mods/_standard/social/lib/classes/PrivacyControl/PrivacyController.class.php

   1 <?php
   2 /****************************************************************/
   3 /* ATutor                                                                                                               */
   4 /****************************************************************/
   5 /* Copyright (c) 2002-2009                                                                              */
   6 /* Inclusive Design Institute                                   */
   7 /* http://atutor.ca                                                                                             */
   8 /*                                                              */
   9 /* This program is free software. You can redistribute it and/or*/
  10 /* modify it under the terms of the GNU General Public License  */
  11 /* as published by the Free Software Foundation.                                */
  12 /****************************************************************/
  13 // $Id$
  14 include_once(AT_SOCIAL_INCLUDE.'classes/SocialGroups/SocialGroups.class.php');
  15
  16 /**
  17  * Class PrivacyController
  18  */
  19 class PrivacyController{
  20         //Constructor
  21         function PrivacyController(){
  22         }
  23
  24         /**
  25          * Validate user privacy preference against SESSION's, if empty, fetch from DB.
  26          * @param       int                     The field index that should be validated against, check lib/constnats.inc.php
  27          * @param       int                     Relationship between SESSION[member] and the current user's
  28          * @param       mixed           The prefs array in respect to the field_id, for instance, if this is validating against profile,
  29          *                                              then the pref should be the profile preferences.  ([array]=>preference[profile, basic_profile, photo, ...])
  30          * @return      boolean         True if access granted, false otherwise.
  31          */
  32         function validatePrivacy($field_id, $relationship, $pref){
  33                 //if this is the owner, return true without question
  34                 if ($relationship==AT_SOCIAL_OWNER_VISIBILITY){
  35                         return true;
  36                 }
  37
  38                 $pref_string = $pref[$field_id];
  39 //              debug($pref_string, $field_id);
  40
  41 //I have take this out so that in the settings, "Eveyerone" permission has to be switched on for everyone to see
  42                 //if AT_SOCIAL_EVERYONE_VISIBILITY is set, relationship flag will no longer matters.
  43 //              if ($relationship==AT_SOCIAL_EVERYONE_VISIBILITY){
  44 //                      return true;
  45 //              }
  46
  47                 //all values are 1 or 0, match the key to the field_id
  48                 if (is_array($pref_string) && !empty($pref_string)){
  49                         return (isset($pref_string[$relationship]) && $pref_string[$relationship]==1);
  50                 } else {
  51                         return false;
  52                 }
  53         }
  54
  55         /**
  56          * Get the relationship between Session[member_id] and the given id.
  57          * Relationship can be friends, friends of friends, network, family, aquaintance, etc.
  58          * TODO: Confirm that the order of checks is not important.  Draw a control flow diagram to check this.
  59          *               For now, Friends of friends > Groups
  60          * @param       int             the member that we want to find the relationship to the session[member]
  61          * @return      relationship status
  62          */
  63         function getRelationship($id){
  64                 global $db;
  65
  66                 //if id = self, always true (cause i should be able to see my own profile)
  67                 if ($id == $_SESSION['member_id']){
  68                         return AT_SOCIAL_OWNER_VISIBILITY;
  69                 }
  70
  71                 //is friend of friend?
  72                 if (isFriendOfFriend($id, $_SESSION['member_id'])==true){
  73                         return AT_SOCIAL_FRIENDS_OF_FRIENDS_VISIBILITY;
  74                 }
  75
  76                 //is in some of the groups together?
  77                 $social_groups = new SocialGroups();
  78                 $my_group = $social_groups->getMemberGroups($_SESSION['member_id']);
  79                 $person_group = $social_groups->getMemberGroups($id);
  80                 $groups_intersection = array_intersect($my_group, $person_group); //groups intersection
  81
  82                 //If it is not empty or not null, then these 2 people share a group
  83                 if (!empty($groups_intersection) > 0){
  84                         return AT_SOCIAL_GROUPS_VISIBILITY;
  85                 }
  86
  87                 $sql = 'SELECT relationship FROM '.TABLE_PREFIX."social_friends WHERE (member_id=$id AND friend_id=$_SESSION[member_id]) OR (member_id=$_SESSION[member_id] AND friend_id=$id)";
  88                 $result = mysql_query($sql, $db);
  89 //              echo $sql;
  90                 if ($result){
  91                         list($relationship) = mysql_fetch_row($result);
  92                 }
  93
  94                 //If the relationship is not set, this implies that it's not in the table,
  95                 //implying that the user has never set its privacy settings, meaning a default is needed
  96                 if (!isset($relationship)){
  97                         return AT_SOCIAL_NETWORK_VISIBILITY;
  98                 }
  99
 100                 return $relationship;
 101         }
 102
 103         /**
 104          * Get user privacy perference
 105          * @param       int             user id
 106          * @Precondition: include('PrivacyObject.class.php');
 107          */
 108         function getPrivacyObject($member_id){
 109                 global $db;
 110                 $member_id = intval($member_id);
 111
 112                 //TODO: Check if this object exists in _SESSION, if so, don't pull it from db again
 113                 $sql = 'SELECT preferences FROM '.TABLE_PREFIX.'social_privacy_preferences WHERE member_id='.$member_id;
 114                 $result = mysql_query($sql, $db);
 115                 if (mysql_numrows($result) > 0){
 116                         list($prefs) = mysql_fetch_row($result);
 117                         $privacy_obj = unserialize($prefs);
 118
 119                         //Should we checked if this is an actual object before returning it?
 120                         return($privacy_obj);
 121                 }
 122                 //No such person
 123                 return new PrivacyObject();
 124         }
 125
 126         /**
 127          * Update privacy preference for a single user
 128          *
 129          * @param       int             user id
 130          * @param       mixed   preferences object
 131          * @return      true if update was successful, false otherwise
 132          */
 133         function updatePrivacyPreference($member_id, $prefs){
 134                 global $db, $addslashes;
 135
 136                 $member_id = intval($member_id);
 137                 $prefs = $addslashes(serialize($prefs));
 138
 139                 //TODO: Change it back to update
 140                 $sql = 'REPLACE '.TABLE_PREFIX."social_privacy_preferences SET member_id=$member_id, preferences='$prefs'";
 141 //              echo $sql;
 142                 $result = mysql_query($sql, $db);
 143                 return $result;
 144         }
 145
 146         /**
 147          * Returns an array of the user permission levels
 148          * Check constants.inc.php
 149          */
 150         function getPermissionLevels(){
 151                 return array (
 152                         //checkboxes don't need to have none and everyone
 153 //                      -1                                                                              =>      _AT('none'),
 154                         AT_SOCIAL_EVERYONE_VISIBILITY                   =>      _AT('world_network'),
 155                         AT_SOCIAL_FRIENDS_VISIBILITY                    =>      _AT('friends'),
 156                         AT_SOCIAL_FRIENDS_OF_FRIENDS_VISIBILITY =>      _AT('friends_of_friends'),
 157                         AT_SOCIAL_NETWORK_VISIBILITY                    =>      _AT('local_network'),
 158                         AT_SOCIAL_GROUPS_VISIBILITY                             =>      _AT('groups')
 159                 );
 160         }
 161 }
 162 ?>