Userlevel:Admin:Technical Documentation - Websites:Misc documentation

From ShareHim Documentation
Jump to: navigation, search

Security

Login session variables

REMEMBER that these variables also needs to be set (or at least managed) when emulating and unemulating.

Is user logged in? ['usrinfo']['logged_in']
Username (e-mail) ['usrinfo']['username']
E-mail ['usrinfo']['email']
Person/div./un./conf. ID

(Local ID)

['usrinfo']['localID']

(MUST correspond to $accesslevel in order to identify the user on his own level - certain users from ext_logins has to be "mapped" to an existing record in the table for his level, so that it will actually just be an alias. We cannot transfer the localID field from ext_logins to localID field in temp_users, because we would not have the reverse identification of that user in temp_users then, so we have to manually check the session variable to see if the user comes from ext_logins table and lookup the localID manually. If we are only concerned about the current user the localID can be found in "user_eff_localID" though.)

Ext. logins loginID ['usrinfo']['ext_logins_loginID']

(only made for logins in main_ext_logins. Saves the loginID as the localID will only contain the mapped localID - if any)

Effective local ID ['usrinfo']['eff_localID']

(holds the effective local ID for the current user. For ext. logins that means the value of ['usrinfo']['ext_logins_loginID'] and for all other user the value of ['usrinfo']['localID'])

Access levels (number)

['usrinfo']['accesslevels_num']  (array)

['usrinfo']['accesslevels_num_max']  (number - the highest in the array)

Access levels (text) ['usrinfo']['accesslevels']
From table ['usrinfo']['fromtable']

(values are as MySQL table names except without the "main_" part)

Full name ['usrinfo']['fullname']
If admin is superadmin ['usrinfo']['is_superadmin']
If admin is associate admin ['usrinfo']['is_assoc_admin']
Is homeland division/union/conference organizer

['usrinfo']['is_conf_organizer'] (true, false)
['usrinfo']['is_un_organizer'] (array of unionIDs they are organizer for)
['usrinfo']['is_div_organizer'] (array of divisionIDs they are organizer for)
['usrinfo']['is_field_organizer'] (true, false)

If user is a conference/union/division organizer for homeland campaigns.
'is_field_organizer' will be true if ANY of the other 3 is true.


Access level for homeland field organizers ['usrinfo']['conf_organizer_accesslevel'] ('manage', 'reporting')
['usrinfo']['un_organizer_accesslevel'] ('manage', 'reporting')
['usrinfo']['div_organizer_accesslevel'] ('manage', 'reporting')
Is conference organizer for sectors

['usrinfo']['is_conf_organizer_for_sectors']

Array of sectors a conference organizer is limited to. Non-existing if no limits.

Is pastor

['usrinfo']['is_pastor'] (true, false)

Is editor ['usrinfo']['is_editor']

('executive','associative','text','graphics', or false)

User's active event ['usrinfo']['active_personeventID']
Emulating mode ['usrinfo']['is_emulating'] (true or not set)

(whether the current login is being emulated)

Responsible date blocks ['usrinfo']['resp_dateblocks']

(array of dateblockIDs that this coadmin is responsible for/has access to maintain. Only used for 'coadmin' access level, otherwise it's an empty array)

Contact for colleges ['usrinfo']['contact_for_collegeIDs']

(array of collegeIDs that this person is contact person for)

Recommenders
  • ['usrinfo']['rec_divisionIDs'] - array of divisions that person is recommender for
  • ['usrinfo']['recommenderIDs'] - array of the person's recommender records
Verfied/authenticated OpenID verified_openid
Verfied/authenticated OpenID short version verified_openid_short


Other session variables generally used

Only lasting during the page execution for all pages that goes through the security check.

Dateblock ID $dateblockID

(the date block that an administrator is currently working in)


Other global variables generally used

Cached data $GLOBALS['_cache'] Associative array with data we want to cache for later reuse. Eg. $GLOBALS['_cache']['groups'][###] contain group info.

Note that the Centralizer system uses $GLOBALS['runtime']['cache']


Access levels

Each usergroup must also have a numeric value because of the login system's way of behaviour.

Access levels from 70-79 and 0-10 should on the pages be set specifically (in $requiredUserLevel) to avoid unwanted inherited permissions.


Group Abbrev. Range General

(if range)

System system
899
Administrators admin

70+

    90+

100

Campaign managers *

Equipment managers

coadmin

equipman

70-89

80

79

Divisions div 60-69 65
Unions un 50-59 55
Conferences/missions conf 40-49 45
People (clusters, groups, college leaders) people 26-39 30
Recommenders intlrecom 15
Colleges collegect 14

ShareSynch Technical Supporter

(OBS! Probably not fully configured in set_pw.php...!)

ssynchsupp 9
**External shipper

Actually already implemented but not using access level, only a db lookup in main_ext_shippers each time we need to know.

extshipper 8
**Travel agents travelag 7
Insurance agents insuragent 6
  • *) mostly same as administrators but only within selected date blocks, and no access to certain system wide features
  • **) planned access levels - but probably just make it an extension to their main_people record - to avoid multiple l


When creating new access levels use this checklist:

  • try to make unique abbreviations/access level names so they can be searched for
  • add to table list_accesslevels
  • add to get_user_main_menu(), format_accesslevel(), get_common_table_info()
  • add to js_functions_phpmaker.js (syncLocalToAccesslevel() function)
  • add to main_ext_loginslist.php (in section "Show mappings/localID")
  • add to temp_userslist.php (add to switch() making the $emulate_qstr variable)
  • add to php_functions_login.php => format_accesslevel()
  • add permission and setup in set_pw.php to emulate and set user/password (if emulation should be possible)


Table permissions

Important notes: No records must be deleted if it has attached records in underlying levels Divisions From divisions and down these permissions are only allowable within their dateblock, and only themselves on the same level


View Edit Add Delete
Admin x x x x
Divisions x x

Unions x


Conferences/missions x


People x


External logins x


Date blocks From divisions and down these permissions are only allowable within their dateblock, and only themselves on the same level


View Edit Add Delete
Admin x x x x
Divisions x


Unions x


Conferences/missions x


People x


External logins x


Unions From divisions and down these permissions are only allowable within their dateblock, and only themselves on the same level


View Edit Add Delete
Admin x x x x
Divisions x x x x
Unions x x

Conferences/missions x


People x


External logins x


Conferences/missions From divisions and down these permissions are only allowable within their dateblock, and only themselves on the same level


View Edit Add Delete
Admin x x x x
Divisions x x x x
Unions x x x x
Conferences/missions x x

People x


External logins x


Orientations sites From divisions and down these permissions are only allowable within their dateblock, and only themselves on the same level


View Edit Add Delete
Admin x x x x
Divisions x x

Unions x x

Conferences/missions x x

People x


External logins x


Note: Only admin can edit orientation date and city Hotel cities From divisions and down these permissions are only allowable within their dateblock, and only themselves on the same level


View Edit Add Delete
Admin x x x x
Divisions x x x x
Unions x x x x
Conferences/missions x x x x
People x


External logins x


Campaign sites From divisions and down these permissions are only allowable within their dateblock, and only themselves on the same level


View Edit Add Delete
Admin x x x x
Divisions x x x x
Unions x x x x
Conferences/missions x x x x
People x


External logins x



Field permissions

- only admin is allowed to change Active-fields - password field may never be entered/changed manually


File and folder permissions

Modify (666): php/files/*.* except index.php

Modify (777): php/files/logs_scheduled_jobs

Modify (777): php/files/satellite_exports

Modify (777): php/files/temp

Modify (777): php/files/uploads_shortlife

Modify (777): php/files/var_dumps

Modify (777): php/docs

Modify (777): php/docs -ALL SUBFOLDERS-

Modify (666): php/docs/exec_directors_B84H81BN8KBS8F/*Planning_Form*.xls

Modify (777): php/multimedia/ -ALL SUBFOLDERS -

Modify (666): php/multimedia/ -ALL FILES except index.php -

Modify (777): php/pdf_generated/ -ALL SUBFOLDERS-

Modify (666): php/pdf_generated/ -ALL FILES IN SUBFOLDERS- (in order to be able to overwrite them)

Modify (666): php/supportchat/log.txt

Modify (666): php/includes/jensenfw/*.js|*.js.php -ALL FILES - (for phpJSO to obfuscate the files)

Modify (666): php/includes/*.js|*.js.php -ALL FILES except those skipped in _obfuscate_js.php - (for phpJSO to obfuscate the files)

Modify (666): php/error_log (PHP's error logging (warnings, parse errors etc))

Modify ??? : OpenID filestorage location


Scheduler

  • checking if we have all necessary information in time before campaigns begin
  • sending reminders to people


Page layouts

General guidelines

  • if information is missing write something like "Awaiting information..."
  • hide all e-mail addresses for public users and also for logged in users where they don't need to know the address


Rules, standards, notes, etc.

Abbreviations & definitions (terminology/glossary)

STM support team member
OLT Outreach Leadership Team

div (not the HTML tag)

division
un union
conf conference/mission
lang language
local ID ID from div, un, conf etc.
equipment = 1 case
co-speaker associate speaker
conf org / conforg conference organizer
n/a not applicable
shcfg name of global variable that is an array with hardcoded configuration/settings for the entire project
shrun name of global variable that is an array with values that have been set at runtime, usually in ini.php
acl Access Control Layer (permissions)
NAD North-American Division
number of open sites for a dateblock number of sites minus applicants that has been approved by admin but not necessarily assigned to a site yet
event request when a person requests to go to another campaign (paraphrased: "applying a second time at Global Evangelism" or technically "applying using eventrequest.php instead of apply.php)
date block one series of mettings in a specific geographical area, with an opening date and a closing date
campaign same as date block
application amount / deposit These two terms are being used interchangeably and starting 2013 refers to the initial application amount that all international applicants must donate - except in connection with groups where we still call it a deposit.
participation amount The terms used for referring to the total amount all international applicants (starting 2013) must donate, and is the sum of the application amount, 2nd donation amount, and final donation amount.
NWM Not Worth Mentioning
curr current

valerr
valerrHTML

used in naming convention for variables holding validation error message for a field/piece of information - in plain text and HTML
hub city exactly the same as a hotel city. We renamed the term hotel city to hub city.
ccard credit card
authnet Authorize.net
Centralizer a system developed by Allan Jensen to easily set up webpages for maintaining data in database tables
pid Person ID
offid Officer ID
wrkid Worker ID
choffid Church office ID
did / divid Division ID
uid / unid Union ID
cid / confid Conference ID
chid Church ID
insttid Institution ID
evbdgid Event budget ID
pavid Person availability ID
pcacid Person/conference acceptance ID
pceid Pre-campaign event ID
stid Story ID
teid Training Entity ID
taid Training Accept ID
conforgid Conference organizer ID
pressynch Presentaion Synchronizer/Sermon Synchronizer (software)
collegect College contact
ws webservice
cspd correspondent
site-fund people or groups who needs to contribute financially to their own campaigns (1,200 $/site).

REMEMBER! Instead of using the word "pay" we must always phrase it as "contributing" (or "donating") for tax-deductible reasons (see note in format_sitefund_indicatorHTML() ).

pre-funded sites that are being funded by ShareHim or somebody else with the $1,200, that is, the speaker is not responsible for providing the funds
normal deadline the latest date we will accept site-funding (the $1,200) before a campaign without adding the $100 rush processing fee. The date is fixed at 3 months before. The date is inclusive so that payments on this date does not enforce the extra fee.
TQH The Quiet Hour / Quiet Hour Ministries
ARM Adventist Risk Management


Applicant categories

A description of the different categories of applicants (IMPORTANT: Remember to consider co-speaker option, too).

Notation in brackets means is for a co-speaker in that category. Only used where applicable and where there is a difference.


pastor layman academy college stm

(support team member)

organizer
Table containing date block reference field main_personevents main_personevents main_personevents main_collegedateblocks main_personevents main_personevents
Can be co-speaker? Yes Yes Yes Yes No No
Can be team leader?

(record in main_teams)

Yes [No]
Yes [No]
Yes [No]
Yes [No]
No
No
Can be team member? (use teamID field) No [Yes] No [Yes] No [Yes] No [Yes] Yes No
Can be group member (and group leader)? Yes [No] Yes [No] Yes [No] Yes [No] No Yes
Facilitator value? Yes Yes Yes Yes No No
Needs recommendation for international campaigns? Yes Yes Yes Not applicable No No
Needs acceptance for homeland campaigns? Yes Yes Yes Not applicable No No
Allow standby event? Yes Yes Yes Yes No No
Recommender value?

If NAD division:
RecommenderID

If NAD division:
RecommenderID
If NAD division:
RecommenderID
CollegedateblockID
No
No
Recommender comments value? Yes Yes Yes Yes No No
Reference Ministerial secretary Pastor Academy -none- -none- -none-
Reference value? Yes Yes Yes Yes No No
Ranking value? Yes [No] Yes [No] Yes [No] Yes [No] No No
Flight information? Yes Yes Yes Yes Yes Possible
Room sharing value? Yes Yes Yes Yes Yes Possible
Subject to cluster, group, and date block size limitations? Yes [No] Yes [No] Yes [No] Yes [No] No No
Can have graphics equipment booking? Yes Yes Yes Yes No Yes???







Table with possible related records

main_teams [no]
main_groups [no]
main_sites [no]
main_equip_booking [no]
main_campaign_material
main_report
main_experiences
main_pwquestions

main_teams [no]
main_groups [no] main_sites [no] main_equip_booking [no] main_campaign_material main_report main_experiences main_pwquestions

main_teams [no] main_groups [no] main_sites [no] main_equip_booking [no] main_campaign_material main_report main_experiences main_pwquestions

main_teams [no]
-
main_sites [no] main_equip_booking [no] main_campaign_material main_report main_experiences main_pwquestions

-
-
-
-
-
main_report
main_experiences
main_pwquestions

-
-
-
-
-
-
-
main_pwquestions

Common for all:

  • a record in main_personevents


Operations allowed at the different stages in the application process


Waiting for recommendation Waiting for acceptance Waiting for approval Waiting on standby

Select as active event

(eventchange.php)

No No No No

Enter flight arrival info

(menupeople.php)

Yes Yes Yes Yes

Select room sharing preferences

(menupeople.php)

Yes Yes Yes Yes

People themselves delete the event

(eventdelete.php)

No No Yes Yes

Possible combinations of 'category' and 'cospeaker' and their allowed selection of dateblocks

This analyses is done to make sure that we have encompassed all possible combinations and their differences and validity.

Some general definitions of which the following analyses is based on:

  • we have 3 different definitions of allowed dateblock selections:
    • dateblocks within a college
    • dateblocks that still has open sites (see definition above under 'Abbreviation & definitions')
    • dateblocks that has not passed their closing date, and therefore still accepts applications
  • a cospeaker from a college, can only select date blocks defined for that same college (similar to a def. in next analyses)


Complete definition table


cospeaker = 0 cospeaker = 1
pastor open sites unclosed
layman open sites unclosed
college college defined college defined
academy open sites unclosed
stm unclosed -
organizer unclosed -


Definitions encompassing all derived conclusions from the above table

category = college &

cospeaker = 0|1

Only dateblocks defined for that college
Note: Since cospeaker doesn't matter, we don't consider that when dealing with a category=college.

category = pastor|layman|academy &

cospeaker = 0

Only dateblocks that still has open sites

category = pastor|layman|academy &

cospeaker = 1

All unclosed dateblocks

category = stm|organizer &

cospeaker = 0

All unclosed dateblocks

category = stm|organizer &


-invalid combination-
Note: Since this is an invalid combination, we don't consider cospeaker when dealing with stm & organizers

Possible combinations of speaker's support team members and their dateblock link (for when selecting members)

This analyses is done to make sure that we have encompassed all possible combinations and their differences and validity.

Some general definitions of which the following analyses is based on:

  • a cospeaker from a college, can only be a cospeaker to a speaker from that same college (similar to a def. in former analyses)
  • a speaker can have 2 types of support team members:
    • stm (normal)
    • pastor|layman|academy (but not college) cospeakers
  • of course a non-cospeaker cannot be a support team member
  • of course stm & organizers cannot be cospeakers - the dateblock link of college students is, contrary to the other types, stored in collegedateblocks


Complete definition table

Speaker
Possible support team members
Speaker dateblock link table
STM dateblock link table
pastor
- pastor|layman|academy & cospeaker
- stm
personevents
personevents
layman
- pastor|layman|academy & cospeaker
- stm
personevents
personevents
college
- pastor|layman|academy & cospeaker
- stm
collegedateblocks
personevents
college
- college & cospeaker
collegedateblocks
collegedateblocks
academy
- pastor|layman|academy & cospeaker
- stm
personevents
personevents


Definitions encompassing all derived conclusions from the above table Note: keeping the dateblockID link in collegedateblocks makes it possible to move all college students from one college to another dateblock with a simple change (considering strict normalization of databases this is the correct way to do it). On the other hand it complicates when dealing with dateblockID for speakers. (At the point of time of writing this the question is whether to do one or the other - whether I already have figured out the ways to go about this difference - which I think I have... since I have made SQL queries for both finding all speakers within a dateblock and finding all stm within a dateblock)

speaker category = pastor|layman|academy All has the same possible dateblock link tables
speaker category = college &
stm category <> college &
cospeaker = 1
Speaker dateblock link is in 'collegedateblocks',
stm dateblock link is in either 'personevents' or 'collegedateblocks'
speaker category = college &
stm category = college &
cospeaker = 1
speaker category = [any] &
stm category = [any] &
cospeaker = 0
-invalid combination- Note: Since this is an invalid combination, we don't consider cospeaker when dealing with category=college

Update: To simplify the SQL statement the field eff_dateblockID (effective dateblockID)

Organizer's responsibility group/scope

NOTE: This is our goal but it doesn't mean that the system is working exactly like this yet! Some development probably needed in this area. An organizer can be responsible for the following groups of people depending on his setup:

Setting Responsibility group
Not in any group or cluster All people in date block
Member of a group All people in the same group
Member of a cluster All people in the same cluster


For his group of people the areas he can work in include (but is not limited to):

- maintaining their personal record
- entering flight information
- making hotel room reservation
- booking or unbooking graphics equipment
- probably also assigning/unassigning team members???

Multiple events

- on the people's own menu they work with one event at a time - they select themselves which one they want to work with

Website Layout & Coding Format

  • generally aim at a minimum screen resolution of 1024x768 pixels
  • most website users use IE so it's must be compatible with the newest versions
    • but most browsers can be expected (because of a large user group)
  • a menu area and a main area
  • light background color/texture
  • use default font sizes/families and styles unless something needs to be emphasized or de-emphasized
    • use < b >
    • use or the CSS class "dimmed" for less important text
  • don't follow coding structure of main_*.php and list_*.php (generated by PHPMaker) but rather story_menu_admin.php
    • complexity of search and sorting features needs to be considered for every case (sometimes needed, otherwise just simple)
  • standard date format: mm/dd/yyyy
    • started writing LOCAL-DATE places where we eventually will localize the date format for user's country
      • consider if strftime() (or strftime_new() in adventsangerne.no) can be used for something
  • standard number format: ##,###,###.##
  • always use require_function() for defining functions to use. Never include file directly.
  • when validating date use $err_occurs_on_page to count how many errors occur. The validation functions also uses this variable.
  • recommended to use query string variable "act" when requesting a page with a command to do some operation
  • see additional coding format specifications in "Programming principles - Allan.txt"


E-mails

  • e-mail addresses must never be shown to the public. They must be presented with a form to be filled out instead.
  • general e-mails should bounce to bounce@sharehim.org, while all other e-mails should bounce to the sender address
  • format of the unique Mailer ID that can be used in e-mails: X-Mailer-ID: #SRCID#MAIL#FEST07-2#PID686#

Check queries

  • IMPORTANT: check that all speakers in a college within a cluster have personevents.clusterID filled out accordingly
  • check that all homeland date blocks have at least one conference defined in main_dateblockconfs
    • SELECT main_dateblocks.* FROM main_dateblocks LEFT JOIN main_dateblockconfs USING (dateblockID) WHERE homeland = 1 AND main_dateblockconfs.conferenceID IS NULL ORDER BY title
  • conferences, unions etc. have their upper level record
  • orphaned group members
  • speakers both being group leader and group member
  • check that group date block matches the members date blocks
  • speaker who haven't been issued any material (use code from _db-query.php)
  • check that STMs that are member of teams are also member of that date block
  • check that no delete-marked events are found in main_people.active_personeventID
  • delete active_personeventIDs that do not exist in main_personevents (maybe obsolete now)
    • _db-query.php: "CLEAR ACTIVE_PERSONEVENTIDs THAT ARE NOT EXISTING IN PERSONEVENTS"
  • check that all people in homeland campaigns are members of clusters
  • check date block dates:
SELECT dateblockID, title, opening_date, appl_closed_date, data_lock_date, TO_DAYS(closing_date) - TO_DAYS(opening_date) AS days_duration, TO_DAYS(opening_date) - TO_DAYS(appl_closed_date) AS days_before_appl_close, TO_DAYS(closing_date) - TO_DAYS(data_lock_date) AS days_lock_date_before_closingdate
FROM main_dateblocks
WHERE
    TO_DAYS(closing_date) - TO_DAYS(opening_date) <> 15 /* days_duration */
    OR TO_DAYS(opening_date) - TO_DAYS(appl_closed_date) < 0 /* days_before_appl_close */
    OR TO_DAYS(opening_date) - TO_DAYS(appl_closed_date) > 90 /* days_before_appl_close */
    OR TO_DAYS(closing_date) - TO_DAYS(data_lock_date) < -10 /* days_lock_date_before_closingdate */
ORDER BY opening_date
  • check pe_eff_siteID integrity:
SELECT main_personevents.personeventID, main_personevents.personID, main_sites.siteID, pe_eff_siteID, main_personevents.categorymoved, main_personevents.cospeaker, main_personevents.eff_dateblockID
FROM main_personevents
LEFT JOIN main_sites ON main_personevents.personeventID = main_sites.personeventID 
WHERE (main_personevents.pe_eff_siteID <> main_sites.siteID
OR (main_personevents.pe_eff_siteID IS NULL AND main_sites.siteID IS NOT NULL) 
OR (main_personevents.pe_eff_siteID IS NOT NULL AND main_sites.siteID IS NULL))
AND cospeaker = 0 AND categorymoved NOT IN ('stm', 'organizer')
  • check if we have any visits with any of the user agents currently listed in class webstory -> $skip_useragent_keywords
  • occasionally removed unused queries:
    • delete_query(false, array('queryID' => 0, 'queryID_compare' => '>=')); //it will auto probibit deleting used queries
  • check that pastor e-mail addresses match e-mail address in our records (system should prohibit it though so any records shown here might be a result of a problem in the system. Also see e-mails with subject "E-mail changed" of 2010-09-06 and 2011-03-10):
    • SELECT main_people.personID, legal_firstname, legal_lastname, main_people.email, main_officers.email AS conf_email, pw FROM main_people INNER JOIN main_officers ON main_people.personID = main_officers.personID WHERE main_people.email <> main_officers.email

Dropdowns

  • dropdowns binding a record to it's upper level must only show the upper level values within that branch of the tree

Boolean fields

All boolean fields (yes/no) have the field type TINYINT.

  • 1 = yes / true
  • 0 = no / false

This makes it easier to determine false and true in PHP.

Some fields also have additional special values like -1 or 2.

Use the label "- not set -" if the boolean value has not been set.

Adding/removing fields for, or links to, person record in main_people

  • when deleting a person (main_persondelete.php and delete_person() ) consider this new field
  • when merging a person (merge_person() ) consider this new field
  • for foreign keys linking to main_people.personID, add a reference in person_alldata.php
  • consider necessary changes to ShareHim Satellite

Deleting applicants

Deleting an applicant (meaning that he doesn't want to participate in the program anyway or he has been denied) does not result in an actual removal of the person from the database. We only delete the personevent record.

Deactivating records

To deactivate a record would be a very rare occurrence, only for example if a division re-organizes it's unions. In that case we deactive the unions that are no longer existing and by that we also cancel all current activities for those unions, like equipment booking and scheduled material shipments. This must/can then be re-booked and re-scheduled for the new unions created in stead. This is an example of the principle of deactivating records and theirs effects on the system.

User menus

  • Procedures (= links) that aren't applicable at present should be grayed out
    • e.g.: only make active link to match speakers if there are any speakers that need to be matched
    • This will make an easy todo-list overview for the user
    • Group these kind of procedures together on the menu

External links and webservice consumers

The following external places ling into pages on the website:

/add-new-campaign

NOT YET IMPLEMENTED
ShareSynch software (for people to apply for a homeland Speaker-Initiated Campaign)

/sharesynch

ShareSynch software (for manual activation)

/hiswayofhope-order-new-disc

NOT YET IMPLEMENTED
ShareSynch software (for upgrade to newer version where they need new disc)


The following systems are calling webservices on our website:

/php/sharesynch_activate_online.php ShareSynch software (automatic activation)
/php/sharesynch_data_exchange.php ShareSynch software
/php/ws.php?ws=add_goodsalt_order&f=json GoodSalt order system (NO LONGER USED)
/php/system_twilio_callback.php (callback specified in each request)

/php/_twilio_receive.php (specified on Twilio account)

Twilio.com (SMS and voice service)
/php/system_authorize_net_callback.php Authorize.net (payment processor)
/php/run_scheduled_daily_save.php Called from cron jobs on server itself and from allanville.com
https://sharehim.org/

http://sharehim.org/contact

Facebook app (under the account "ShareHim Idea Network") is referring to these URLs (https://developers.facebook.com/apps/475912035761756/settings/)

Address formats

3 different formats (currently not differencing USA/Canada):

  • USA
    • Street/PO
    • City, State, Zip
    • Country
  • Canada
    • Street/PO
    • City, Province, X#X-#X#
    • Country
  • Other
    • Street/PO
    • Postal information
    • Country

Telephone formats

On forms where people enter their phone number they need to enter the number WITHOUT country code and WITH area number.

On forms where people edit their phone number we will show a plus (+) and the country code in front of that number. We can do that since we have the country code for all countries in the table list_countries.

Log actions

Used in `sharehim_log` database in table `system_operations`, fields `action` and `subaction`

person added
deleted
updated
merged
name corrected
changed recommendation status
acceptance requested (= e-mail requesting acceptance has been sent to the conference)
accepted (by receiving field => homeland conference)
rejected (by receiving field => homeland conference)
acceptance reverted
acceptance request cancelled
person event updated
activated (standby event was activated)
downgrade to standby (actual event was downgraded to standby event)
changed main speaker
site-funding fulfilled
revoked
event added
standby added
deleted
standby deleted
undeleted
moved (so far only used in move_college_group() )
email sent [blank]
site-funding reminder
pastor passwords
category changed
application

new
recommendation requested (= e-mail requesting recommendation has been sent)
recommended (by sending field => specified recommendators)
unrecommended (by sending field => specified recommendators)
NO LONGER ISSUED: acceptance requested (= e-mail requesting acceptance has been sent)
NO LONGER ISSUED: accepted (by receiving field => homeland cluster leader)
NO LONGER ISSUED: rejected (by receiving field => homeland cluster leader)
approved (by ShareHim administrator)
denied (= event denied) (by ShareHim administrator)
status reverted

availability added
deleted
moved
people search
login success
failed
emulated
logout
password generated/changed
group created
deleted (not yet implemented as of 8/4-05)
leader changed
cluster leader changed
college dateblock leader changed
campaign site added (type=speaker-init comes under this as well)
moved
approved (used for speaker-init events)
declined (used for speaker-init events)
dateblock added
modified
deleted
hub city/sites moved
story deleted
donation deleted
equipment caseID replaced
equipment booking created
deleted
changed
serial-no deleted


Table might not yet be complete. (use SQL from file "Code pieces/SQL statements.txt" to make it complete)


IMPORTANT NOTE:

  • to minimize number of records the following log actions are deleted once in a while (after taking a local backup of the whole database so we have the information just in case we need it):


DELETE FROM system_operations WHERE `action` = 'campaign site' AND subaction = 'added'; /* date added is registered in main_sites anyway */

DELETE FROM system_operations WHERE `action` = 'login' AND subaction = 'success';

DELETE FROM system_operations WHERE `action` = 'login' AND subaction = 'failed';

DELETE FROM system_operations WHERE `action` = 'login' AND subaction = 'emulated';

DELETE FROM system_operations WHERE `action` = 'logout' AND subaction IS NULL;

Change Log prefixes

The following prefixes are used when entering comments in the CVS repository (see notes below the table):

ADD: When features/functional behaviours are added

CHG: When features/functional behaviours are changed

FIX: When a bug has been fixed

IMPROV: When features/functional behaviours have been improved (and it's neither a decided FIX, CHG, or ADD)

REMOVE: When a functional behaviour or out-dated code has been removed

UNDO: Undo a previous commit (usually the previous one of that file)


Any prefix can have " NWM" appended when it is a change that is "Not Worth Mentioning".

Any prefix can have " MAJOR" appended when it involves a major functionality change or upgrade.

The prefix is following by a colon, a space, and then the description. Examples:


ADD: link to change password

FIX NWM: corrected spelling

ADD MAJOR: donation management system

In very rare cases a prefix is not applicable and therefore not used.

If only functions have been changed we write a comma-seperated list of their names with "()" appended. For example:

ADD: get_dateblocks(), get_dateblock_info(): also return mediafolder field

If both functions and code in other places have been changed, we write the description normaly, but in the end list the functions that have been changed and/or added. For example:

ADD: interface for the new date block field mediafolder. Functions modified: get_dateblocks(), set_dateblock(). Functions added: get_mediafolder()


The same applies for JavaScript functions, but then we write "JS" with the parenthesis, for example: get_field_value(JS)


For PHP classes we write like this: 'class webservice_server'


The point here is to always add the names of functions and classes that are changed, so that it's possible to search CVS for all changes regarding those functions/classes.


Possible improvement (=not yet used): there should actually also be a keyword for deciding whether or not the entry should be seen for the general users of the website, so they know which changes have been made to the website that affect their work. Eg. "technical modification" or "functional modification".

Code-related tags

Codes that are put different places in the source code to link together different pieces of code that are related - to make it easier to maintain it and remember other places where we are dealing with the same thing. It's important that these tags are unique through ALL text files in the project so that they are easy to search for. Always write them in upper case.

INTL-EVENT-EMAIL Places in code where we send e-mails related to international events.
KOREAN-EXCEPTION Code dealing with the Korean Council customization in NAD division.
SHOW-CURRENT-DATES-FOR-MASTER-SITE The places that we show current existing campaign dates for a master site.
TERMS-FOR-ASSIGNING-HOMELAND-SPEAKER Places where we write the terms for assigning a speaker to a homeland campaign date
DIALOGBOX-LIKE-MESSAGE
LIST-CHURCH-PASTORS
CHECK-STORIES-LINKED-TO-SITE
CHECK-STATS-LINKED-TO-SITE
SEND_EMAIL_WHEN_ACCEPTED
DETERMINE-SENIOR-PASTOR Places where we determine who is the senior pastor for a church
BLOCK-SAME-DIVISION-APPLICANTS Block applicants from applying to date blocks in their own residence division
NOTIFY-NON-EUD-HOMELAND-APPLICANTS Code for notifying non-EUD applicants about homeland campaigns in EUD
HOMELAND-JESUSVIDEO-USES Places where we determine if we should deal with the Jesus video language in the homeland
OPENID-ENTRY-CODE Places with code for OpenID that public users see. Can hide these pieces in case we want to disable it.
PROHIBIT-LOGIN Places with code for prohibiting login from users who signed up for international trips from summer 2015 forward. We don't want them to think they have a user with us.
SKIPPED-TRANSL Places in homeland system where I have skipped translating something
QUEST or QUEST-EXPERT Questions I have for other (expert) programmers about issues I'm unsure about.
WATCHFUTURE Things we need to keep an eye on in the future as project develops
TODO Places in the code where I need to do something.

System entry points

Places where user will enter this system (might not be a complete list - check also with login.php)

  • index.php
  • login.php
  • menu*.php
  • recommend.php (recommenders go directly to here)


SQL sentences

Relationships up through the main line:

main_translations

INNER JOIN main_sites ON main_translations.siteID = main_sites.sideID

INNER JOIN main_hotels ON main_sites.hotelID = main_hotels.hotelID

INNER JOIN main_conferences ON main_hotels.conferenceID = main_conferences.conferenceID

INNER JOIN main_unions ON main_conferences.unionID = main_unions.unionID

INNER JOIN main_dateblocks ON main_unions.dateblockID = main_dateblocks.dateblockID

INNER JOIN main_divisions ON main_dateblocks.divisionID = main_divisions.divisionID


Return all sites for a orientation/dateblock (the opposite direction of above):

SELECT main_sites.*

FROM main_orientations

INNER JOIN main_dateblocks ON main_orientations.dateblockID = main_dateblocks.dateblockID

INNER JOIN main_unions ON main_dateblocks.dateblockID = main_unions.dateblockID

INNER JOIN main_conferences ON main_unions.unionID = main_conferences.unionID

INNER JOIN main_hotels ON main_conferences.conferenceID = main_hotels.conferenceID

INNER JOIN main_sites ON main_hotels.hotelID = main_sites.hotelID


UNION query to obtain all users:

SELECT coord_email AS email, coord_pw AS pw, 'div' AS accesslevel FROM main_divisions WHERE coord_email is not null AND coord_pw is not null

UNION ALL

SELECT coord_email AS email, coord_pw AS pw, 'un' AS accesslevel FROM main_unions WHERE coord_email is not null AND coord_pw is not null

UNION

SELECT coord_email AS email, coord_pw AS pw, 'conf' AS accesslevel FROM main_conferences WHERE coord_email is not null AND coord_pw is not null

UNION

SELECT email, pw, 'people' AS accesslevel FROM main_people WHERE email is not null AND pw is not null

UNION

SELECT email, pw, accesslevel FROM main_ext_logins WHERE email is not null AND pw is not null


When mail provider changes IP (eg. causing mail queue just filling up)

Steps to fix:

  1. Get IP of nslookup sh.zmailcloud.com
  2. If ip has changed, stop postfix /etc/init.d/postfix stop
  3. Take new ip and update "relayhost" in /etc/postfix/main.cf
  4. Edit /etc/postfix/sasl_passwd to add new ip
  5. Delete old encoded sasl database: rm /etc/postfix/sasl_passwd.db
  6. Generate new encoded database: postmap hash:/etc/postfix/sasl_passwd
  7. Start postfix
  8. Send test message by: mail -s testing john@sharehim.org. Next, type a line of text and then to send, CTRL+d
  9. Verify log file looks correct
  10. Verify email made it though
  11. If good, then lets try to resend and flush the queue: postqueue -f
  12. View log file to see if messages start going out OK while checking status of postqueue -p to verify queue is decreasing


Backup

Files backed up on webserver

  • /etc
  • /home
  • /root
  • /usr/local/bin
  • /var/log
  • /var/www

Using CrashPlan. See installation and managing instructions at https://support.code42.com/CrashPlan/4/Configuring/Using_CrashPlan_On_A_Headless_Computer (maybe also https://www.liquidstate.net/installing-crashplan-on-a-headless-linux-server/)