |
$F->{RCid} = $h->input ({ type=>"hidden", name=>"RCid", value=>"New" })."TBD ";
|
328 |
$F->{RCid} = $h->input ({ type=>"hidden", name=>"RCid", value=>"New" })."TBD ";
|
| 318 |
$F->{access} = $h->input ({ type=>"hidden", name=>"access", value=>0 })."0";
|
329 |
$F->{access} = $h->input ({ type=>"hidden", name=>"access", value=>0 })."0";
|
| 319 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>0, readonly=>[], disabled=>[] }), $h->span ({ class=>"slider round" })]);
|
330 |
# $F->{mvp_pass} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"mvp_pass", value=>0, readonly=>[], disabled=>[] }), $h->span ({ class=>"slider round" })]);
|
| 320 |
|
331 |
|
| Line 321... |
Line 332... |
| 321 |
$F->{department} = convertDepartments ($F->{department});
|
332 |
$F->{department} = convertDepartments ($F->{department});
|
| 322 |
foreach (sort keys %{$depts}) {
|
333 |
foreach (sort keys %{$depts}) {
|
| 323 |
next if $_ eq "CMP";
|
334 |
next if $_ eq "CMP";
|
| Line 324... |
Line 335... |
| 324 |
next unless inArray($_, \@AUTODEPTS);
|
335 |
next unless inArray($_, \@AUTODEPTS);
|
| 325 |
if (defined param ("DEPT-$_")) {
|
336 |
if (defined param ("DEPT-$_")) {
|
| 326 |
$F->{department}->{$_} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$_", value=>0, checked=>[] }), $h->span ({ class=>"slider round" })]);
|
337 |
$F->{department}->{$_} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$_", value=>0, checked=>[] }), $h->span ({ class=>"slider round" })]);
|
| 327 |
} else {
|
338 |
} else {
|
| 328 |
$F->{department}->{$_} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$_", value=>0 }), $h->span ({ class=>"slider round" })]);
|
339 |
$F->{department}->{$_} = $h->label ({ class=>"switch" }, [$h->input ({ type=>"checkbox", name=>"DEPT-$_", value=>0 }), $h->span ({ class=>"slider round" })]);
|
| 329 |
}
|
340 |
}
|
| 330 |
}
|
341 |
}
|
| 331 |
$F->{buttons} = $h->input ({ type=>"submit", name=>"submit", value=>"Save" })." ".$h->input ({ type=>"reset", value=>"Reset" })." ".$h->input ({ type=>"submit", name=>"submit", value=>"Cancel" });
|
342 |
$F->{buttons} = $h->input ({ type=>"submit", name=>"submit", value=>"Save" })." ".$h->input ({ type=>"reset", value=>"Reset" })." ".$h->input ({ type=>"submit", name=>"submit", value=>"Cancel" });
|
| 332 |
$cookie_string = '';
|
343 |
$cookie_string = '';
|
| 333 |
} elsif ($view eq 'View' or $view eq 'Cancel' or !$view) {
|
344 |
} elsif ($view eq 'View' or $view eq 'Cancel' or !$view) {
|
| Line 334... |
Line 345... |
| 334 |
$cookie_string = authenticate (1);
|
345 |
$cookie_string = authenticate (1);
|
| 335 |
my ($EM, $PWD, $AL) = split /&/, $cookie_string;
|
346 |
my ($EM, $PWD, $AL) = split /&/, $cookie_string;
|
| 336 |
|
347 |
|
| 337 |
if (!$view) {
|
348 |
if (!$view) {
|
| Line 363... |
Line 374... |
| 363 |
|
374 |
|
| 364 |
$F->{MVPid} .= $h->div ({ class => "hint" }, ["Possible Match: @$match", ' ', $h->button ({ onClick=>"window.open('update_mvp_ticket.pl?change=add&RCid=$F->{RCid}&MVPid=$MVPid','Change MVP Ticket','resizable,height=260,width=370'); return false;" }, "Accept Match")]);
|
375 |
$F->{MVPid} .= $h->div ({ class => "hint" }, ["Possible Match: @$match", ' ', $h->button ({ onClick=>"window.open('update_mvp_ticket.pl?change=add&RCid=$F->{RCid}&MVPid=$MVPid','Change MVP Ticket','resizable,height=260,width=370'); return false;" }, "Accept Match")]);
|
| 365 |
}
|
376 |
}
|
| 366 |
}
|
377 |
}
|
| 367 |
}
|
378 |
}
|
| 368 |
} else {
|
379 |
} else {
|
| 369 |
logit ($currentuser->{RCid}, "SECURITY: $currentuser->{derby_name} attempted to view another user's ($RCID) info");
|
380 |
logit ($currentuser->{RCid}, "SECURITY: $currentuser->{derby_name} attempted to view another user's ($RCID) info");
|
| 370 |
$errors = "Unauthorized attempt to view another user. This has been logged.";
|
381 |
$errors = "Unauthorized attempt to view another user. This has been logged.";
|
| 371 |
$F->{email} = " ";
|
382 |
$F->{email} = " ";
|
| 372 |
$F->{password} = " ";
|
383 |
$F->{password} = " ";
|
| 373 |
$F->{derby_name} = " ";
|
384 |
$F->{derby_name} = " ";
|
| 374 |
$F->{real_name} = " ";
|
385 |
$F->{real_name} = " ";
|
| 375 |
$F->{pronouns} = " ";
|
386 |
$F->{pronouns} = " ";
|
| 376 |
$F->{tshirt} = " ";
|
387 |
$F->{tshirt} = " ";
|
| 377 |
$F->{phone} = " ";
|
388 |
$F->{phone} = " ";
|
| 378 |
$F->{timeformat} = " ";
|
389 |
$F->{timeformat} = " ";
|
| 379 |
# $F->{level} = " ";
|
390 |
# $F->{level} = " ";
|
| 380 |
# $F->{type} = " ";
|
391 |
# $F->{type} = " ";
|
| 381 |
$F->{RCid} = " ";
|
392 |
$F->{RCid} = " ";
|
| 382 |
$F->{access} = " ";
|
393 |
$F->{access} = " ";
|
| 383 |
$F->{MVPid} = " ";
|
394 |
$F->{MVPid} = " ";
|
| 384 |
$F->{buttons} = " ";
|
395 |
$F->{buttons} = " ";
|
| Line 385... |
Line 396... |
| 385 |
}
|
396 |
}
|
| 386 |
|
397 |
|
| 387 |
# if (lc $EM eq lc $F->{email} or $AL > 1) {
|
398 |
# if (lc $EM eq lc $F->{email} or $AL > 1) {
|
| 388 |
# $F->{buttons} = $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{'RCid'} }).$h->input ({ type=>"submit", name=>"submit", value=>"Edit" });
|
399 |
# $F->{buttons} = $h->input ({ type=>"hidden", name=>"RCid", value=>$F->{'RCid'} }).$h->input ({ type=>"submit", name=>"submit", value=>"Edit" });
|
| 389 |
# } else {
|
400 |
# } else {
|
| 390 |
# $F->{buttons} = "";
|
401 |
# $F->{buttons} = "";
|
| 391 |
# }
|
402 |
# }
|
| 392 |
} #else {
|
403 |
} #else {
|
| 393 |
# $cookie_string = authenticate(1);
|
404 |
# $cookie_string = authenticate(1);
|
| 394 |
# $FORM->{email} = " ";
|
405 |
# $FORM->{email} = " ";
|
| 395 |
# $FORM->{password} = " ";
|
406 |
# $FORM->{password} = " ";
|
| 396 |
# $FORM->{derby_name} = " ";
|
407 |
# $FORM->{derby_name} = " ";
|
| 397 |
# $FORM->{real_name} = " ";
|
408 |
# $FORM->{real_name} = " ";
|
| 398 |
# $FORM->{phone} = " ";
|
409 |
# $FORM->{phone} = " ";
|
| 399 |
# $FORM->{level} = " ";
|
410 |
# $FORM->{level} = " ";
|
| 400 |
# $FORM->{type} = " ";
|
411 |
# $FORM->{type} = " ";
|
| 401 |
# $FORM->{RCid} = " ";
|
412 |
# $FORM->{RCid} = " ";
|
| 402 |
# $FORM->{access} = " ";
|
413 |
# $FORM->{access} = " ";
|
| 403 |
# $FORM->{mvp_pass} = " ";
|
414 |
# $FORM->{mvp_pass} = " ";
|
| Line 404... |
Line 415... |
| 404 |
# $FORM->{buttons} = " ";
|
415 |
# $FORM->{buttons} = " ";
|
| Line 405... |
Line 416... |
| 405 |
#}
|
416 |
#}
|
| Line 406... |
Line 417... |
| 406 |
|
417 |
|
| Line 407... |
Line 418... |
| 407 |
#---------------START THE HTML--------------------
|
418 |
#---------------START THE HTML--------------------
|
| 408 |
|
419 |
|
| 409 |
my $RCAUTH_cookie = cookie (-name=>'RCAUTH',-value=>"$cookie_string",-expires=>"+30m");
|
420 |
my $RCAUTH_cookie = cookie (-name=>'RCAUTH',-value=>"$cookie_string",-expires=>"+30m");
|
| Line 410... |
Line 421... |
| 410 |
|
421 |
|
| 411 |
print header (-cookie=>$RCAUTH_cookie);
|
422 |
print header (-cookie=>$RCAUTH_cookie);
|
| 412 |
|
423 |
|
| 413 |
#foreach (keys %ENV) {
|
424 |
#foreach (keys %ENV) {
|
| 414 |
# print "$_: $ENV{$_}\n<br>";
|
425 |
# print "$_: $ENV{$_}\n<br>";
|
| Line 415... |
Line 426... |
| 415 |
#}
|
426 |
#}
|
| 416 |
|
427 |
|
| 417 |
if ($errors) {
|
428 |
if ($errors) {
|
| Line 462... |
Line 473... |
| 462 |
print $h->div ({ class=>"index" }, [$h->p ({ class=>"heading" }, "Recent Activity:"), getLog ($RCID)]) unless $RCID !~ /^\d+$/;
|
473 |
print $h->div ({ class=>"index" }, [$h->p ({ class=>"heading" }, "Recent Activity:"), getLog ($RCID)]) unless $RCID !~ /^\d+$/;
|
| 463 |
print $h->close ('html');
|
474 |
print $h->close ('html');
|
| 464 |
}
|
475 |
}
|
| Line 465... |
Line 476... |
| 465 |
|
476 |
|
| 466 |
#sub selectOptions {
|
477 |
#sub selectOptions {
|
| 467 |
# my $selectedOption = shift;
|
478 |
# my $selectedOption = shift;
|
| 468 |
# my $options = shift;
|
479 |
# my $options = shift;
|
| 469 |
# return join " ", map { $selectedOption eq $_ ?
|
480 |
# return join " ", map { $selectedOption eq $_ ?
|
| 470 |
# $h->option ({ value=>$_, selected=>[] }, $_) :
|
481 |
# $h->option ({ value=>$_, selected=>[] }, $_) :
|
| 471 |
# $h->option ({ value=>$_ }, $_)
|
482 |
# $h->option ({ value=>$_ }, $_)
|
| 472 |
# } @$options;
|
483 |
# } @$options;
|
| Line 473... |
Line 484... |
| 473 |
#}
|
484 |
#}
|
| 474 |
|
485 |
|
| Line 487... |
Line 498... |
| 487 |
|
498 |
|
| 488 |
my @activity_log;
|
499 |
my @activity_log;
|
| 489 |
my $alog = $dbh->prepare("select timestamp, event from v_log where RCid = ? limit 10");
|
500 |
my $alog = $dbh->prepare("select timestamp, event from v_log where RCid = ? limit 10");
|
| 490 |
$alog->execute($RCID);
|
501 |
$alog->execute($RCID);
|
| 491 |
while (my @logs = $alog->fetchrow_array) {
|
502 |
while (my @logs = $alog->fetchrow_array) {
|
| 492 |
push @activity_log, $h->li ({ class=>"shaded" }, join " ", @logs);
|
503 |
push @activity_log, $h->li ({ class=>"shaded" }, join " ", @logs);
|
| Line 493... |
Line 504... |
| 493 |
}
|
504 |
}
|
| 494 |
|
505 |
|
| Line 495... |
Line 506... |
| 495 |
return $h->ul ([@activity_log]).$h->h5 ($h->a ({ href=>"log.pl?filter-RCid=".$RCID }, "[Entire log history]"));
|
506 |
return $h->ul ([@activity_log]).$h->h5 ($h->a ({ href=>"log.pl?filter-RCid=".$RCID }, "[Entire log history]"));
|
| 496 |
}
|
507 |
}
|
| 497 |
|
508 |
|
| 498 |
sub getDepartmentDescriptions {
|
509 |
sub getDepartmentDescriptions {
|
| 499 |
my %HASH;
|
510 |
my %HASH;
|
| 500 |
my $sth = $dbh->prepare("select TLA, description from department");
|
511 |
my $sth = $dbh->prepare("select TLA, description from department");
|
| 501 |
$sth->execute();
|
512 |
$sth->execute();
|
| 502 |
while (my ($tla, $name) = $sth->fetchrow) {
|
513 |
while (my ($tla, $name) = $sth->fetchrow) {
|
| 503 |
$HASH{$tla} = $name;
|
514 |
$HASH{$tla} = $name;
|
| Line 504... |
Line 515... |
| 504 |
}
|
515 |
}
|
| 505 |
return \%HASH;
|
516 |
return \%HASH;
|
| 506 |
}
|
517 |
}
|
| 507 |
|
518 |
|
| 508 |
sub getDepartmentLinks {
|
519 |
sub getDepartmentLinks {
|
| 509 |
my %HASH;
|
520 |
my %HASH;
|
| 510 |
my $sth = $dbh->prepare("select TLA, link from department where link <> ''");
|
521 |
my $sth = $dbh->prepare("select TLA, link from department where link <> ''");
|
| 511 |
$sth->execute();
|
522 |
$sth->execute();
|
| 512 |
while (my ($tla, $name) = $sth->fetchrow) {
|
523 |
while (my ($tla, $name) = $sth->fetchrow) {
|