Skip to content

Commit

Permalink
ecard could sent if album is logged #1432
Browse files Browse the repository at this point in the history
  • Loading branch information
Fasse committed Jun 8, 2023
1 parent 9f2ae7a commit 54e2881
Show file tree
Hide file tree
Showing 4 changed files with 26 additions and 23 deletions.
21 changes: 14 additions & 7 deletions adm_program/modules/ecards/ecard_send.php
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,12 @@
require_once(__DIR__ . '/../../system/common.php');
require_once(__DIR__ . '/ecard_function.php');

// check if the module is enabled and disallow access if it's disabled
if (!$gSettingsManager->getBool('enable_ecard_module')) {
$gMessage->show($gL10n->get('SYS_MODULE_DISABLED'));
// => EXIT
}

// Initialize and check the parameters
$postTemplateName = admFuncVariableIsValid($_POST, 'ecard_template', 'file', array('requireValue' => true));
$postPhotoUuid = admFuncVariableIsValid($_POST, 'photo_uuid', 'string', array('requireValue' => true));
Expand All @@ -33,14 +39,15 @@
// => EXIT
}

// check if the module is enabled and disallow access if it's disabled
if (!$gSettingsManager->getBool('enable_ecard_module')) {
$gMessage->show($gL10n->get('SYS_MODULE_DISABLED'));
// check if user has right to view the album
if (!$photoAlbum->isVisible()) {
$gMessage->show($gL10n->get('SYS_INVALID_PAGE_VIEW'));
// => EXIT
}
// pruefen ob User eingeloggt ist
if (!$gValidLogin) {
$gMessage->show($gL10n->get('SYS_INVALID_PAGE_VIEW'));

// the logged-in user has no valid mail address stored in his profile, which can be used as sender
if ($gValidLogin && $gCurrentUser->getValue('EMAIL') === '') {
$gMessage->show($gL10n->get('SYS_CURRENT_USER_NO_EMAIL', array('<a href="'.ADMIDIO_URL.FOLDER_MODULES.'/profile/profile.php">', '</a>')));
// => EXIT
}

Expand All @@ -58,7 +65,7 @@
// => EXIT
}

// Template wird geholt
// read template from file system
$ecardDataToParse = $funcClass->getEcardTemplate($postTemplateName);

// if template was not found then show error
Expand Down
24 changes: 10 additions & 14 deletions adm_program/modules/ecards/ecards.php
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
require(__DIR__ . '/../../system/login_valid.php');

// Initialize and check the parameters
$getPhotoUuid = admFuncVariableIsValid($_GET, 'photo_uuid', 'string');
$getPhotoUuid = admFuncVariableIsValid($_GET, 'photo_uuid', 'string', array('requireValue' => true));
$getUserUuid = admFuncVariableIsValid($_GET, 'user_uuid', 'string');
$getPhotoNr = admFuncVariableIsValid($_GET, 'photo_nr', 'int', array('requireValue' => true));
$showPage = admFuncVariableIsValid($_GET, 'show_page', 'int', array('defaultValue' => 1));
Expand All @@ -35,47 +35,43 @@
// => EXIT
}

// URL auf Navigationstack ablegen
// Drop URL on navigation stack
$gNavigation->addUrl(CURRENT_URL, $headline);

// Fotoveranstaltungs-Objekt erzeugen oder aus Session lesen
// Create photo album object or read from session
if (isset($_SESSION['photo_album']) && (int) $_SESSION['photo_album']->getValue('pho_uuid') === $getPhotoUuid) {
$photoAlbum =& $_SESSION['photo_album'];
} else {
// einlesen des Albums falls noch nicht in Session gespeichert
$photoAlbum = new TablePhotos($gDb);
if ($getPhotoUuid !== '') {
$photoAlbum->readDataByUuid($getPhotoUuid);
}
$photoAlbum->readDataByUuid($getPhotoUuid);

$_SESSION['photo_album'] = $photoAlbum;
}

// pruefen, ob Album zur aktuellen Organisation gehoert
if ($getPhotoUuid !== '' && (int) $photoAlbum->getValue('pho_org_id') !== $gCurrentOrgId) {
// check if user has right to view the album
if (!$photoAlbum->isVisible()) {
$gMessage->show($gL10n->get('SYS_INVALID_PAGE_VIEW'));
// => EXIT
}

if ($gValidLogin && $gCurrentUser->getValue('EMAIL') === '') {
// der eingeloggte Benutzer hat in seinem Profil keine gueltige Mailadresse hinterlegt,
// die als Absender genutzt werden kann...
// the logged in user has no valid mail address stored in his profile, which can be used as sender
$gMessage->show($gL10n->get('SYS_CURRENT_USER_NO_EMAIL', array('<a href="'.ADMIDIO_URL.FOLDER_MODULES.'/profile/profile.php">', '</a>')));
// => EXIT
}

if ($getUserUuid !== '') {
// usr_id wurde uebergeben, dann Kontaktdaten des Users aus der DB fischen
// UUID was set than read contact data of this user
$user = new User($gDb, $gProfileFields);
$user->readDataByUuid($getUserUuid);

// darf auf die User-Id zugegriffen werden
// check if the current user has the right communicate with that member
if ((!$gCurrentUser->editUsers() && !isMember((int) $user->getValue('usr_id'))) || strlen($user->getValue('usr_id')) === 0) {
$gMessage->show($gL10n->get('SYS_USER_ID_NOT_FOUND'));
// => EXIT
}

// besitzt der User eine gueltige E-Mail-Adresse
// check if the member has a valid email address
if (!StringUtils::strValidCharacters($user->getValue('EMAIL'), 'email')) {
$gMessage->show($gL10n->get('SYS_USER_NO_EMAIL', array($user->getValue('FIRST_NAME').' '.$user->getValue('LAST_NAME'))));
// => EXIT
Expand Down
2 changes: 1 addition & 1 deletion adm_program/modules/photos/photos.php
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,7 @@

$headline = $photoAlbum->getValue('pho_name');

// URL auf Navigationstack ablegen
// Drop URL on navigation stack
$gNavigation->addUrl(CURRENT_URL, $headline);
} else {
$headline = $getHeadline;
Expand Down
2 changes: 1 addition & 1 deletion adm_program/system/classes/TablePhotos.php
Original file line number Diff line number Diff line change
Expand Up @@ -232,7 +232,7 @@ public function isVisible()
return false;
}
// locked photo album could only be viewed by module administrators
elseif ((int) $this->getValue('pho_locked') === 1 && !$GLOBALS['gCurrentUser']->editPhotoRight()) {
elseif ($this->getValue('pho_locked') && !$GLOBALS['gCurrentUser']->editPhotoRight()) {
return false;
}

Expand Down

0 comments on commit 54e2881

Please sign in to comment.