Contacts: Fixed/implemented permissions, added Relations.

app_config.php

@@ -101,6 +101,74 @@
 		$apps[$x]['permissions'][$y]['name'] = "contact_group_delete";
 		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
 		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_email_view";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_email_add";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_email_edit";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_email_delete";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_url_view";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_url_add";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_url_edit";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_url_delete";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_setting_view";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_setting_add";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_setting_edit";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_setting_delete";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_relation_view";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_relation_add";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_relation_edit";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_relation_delete";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
+		$y++;
+		$apps[$x]['permissions'][$y]['name'] = "contact_extension_view";
+		$apps[$x]['permissions'][$y]['groups'][] = "superadmin";
+		$apps[$x]['permissions'][$y]['groups'][] = "admin";
 
 	//schema details
 		$y = 0; //table array index
@@ -187,14 +255,14 @@
 		$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";
 		$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "Enter the category.";
 		$z++;
-$apps[$x]['db'][$y]['fields'][$z]['name'] = "contact_email";
-$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";
-$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "Enter the email address.";
-$z++;
-$apps[$x]['db'][$y]['fields'][$z]['name'] = "contact_url";
-$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";
-$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "Enter the website address.";
-$z++;
+		$apps[$x]['db'][$y]['fields'][$z]['name'] = "contact_email";
+		$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";
+		$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "Enter the email address.";
+		$z++;
+		$apps[$x]['db'][$y]['fields'][$z]['name'] = "contact_url";
+		$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";
+		$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "Enter the website address.";
+		$z++;
 		$apps[$x]['db'][$y]['fields'][$z]['name'] = "contact_time_zone";
 		$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";
 		$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "Enter the time zone.";
@@ -502,6 +570,43 @@ $z++;
 		$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";
 		$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "";
 
+		$y = 6; //table array index
+		$apps[$x]['db'][$y]['table'] = "v_contact_relations";
+		$apps[$x]['db'][$y]['fields'][$z]['name'] = "contact_relation_uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['pgsql'] = "uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['sqlite'] = "text";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['mysql'] = "char(36)";
+		$apps[$x]['db'][$y]['fields'][$z]['key']['type'] = "primary";
+		$z++;
+		$apps[$x]['db'][$y]['fields'][$z]['name'] = "domain_uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['pgsql'] = "uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['sqlite'] = "text";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['mysql'] = "char(36)";
+		$apps[$x]['db'][$y]['fields'][$z]['key']['type'] = "foreign";
+		$z++;
+		$apps[$x]['db'][$y]['fields'][$z]['name'] = "contact_uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['pgsql'] = "uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['sqlite'] = "text";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['mysql'] = "char(36)";
+		$apps[$x]['db'][$y]['fields'][$z]['key']['type'] = "foreign";
+		$apps[$x]['db'][$y]['fields'][$z]['key']['reference']['table'] = "v_contacts";
+		$apps[$x]['db'][$y]['fields'][$z]['key']['reference']['field'] = "contact_uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "";
+		$z++;
+		$apps[$x]['db'][$y]['fields'][$z]['name'] = "relation_label";
+		$apps[$x]['db'][$y]['fields'][$z]['type'] = "text";
+		$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "";
+		$z++;
+		$apps[$x]['db'][$y]['fields'][$z]['name'] = "relation_contact_uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['pgsql'] = "uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['sqlite'] = "text";
+		$apps[$x]['db'][$y]['fields'][$z]['type']['mysql'] = "char(36)";
+		$apps[$x]['db'][$y]['fields'][$z]['key']['type'] = "foreign";
+		$apps[$x]['db'][$y]['fields'][$z]['key']['reference']['table'] = "v_contacts";
+		$apps[$x]['db'][$y]['fields'][$z]['key']['reference']['field'] = "contact_uuid";
+		$apps[$x]['db'][$y]['fields'][$z]['description']['en-us'] = "";
+		$z++;
+
 		$y = 7; //table array index
 		$apps[$x]['db'][$y]['table'] = "v_contact_emails";
 		$apps[$x]['db'][$y]['fields'][$z]['name'] = "contact_email_uuid";

app_languages.php

@@ -949,6 +949,93 @@
 		$text['description-contact_setting_value']['pt-pt'] = "Introduza o valor desta definição.";
 		$text['description-contact_setting_value']['fr-fr'] = "Entrez la valeur de ce paramètre.";
 
+	// contact relations
+		$text['header-contact_relations']['en-us'] = "Relations";
+		$text['header-contact_relations']['es-cl'] = "Relaciones";
+		$text['header-contact_relations']['pt-pt'] = "Relações";
+		$text['header-contact_relations']['fr-fr'] = "Rapports";
+
+		$text['title-contact_relation']['en-us'] = "Contact Relation";
+		$text['title-contact_relation']['es-cl'] = "Contacto Relación";
+		$text['title-contact_relation']['pt-pt'] = "Contato Relação";
+		$text['title-contact_relation']['fr-fr'] = "Contactez Relation";
+
+		$text['header-contact_relation']['en-us'] = "Contact Relation";
+		$text['header-contact_relation']['es-cl'] = "Contacto Relación";
+		$text['header-contact_relation']['pt-pt'] = "Contato Relação";
+		$text['header-contact_relation']['fr-fr'] = "Contactez Relation";
+
+		$text['label-contact_relation_organization']['en-us'] = "Organization";
+		$text['label-contact_relation_organization']['es-cl'] = "Organización";
+		$text['label-contact_relation_organization']['pt-pt'] = "Organização";
+		$text['label-contact_relation_organization']['fr-fr'] = "Organisation";
+
+		$text['label-contact_relation_name']['en-us'] = "Name";
+		$text['label-contact_relation_name']['es-cl'] = "Nombre";
+		$text['label-contact_relation_name']['pt-pt'] = "Nom";
+		$text['label-contact_relation_name']['fr-fr'] = "Nome";
+
+		$text['label-contact_relation_label']['en-us'] = "Relation";
+		$text['label-contact_relation_label']['es-cl'] = "Relación";
+		$text['label-contact_relation_label']['pt-pt'] = "Relação";
+		$text['label-contact_relation_label']['fr-fr'] = "Relation";
+
+		$text['label-contact_relation_option_parent']['en-us'] = "Parent";
+		$text['label-contact_relation_option_parent']['es-cl'] = "Padre";
+		$text['label-contact_relation_option_parent']['pt-pt'] = "Parente";
+		$text['label-contact_relation_option_parent']['fr-fr'] = "Mère";
+
+		$text['label-contact_relation_option_child']['en-us'] = "Child";
+		$text['label-contact_relation_option_child']['es-cl'] = "Niño";
+		$text['label-contact_relation_option_child']['pt-pt'] = "Criança";
+		$text['label-contact_relation_option_child']['fr-fr'] = "Enfant";
+
+		$text['label-contact_relation_option_employee']['en-us'] = "Employee";
+		$text['label-contact_relation_option_employee']['es-cl'] = "Empleado";
+		$text['label-contact_relation_option_employee']['pt-pt'] = "Empregado";
+		$text['label-contact_relation_option_employee']['fr-fr'] = "Employé";
+
+		$text['label-contact_relation_option_member']['en-us'] = "Member";
+		$text['label-contact_relation_option_member']['es-cl'] = "Miembro";
+		$text['label-contact_relation_option_member']['pt-pt'] = "Membro";
+		$text['label-contact_relation_option_member']['fr-fr'] = "Membre";
+
+		$text['label-contact_relation_option_associate']['en-us'] = "Associate";
+		$text['label-contact_relation_option_associate']['es-cl'] = "Asociado";
+		$text['label-contact_relation_option_associate']['pt-pt'] = "Associado";
+		$text['label-contact_relation_option_associate']['fr-fr'] = "Associé";
+
+		$text['label-contact_relation_option_other']['en-us'] = "Other";
+		$text['label-contact_relation_option_other']['es-cl'] = "Otro";
+		$text['label-contact_relation_option_other']['pt-pt'] = "Outro";
+		$text['label-contact_relation_option_other']['fr-fr'] = "Autre";
+
+		$text['label-contact_relation_contact']['en-us'] = "Contact";
+		$text['label-contact_relation_contact']['es-cl'] = "Contacto";
+		$text['label-contact_relation_contact']['pt-pt'] = "Contato";
+		$text['label-contact_relation_contact']['fr-fr'] = "Contact";
+
+		$text['label-contact_relation_reciprocal']['en-us'] = "Reciprocal";
+		$text['label-contact_relation_reciprocal']['es-cl'] = "Recíproca";
+		$text['label-contact_relation_reciprocal']['pt-pt'] = "Recíproco";
+		$text['label-contact_relation_reciprocal']['fr-fr'] = "Réciproque";
+
+		$text['description-contact_relation_reciprocal']['en-us'] = "Select whether to also create a reciprocal relationship for the contact selected above.";
+		$text['description-contact_relation_reciprocal']['es-cl'] = "Seleccione si desea crear también una relación recíproca para el contacto seleccionado anteriormente.";
+		$text['description-contact_relation_reciprocal']['pt-pt'] = "Seleccione se pretende também criar uma relação de reciprocidade para o contato selecionado acima.";
+		$text['description-contact_relation_reciprocal']['fr-fr'] = "Sélectionnez si vous souhaitez créer également une relation réciproque pour le contact sélectionné ci-dessus.";
+
+		$text['label-contact_relation_reciprocal_label']['en-us'] = "Reciprocal Relation";
+		$text['label-contact_relation_reciprocal_label']['es-cl'] = "Relación Recíproca";
+		$text['label-contact_relation_reciprocal_label']['pt-pt'] = "Relação Recíproca";
+		$text['label-contact_relation_reciprocal_label']['fr-fr'] = "Relation Réciproque";
+
+		$text['description-contact_relation_reciprocal_label']['en-us'] = "Define the relationship of this contact to the contact selected above.";
+		$text['description-contact_relation_reciprocal_label']['es-cl'] = "Definir la relación de este contacto para el contacto seleccionado anteriormente.";
+		$text['description-contact_relation_reciprocal_label']['pt-pt'] = "Definir a relação desse contato para o contato selecionado acima.";
+		$text['description-contact_relation_reciprocal_label']['fr-fr'] = "Définir la relation de ce contact au contact sélectionné ci-dessus.";
+
+
 	// contact import
 		$text['title-contacts_import']['en-us'] = "Import Contacts";
 		$text['title-contacts_import']['es-cl'] = "Importar Contactos";
@@ -1171,4 +1258,6 @@
 		$text['message-required']['pt-pt'] = "Por favor indique: ";
 		$text['message-required']['fr-fr'] = "Merci d'indiquer: ";
 
+
+
 ?>

contact_address_delete.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_delete')) {
+if (permission_exists('contact_address_delete')) {
 	//access granted
 }
 else {

contact_address_edit.php

@@ -27,7 +27,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_edit')) {
+if (permission_exists('contact_address_edit') || permission_exists('contact_address_add')) {
 	//access granted
 }
 else {
@@ -54,7 +54,6 @@ if (strlen($_GET["contact_uuid"]) > 0) {
 
 //get http post variables and set them to php variables
 	if (count($_POST)>0) {
-		//$address_name = check_str($_POST["address_name"]);
 		$address_type = check_str($_POST["address_type"]);
 		$address_label = check_str($_POST["address_label"]);
 		$address_label_custom = check_str($_POST["address_label_custom"]);
@@ -193,7 +192,6 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		$prep_statement->execute();
 		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
 		foreach ($result as &$row) {
-			//$address_name = $row["address_name"];
 			$address_type = $row["address_type"];
 			$address_label = $row["address_label"];
 			$address_street = $row["address_street"];

contact_addresses.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_view')) {
+if (permission_exists('contact_address_view')) {
 	//access granted
 }
 else {
@@ -34,15 +34,7 @@ else {
 	exit;
 }
 
-//require_once "resources/header.php";
-require_once "resources/paging.php";
-
-//get variables used to control the order
-// 	$order_by = $_GET["order_by"];
-// 	$order = $_GET["order"];
-
 //show the content
-
 	echo "<table width='100%' border='0'>\n";
 	echo "<tr>\n";
 	echo "<td width='50%' align='left' nowrap='nowrap'><b>".$text['label-addresses']."</b></td>\n";
@@ -50,38 +42,11 @@ require_once "resources/paging.php";
 	echo "</tr>\n";
 	echo "</table>\n";
 
-	//prepare to page the results
-// 		$sql = " select count(*) as num_rows from v_contact_addresses ";
-// 		$sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' ";
-// 		$sql .= " and contact_uuid = '$contact_uuid' ";
-// 		if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-// 		$prep_statement = $db->prepare($sql);
-// 		if ($prep_statement) {
-// 		$prep_statement->execute();
-// 			$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-// 			if ($row['num_rows'] > 0) {
-// 				$num_rows = $row['num_rows'];
-// 			}
-// 			else {
-// 				$num_rows = '0';
-// 			}
-// 		}
-
-	//prepare to page the results
-// 		$rows_per_page = 10;
-// 		$param = "";
-// 		$page = $_GET['page'];
-// 		if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
-// 		list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
-// 		$offset = $rows_per_page * $page;
-
 	//get the contact list
 		$sql = "select * from v_contact_addresses ";
 		$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
 		$sql .= "and contact_uuid = '$contact_uuid' ";
 		$sql .= "order by address_primary desc, address_label asc ";
-// 		if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-// 		$sql .= " limit $rows_per_page offset $offset ";
 		$prep_statement = $db->prepare(check_sql($sql));
 		$prep_statement->execute();
 		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
@@ -102,14 +67,18 @@ require_once "resources/paging.php";
 	echo "<th>&nbsp;</th>\n";
 	echo "<th>".$text['label-address_description']."</th>\n";
 	echo "<td class='list_control_icons'>";
-	echo 	"<a href='contact_address_edit.php?contact_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	if (permission_exists('contact_address_add')) {
+		echo "<a href='contact_address_edit.php?contact_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	}
 	echo "</td>\n";
 	echo "</tr>\n";
 
 	if ($result_count > 0) {
 		foreach($result as $row) {
 			$map_query = $row['address_street']." ".$row['address_extended'].", ".$row['address_locality'].", ".$row['address_region'].", ".$row['address_region'].", ".$row['address_postal_code'];
-			$tr_link = "href='contact_address_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_address_uuid']."'";
+			if (permission_exists('contact_address_edit')) {
+				$tr_link = "href='contact_address_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_address_uuid']."'";
+			}
 			echo "<tr ".$tr_link." ".(($row['address_primary']) ? "style='font-weight: bold;'" : null).">\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'>".$row['address_label']."&nbsp;</td>\n";
 			echo "	<td valign='top' class='".$row_style[$c]."' style='width: 25%; max-width: 50px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;'>".$row['address_street']."&nbsp;</td>\n";
@@ -120,11 +89,15 @@ require_once "resources/paging.php";
 			echo "	</td>\n";
 			echo "	<td valign='top' class='row_stylebg'>".$row['address_description']."&nbsp;</td>\n";
 			echo "	<td class='list_control_icons'>";
-			echo 		"<a href='contact_address_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_address_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
-			echo 		"<a href='contact_address_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_address_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			if (permission_exists('contact_address_edit')) {
+				echo "<a href='contact_address_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_address_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+			}
+			if (permission_exists('contact_address_delete')) {
+				echo "<a href='contact_address_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_address_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			}
 			echo "	</td>\n";
 			echo "</tr>\n";
-			if ($c==0) { $c=1; } else { $c=0; }
+			$c = ($c) ? 0 : 1;
 		} //end foreach
 		unset($sql, $result, $row_count);
 	} //end if results

contact_delete.php

@@ -86,6 +86,18 @@ if (strlen($contact_uuid) > 0) {
 		$prep_statement->execute();
 		unset($prep_statement, $sql);
 
+	//delete relations
+		$sql = "delete from v_contact_relations ";
+		$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
+		$sql .= "and ";
+		$sql .= "( ";
+		$sql .= "	contact_uuid = '".$contact_uuid."' ";
+		$sql .= "	or relation_contact_uuid = '".$contact_uuid."' ";
+		$sql .= ") ";
+		$prep_statement = $db->prepare(check_sql($sql));
+		$prep_statement->execute();
+		unset($prep_statement, $sql);
+
 	//delete settings
 		$sql = "delete from v_contact_settings ";
 		$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";

contact_edit.php

@@ -396,8 +396,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 			echo "		<option value='volunteer' ".(($contact_type == "volunteer") ? "selected='selected'" : null).">".$text['option-contact_type_volunteer']."</option>\n";
 			echo "	</select>\n";
 		}
-		echo "<br />\n";
-		echo $text['description-contact_type']."\n";
+//		echo "<br />\n";
+//		echo $text['description-contact_type']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -407,8 +407,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</td>\n";
 		echo "<td class='vtable' align='left'>\n";
 		echo "	<input class='formfld' type='text' name='contact_organization' maxlength='255' value=\"$contact_organization\">\n";
-		echo "<br />\n";
-		echo $text['description-contact_organization']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_organization']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -418,8 +418,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</td>\n";
 		echo "<td class='vtable' align='left'>\n";
 		echo "	<input class='formfld' type='text' name='contact_name_prefix' maxlength='255' value=\"$contact_name_prefix\">\n";
-		echo "<br />\n";
-		echo $text['description-contact_name_prefix']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_name_prefix']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -429,8 +429,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</td>\n";
 		echo "<td class='vtable' align='left'>\n";
 		echo "	<input class='formfld' type='text' name='contact_name_given' maxlength='255' value=\"$contact_name_given\">\n";
-		echo "<br />\n";
-		echo $text['description-contact_name_given']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_name_given']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -440,8 +440,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</td>\n";
 		echo "<td class='vtable' align='left'>\n";
 		echo "	<input class='formfld' type='text' name='contact_name_middle' maxlength='255' value=\"$contact_name_middle\">\n";
-		echo "<br />\n";
-		echo $text['description-contact_name_middle']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_name_middle']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -451,8 +451,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</td>\n";
 		echo "<td class='vtable' align='left'>\n";
 		echo "	<input class='formfld' type='text' name='contact_name_family' maxlength='255' value=\"$contact_name_family\">\n";
-		echo "<br />\n";
-		echo $text['description-contact_name_family']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_name_family']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -462,8 +462,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</td>\n";
 		echo "<td class='vtable' align='left'>\n";
 		echo "	<input class='formfld' type='text' name='contact_name_suffix' maxlength='255' value=\"$contact_name_suffix\">\n";
-		echo "<br />\n";
-		echo $text['description-contact_name_suffix']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_name_suffix']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -473,8 +473,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</td>\n";
 		echo "<td class='vtable' align='left'>\n";
 		echo "	<input class='formfld' type='text' name='contact_nickname' maxlength='255' value=\"$contact_nickname\">\n";
-		echo "<br />\n";
-		echo $text['description-contact_nickname']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_nickname']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -495,8 +495,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		else {
 			echo "	<input class='formfld' type='text' name='contact_title' maxlength='255' value=\"$contact_title\">\n";
 		}
-		echo "<br />\n";
-		echo $text['description-contact_title']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_title']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -517,8 +517,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		else {
 			echo "	<input class='formfld' type='text' name='contact_category' maxlength='255' value=\"$contact_category\">\n";
 		}
-		echo "<br />\n";
-		echo $text['description-contact_category']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_category']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -539,8 +539,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		else {
 			echo "	<input class='formfld' type='text' name='contact_role' maxlength='255' value=\"$contact_role\">\n";
 		}
-		echo "<br />\n";
-		echo $text['description-contact_role']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_role']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -550,8 +550,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</td>\n";
 		echo "<td class='vtable' align='left'>\n";
 		echo "	<input class='formfld' type='text' name='contact_time_zone' maxlength='255' value=\"$contact_time_zone\">\n";
-		echo "<br />\n";
-		echo $text['description-contact_time_zone']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_time_zone']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 
@@ -678,8 +678,8 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 		echo "</td>\n";
 		echo "<td width='70%' class='vtable' align='left'>\n";
 		echo "  <textarea class='formfld' style='width: 100%; height: 80px;' name='contact_note'>".$contact_note."</textarea>\n";
-		echo "<br />\n";
-		echo $text['description-contact_note']."\n";
+// 		echo "<br />\n";
+// 		echo $text['description-contact_note']."\n";
 		echo "</td>\n";
 		echo "</tr>\n";
 		echo "	<tr>\n";
@@ -698,14 +698,15 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 	if ($action == "update") {
 		echo "<td>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;</td>";
 		echo "<td width='60%' class='' valign='top' align='center'>\n";
-			//echo "	<img src='contacts_vcard.php?id=$contact_uuid&type=image' width='90%'><br /><br />\n";
-			require "contact_phones.php";
-			require "contact_addresses.php";
-			require "contact_emails.php";
-			require "contact_urls.php";
-			require "contact_extensions.php";
-			require "contact_notes.php";
-			require "contact_settings.php";
+		//echo "	<img src='contacts_vcard.php?id=$contact_uuid&type=image' width='90%'><br /><br />\n";
+		if (permission_exists('contact_phone_view')) { require "contact_phones.php"; }
+		if (permission_exists('contact_address_view')) { require "contact_addresses.php"; }
+		if (permission_exists('contact_email_view')) { require "contact_emails.php"; }
+		if (permission_exists('contact_url_view')) { require "contact_urls.php"; }
+		if (permission_exists('contact_extension_view')) { require "contact_extensions.php"; }
+		if (permission_exists('contact_relation_view')) { require "contact_relations.php"; }
+		if (permission_exists('contact_note_view')) { require "contact_notes.php"; }
+		if (permission_exists('contact_setting_view')) { require "contact_settings.php"; }
 		echo "</td>\n";
 	}
 

contact_email_delete.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_delete')) {
+if (permission_exists('contact_email_delete')) {
 	//access granted
 }
 else {

contact_email_edit.php

@@ -27,7 +27,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_edit')) {
+if (permission_exists('contact_email_edit') || permission_exists('contact_email_add')) {
 	//access granted
 }
 else {

contact_emails.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_view')) {
+if (permission_exists('contact_email_view')) {
 	//access granted
 }
 else {
@@ -34,15 +34,7 @@ else {
 	exit;
 }
 
-//require_once "resources/header.php";
-require_once "resources/paging.php";
-
-//get variables used to control the order
-// 	$order_by = $_GET["order_by"];
-// 	$order = $_GET["order"];
-
 //show the content
-
 	echo "<table width='100%' border='0'>\n";
 	echo "<tr>\n";
 	echo "<td width='50%' align='left' nowrap='nowrap'><b>".$text['label-emails']."</b></td>\n";
@@ -50,37 +42,11 @@ require_once "resources/paging.php";
 	echo "</tr>\n";
 	echo "</table>\n";
 
-	//prepare to page the results
-// 		$sql = " select count(*) as num_rows from v_contact_emails ";
-// 		$sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' ";
-// 		$sql .= " and contact_uuid = '$contact_uuid' ";
-// 		$prep_statement = $db->prepare($sql);
-// 		if ($prep_statement) {
-// 		$prep_statement->execute();
-// 			$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-// 			if ($row['num_rows'] > 0) {
-// 				$num_rows = $row['num_rows'];
-// 			}
-// 			else {
-// 				$num_rows = '0';
-// 			}
-// 		}
-
-	//prepare to page the results
-// 		$rows_per_page = 10;
-// 		$param = "";
-// 		$page = $_GET['page'];
-// 		if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
-// 		list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
-// 		$offset = $rows_per_page * $page;
-
 	//get the contact list
 		$sql = "select * from v_contact_emails ";
 		$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
 		$sql .= "and contact_uuid = '$contact_uuid' ";
 		$sql .= "order by email_primary desc, email_label asc ";
-// 		if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-// 		$sql .= " limit $rows_per_page offset $offset ";
 		$prep_statement = $db->prepare(check_sql($sql));
 		$prep_statement->execute();
 		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
@@ -98,23 +64,31 @@ require_once "resources/paging.php";
 	echo "<th>".$text['label-email_address']."</th>\n";
 	echo "<th>".$text['label-email_description']."</th>\n";
 	echo "<td class='list_control_icons'>";
-	echo 	"<a href='contact_email_edit.php?contact_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	if (permission_exists('contact_email_add')) {
+		echo "<a href='contact_email_edit.php?contact_uuid=".$contact_uuid."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	}
 	echo "</td>\n";
 	echo "</tr>\n";
 
 	if ($result_count > 0) {
 		foreach($result as $row) {
-			$tr_link = "href='contact_email_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_email_uuid']."'";
+			if (permission_exists('contact_email_edit')) {
+				$tr_link = "href='contact_email_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_email_uuid']."'";
+			}
 			echo "<tr ".$tr_link." ".(($row['email_primary']) ? "style='font-weight: bold;'" : null).">\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'>".$row['email_label']."&nbsp;</td>\n";
 			echo "	<td valign='top' class='".$row_style[$c]." tr_link_void'><a href='mailto:".$row['email_address']."'>".$row['email_address']."&nbsp;</td>\n";
 			echo "	<td valign='top' class='row_stylebg'>".$row['email_description']."&nbsp;</td>\n";
 			echo "	<td class='list_control_icons'>";
-			echo 		"<a href='contact_email_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_email_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
-			echo 		"<a href='contact_email_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_email_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			if (permission_exists('contact_email_edit')) {
+				echo "<a href='contact_email_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_email_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+			}
+			if (permission_exists('contact_email_delete')) {
+				echo "<a href='contact_email_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_email_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			}
 			echo "	</td>\n";
 			echo "</tr>\n";
-			if ($c==0) { $c=1; } else { $c=0; }
+			$c = ($c) ? 0 : 1;
 		} //end foreach
 		unset($sql, $result, $row_count);
 	} //end if results

contact_extensions.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_view')) {
+if (permission_exists('contact_extension_view')) {
 	//access granted
 }
 else {
@@ -34,15 +34,6 @@ else {
 	exit;
 }
 
-//require_once "resources/header.php";
-require_once "resources/paging.php";
-
-//get variables used to control the order
-	if (isset($_GET["order_by"])) {
-		$order_by = check_str($_GET["order_by"]);
-		$order = check_str($_GET["order"]);
-	}
-
 //javascript function: send_cmd
 	echo "<script type=\"text/javascript\">\n";
 	echo "function send_cmd(url) {\n";
@@ -59,7 +50,6 @@ require_once "resources/paging.php";
 	echo "</script>\n";
 
 //show the content
-
 	echo "<table width='100%' border='0'>\n";
 	echo "<tr>\n";
 	echo "<td width='50%' align='left' nowrap='nowrap'><b>".$text['label-contact_extensions']."</b></td>\n";
@@ -67,43 +57,14 @@ require_once "resources/paging.php";
 	echo "</tr>\n";
 	echo "</table>\n";
 
-	//prepare to page the results
-		$sql = "select count(*) as num_rows ";
+	//get the extension list
+		$sql = "select e.extension_uuid, e.extension, e.enabled, e.description ";
 		$sql .= " from v_extensions e, v_extension_users eu, v_users u ";
 		$sql .= " where e.extension_uuid = eu.extension_uuid ";
 		$sql .= " and u.user_uuid = eu.user_uuid ";
 		$sql .= " and e.domain_uuid = '$domain_uuid' ";
 		$sql .= " and u.contact_uuid = '$contact_uuid' ";
-		$prep_statement = $db->prepare($sql);
-		if ($prep_statement) {
-		$prep_statement->execute();
-			$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-			if ($row['num_rows'] > 0) {
-				$num_rows = $row['num_rows'];
-			}
-			else {
-				$num_rows = '0';
-			}
-		}
-
-	//prepare to page the results
-		$rows_per_page = 10;
-		$param = "";
-		$page = $_GET['page'];
-		if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
-		list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
-		$offset = $rows_per_page * $page;
-
-	//get the extension list
-                $sql = "select e.extension_uuid, e.extension, e.enabled, e.description ";
-                $sql .= " from v_extensions e, v_extension_users eu, v_users u ";
-                $sql .= " where e.extension_uuid = eu.extension_uuid ";
-                $sql .= " and u.user_uuid = eu.user_uuid ";
-                $sql .= " and e.domain_uuid = '$domain_uuid' ";
-                $sql .= " and u.contact_uuid = '$contact_uuid' ";
-
-		if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-		$sql .= " limit $rows_per_page offset $offset ";
+		$sql .= "order by e.extension asc ";
 		$prep_statement = $db->prepare(check_sql($sql));
 		$prep_statement->execute();
 		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
@@ -121,7 +82,7 @@ require_once "resources/paging.php";
 	echo "<th>".$text['label-description']."</th>\n";
 	echo "<td class='list_control_icons'>";
 	if (permission_exists('extension_add')) {
-		echo "  <a href='/app/extensions/extension_edit.php' alt='".$text['button-add']."'>$v_link_label_add</a>\n";
+		echo "<a href='/app/extensions/extension_edit.php' alt='".$text['button-add']."'>$v_link_label_add</a>\n";
 	}
 	echo "</td>\n";
 	echo "</tr>\n";
@@ -141,14 +102,14 @@ require_once "resources/paging.php";
 			echo "	<td valign='top' class='row_stylebg'>".$row['description']."&nbsp;</td>\n";
 			echo "	<td class='list_control_icons'>";
 			if (permission_exists('extension_edit')) {
-				echo 	"<a href='/app/extensions/extension_edit.php?id=".$row['extension_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+				echo "<a href='/app/extensions/extension_edit.php?id=".$row['extension_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
 			}
 			if (permission_exists('extension_delete')) {
-				echo 	"<a href='/app/extensions/extension_delete.php?id=".$row['extension_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+				echo "<a href='/app/extensions/extension_delete.php?id=".$row['extension_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
 			}
 			echo "	</td>\n";
 			echo "</tr>\n";
-			if ($c==0) { $c=1; } else { $c=0; }
+			$c = ($c) ? 0 : 1;
 		} //end foreach
 		unset($sql, $result, $row_count);
 	} //end if results

contact_note_delete.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_delete')) {
+if (permission_exists('contact_note_delete')) {
 	//access granted
 }
 else {

contact_note_edit.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_edit')) {
+if (permission_exists('contact_note_edit') || permission_exists('contact_note_add')) {
 	//access granted
 }
 else {
@@ -66,10 +66,6 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 	}
 
 	//check for all required data
-		//if (strlen($contact_note) == 0) { $msg .= $text['message-required'].$text['label-contact_note']."<br>\n"; }
-		//if (strlen($domain_uuid) == 0) { $msg .= $text['message-required']."domain_uuid<br>\n"; }
-		//if (strlen($last_mod_date) == 0) { $msg .= $text['message-required']."Last Modified Date<br>\n"; }
-		//if (strlen($last_mod_user) == 0) { $msg .= $text['message-required']."Last Modified By<br>\n"; }
 		if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) {
 			require_once "resources/header.php";
 			require_once "resources/persist_form_var.php";

contact_notes.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_view')) {
+if (permission_exists('contact_note_view')) {
 	//access granted
 }
 else {
@@ -34,19 +34,6 @@ else {
 	exit;
 }
 
-//require_once "resources/header.php";
-require_once "resources/paging.php";
-
-//get variables used to control the order
-	$order_by = $_GET["order_by"];
-	$order = $_GET["order"];
-
-//set defaults
-	if (strlen($order_by) == 0) {
-		$order_by = 'last_mod_date';
-		$order = 'desc';
-	}
-
 //show the content
 	echo "<table width='100%' border='0'>\n";
 	echo "<tr>\n";
@@ -59,7 +46,7 @@ require_once "resources/paging.php";
 		$sql = "select * from v_contact_notes ";
 		$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
 		$sql .= "and contact_uuid = '$contact_uuid' ";
-		if (strlen($order_by)> 0) { $sql .= "order by ".$order_by." ".$order." "; }
+		$sql .= "order by last_mod_date desc ";
 		$prep_statement = $db->prepare(check_sql($sql));
 		if ($prep_statement) {
 			$prep_statement->execute();
@@ -78,7 +65,9 @@ require_once "resources/paging.php";
 	echo "<th>".$text['label-note_content']."</th>\n";
 	echo "<th style='text-align: right;'>".$text['label-note_user']."</th>\n";
 	echo "<td class='list_control_icons'>";
-	echo 	"<a href='contact_note_edit.php?contact_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	if (permission_exists('contact_note_add')) {
+		echo "<a href='contact_note_edit.php?contact_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	}
 	echo "</td>\n";
 	echo "</tr>\n";
 	echo "</table>\n";
@@ -89,15 +78,21 @@ require_once "resources/paging.php";
 		foreach($result as $row) {
 			$contact_note = $row['contact_note'];
 			$contact_note = str_replace("\n","<br />",$contact_note);
-			$tr_link = "href='contact_note_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_note_uuid']."'";
+			if (permission_exists('contact_note_add')) {
+				$tr_link = "href='contact_note_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_note_uuid']."'";
+			}
 			echo "<tr ".$tr_link.">\n";
 			echo "	<td valign='top' class='".$row_style[$c]."' colspan='2'>";
 			echo "		<div style='display: inline-block; float: right; margin: -5px -7px 5px 5px; padding: 3px 4px; font-size: 10px; background-color: #f0f2f6;'><span style='color: #000; font-weight: bold;'>".$row['last_mod_user']."</span>: ".date("j M Y @ H:i:s", strtotime($row['last_mod_date']))."</div>";
 			echo 		$contact_note."&nbsp;";
 			echo "	</td>\n";
 			echo "	<td class='list_control_icons'>";
-			echo 		"<a href='contact_note_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_note_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
-			echo 		"<a href='contact_note_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_note_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			if (permission_exists('contact_note_edit')) {
+				echo "<a href='contact_note_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_note_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+			}
+			if (permission_exists('contact_note_delete')) {
+				echo "<a href='contact_note_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_note_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			}
 			echo "	</td>\n";
 			echo "</tr>\n";
 			$c = ($c) ? 0 : 1;

contact_phone_delete.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_delete')) {
+if (permission_exists('contact_phone_delete')) {
 	//access granted
 }
 else {

contact_phone_edit.php

@@ -27,7 +27,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_edit')) {
+if (permission_exists('contact_phone_edit') || permission_exists('contact_phone_add')) {
 	//access granted
 }
 else {
@@ -335,12 +335,12 @@ if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
 
 	echo "	<tr>\n";
 	echo "		<td colspan='2' align='right'>\n";
-	echo "				<br>\n";
-	echo "				<input type='hidden' name='contact_uuid' value='$contact_uuid'>\n";
+	echo "			<br>\n";
+	echo "			<input type='hidden' name='contact_uuid' value='$contact_uuid'>\n";
 	if ($action == "update") {
-		echo "				<input type='hidden' name='contact_phone_uuid' value='$contact_phone_uuid'>\n";
+		echo "		<input type='hidden' name='contact_phone_uuid' value='$contact_phone_uuid'>\n";
 	}
-	echo "				<input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
+	echo "			<input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
 	echo "		</td>\n";
 	echo "	</tr>";
 	echo "</table>";

contact_phones.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_view')) {
+if (permission_exists('contact_phone_view')) {
 	//access granted
 }
 else {
@@ -34,13 +34,6 @@ else {
 	exit;
 }
 
-//require_once "resources/header.php";
-require_once "resources/paging.php";
-
-//get variables used to control the order
-// 	$order_by = $_GET["order_by"];
-// 	$order = $_GET["order"];
-
 //javascript function: send_cmd
 	echo "<script type=\"text/javascript\">\n";
 	echo "function send_cmd(url) {\n";
@@ -57,7 +50,6 @@ require_once "resources/paging.php";
 	echo "</script>\n";
 
 //show the content
-
 	echo "<table width='100%' border='0'>\n";
 	echo "<tr>\n";
 	echo "<td width='50%' align='left' nowrap='nowrap'><b>".$text['label-phone_numbers']."</b></td>\n";
@@ -65,38 +57,11 @@ require_once "resources/paging.php";
 	echo "</tr>\n";
 	echo "</table>\n";
 
-	//prepare to page the results
-// 		$sql = "select count(*) as num_rows from v_contact_phones ";
-// 		$sql .= " where domain_uuid = '$domain_uuid' ";
-// 		$sql .= " and contact_uuid = '$contact_uuid' ";
-// 		if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-// 		$prep_statement = $db->prepare($sql);
-// 		if ($prep_statement) {
-// 		$prep_statement->execute();
-// 			$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-// 			if ($row['num_rows'] > 0) {
-// 				$num_rows = $row['num_rows'];
-// 			}
-// 			else {
-// 				$num_rows = '0';
-// 			}
-// 		}
-
-	//prepare to page the results
-// 		$rows_per_page = 10;
-// 		$param = "";
-// 		$page = $_GET['page'];
-// 		if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
-// 		list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
-// 		$offset = $rows_per_page * $page;
-
 	//get the contact list
 		$sql = "select * from v_contact_phones ";
 		$sql .= "where domain_uuid = '$domain_uuid' ";
 		$sql .= "and contact_uuid = '$contact_uuid' ";
 		$sql .= "order by phone_primary desc, phone_label asc ";
-// 		if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-// 		$sql .= " limit $rows_per_page offset $offset ";
 		$prep_statement = $db->prepare(check_sql($sql));
 		$prep_statement->execute();
 		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
@@ -115,12 +80,16 @@ require_once "resources/paging.php";
 	echo "<th>".$text['label-phone_tools']."</th>\n";
 	echo "<th>".$text['label-phone_description']."</th>\n";
 	echo "<td class='list_control_icons'>";
-	echo 	"<a href='contact_phone_edit.php?contact_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	if (permission_exists('contact_phone_add')) {
+		echo "<a href='contact_phone_edit.php?contact_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	}
 	echo "</td>\n";
 	echo "</tr>\n";
 	if ($result_count > 0) {
 		foreach($result as $row) {
-			$tr_link = "href='contact_phone_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_phone_uuid']."'";
+			if (permission_exists('contact_phone_edit')) {
+				$tr_link = "href='contact_phone_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_phone_uuid']."'";
+			}
 			echo "<tr ".$tr_link." ".(($row['phone_primary']) ? "style='font-weight: bold;'" : null).">\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'>".(($row['phone_label'] == strtolower($row['phone_label'])) ? ucwords($row['phone_label']) : $row['phone_label'])."&nbsp;</td>\n";
 			echo "	<td valign='top' class='".$row_style[$c]." tr_link_void'>\n";
@@ -146,11 +115,15 @@ require_once "resources/paging.php";
 			echo "	</td>\n";
 			echo "	<td valign='top' class='row_stylebg'>".$row['phone_description']."&nbsp;</td>\n";
 			echo "	<td class='list_control_icons'>";
-			echo 		"<a href='contact_phone_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_phone_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
-			echo 		"<a href='contact_phone_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_phone_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			if (permission_exists('contact_phone_edit')) {
+				echo "<a href='contact_phone_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_phone_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+			}
+			if (permission_exists('contact_phone_delete')) {
+				echo "<a href='contact_phone_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_phone_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			}
 			echo "	</td>\n";
 			echo "</tr>\n";
-			if ($c==0) { $c=1; } else { $c=0; }
+			$c = ($c) ? 0 : 1;
 		} //end foreach
 		unset($sql, $result, $row_count);
 	} //end if results

contact_relation_delete.php

@@ -0,0 +1,60 @@
+<?php
+/*
+	FusionPBX
+	Version: MPL 1.1
+
+	The contents of this file are subject to the Mozilla Public License Version
+	1.1 (the "License"); you may not use this file except in compliance with
+	the License. You may obtain a copy of the License at
+	http://www.mozilla.org/MPL/
+
+	Software distributed under the License is distributed on an "AS IS" basis,
+	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+	for the specific language governing rights and limitations under the
+	License.
+
+	The Original Code is FusionPBX
+
+	The Initial Developer of the Original Code is
+	Mark J Crane <[email protected]>
+	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	the Initial Developer. All Rights Reserved.
+
+	Contributor(s):
+	Mark J Crane <[email protected]>
+*/
+require_once "root.php";
+require_once "resources/require.php";
+require_once "resources/check_auth.php";
+if (permission_exists('contact_relation_delete')) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
+
+//add multi-lingual support
+	$language = new text;
+	$text = $language->get();
+
+if (count($_GET)>0) {
+	$id = check_str($_GET["id"]); //relation
+	$contact_uuid = check_str($_GET["contact_uuid"]);
+}
+
+if (strlen($id)>0) {
+	$sql = "delete from v_contact_relations ";
+	$sql .= "where contact_relation_uuid = '".$id."' ";
+	$sql .= "and domain_uuid = '".$_SESSION['domain_uuid']."' ";
+	$sql .= "and contact_uuid = '".$contact_uuid."' ";
+	$prep_statement = $db->prepare(check_sql($sql));
+	$prep_statement->execute();
+	unset($sql);
+}
+
+$_SESSION["message"] = $text['message-delete'];
+header("Location: contact_edit.php?id=".$contact_uuid);
+return;
+
+?>

contact_relation_edit.php

@@ -0,0 +1,330 @@
+<?php
+/*
+	FusionPBX
+	Version: MPL 1.1
+
+	The contents of this file are subject to the Mozilla Public License Version
+	1.1 (the "License"); you may not use this file except in compliance with
+	the License. You may obtain a copy of the License at
+	http://www.mozilla.org/MPL/
+
+	Software distributed under the License is distributed on an "AS IS" basis,
+	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+	for the specific language governing rights and limitations under the
+	License.
+
+	The Original Code is FusionPBX
+
+	The Initial Developer of the Original Code is
+	Mark J Crane <[email protected]>
+	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	the Initial Developer. All Rights Reserved.
+
+	Contributor(s):
+	Mark J Crane <[email protected]>
+	Luis Daniel Lucio Quiroz <[email protected]>
+*/
+require_once "root.php";
+require_once "resources/require.php";
+require_once "resources/check_auth.php";
+if (permission_exists('contact_relation_edit') || permission_exists('contact_relation_add')) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
+
+//add multi-lingual support
+	$language = new text;
+	$text = $language->get();
+
+//action add or update
+	if (isset($_REQUEST["id"])) {
+		$action = "update";
+		$contact_relation_uuid = check_str($_REQUEST["id"]);
+	}
+	else {
+		$action = "add";
+	}
+
+if (strlen($_GET["contact_uuid"]) > 0) {
+	$contact_uuid = check_str($_GET["contact_uuid"]);
+}
+
+//get http post variables and set them to php variables
+	if (count($_POST)>0) {
+		$relation_label = check_str($_POST["relation_label"]);
+		$relation_label_custom = check_str($_POST["relation_label_custom"]);
+		$relation_contact_uuid = check_str($_POST["relation_contact_uuid"]);
+		$relation_reciprocal = check_str($_POST["relation_reciprocal"]);
+		$relation_reciprocal_label = check_str($_POST["relation_reciprocal_label"]);
+		$relation_reciprocal_label_custom = check_str($_POST["relation_reciprocal_label_custom"]);
+
+		//use custom label(s), if set
+		$relation_label = ($relation_label_custom != '') ? $relation_label_custom : $relation_label;
+		$relation_reciprocal_label = ($relation_reciprocal_label_custom != '') ? $relation_reciprocal_label_custom : $relation_reciprocal_label;
+	}
+
+if (count($_POST)>0 && strlen($_POST["persistformvar"]) == 0) {
+
+	$msg = '';
+	if ($action == "update") {
+		$contact_relation_uuid = check_str($_POST["contact_relation_uuid"]);
+	}
+
+	//check for all required data
+		if (strlen($msg) > 0 && strlen($_POST["persistformvar"]) == 0) {
+			require_once "resources/header.php";
+			require_once "resources/persist_form_var.php";
+			echo "<div align='center'>\n";
+			echo "<table><tr><td>\n";
+			echo $msg."<br />";
+			echo "</td></tr></table>\n";
+			persistformvar($_POST);
+			echo "</div>\n";
+			require_once "resources/footer.php";
+			return;
+		}
+
+	//add or update the database
+	if ($_POST["persistformvar"] != "true") {
+
+		if ($action == "add") {
+			$contact_relation_uuid = uuid();
+			$sql = "insert into v_contact_relations ";
+			$sql .= "(";
+			$sql .= "contact_relation_uuid, ";
+			$sql .= "domain_uuid, ";
+			$sql .= "contact_uuid, ";
+			$sql .= "relation_label, ";
+			$sql .= "relation_contact_uuid ";
+			$sql .= ")";
+			$sql .= "values ";
+			$sql .= "(";
+			$sql .= "'".$contact_relation_uuid."', ";
+			$sql .= "'".$_SESSION['domain_uuid']."', ";
+			$sql .= "'".$contact_uuid."', ";
+			$sql .= "'".$relation_label."', ";
+			$sql .= "'".$relation_contact_uuid."' ";
+			$sql .= ")";
+			$db->exec(check_sql($sql));
+			unset($sql);
+
+			if ($relation_reciprocal) {
+				$contact_relation_uuid = uuid();
+				$sql = "insert into v_contact_relations ";
+				$sql .= "(";
+				$sql .= "contact_relation_uuid, ";
+				$sql .= "domain_uuid, ";
+				$sql .= "contact_uuid, ";
+				$sql .= "relation_label, ";
+				$sql .= "relation_contact_uuid ";
+				$sql .= ")";
+				$sql .= "values ";
+				$sql .= "(";
+				$sql .= "'".$contact_relation_uuid."', ";
+				$sql .= "'".$_SESSION['domain_uuid']."', ";
+				$sql .= "'".$relation_contact_uuid."', ";
+				$sql .= "'".$relation_reciprocal_label."', ";
+				$sql .= "'".$contact_uuid."' ";
+				$sql .= ")";
+				$db->exec(check_sql($sql));
+				unset($sql);
+			}
+
+			$_SESSION["message"] = $text['message-add'];
+			header("Location: contact_edit.php?id=".$contact_uuid);
+			return;
+		} //if ($action == "add")
+
+		if ($action == "update") {
+			$sql = "update v_contact_relations set ";
+			$sql .= "relation_label = '".$relation_label."', ";
+			$sql .= "relation_contact_uuid = '".$relation_contact_uuid."' ";
+			$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
+			$sql .= "and contact_relation_uuid = '".$contact_relation_uuid."'";
+			$db->exec(check_sql($sql));
+			unset($sql);
+
+			$_SESSION["message"] = $text['message-update'];
+			header("Location: contact_edit.php?id=".$contact_uuid);
+			return;
+		} //if ($action == "update")
+	} //if ($_POST["persistformvar"] != "true")
+} //(count($_POST)>0 && strlen($_POST["persistformvar"]) == 0)
+
+//pre-populate the form
+	if (count($_GET) > 0 && $_POST["persistformvar"] != "true") {
+		$contact_relation_uuid = $_GET["id"];
+		$sql = "select * from v_contact_relations ";
+		$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
+		$sql .= "and contact_relation_uuid = '".$contact_relation_uuid."' ";
+		$prep_statement = $db->prepare(check_sql($sql));
+		$prep_statement->execute();
+		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+		foreach ($result as &$row) {
+			$relation_label = $row["relation_label"];
+			$relation_contact_uuid = $row["relation_contact_uuid"];
+			break; //limit to 1 row
+		}
+		unset ($prep_statement);
+	}
+
+//show the header
+	$document['title'] = $text['title-contact_relation'];
+	require_once "resources/header.php";
+
+//javascript to toggle input/select boxes
+	echo "<script type='text/javascript'>";
+	echo "	function toggle_custom(field) {";
+	echo "		$('#'+field).toggle();";
+	echo "		document.getElementById(field).selectedIndex = 0;";
+	echo "		document.getElementById(field+'_custom').value = '';";
+	echo "		$('#'+field+'_custom').toggle();";
+	echo "		if ($('#'+field+'_custom').is(':visible')) { $('#'+field+'_custom').focus(); } else { $('#'+field).focus(); }";
+	echo "	}";
+	echo "</script>";
+
+//show the content
+	echo "<form method='post' name='frm' action=''>\n";
+	echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
+	echo "<tr>\n";
+	echo "<td align='left' valign='top' nowrap='nowrap'>";
+	echo "	<b>".$text['header-contact_relation']."</b>";
+	echo "</td>\n";
+	echo "<td align='right' valign='top'>";
+	echo "	<input type='button' class='btn' name='' alt='".$text['button-back']."' onclick=\"window.location='contact_edit.php?id=".$contact_uuid."'\" value='".$text['button-back']."'>";
+	echo "	<input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
+	echo "</td>\n";
+	echo "</tr>\n";
+	echo "</table>\n";
+	echo "<br />\n";
+
+	echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
+	echo "<tr>\n";
+	echo "<td width='30%' class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
+	echo "	".$text['label-contact_relation_label']."\n";
+	echo "</td>\n";
+	echo "<td width='70%' class='vtable' align='left'>\n";
+	if (is_array($_SESSION["contact"]["relation_label"])) {
+		sort($_SESSION["contact"]["relation_label"]);
+		foreach($_SESSION["contact"]["relation_label"] as $row) {
+			$relation_label_options[] = "<option value='".$row."' ".(($row == $relation_label) ? "selected='selected'" : null).">".$row."</option>";
+		}
+		$relation_label_found = (in_array($relation_label, $_SESSION["contact"]["relation_label"])) ? true : false;
+	}
+	else {
+		$selected[$relation_label] = "selected";
+		$default_labels[] = $text['label-contact_relation_option_parent'];
+		$default_labels[] = $text['label-contact_relation_option_child'];
+		$default_labels[] = $text['label-contact_relation_option_employee'];
+		$default_labels[] = $text['label-contact_relation_option_member'];
+		$default_labels[] = $text['label-contact_relation_option_associate'];
+		$default_labels[] = $text['label-contact_relation_option_other'];
+		foreach ($default_labels as $default_label) {
+			$relation_label_options[] = "<option value='".$default_label."' ".$selected[$default_label].">".$default_label."</option>";
+		}
+		$relation_label_found = (in_array($relation_label, $default_labels)) ? true : false;
+	}
+	echo "	<select class='formfld' ".((!$relation_label_found && $relation_label != '') ? "style='display: none;'" : null)." name='relation_label' id='relation_label' onchange=\"getElementById('relation_label_custom').value='';\">\n";
+	echo "		<option value=''></option>\n";
+	echo 		(is_array($relation_label_options)) ? implode("\n", $relation_label_options) : null;
+	echo "	</select>\n";
+	echo "	<input type='text' class='formfld' ".(($relation_label_found || $relation_label == '') ? "style='display: none;'" : null)." name='relation_label_custom' id='relation_label_custom' value=\"".((!$relation_label_found) ? htmlentities($relation_label) : null)."\">\n";
+	echo "	<input type='button' id='btn_toggle_label' class='btn' alt='".$text['button-back']."' value='&#9665;' onclick=\"toggle_custom('relation_label');\">\n";
+	echo "<br />\n";
+	echo $text['description-relation_label']."\n";
+	echo "</td>\n";
+	echo "</tr>\n";
+
+	echo "<tr>\n";
+	echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
+	echo "	".$text['label-contact_relation_contact']."\n";
+	echo "</td>\n";
+	echo "<td class='vtable' align='left'>\n";
+	$sql = "select contact_uuid, contact_organization, contact_name_given, contact_name_family from v_contacts ";
+	$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
+	$sql .= "and contact_uuid <> '".$contact_uuid."' ";
+	$sql .= "order by contact_organization desc, contact_name_given asc, contact_name_family asc ";
+	$prep_statement = $db->prepare(check_sql($sql));
+	$prep_statement->execute();
+	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+	unset ($prep_statement, $sql);
+	echo "<select class='formfld' name='relation_contact_uuid' id='relation_contact_uuid'>\n";
+	echo "<option value=''></option>\n";
+	foreach($result as $row) {
+		$contact_name = $row['contact_name_given'].(($row['contact_name_given'] != '' && $row['contact_name_family'] != '') ? ' ' : null).$row['contact_name_family'];
+		if ($row['contact_organization'] != '') {
+			if ($contact_name != '') {
+				$contact_name = $row['contact_organization'].', '.$contact_name;
+			}
+			else {
+				$contact_name = $row['contact_organization'];
+			}
+		}
+		echo "<option value='".$row['contact_uuid']."' ".(($row['contact_uuid'] == $relation_contact_uuid) ? "selected='selected'" : null).">".$contact_name."</option>\n";
+	}
+	unset($sql, $result, $row_count);
+	echo "</select>\n";
+// 	echo "<br />\n";
+// 	echo $text['description-related_contact']."\n";
+	echo "</td>\n";
+	echo "</tr>\n";
+
+	if ($action == 'add') {
+		echo "<tr>\n";
+		echo "<td class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
+		echo "	".$text['label-contact_relation_reciprocal']."\n";
+		echo "</td>\n";
+		echo "<td class='vtable' align='left'>\n";
+		echo "	<select class='formfld' name='relation_reciprocal' id='relation_reciprocal' onchange=\"$('#reciprocal_label').slideToggle(400);\">\n";
+		echo "		<option value='0'>".$text['option-false']."</option>\n";
+		echo "		<option value='1'>".$text['option-true']."</option>\n";
+		echo "	</select>\n";
+		echo "<br />\n";
+		echo $text['description-contact_relation_reciprocal']."\n";
+		echo "</td>\n";
+		echo "</tr>\n";
+		echo "</table>\n";
+
+		echo "<div id='reciprocal_label' style='display: none;'>\n";
+		echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
+		echo "<tr>\n";
+		echo "<td width='30%' class='vncell' valign='top' align='left' nowrap='nowrap'>\n";
+		echo "	".$text['label-contact_relation_reciprocal_label']."\n";
+		echo "</td>\n";
+		echo "<td width='70%' class='vtable' align='left'>\n";
+		echo "	<select class='formfld' name='relation_reciprocal_label' id='relation_reciprocal_label' onchange=\"getElementById('relation_reciprocal_label_custom').value='';\">\n";
+		echo "		<option value=''></option>\n";
+		echo 		(is_array($relation_label_options)) ? implode("\n", $relation_label_options) : null;
+		echo "	</select>\n";
+		echo "	<input type='text' class='formfld' style='display: none;' name='relation_reciprocal_label_custom' id='relation_reciprocal_label_custom' value=''>\n";
+		echo "	<input type='button' id='btn_toggle_reciprocal_label' class='btn' alt='".$text['button-back']."' value='&#9665;' onclick=\"toggle_custom('relation_reciprocal_label');\">\n";
+		echo "<br />\n";
+		echo $text['description-contact_relation_reciprocal_label']."\n";
+		echo "</td>\n";
+		echo "</tr>\n";
+		echo "</table>\n";
+		echo "</div>\n";
+
+		echo "<table width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
+	}
+
+	echo "	<tr>\n";
+	echo "		<td colspan='2' align='right'>\n";
+	echo "			<br>\n";
+	echo "			<input type='hidden' name='contact_uuid' value='".$contact_uuid."'>\n";
+	if ($action == "update") {
+		echo "		<input type='hidden' name='contact_relation_uuid' value='".$contact_relation_uuid."'>\n";
+	}
+	echo "			<input type='submit' name='submit' class='btn' value='".$text['button-save']."'>\n";
+	echo "		</td>\n";
+	echo "	</tr>";
+	echo "</table>";
+	echo "<br><br>";
+	echo "</form>";
+
+//include the footer
+	require_once "resources/footer.php";
+?>

contact_relations.php

@@ -0,0 +1,113 @@
+<?php
+/*
+	FusionPBX
+	Version: MPL 1.1
+
+	The contents of this file are subject to the Mozilla Public License Version
+	1.1 (the "License"); you may not use this file except in compliance with
+	the License. You may obtain a copy of the License at
+	http://www.mozilla.org/MPL/
+
+	Software distributed under the License is distributed on an "AS IS" basis,
+	WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
+	for the specific language governing rights and limitations under the
+	License.
+
+	The Original Code is FusionPBX
+
+	The Initial Developer of the Original Code is
+	Mark J Crane <[email protected]>
+	Portions created by the Initial Developer are Copyright (C) 2008-2012
+	the Initial Developer. All Rights Reserved.
+
+	Contributor(s):
+	Mark J Crane <[email protected]>
+*/
+require_once "root.php";
+require_once "resources/require.php";
+require_once "resources/check_auth.php";
+if (permission_exists('contact_relation_view')) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
+
+//show the content
+	echo "<table width='100%' border='0'>\n";
+	echo "<tr>\n";
+	echo "<td width='50%' align='left' nowrap='nowrap'><b>".$text['header-contact_relations']."</b></td>\n";
+	echo "<td width='50%' align='right'>&nbsp;</td>\n";
+	echo "</tr>\n";
+	echo "</table>\n";
+
+	//get the related contacts
+		$sql = "select ";
+		$sql .= "cr.contact_relation_uuid, ";
+		$sql .= "cr.relation_label, ";
+		$sql .= "c.contact_uuid, ";
+		$sql .= "c.contact_organization, ";
+		$sql .= "c.contact_name_given, ";
+		$sql .= "c.contact_name_family ";
+		$sql .= "from ";
+		$sql .= "v_contact_relations as cr, ";
+		$sql .= "v_contacts as c ";
+		$sql .= "where ";
+		$sql .= "cr.relation_contact_uuid = c.contact_uuid ";
+		$sql .= "and cr.domain_uuid = '".$_SESSION['domain_uuid']."' ";
+		$sql .= "and cr.contact_uuid = '".$contact_uuid."' ";
+		$sql .= "order by ";
+		$sql .= "c.contact_organization desc, ";
+		$sql .= "c.contact_name_given asc, ";
+		$sql .= "c.contact_name_family asc ";
+		//echo $sql."<br><br>";
+		$prep_statement = $db->prepare(check_sql($sql));
+		$prep_statement->execute();
+		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
+		$result_count = count($result);
+		unset ($prep_statement, $sql);
+
+	$c = 0;
+	$row_style["0"] = "row_style0";
+	$row_style["1"] = "row_style1";
+
+	echo "<table class='tr_hover' style='margin-bottom: 20px;' width='100%' border='0' cellpadding='0' cellspacing='0'>\n";
+
+	echo "<tr>\n";
+	echo "<th>".$text['label-contact_relation_label']."</th>\n";
+	echo "<th>".$text['label-contact_relation_organization']."</th>\n";
+	echo "<th>".$text['label-contact_relation_name']."</th>\n";
+	echo "<td class='list_control_icons'>";
+	if (permission_exists('contact_relation_add')) {
+		echo "<a href='contact_relation_edit.php?contact_uuid=".$contact_uuid."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	}
+	echo "</td>\n";
+	echo "</tr>\n";
+
+	if ($result_count > 0) {
+		foreach($result as $row) {
+			if (permission_exists('contact_relation_edit')) {
+				$tr_link = "href='contact_relation_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_relation_uuid']."' ";
+			}
+			echo "<tr ".$tr_link.">\n";
+			echo "	<td valign='top' class='".$row_style[$c]."'>".$row['relation_label']."&nbsp;</td>\n";
+			echo "	<td valign='top' class='".$row_style[$c]." tr_link_void'><a href='contact_edit.php?id=".$row['contact_uuid']."'>".$row['contact_organization']."</a>&nbsp;</td>\n";
+			echo "	<td valign='top' class='".$row_style[$c]." tr_link_void'><a href='contact_edit.php?id=".$row['contact_uuid']."'>".$row['contact_name_given'].(($row['contact_name_given'] != '' && $row['contact_name_family'] != '') ? ' ' : null).$row['contact_name_family']."</a>&nbsp;</td>\n";
+			echo "	<td class='list_control_icons'>";
+			if (permission_exists('contact_relation_edit')) {
+				echo "<a href='contact_relation_edit.php?contact_uuid=".$contact_uuid."&id=".$row['contact_relation_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+			}
+			if (permission_exists('contact_relation_delete')) {
+				echo "<a href='contact_relation_delete.php?contact_uuid=".$contact_uuid."&id=".$row['contact_relation_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			}
+			echo "	</td>\n";
+			echo "</tr>\n";
+			$c = ($c) ? 0 : 1;
+		} //end foreach
+		unset($sql, $result, $row_count);
+	} //end if results
+
+	echo "</table>";
+
+?>

contact_setting_delete.php

@@ -27,6 +27,13 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
+if (permission_exists('contact_setting_delete')) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
 
 //add multi-lingual support
 	$language = new text;

contact_setting_edit.php

@@ -27,6 +27,13 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
+if (permission_exists('contact_setting_edit') || permission_exists('contact_setting_add')) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
 
 //add multi-lingual support
 	$language = new text;

contact_settings.php

@@ -27,50 +27,22 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-require_once "resources/paging.php";
-
-//get variables used to control the order
-	$order_by = check_str($_GET["order_by"]);
-	$order = check_str($_GET["order"]);
-
-//prepare to page the results
-// 	$sql = "select count(*) as num_rows from v_contact_settings ";
-// 	$sql .= "where contact_uuid = '$contact_uuid' ";
-// 	if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-// 	$prep_statement = $db->prepare($sql);
-// 	if ($prep_statement) {
-// 	$prep_statement->execute();
-// 		$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-// 		if ($row['num_rows'] > 0) {
-// 			$num_rows = $row['num_rows'];
-// 		}
-// 		else {
-// 			$num_rows = '0';
-// 		}
-// 	}
-
-//prepare to page the results
-// 	$rows_per_page = 2;
-// 	$param = "";
-// 	$page = $_GET['page'];
-// 	if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
-// 	list($paging_controls, $rows_per_page, $var3) = paging($num_rows, $param, $rows_per_page);
-// 	$offset = $rows_per_page * $page;
+if (permission_exists('contact_setting_view')) {
+	//access granted
+}
+else {
+	echo "access denied";
+	exit;
+}
 
 //get the list
 	$sql = "select * from v_contact_settings ";
 	$sql .= "where domain_uuid = '$domain_uuid' ";
 	$sql .= "and contact_uuid = '$contact_uuid' ";
-	if (strlen($order_by) == 0) {
-		$sql .= "order by ";
-		$sql .= "contact_setting_category asc ";
-		$sql .= ", contact_setting_subcategory asc ";
-		$sql .= ", contact_setting_order asc ";
-	}
-	else {
-		$sql .= "order by ".$order_by." ".$order." ";
-	}
-//	$sql .= "limit ".$rows_per_page." offset ".$offset." ";
+	$sql .= "order by ";
+	$sql .= "contact_setting_category asc ";
+	$sql .= ", contact_setting_subcategory asc ";
+	$sql .= ", contact_setting_order asc ";
 	$prep_statement = $db->prepare(check_sql($sql));
 	$prep_statement->execute();
 	$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
@@ -103,19 +75,22 @@ require_once "resources/paging.php";
 	echo "<th style='text-align: center;'>".$text['label-enabled']."</th>";
 	echo "<th>".$text['label-description']."</th>";
 	echo "<td class='list_control_icons'>";
-	echo 	"<a href='contact_setting_edit.php?contact_uuid=".$contact_uuid."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	if (permission_exists('contact_setting_add')) {
+		echo "<a href='contact_setting_edit.php?contact_uuid=".$contact_uuid."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	}
 	echo "</td>\n";
 	echo "</tr>\n";
 	if ($result_count > 0) {
 		$previous_category = '';
 		foreach($result as $row) {
-			$tr_link = " href='contact_setting_edit.php?contact_uuid=".$contact_uuid."&id=".$row['contact_setting_uuid']."'";
+			if (permission_exists('contact_setting_edit')) {
+				$tr_link = " href='contact_setting_edit.php?contact_uuid=".$contact_uuid."&id=".$row['contact_setting_uuid']."'";
+			}
 			echo "<tr ".$tr_link.">\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'>".$row['contact_setting_category']."&nbsp;</td>\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'><a href='contact_setting_edit.php?contact_uuid=".$contact_uuid."&id=".$row['contact_setting_uuid']."'>".$row['contact_setting_subcategory']."</a></td>\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'>".$row['contact_setting_name']."&nbsp;</td>\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'>\n";
-
 			$category = $row['contact_setting_category'];
 			$subcategory = $row['contact_setting_subcategory'];
 			$name = $row['contact_setting_name'];
@@ -132,18 +107,20 @@ require_once "resources/paging.php";
 			echo "	<td valign='top' class='".$row_style[$c]."' style='text-align: center;'>".ucwords($row['contact_setting_enabled'])."&nbsp;</td>\n";
 			echo "	<td valign='top' class='row_stylebg'>".$row['contact_setting_description']."&nbsp;</td>\n";
 			echo "	<td class='list_control_icons'>";
-				echo 	"<a href='contact_setting_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_setting_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+			if (permission_exists('contact_setting_edit')) {
+				echo "<a href='contact_setting_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_setting_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+			}
+			if (permission_exists('contact_setting_delete')) {
 				echo 	"<a href='contact_setting_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_setting_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			}
 			echo "	</td>\n";
 			echo "</tr>\n";
 			$previous_category = $row['contact_setting_category'];
-			if ($c==0) { $c=1; } else { $c=0; }
+			$c = ($c) ? 0 : 1;
 		} //end foreach
 		unset($sql, $result, $row_count);
 	} //end if results
 
 	echo "</table>";
 
-//include the footer
-	//require_once "resources/footer.php";
 ?>

contact_url_delete.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_delete')) {
+if (permission_exists('contact_url_delete')) {
 	//access granted
 }
 else {

contact_url_edit.php

@@ -27,7 +27,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_edit')) {
+if (permission_exists('contact_url_edit') || permission_exists('contact_url_add')) {
 	//access granted
 }
 else {

contact_urls.php

@@ -26,7 +26,7 @@
 require_once "root.php";
 require_once "resources/require.php";
 require_once "resources/check_auth.php";
-if (permission_exists('contact_view')) {
+if (permission_exists('contact_url_view')) {
 	//access granted
 }
 else {
@@ -34,15 +34,7 @@ else {
 	exit;
 }
 
-//require_once "resources/header.php";
-require_once "resources/paging.php";
-
-//get variables used to control the order
-// 	$order_by = $_GET["order_by"];
-// 	$order = $_GET["order"];
-
 //show the content
-
 	echo "<table width='100%' border='0'>\n";
 	echo "<tr>\n";
 	echo "<td width='50%' align='left' nowrap='nowrap'><b>".$text['label-urls']."</b></td>\n";
@@ -50,37 +42,11 @@ require_once "resources/paging.php";
 	echo "</tr>\n";
 	echo "</table>\n";
 
-	//prepare to page the results
-// 		$sql = " select count(*) as num_rows from v_contact_urls ";
-// 		$sql .= " where domain_uuid = '".$_SESSION['domain_uuid']."' ";
-// 		$sql .= " and contact_uuid = '$contact_uuid' ";
-// 		$prep_statement = $db->prepare($sql);
-// 		if ($prep_statement) {
-// 		$prep_statement->execute();
-// 			$row = $prep_statement->fetch(PDO::FETCH_ASSOC);
-// 			if ($row['num_rows'] > 0) {
-// 				$num_rows = $row['num_rows'];
-// 			}
-// 			else {
-// 				$num_rows = '0';
-// 			}
-// 		}
-
-	//prepare to page the results
-// 		$rows_per_page = 10;
-// 		$param = "";
-// 		$page = $_GET['page'];
-// 		if (strlen($page) == 0) { $page = 0; $_GET['page'] = 0; }
-// 		list($paging_controls, $rows_per_page, $var_3) = paging($num_rows, $param, $rows_per_page);
-// 		$offset = $rows_per_page * $page;
-
 	//get the contact list
 		$sql = "select * from v_contact_urls ";
 		$sql .= "where domain_uuid = '".$_SESSION['domain_uuid']."' ";
 		$sql .= "and contact_uuid = '$contact_uuid' ";
 		$sql .= "order by url_primary desc, url_label asc ";
-// 		if (strlen($order_by)> 0) { $sql .= "order by $order_by $order "; }
-// 		$sql .= " limit $rows_per_page offset $offset ";
 		$prep_statement = $db->prepare(check_sql($sql));
 		$prep_statement->execute();
 		$result = $prep_statement->fetchAll(PDO::FETCH_NAMED);
@@ -98,23 +64,31 @@ require_once "resources/paging.php";
 	echo "<th>".$text['label-url_address']."</th>\n";
 	echo "<th>".$text['label-url_description']."</th>\n";
 	echo "<td class='list_control_icons'>";
-	echo 	"<a href='contact_url_edit.php?contact_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	if (permission_exists('contact_url_add')) {
+		echo "<a href='contact_url_edit.php?contact_uuid=".$_GET['id']."' alt='".$text['button-add']."'>$v_link_label_add</a>";
+	}
 	echo "</td>\n";
 	echo "</tr>\n";
 
 	if ($result_count > 0) {
 		foreach($result as $row) {
-			$tr_link = "href='contact_url_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_url_uuid']."'";
+			if (permission_exists('contact_url_edit')) {
+				$tr_link = "href='contact_url_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_url_uuid']."'";
+			}
 			echo "<tr ".$tr_link." ".(($row['url_primary']) ? "style='font-weight: bold;'" : null).">\n";
 			echo "	<td valign='top' class='".$row_style[$c]."'>".$row['url_label']."&nbsp;</td>\n";
 			echo "	<td valign='top' class='".$row_style[$c]." tr_link_void' style='width: 40%; max-width: 60px; overflow: hidden; text-overflow: ellipsis; white-space: nowrap;'><a href='".$row['url_address']."' target='_blank'>".str_replace("http://", "", str_replace("https://", "", $row['url_address']))."</a>&nbsp;</td>\n";
 			echo "	<td valign='top' class='row_stylebg'>".$row['url_description']."&nbsp;</td>\n";
 			echo "	<td class='list_control_icons'>";
-			echo 		"<a href='contact_url_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_url_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
-			echo 		"<a href='contact_url_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_url_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			if (permission_exists('contact_url_edit')) {
+				echo "<a href='contact_url_edit.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_url_uuid']."' alt='".$text['button-edit']."'>$v_link_label_edit</a>";
+			}
+			if (permission_exists('contact_url_delete')) {
+				echo "<a href='contact_url_delete.php?contact_uuid=".$row['contact_uuid']."&id=".$row['contact_url_uuid']."' alt='".$text['button-delete']."' onclick=\"return confirm('".$text['confirm-delete']."')\">$v_link_label_delete</a>";
+			}
 			echo "	</td>\n";
 			echo "</tr>\n";
-			if ($c==0) { $c=1; } else { $c=0; }
+			$c = ($c) ? 0 : 1;
 		} //end foreach
 		unset($sql, $result, $row_count);
 	} //end if results