You are here

Home » API reference » Webform CiviCRM Integration 7.4 » contact_component.inc

function wf_crm_contact_access in Webform CiviCRM Integration 7.4

Same name and namespace in other branches
  1. 7.5 includes/contact_component.inc \wf_crm_contact_access()
  2. 7.3 contact_component.inc \wf_crm_contact_access()

Load contact name if user has permission. Else return FALSE.

Parameters

$component: Webform component of type 'civicrm_contact'

$filters: Contact get params

$cid: Contact id

Return value

bool|string

5 calls to wf_crm_contact_access()
wf_crm_fill_contact_value in includes/contact_component.inc
Lookup contact name from ID, verify permissions, and attach as html data.
wf_crm_webform_ajax::contactAjax in includes/wf_crm_webform_ajax.inc
Load one or more contacts via ajax
wf_crm_webform_base::findContact in includes/wf_crm_webform_base.inc
Find an existing contact based on matching criteria Used to populate a webform existing contact field
wf_crm_webform_postprocess::verifyExistingContact in includes/wf_crm_webform_postprocess.inc
Ensure we have a valid contact id in a contact ref field
_webform_edit_civicrm_contact in includes/contact_component.inc
Implements _webform_edit_component().

File

includes/contact_component.inc, line 764

Code

function wf_crm_contact_access($component, $filters, $cid) {

  // Create new contact doesn't require lookup
  $cid = "{$cid}";
  list(, $c, ) = explode('_', $component['form_key'], 3);
  if ($cid && $cid[0] === '-' && !empty($component['extra']['allow_create']) && !empty($component['extra']['none_prompt'])) {
    return filter_xss($component['extra']['none_prompt']);
  }
  if (!is_numeric($cid)) {
    return FALSE;
  }
  $filters['id'] = $cid;
  $filters['is_deleted'] = 0;

  // A contact always has permission to view self
  if ($cid == wf_crm_user_cid()) {
    $filters['check_permissions'] = FALSE;
  }
  if (!empty($filters['check_permissions'])) {

    // If we have a valid checksum for this contact, bypass other permission checks
    // For legacy reasons we support "cid" param as an alias of "cid1"
    if (wf_crm_aval($_GET, "cid{$c}") == $cid || $c == 1 && wf_crm_aval($_GET, "cid") == $cid) {

      // For legacy reasons we support "cs" param as an alias of "cs1"
      if (!empty($_GET['cs']) && $c == 1 && CRM_Contact_BAO_Contact_Utils::validChecksum($cid, $_GET['cs']) || !empty($_GET["cs{$c}"]) && CRM_Contact_BAO_Contact_Utils::validChecksum($cid, $_GET["cs{$c}"])) {
        $filters['check_permissions'] = FALSE;

        // Grant CiviCRM permissions to the verified checksum contact.
        if ($c == 1) {
          CRM_Core_Session::singleton()
            ->set('userID', $cid);
        }
      }
    }
  }

  // Fetch contact name with filters applied
  $result = wf_civicrm_api('contact', 'get', $filters);
  return wf_crm_format_contact(wf_crm_aval($result, "values:{$cid}"), $component['extra']['results_display']);
}