This repository has been archived by the owner on Aug 30, 2018. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 6
/
manage.php
282 lines (253 loc) · 9.16 KB
/
manage.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
<?php
/************************************************
*
* manage.php
* Contains the main page to manage creating and editting users
*
** Copyright 2011-2015 Community Legal Services
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*
***************************************************/
require_once("config.php");
require_once("Attorney.php");
require_once("utils.php");
include('head.php');
include('header.php');
?>
<div class="main">
<div class="content-left">
<?php include("messagedisplay.php"); ?>
</div>
<div class="content-center">
<?php
// if the user isn't logged in, then don't display this page. Tell them they need to log in.
if (!isLoggedIn())
include("displayNotLoggedIn.php");
else
{
$attorney = new Attorney($_SESSION["loginUserID"], $db);
if($GLOBALS['debug'])
$attorney->printAttorneyInfo();
// only certain users can see this page
if ($attorney->getUserLevel() != 1)
print "You must have permission to view this page.";
else
{
// create a new user?
displayCreateUser();
displayCreateProgram();
displayAllUsers();
print "<br/> <br /><B>Programs</b><br /> <br/>";
displayAllOrgs();
}
}
?>
</div> <!-- content-center -->
<div class="content-right"><?php // include right column? ?></div>
</div>
<?php
include ('foot.php');
function displayCreateUser()
{
?>
<div class="guideStep guideStepCounter">Create New User</div>
<div class="guideStepDesc">
<form action="manage.php" method="post">
<div class="form-item">
<label for="createFirst">New User's Name</label>
<div class="form-item-column">
<input type="text" name="createFirst" id="createFirst" class="form-text" value="" />
</div>
<div class="form-item-column">
<input type="text" name="createLast" id="createLast" class="form-text" value="" />
</div>
<div class="space-line"></div>
<div class="description">
<div class="form-item-column">
First Name
</div>
<div class="form-item-column">
Last Name
</div>
</div>
<div class="space-line"></div>
</div>
<div class="form-item">
<label for="createEmail">Email Address</label>
<input type="text" name="createEmail" id="createEmail" class="form-text" value=""/>
<div class="description">The email address of the user.</div>
</div>
<div class="form-item">
<label for="createBarID">PA Bar ID</label>
<input type="text" name="createBarID" id="createBarID" class="form-text" value=""/>
<div class="description">The email address of the user.</div>
</div>
<div class="form-item">
<label for="password">Password</label>
<input type="password" name="createPassword" id="createPassword" class="form-text" />
</div>
<div class="form-item">
<label for="retypePassword">Retype Password</label>
<input type="password" name="createRetypePassword" id="createRetypePassword" class="form-text" />
</div>
<div class="form-item">
<label for="createHeader">Header text for expungement petitions</label>
<textarea name="createHeader" id="createHeader" class="form-text form-text-area-big">ORGANIZATION
BY: <first> <last>
Identification No.: <barid>
<address>
<phone></textarea>
<div class="description">This will appear at the top of your petition, above the caption.</div>
</div>
<div class="form-item">
<label for="createSignature">Expungement petition signature</label>
<textarea name="createSignature" id="createSignature" class="form-text form-text-area-small"><Name>, Esquire</textarea>
<div class="description">The signature line on your petition</div>
</div>
<div class="form-item">
<label for="createProgram">Program</label>
<select name="createProgram" id="createProgram" class="">
<?php
// get all of the programs from the database and list them "
$sql = "SELECT * from program";
$result = $GLOBALS['db']->query($sql);
if (!$result)
{
if ($GLOBALS['debug'])
die('Could not get the Expungement Information from the DB:' . $GLOBALS['db']->error);
else
die('Could not get the Expungement Information from the DB');
}
while ($row = $result->fetch_assoc())
print "<option value='{$row['programID']}'>{$row['programName']}</option>";
$result->close();
?>
</select>
</div>
<div class="form-item">
<input type="hidden" name="create" value="1" />
<input type="submit" value="Create User" />
</div>
</form>
</div>
<?php
}
function displayCreateProgram()
{
$apiKey = bin2hex(openssl_random_pseudo_bytes(32));
?>
<div class="guideStep guideStepCounter">Create New Program</div>
<div class="guideStepDesc">
<form action="manage.php" method="post">
<div class="form-item">
<label for="createProgramName">New Program's Name</label>
<div class="form-item-column">
<input type="text" name="createProgramName" id="createProgramName" class="form-text" value="" />
</div>
<div class="space-line"></div>
</div>
<div class="form-item">
<label for="createProgramIFP">IFP Status</label>
<select name="createProgramIFP" id="createProgramIFP" class="form-text" >
<option value="0">0</option>
<option value="1" selected>1</option>
<option value="2">2</option>
</select>
</div>
<div class="form-item">
<label for="createProgramWriteToDB">Write Expungement Info to the Database for this Program?</label>
<select name="createProgramWriteToDB" id="createProgramWriteToDB" class="form-text" >
<option value="0">No</option>
<option value="1" selected>Yes</option>
</select>
</div>
<div class="form-item">
<label for="createProgramIFPLanguage">IFP Language</label>
<textarea name="createProgramIFPLanguage" id="createProgramIFPLanguage" class="form-text form-text-area-big">_____ is a non-profit legal services organization that provides free legal assistance to low-income individuals. I, attorney for the petitioner, certify that petitioner meets the financial eligibility standards for representation by ________ and that I am providing free legal service to petitioner.</textarea>
<div class="description">This will only be used if IFP is not 0.</div>
</div>
<div class="form-item">
<label for="createProgramAPIKey">API Key</label>
<input type="text" name="createProgramAPIKey" id="createProgramAPIKey" style="width: 550px;" class="form-text" value="<?=$apiKey?>"/>
</div>
<div class="form-item">
<input type="hidden" name="createProgram" value="1" />
<input type="submit" value="Create Program" />
</div>
</form>
</div>
<?php
}
// nothing more than the code to display all users in a nice table
function displayAllUsers()
{
// first, do a query of all expungements
$query = "SELECT user.userid as userid, user.email as email, userinfo.firstName as firstName, userinfo.lastName as lastName, userinfo.userlevel as userLevel, program.programName as programName, program.ifp as ifp, userinfo.pabarid as pabarid, userinfo.totalPetitions as ptotal FROM user, userinfo, program WHERE user.userid=userinfo.userid AND program.programid=userinfo.programid";
$result = $GLOBALS['db']->query($query);
if (!$result)
{
if ($GLOBALS['debug'])
die('Could not get the user information from the DB:' . $GLOBALS['db']->error);
else
die('Could not get the user information from the DB');
}
print <<<END
<table>
<tr><th>Name</th><th>email</th><th>Userlevel</th><th>Program</th><th>Is IFP?</th><th>Bar ID</th><th>Petitions Prepped</th></tr>
END;
while ($row = $result->fetch_assoc())
{
print "<tr>";
print "<td><a href='editAttorney.php?id={$row['userid']}'>{$row['firstName']} {$row['lastName']}</a></td>";
print "<td>{$row['email']}</td>";
print "<td>{$row['userLevel']}</td>";
print "<td>{$row['programName']}</td>";
if ($row{'ifp'})
print "<td>Yes</td>";
else
print "<td>No</td>";
print "<td>{$row['pabarid']}</td>";
print "<td>{$row['ptotal']}</td>";
print "</tr>";
}
$result->close();
print "</table>";
}
function displayAllOrgs()
{
// first, do a query of all orgs
$query = "SELECT programid, programName, ifp, ifpLanguage FROM program ORDER BY programName";
$result = $GLOBALS['db']->query($query);
if (!$result)
{
if ($GLOBALS['debug'])
die('Could not get the program information from the DB:' . $GLOBALS['db']->error);
else
die('Could not get the program information from the DB');
}
print <<<END
<table>
<tr><th>Program Name</th><th>IFP Status</th><th>IFP Language</th></tr>
END;
// now print the results
while ($row = $result->fetch_assoc())
{
print "<tr>";
print "<td><a href='editProgram.php?id={$row['programid']}'>{$row['programName']}</a></td>";
print "<td>{$row['ifp']}</td><td>{$row['ifpLanguage']}</td>";
print "</tr>";
}
$result->close();
print "</table>";
}
?>