User/Nav/Session Cleanup

package.json

@@ -30,7 +30,7 @@
   "dependencies": {
     "admin-lte": "2.3.7",
     "ionicons": "2.0.1",
-    "font-awesome": "4.6.3",
+    "font-awesome": "4.7.0",
     "fullcalendar": "3.0.1"
   },
   "scripts": {

propel/schema.xml

@@ -608,21 +608,18 @@
     <table name="user_usr" idMethod="native" phpName="User">
         <column name="usr_per_ID" phpName="PersonId" type="SMALLINT" size="9" sqlType="mediumint(9) unsigned" primaryKey="true" required="true" defaultValue="0"/>
         <column name="usr_Password" phpName="Password" type="VARCHAR" size="500" required="true" defaultValue=""/>
-        <column name="usr_NeedPasswordChange" phpName="NeedPasswordChange" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="1"/>
+        <column name="usr_NeedPasswordChange" phpName="NeedPasswordChange" type="BOOLEAN" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="1"/>
         <column name="usr_LastLogin" phpName="LastLogin" type="TIMESTAMP" required="true" defaultValue="0000-00-00 00:00:00"/>
         <column name="usr_LoginCount" phpName="LoginCount" type="SMALLINT" size="5" sqlType="smallint(5) unsigned" required="true" defaultValue="0"/>
         <column name="usr_FailedLogins" phpName="FailedLogins" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_AddRecords" phpName="AddRecords" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_EditRecords" phpName="EditRecords" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_DeleteRecords" phpName="DeleteRecords" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_MenuOptions" phpName="MenuOptions" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_ManageGroups" phpName="ManageGroups" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_Finance" phpName="Finance" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_Communication" phpName="Communication" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_Notes" phpName="Notes" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_Admin" phpName="Admin" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
-        <column name="usr_Workspacewidth" phpName="WorkspaceWidth" type="SMALLINT"/>
-        <column name="usr_BaseFontSize" phpName="BaseFontsize" type="TINYINT"/>
+        <column name="usr_AddRecords" phpName="AddRecords" type="BOOLEAN" size="1" sqlType="tinyint(1) unsigned" required="true" defaultValue="0"/>
+        <column name="usr_EditRecords" phpName="EditRecords" type="BOOLEAN" size="1" sqlType="tinyint(1) unsigned" required="true" defaultValue="0"/>
+        <column name="usr_DeleteRecords" phpName="DeleteRecords" type="BOOLEAN" size="1" sqlType="tinyint(1) unsigned" required="true" defaultValue="0"/>
+        <column name="usr_MenuOptions" phpName="MenuOptions" type="BOOLEAN" size="1" sqlType="tinyint(1) unsigned" required="true" defaultValue="0"/>
+        <column name="usr_ManageGroups" phpName="ManageGroups" type="BOOLEAN" size="1" sqlType="tinyint(1) unsigned" required="true" defaultValue="0"/>
+        <column name="usr_Finance" phpName="Finance" type="BOOLEAN" size="1" sqlType="tinyint(1) unsigned" required="true" defaultValue="0"/>
+        <column name="usr_Notes" phpName="Notes" type="BOOLEAN" size="1" sqlType="tinyint(1) unsigned" required="true" defaultValue="0"/>
+        <column name="usr_Admin" phpName="Admin" type="BOOLEAN" size="1" sqlType="tinyint(1) unsigned" required="true" defaultValue="0"/>
         <column name="usr_SearchLimit" phpName="SearchLimit" type="TINYINT" defaultValue="10"/>
         <column name="usr_Style" phpName="Style" type="VARCHAR" size="50" defaultValue="Style.css"/>
         <column name="usr_showPledges" phpName="ShowPledges" type="BOOLEAN" size="1" required="true" defaultValue="false"/>
@@ -631,7 +628,7 @@
         <column name="usr_defaultFY" phpName="DefaultFY" type="SMALLINT" size="9" required="true" defaultValue="10"/>
         <column name="usr_currentDeposit" phpName="CurrentDeposit" type="SMALLINT" size="9" required="true" defaultValue="0"/>
         <column name="usr_UserName" phpName="UserName" type="VARCHAR" size="32"/>
-        <column name="usr_EditSelf" phpName="EditSelf" type="TINYINT" size="3" sqlType="tinyint(3) unsigned" required="true" defaultValue="0"/>
+        <column name="usr_EditSelf" phpName="EditSelf" type="BOOLEAN" size="1" sqlType="tinyint(1) unsigned" required="true" defaultValue="0"/>
         <column name="usr_CalStart" phpName="CalStart" type="DATE"/>
         <column name="usr_CalEnd" phpName="CalEnd" type="DATE"/>
         <column name="usr_CalNoSchool1" phpName="CalNoSchool1" type="DATE"/>
@@ -643,7 +640,7 @@
         <column name="usr_CalNoSchool7" phpName="CalNoSchool7" type="DATE"/>
         <column name="usr_CalNoSchool8" phpName="CalNoSchool8" type="DATE"/>
         <column name="usr_SearchFamily" phpName="Searchfamily" type="TINYINT" size="3"/>
-        <column name="usr_Canvasser" phpName="Canvasser" type="TINYINT" size="3" required="true" defaultValue="0"/>
+        <column name="usr_Canvasser" phpName="Canvasser" type="BOOLEAN" size="1" required="true" defaultValue="0"/>
         <index name="usr_per_ID">
             <index-column name="usr_per_ID"/>
         </index>

src/ChurchCRM/model/ChurchCRM/User.php

@@ -16,5 +16,53 @@
  */
 class User extends BaseUser
 {
+  public function getName()
+  {
+    return $this->getPerson()->getFullName();
+  }
 
+  public function isAddRecordsEnabled()
+  {
+    return ($this->isAdmin() ? true : $this->isAddRecords());
+  }
+
+  public function isEditRecordsEnabled()
+  {
+    return ($this->isAdmin() ? true : $this->isEditRecords());
+  }
+
+  public function isDeleteRecordsEnabled()
+  {
+    return ($this->isAdmin() ? true : $this->isDeleteRecords());
+  }
+
+  public function isMenuOptionsEnabled()
+  {
+    return ($this->isAdmin() ? true : $this->isMenuOptions());
+  }
+
+  public function isManageGroupsEnabled()
+  {
+    return ($this->isAdmin() ? true : $this->isManageGroups());
+  }
+
+  public function isFinanceEnabled()
+  {
+    return ($this->isAdmin() ? true : $this->isFinance());
+  }
+
+  public function isNotesEnabled()
+  {
+    return ($this->isAdmin() ? true : $this->isNotes());
+  }
+
+  public function isEditSelfEnabled()
+  {
+    return ($this->isAdmin() ? true : $this->isEditSelf());
+  }
+
+  public function isCanvasserEnabled()
+  {
+    return ($this->isAdmin() ? true : $this->isCanvasser());
+  }
 }

src/DepositSlipEditor.php

@@ -61,8 +61,11 @@
 }
 
 $_SESSION['iCurrentDeposit'] = $iDepositSlipID;  // Probably redundant
-$sSQL = "UPDATE user_usr SET usr_currentDeposit = '$iDepositSlipID' WHERE usr_per_id = \"" . $_SESSION['iUserID'] . "\"";
-$rsUpdate = RunQuery($sSQL);
+
+/* @var $currentUser \ChurchCRM\User */
+$currentUser = $_SESSION['user'];
+$currentUser->setCurrentDeposit($iDepositSlipID);
+$currentUser->save();
 
 require "Include/Header.php";
 ?>

src/DonatedItemEditor.php

@@ -153,11 +153,6 @@
   }
 }
 
-// Set Current Deposit setting for user
-//if ($iCurrentFundraiser) {
-//	$sSQL = "UPDATE user_usr SET usr_CurrentFundraiser = '$iCurrentFundraiser' WHERE usr_per_id = \"".$_SESSION['iUserID']."\"";
-//	$rsUpdate = RunQuery($sSQL);
-//}
 //Get People for the drop-down
 $sPeopleSQL = "SELECT per_ID, per_FirstName, per_LastName, fam_Address1, fam_City, fam_State FROM person_per JOIN family_fam on per_fam_id=fam_id ORDER BY per_LastName, per_FirstName";
 
@@ -310,7 +305,7 @@
               </td>
             </tr>
           </table> <!-- Table for the whole form -->
-    
+
     </table>
   </form>
   <div>

src/EmailSend.php

@@ -70,8 +70,8 @@ function ClearEmailLog()
             ") ENGINE=MyISAM";
     RunQuery($sSQL);
 
-    $sSQL = "INSERT INTO email_job_log_$iUserID ". 
-            "SET ejl_text='".mysql_real_escape_string($sMessage)."', ". 
+    $sSQL = "INSERT INTO email_job_log_$iUserID ".
+            "SET ejl_text='".mysql_real_escape_string($sMessage)."', ".
             "    ejl_time='$tSec', ".
             "    ejl_usec='$tUsec'";
 
@@ -85,8 +85,8 @@ function AddToEmailLog($sMessage, $iUserID)
     $tSec = $tSystem['sec'];
     $tUsec = str_pad($tSystem['usec'], 6, '0');
 
-    $sSQL = "INSERT INTO email_job_log_$iUserID ". 
-            "SET ejl_text='".mysql_real_escape_string($sMessage)."', ". 
+    $sSQL = "INSERT INTO email_job_log_$iUserID ".
+            "SET ejl_text='".mysql_real_escape_string($sMessage)."', ".
             "    ejl_time='$tSec', ".
             "    ejl_usec='$tUsec'";
 
@@ -123,8 +123,8 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
     $sSQL = 'SELECT * FROM email_message_pending_emp';
     extract(mysql_fetch_array(RunQuery($sSQL)));
 
-    // Keep track of how long this script has been running.  To avoid server 
-    // and browser timeouts break out of loop every $sLoopTimeout seconds and 
+    // Keep track of how long this script has been running.  To avoid server
+    // and browser timeouts break out of loop every $sLoopTimeout seconds and
     // redirect back to EmailSend.php with meta refresh until finished.
     $tStartTime = time();
 
@@ -139,7 +139,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
 
     $mail->From = $sFromEmailAddress;   // From email address (User Settings)
     $mail->FromName = $sFromName;       // From name (User Settings)
-    
+
     if ($hasAttach)
     	$mail->AddAttachment ("tmp_attach/".$attachName);
 
@@ -159,7 +159,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
             $sSMTPPort = 25;                // Default port number
         } else {
             $sSMTPPort = substr($sSMTPHost, $delimeter+1);
-            $sSMTPHost = substr($sSMTPHost, 0, $delimeter);   
+            $sSMTPHost = substr($sSMTPHost, 0, $delimeter);
         }
 
         if (is_int($sSMTPPort))
@@ -174,12 +174,12 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
 
     $bContinue = TRUE;
     $sLoopTimeout = 30; // Break out of loop if this time is exceeded
-    $iMaxAttempts = 3;  // Error out if an email address fails 3 times 
-    while ($bContinue) 
+    $iMaxAttempts = 3;  // Error out if an email address fails 3 times
+    while ($bContinue)
     {   // Three ways to get out of this loop
         // 1.  We're finished sending email
         // 2.  Time exceeds $sLoopTimeout
-        // 3.  Something strange happens 
+        // 3.  Something strange happens
         //        (maybe user tries to send from multiple sessions
         //         causing counts and timestamps to 'misbehave' )
 
@@ -293,7 +293,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
 
 if (!$bTableExists) {
     // Create a new empty log, this might be cruft
-    ClearEmailLog();  
+    ClearEmailLog();
 }
 
 if (array_key_exists ('resume', $_POST) && $_POST['resume'] == 'true') {
@@ -396,7 +396,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
 extract(mysql_fetch_array(RunQuery($sSQL_EMP)));
 
 if ($emp_to_send==0 && $countrecipients==0) {
-    // If both are zero the email job has not started yet.  
+    // If both are zero the email job has not started yet.
     // Begin by loading the list of recipients into MySQL.
     ClearEmailLog();  // Initialize Log
     $_SESSION['sEmailState'] = 'start';
@@ -407,22 +407,22 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
 
         $sMsg = 'Error, cannot start. email_array is not an array';
         echo "<br>$sMsg<br>";
-        AddToEmailLog($sMsg, $iUserID); 
+        AddToEmailLog($sMsg, $iUserID);
         $_SESSION['sEmailState'] = 'error';
     }
 
     if ( !count($email_array) ) {
 
         $sMsg = 'Error, cannot start. email_array is empty';
         echo "<br>$sMsg<br>";
-        AddToEmailLog($sMsg, $iUserID); 
-        $_SESSION['sEmailState'] = 'error'; 
+        AddToEmailLog($sMsg, $iUserID);
+        $_SESSION['sEmailState'] = 'error';
     }
 
     if ($_SESSION['sEmailState'] == 'start') {
 
         foreach($email_array as $email_address) {
-    
+
             $iEmailNum++;
             // Load MySQL with the list of addresses to be sent
             $sSQL = 'INSERT INTO email_recipient_pending_erp '.
@@ -461,7 +461,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
     }
 
 } else {
-    
+
     // Should only get here if we are about to finish by sending the final email
     if ($_SESSION['sEmailState'] != 'finish') {
         $sMsg = 'Error on line '.__LINE__.' of file '.__FILE__;
@@ -487,7 +487,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
 }
 
 // Set a Meta Refresh in the header so this page automatically reloads
-if ($bMetaRefresh) { 
+if ($bMetaRefresh) {
     $sMetaRefresh = '<meta http-equiv="refresh" content="2;URL=EmailSend.php">'."\n";
 }
 
@@ -531,7 +531,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
     $sMessage = $emp_message;
     $attachName = $emp_attach_name;
     $hasAttach = $emp_attach;
-    
+
 
     // There must be more than one recipient
     if ($countrecipients) {
@@ -554,7 +554,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
         $sSubject = "Email job started at $tTimeStamp";
 
         $sMessage = "Email job issued by ";
-        $sMessage .= $_SESSION['UserFirstName'].' '.$_SESSION['UserLastName'];
+        $sMessage .= $_SESSION['user']->getName();
         $sMessage .= " using:\n";
         $sMessage .= "From Name = $sFromName\n";
         $sMessage .= "From Address = $sFromEmailAddress\n";
@@ -605,7 +605,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
     $sSubject = "Email job finished at $tTimeStamp";
 
     $sMessage = "Email job issued by ";
-    $sMessage .= $_SESSION['UserFirstName'].' '.$_SESSION['UserLastName'];
+    $sMessage .= $_SESSION['user']->getName();
     $sMessage .= " using:\n";
     $sMessage .= "From Name = $sFromName\n";
     $sMessage .= "From Address = $sFromEmailAddress\n";
@@ -616,7 +616,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
 
 	if (strlen($emp_attach_name)>0) // delete the attached file if there is one
     	unlink ("tmp_attach/".$emp_attach_name);
-	
+
     //    $sMessage .= "Email sent to $emp_num_sent email addresses.\n"; // $emp_num_sent not a field in email_message_pending_emp
     $sMessage .= "Email job finished at $tTimeStamp\n\n";
     $sMessage .= "Email job log:\n\n";
@@ -681,7 +681,7 @@ function SendEmail($sSubject, $sMessage, $attachName, $hasAttach, $sRecipient)
     $sSubject = "Email job terminated due to error at $tTimeStamp";
 
     $sMessage = "Email job issued by ";
-    $sMessage .= $_SESSION['UserFirstName'].' '.$_SESSION['UserLastName'];
+    $sMessage .= $_SESSION['user']->getName();
     $sMessage .= " using:\n";
     $sMessage .= "From Name = $sFromName\n";
     $sMessage .= "From Address = $sFromEmailAddress\n";

src/FindFundRaiser.php

@@ -97,9 +97,11 @@
 // Save record limit if changed
 if (isset($_GET["Number"]))
 {
-	$_SESSION['SearchLimit'] = FilterInput($_GET["Number"],'int');
-	$uSQL = "UPDATE user_usr SET usr_SearchLimit = " . $_SESSION['SearchLimit'] . " WHERE usr_per_ID = " . $_SESSION['iUserID'];
-	$rsUser = RunQuery($uSQL);
+  /* @var $currentUser \ChurchCRM\User */
+  $currentUser = $_SESSION['user'];
+  $currentUser->setSearchLimit(FilterInput($_GET["Number"],'int'));
+  $currentUser->save();
+  $_SESSION['SearchLimit'] = $currentUser->getSearchLimit();
 }
 
 // Select the proper sort SQL

src/FundRaiserEditor.php

@@ -139,8 +139,6 @@
 // Set Current Deposit setting for user
 if ($iFundRaiserID > 0) {
 	$_SESSION['iCurrentFundraiser'] = $iFundRaiserID;		// Probably redundant
-//	$sSQL = "UPDATE user_usr SET usr_currentDeposit = '$iFundRaiserID' WHERE usr_per_id = \"".$_SESSION['iUserID']."\"";
-//	$rsUpdate = RunQuery($sSQL);
 }
 
 require "Include/Header.php";