use string for mode in contact module

Fasse · Fasse · commit 49a4ce916495 · 2024-03-20T19:55:57.000+01:00
diff --git a/adm_program/modules/contacts/contacts_data.php b/adm_program/modules/contacts/contacts_data.php
@@ -274,7 +274,7 @@
         if (!empty($row['member_email']) && $gSettingsManager->getBool('system_notifications_enabled')) {
             // if email is set and systemmails are activated then administrators can send a new password to user
             $userAdministration = '<a class="admidio-icon-link openPopup" href="javascript:void(0);"
-                data-href="'.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $row['usr_uuid'], 'mode' => 5)).'">'.
+                data-href="'.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $row['usr_uuid'], 'mode' => 'send_login_msg')).'">'.
                 '<i class="fas fa-key" data-toggle="tooltip" title="' . $gL10n->get('SYS_SEND_USERNAME_PASSWORD') . '"></i></a>';
         } else {
             // if user has no email or send email is disabled then administrators could set a new password
@@ -310,7 +310,7 @@
                 || $contactsOfThisOrganization)                  // active members may be removed by authorized users
             && $row['usr_uuid'] !== $gCurrentUserUUID) { // no one is allowed to remove their own profile
             $userAdministration .= '<a class="admidio-icon-link openPopup" href="javascript:void(0);"
-                data-href="' . SecurityUtils::encodeUrl(ADMIDIO_URL . FOLDER_MODULES . '/contacts/contacts_function.php', array('user_uuid' => $row['usr_uuid'], 'mode' => 6)) . '">' .
+                data-href="' . SecurityUtils::encodeUrl(ADMIDIO_URL . FOLDER_MODULES . '/contacts/contacts_function.php', array('user_uuid' => $row['usr_uuid'], 'mode' => 'delete_msg')) . '">' .
                 '<i class="fas fa-trash-alt" data-toggle="tooltip" title="' . $gL10n->get('SYS_REMOVE_CONTACT') . '"></i>
             </a>';
         }
diff --git a/adm_program/modules/contacts/contacts_function.php b/adm_program/modules/contacts/contacts_function.php
@@ -12,12 +12,12 @@
 /******************************************************************************
  * Parameters:
  *
- * mode: 1 - MessageBox that explains the effects of the deletion
- *       2 - remove contact ONLY from the member community
- *       3 - delete contact from database
- *       4 - send contact e-mail with new access data
- *       5 - Ask if access data should be sent
- *       6 - Ask if contact should be deleted
+ * mode: remove - remove contact ONLY from the member community
+ *       delete - delete contact from database
+ *       delete_msg - Ask if contact should be deleted
+ *       delete_explain_msg - MessageBox that explains the effects of the deletion
+ *       send_login - send contact e-mail with new access data
+ *       send_login_msg - Ask if access data should be sent
  * user_uuid : UUID of the contact, who should be edited
  *
  *****************************************************************************/
@@ -28,7 +28,7 @@
 $gMessage->showInModalWindow();
 
 // Initialize and check the parameters
-$getMode   = admFuncVariableIsValid($_GET, 'mode', 'int', array('requireValue' => true, 'validValues' => array(1, 2, 3, 4, 5, 6)));
+$getMode   = admFuncVariableIsValid($_GET, 'mode', 'string', array('requireValue' => true, 'validValues' => array('delete_explain_msg', 'remove', 'delete', 'send_login', 'send_login_msg', 'delete_msg')));
 $getUserUuid = admFuncVariableIsValid($_GET, 'user_uuid', 'string', array('requireValue' => true));
 
 // Only users with user-edit rights are allowed
@@ -38,7 +38,7 @@
 }
 
 try {
-    if (in_array($getMode, array(2, 3, 4))){
+    if (in_array($getMode, array('remove', 'delete', 'send_login'))){
         // check the CSRF token of the form against the session token
         SecurityUtils::validateCsrfToken($_POST['admidio-csrf-token']);
     }
@@ -47,7 +47,7 @@
     exit();
 }
 
-if ($getMode === 1) {
+if ($getMode === 'delete_explain_msg') {
     // ask if contact should only be removed from organization or completely deleted
     echo '
     <div class="modal-header">
@@ -59,9 +59,9 @@
         <p><i class="fas fa-trash-alt"></i>&nbsp;'.$gL10n->get('SYS_REMOVE_CONTACT_DESC', array($gL10n->get('SYS_DELETE'))).'</p>
     </div>
     <div class="modal-footer">
-        <button id="btnFormer"type="button" class="btn btn-primary mr-4" onclick="callUrlHideElement(\'row_members_'.$getUserUuid.'\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 2)).'\', \''.$gCurrentSession->getCsrfToken().'\')">
+        <button id="btnFormer"type="button" class="btn btn-primary mr-4" onclick="callUrlHideElement(\'row_members_'.$getUserUuid.'\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 'remove')).'\', \''.$gCurrentSession->getCsrfToken().'\')">
             <i class="fas fa-user-clock"></i>'.$gL10n->get('SYS_FORMER').'</button>
-        <button id="btnDelete"type="button" class="btn btn-primary" onclick="callUrlHideElement(\'row_members_'.$getUserUuid.'\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 3)).'\', \''.$gCurrentSession->getCsrfToken().'\')">
+        <button id="btnDelete"type="button" class="btn btn-primary" onclick="callUrlHideElement(\'row_members_'.$getUserUuid.'\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 'delete')).'\', \''.$gCurrentSession->getCsrfToken().'\')">
             <i class="fas fa-trash-alt"></i>'.$gL10n->get('SYS_DELETE').'</button>
         <div id="status-message" class="mt-4 w-100"></div>
     </div>';
@@ -73,7 +73,7 @@
 $user = new User($gDb, $gProfileFields);
 $user->readDataByUuid($getUserUuid);
 
-if ($getMode === 3 || $getMode === 6) {
+if ($getMode === 'delete' || $getMode === 'delete_msg') {
     // Check if user is also in other organizations
     $sql = 'SELECT COUNT(*) AS count
               FROM '.TBL_MEMBERS.'
@@ -90,7 +90,7 @@
     $isAlsoInOtherOrgas = $pdoStatement->fetchColumn() > 0;
 }
 
-if ($getMode === 2) {
+if ($getMode === 'remove') {
     try {
         // User has to be a member of this organization
         // User could not delete himself
@@ -127,7 +127,7 @@
         echo json_encode(array('status' => 'error', 'message' => $e->getMessage()));
     }
     exit();
-} elseif ($getMode === 3) {
+} elseif ($getMode === 'delete') {
     try {
         // User must not be in any other organization
         // User could not delete himself
@@ -142,7 +142,7 @@
         echo json_encode(array('status' => 'error', 'message' => $e->getMessage()));
     }
     exit();
-} elseif ($getMode === 4) {
+} elseif ($getMode === 'send_login') {
     try {
         // If User must be member of this organization than send a new password
         if (isMember($user->getValue('usr_id'))) {
@@ -156,26 +156,26 @@
         echo json_encode(array('status' => 'error', 'message' => $e->getMessage()));
     }
     exit();
-} elseif ($getMode === 5) {
+} elseif ($getMode === 'send_login_msg') {
     // Ask to send new login-data
-    $gMessage->setYesNoButton('callUrlHideElement(\'row_members\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 4)).'\', \''.$gCurrentSession->getCsrfToken().'\')');
+    $gMessage->setYesNoButton('callUrlHideElement(\'row_members\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 'send_login')).'\', \''.$gCurrentSession->getCsrfToken().'\')');
     $gMessage->show($gL10n->get('SYS_SEND_NEW_LOGIN', array($user->getValue('FIRST_NAME') . ' ' . $user->getValue('LAST_NAME'))));
     // => EXIT
-} elseif ($getMode === 6) {
+} elseif ($getMode === 'delete_msg') {
     if (!$isAlsoInOtherOrgas && $gCurrentUser->isAdministrator()) {
         if (isMember($user->getValue('usr_id'))) {
             // User is ONLY member of this organization -> ask if user should make to former member or delete completely
-            admRedirect(SecurityUtils::encodeUrl(ADMIDIO_URL . FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 1)));
+            admRedirect(SecurityUtils::encodeUrl(ADMIDIO_URL . FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 'delete_explain_msg')));
         // => EXIT
         } else {
             // User is not member of any organization -> ask if delete completely
-            $gMessage->setYesNoButton('callUrlHideElement(\'row_members_'.$getUserUuid.'\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 3)).'\', \''.$gCurrentSession->getCsrfToken().'\')');
+            $gMessage->setYesNoButton('callUrlHideElement(\'row_members_'.$getUserUuid.'\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 'delete')).'\', \''.$gCurrentSession->getCsrfToken().'\')');
             $gMessage->show($gL10n->get('SYS_USER_DELETE_DESC', array($user->getValue('FIRST_NAME') . ' ' . $user->getValue('LAST_NAME'))), $gL10n->get('SYS_DELETE'));
             // => EXIT
         }
     } else {
         // User could only be removed from this organization -> ask so
-        $gMessage->setYesNoButton('callUrlHideElement(\'row_members_'.$getUserUuid.'\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 2)).'\', \''.$gCurrentSession->getCsrfToken().'\')');
+        $gMessage->setYesNoButton('callUrlHideElement(\'row_members_'.$getUserUuid.'\', \''.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 'remove')).'\', \''.$gCurrentSession->getCsrfToken().'\')');
         $gMessage->show($gL10n->get('SYS_END_MEMBERSHIP_OF_USER', array($user->getValue('FIRST_NAME') . ' ' . $user->getValue('LAST_NAME'), $gCurrentOrganization->getValue('org_longname'))), $gL10n->get('SYS_REMOVE'));
         // => EXIT
     }
diff --git a/adm_program/modules/profile/profile.php b/adm_program/modules/profile/profile.php
@@ -184,7 +184,7 @@ function formSubmitEvent(rolesAreaId = "") {
     $("#menu_item_profile_password").attr("class", "nav-link btn btn-secondary openPopup");
 
     $("#menu_item_profile_send_password").attr("href", "javascript:void(0);");
-    $("#menu_item_profile_send_password").attr("data-href", "'.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => '5')).'");
+    $("#menu_item_profile_send_password").attr("data-href", "'.SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 'send_login_msg')).'");
     $("#menu_item_profile_send_password").attr("class", "nav-link btn btn-secondary openPopup");
 
     $("body").on("hidden.bs.modal", ".modal", function() {
@@ -224,7 +224,7 @@ function formSubmitEvent(rolesAreaId = "") {
         $page->addPageFunctionsMenuItem(
             'menu_item_profile_send_password',
             $gL10n->get('ORG_SEND_NEW_PASSWORD'),
-            SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => '5')),
+            SecurityUtils::encodeUrl(ADMIDIO_URL.FOLDER_MODULES.'/contacts/contacts_function.php', array('user_uuid' => $getUserUuid, 'mode' => 'send_login_msg')),
             'fa-key'
         );
     } else {
