function wf_crm_contact_access in Webform CiviCRM Integration 7.5
Same name and namespace in other branches
- 7.3 contact_component.inc \wf_crm_contact_access()
- 7.4 includes/contact_component.inc \wf_crm_contact_access()
Load contact name if user has permission. Else return FALSE.
Parameters
$component: Webform component of type 'civicrm_contact'
$filters: Contact get params
$cid: Contact id
Return value
bool|string
5 calls to wf_crm_contact_access()
- wf_crm_fill_contact_value in includes/
contact_component.inc - Lookup contact name from ID, verify permissions, and attach as html data.
- wf_crm_webform_ajax::contactAjax in includes/
wf_crm_webform_ajax.inc - Load one or more contacts via ajax
- wf_crm_webform_base::findContact in includes/
wf_crm_webform_base.inc - Find an existing contact based on matching criteria Used to populate a webform existing contact field
- wf_crm_webform_postprocess::verifyExistingContact in includes/
wf_crm_webform_postprocess.inc - Ensure we have a valid contact id in a contact ref field
- _webform_edit_civicrm_contact in includes/
contact_component.inc - Implements _webform_edit_component().
File
- includes/
contact_component.inc, line 762
Code
function wf_crm_contact_access($component, $filters, $cid) {
// Create new contact doesn't require lookup
$cid = "{$cid}";
list(, $c, ) = explode('_', $component['form_key'], 3);
if ($cid && $cid[0] === '-' && !empty($component['extra']['allow_create']) && !empty($component['extra']['none_prompt'])) {
return filter_xss($component['extra']['none_prompt']);
}
if (!is_numeric($cid)) {
return FALSE;
}
$filters['id'] = $cid;
$filters['is_deleted'] = 0;
// A contact always has permission to view self
if ($cid == wf_crm_user_cid()) {
$filters['check_permissions'] = FALSE;
}
if (!empty($filters['check_permissions'])) {
// If we have a valid checksum for this contact, bypass other permission checks
// For legacy reasons we support "cid" param as an alias of "cid1"
if (wf_crm_aval($_GET, "cid{$c}") == $cid || $c == 1 && wf_crm_aval($_GET, "cid") == $cid) {
// For legacy reasons we support "cs" param as an alias of "cs1"
if (!empty($_GET['cs']) && $c == 1 && CRM_Contact_BAO_Contact_Utils::validChecksum($cid, $_GET['cs']) || !empty($_GET["cs{$c}"]) && CRM_Contact_BAO_Contact_Utils::validChecksum($cid, $_GET["cs{$c}"])) {
$filters['check_permissions'] = FALSE;
// Grant CiviCRM permissions to the verified checksum contact.
if ($c == 1) {
CRM_Core_Session::singleton()
->set('userID', $cid);
}
}
}
}
// Fetch contact name with filters applied
$result = wf_civicrm_api('contact', 'get', $filters);
return wf_crm_format_contact(wf_crm_aval($result, "values:{$cid}"), $component['extra']['results_display']);
}