open_badges.module

<?php

/**
 * @file
 * @brief Open Badges module file
 *
 * This file contains all the hook implementations and commonly used functions
 *
 * @author Jeff Robbins (jjeff), http://drupal.org/user/17190
 * @author Chad Phillips (hunmonk), http://drupal.org/user/22079
 * @author Heine Deelstra (Heine), http://drupal.org/user/17943
 * @author Nuno Veloso (nunoveloso18), http://drupal.org/user/80656
 * @author Richard Skinner (Likeless), http://drupal.org/user/310635
 * @author Nancy Wichmann (NancyDru), http://drupal.org/user/101412
 * @author Kevin Coffman (kwcoffman), http://drupal.org/user/1016508
 *
 */
include 'open_badges_constants.inc';

/**
 * Implements hook_help().
 */
function open_badges_help($path, $arg) {
  global $user;
  switch ($path) {
    case 'admin/modules#description':

    case 'admin/user/open_badges':
      return t('User badges are iconic images which can be assigned to users. They can represent accomplishments, status, or anything you\'d like. These badges will show up in the user\'s profile, and could also be used by a theme to appear with user postings on forums, comments, or nodes. Badges can be assigned manually by an administrator by visiting a user\'s profile. They also can be assigned automatically by role or ecommerce purchase (if ecommerce modules are installed). The excellent !link module can also be used to set and unset badges on a wide variety of conditions.', array('!link' => l('Rules', 'http://drupal.org/project/rules', array('absolute' => TRUE))));

    //case 'admin/user/open_badges/roles':
    //  return t("Select the badge that you'd like to associate with each role.");

    case 'admin/user/open_badges/images':
      return t("This is the open badges image library. Note that this area is not functional if you have private download active. Here you can upload images to display as a open badge, but you can also enter image URLs directly in the badge form, so this area is optional. The images can be anything you like, but it is recommended that you maintain a uniform icon size for all of your badges. Keep in mind that a user may have many badges displayed so you'll probably want to keep them as small as possible (like 16x16 pixels or smaller).");

    case 'user/%/open_badges':
    case 'user/%/open_badges/list':
      $showone = variable_get('open_badges_showone', 0);
      if (variable_get('open_badges_userweight', 0) && ($user->uid == $arg[1] || user_access('change badge assignments')) ) {
        // Help messages for users who can reorder.
        if ($showone) {
          return t("You can reorder badges here. Some badges may not appear on the list; these badges cannot be reordered. Only the top !number badges will be shown publicly.", array('!number' => $showone));
        }
        else {
          return t("You can reorder your badges here. Some badges may not appear on the list; these badges cannot be reordered.");
        }
      }
      else {
        // Either we don't support reordering, or this user lacks the permission to do it.
        return t("These are all the badges owned by this user.");
      }

  }
}

/**
 * Implements hook_perm().
 */
function open_badges_perm() {
  return array(
    'manage badges',
    'change badge assignments',
    'show badges in user profile'
  );
}

/**
 * Implements hook_menu().
 */
function open_badges_menu() {
  $items = array();
  $access = array('manage badges');

  $items['admin/user/open_badges'] = array(
    'title' => 'Manage Badges',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_badgelist_form'),
    'access arguments' => $access,
    'file' => 'open_badges.admin.inc',
    );

  $items['admin/user/open_badges/list'] = array(
    'title' => 'List',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_badgelist_form'),
    'access arguments' => $access,
    'type' => MENU_DEFAULT_LOCAL_TASK,
    'weight' => -10,
    'file' => 'open_badges.admin.inc',
    );

  $items['admin/user/open_badges/add'] = array(
    'title' => 'Add',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_edit_form'),
    'access arguments' => $access,
    'type' => MENU_LOCAL_TASK,
    'file' => 'open_badges.admin.inc',
    );

  $items['admin/user/open_badges/images'] = array(
    'title' => 'Images',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_images_form'),
    'access arguments' => $access,
    'type' => MENU_LOCAL_TASK,
    'file' => 'open_badges.admin.inc',
    );

/* XXX --- Don't support roles stuff for now! --- XXX
  $items['admin/user/open_badges/roles'] = array(
    'title' => 'Roles',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_roles_form'),
    'access arguments' => $access,
    'type' => MENU_LOCAL_TASK,
    'file' => 'open_badges.admin.inc',
    );
*/
  $items['admin/user/open_badges/settings'] = array(
    'title' => 'Settings',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_settings_form'),
    'access arguments' => $access,
    'type' => MENU_LOCAL_TASK,
    'file' => 'open_badges.admin.inc',
    );

  $items['admin/user/open_badges/recipients/%'] = array(
    'title' => 'Recipients',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_recipients_form', 4),
    'access arguments' => $access,
    'type' => MENU_LOCAL_TASK,
    'file' => 'open_badges.admin.inc',
    );

  $items['admin/user/open_badges/recipients'] = array(
    'title' => 'Recipients',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_recipients_form', NULL),
    'access arguments' => $access,
    'type' => MENU_LOCAL_TASK,
    'file' => 'open_badges.admin.inc',
    );

    $items['admin/user/open_badges/edit/%'] = array(
    'title' => 'Edit badge',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_edit_form', 4),
    'access arguments' => $access,
    'type' => MENU_CALLBACK,
    'file' => 'open_badges.admin.inc',
    );

  $items['admin/user/open_badges/delete/%'] = array(
    'title' => 'Delete badge',
    'page callback' => 'drupal_get_form',
    'page arguments' => array('open_badges_delete_form', 4),
    'access arguments' => $access,
    'type' => MENU_CALLBACK,
    'file' => 'open_badges.admin.inc',
    );

  $items['user/%/open_badges'] = array(
    'title' => 'Manage Badges',
    'page callback' => 'open_badges_userweight_page',
    'page arguments' => array(1),
    'access arguments' => array('show badges in user profile'),
    'type' => MENU_LOCAL_TASK,
    'weight' => 4,
    );

  $items['user/%/open_badges/list'] = array(
    'title' => 'List',
    'page callback' => 'open_badges_userweight_page',
    'page arguments' => array(1),
    'access arguments' => array('show badges in user profile'),
    'type' => MENU_DEFAULT_LOCAL_TASK,
    'weight' => -10,
    );

  $items['user/%/open_badges/edit'] = array(
    'title' => 'Edit',
    'page callback' => 'open_badges_page',
    'page arguments' => array(1),
    'access arguments' => array('change badge assignments'),
    'type' => MENU_LOCAL_TASK,
    'weight' => 5,
    );

  $items['open_badges/autocomplete'] = array(
    'title' => 'Open Badges Badge Name Autocomplete',
    'page callback' => 'open_badges_badge_autocomplete',
    'access callback' => TRUE,
    'type' => MENU_CALLBACK,
    );

  $items['open_badges/assertion/%'] = array(
    'title' => 'Open Badges Assertion',
    'page callback' => 'open_badges_process_assertion_request',
    'page arguments' => array(2),
    'access callback' => TRUE,
    'type' => MENU_CALLBACK,
    );

  $items['open_badges/recipients/%'] = array(
    'title' => 'Open Badges Recipients',
    'page callback' => 'open_badges_show_recipients',
    'page arguments' => array(2),
    'access callback' => TRUE,
    'type' => MENU_CALLBACK,
    );

    return $items;
}

/**
 * Implements hook_user().
 *
 * This handles assignment of badges based on role.
 * When a role is assigned or removed, appropriate badges are added or removed.
 */
function open_badges_user($op, &$edit, &$account, $category = 'account') {
  global $user;
  static $badges = array();
  static $badges_all = array();

  //dpm("open_badges_user: op: '{$op}' category: '{$category}'");
  switch ($op) {
    case 'load':
      // Have we loaded this user before?
      // If so, return both cached values (full and limited lists)
      if (isset($badges[$account->uid])) {
        //dpm("open_badges_user: setting account->badges to cached value");
        $account->badges = $badges[$account->uid];
        $account->badges_all = $badges_all[$account->uid];
        break;
      }

      $account->badges = array();

      if ($account->uid > 0) {
        // Get all open badges for this user, regardless of whether we filter the ones we show.
        //dpm("open_badges_user: getting all badges for user '{$account->uid}'");
        $account->badges_all = open_badges_get_badges($account->uid, array('nolimit' => TRUE));

        // Now make the array of badges we will show.
        $account->badges = $account->badges_all;
        if ($limit = variable_get('open_badges_showone', 0)) {
          //dpm("open_badges_user: limiting what will be shown");
//dpm("Limit: $limit, account->badges: ".print_r($account->badges, true));
          // Loop through all potential badges and get the ones we can show.
          foreach ($account->badges_all as $bid => $badge) {
            $badge->class = 'badge ' . _open_badges_class($badge);
            // Display the badge if there's no limit or if the badge is unhideable or if we are within our limit.
            if ($limit > 0 || $badge->unhideable == 1) {
              $account->badges[$bid] = $badge;
              // Count down our limit, unless the badge doesn't count towards it.
              if (!$badge->doesnotcounttolimit) {
                $limit--;
              }
            }
          }
        }
      }

      // Cache both lists (the full list and the limited list)
      $badges_all[$account->uid] = $account->badges_all;
      $badges[$account->uid] = $account->badges;
      break;

    case 'insert':
      if (is_array($account->roles)) {
        // Get the list of role badges.
        $roles = open_badges_get_roles();
        $badges = open_badges_get_badges('select');
        $message = user_access('manage badges');
        $rids = array_keys($account->roles);
        foreach ($rids as $rid) {
          // If this role has a badge...
          if (key_exists($rid, $roles)) {
            // and user doesn't already have this badge.
            if (!key_exists($roles[$rid], $account->badges)) {
              $success = open_badges_user_add_badge($account->uid, $roles[$rid], array('type' => 'role'));
              if ($success && $message) {
                drupal_set_message(t('User assigned %name badge.', array('%name' => $badges[$roles[$rid]])));
              }
            }
          }
        }
      }
      break;

    case 'update':
      if (is_array($edit['roles'])) {
        // Badges only get assigned or removed when a user's role assignments are changed.

        // Add authenticated users (code below only cares about array keys) to prevent badge deletion
        $new_roles = $edit['roles'];
        $new_roles[2] = 2;
        // Get the list of role badges.
        $roles = open_badges_get_roles();
        $badges = open_badges_get_badges('select');

        $message = user_access('manage badges');

        // What are the added roles?
        $added = array_diff(array_keys($new_roles), array_keys((array)$account->roles));
        foreach ($added as $rid) {
          // if this role has a badge
          if (key_exists($rid, $roles) && !key_exists($roles[$rid], $account->badges_all)) {
            $success = open_badges_user_add_badge($account->uid, $roles[$rid], array('type' => 'role'));
            if ($success && $message) {
              drupal_set_message(t('User assigned %name badge.', array('%name' => $badges[$roles[$rid]])));
            }
          }
        }

        // What are the removed roles?
        $removed = array_diff(array_keys((array)$account->roles), array_keys($new_roles));
        foreach ($removed as $rid) {
          // If this role has a badge and user has this badge..
          if (key_exists($rid, $roles) && key_exists($roles[$rid], $account->badges_all)) {
            $success = open_badges_user_remove_badge($account->uid, $roles[$rid], 'role');
            drupal_set_message(t('%name badge removed from user.', array('%name' => $badges[$roles[$rid]])));
          }
        }

        //As we may have altered the badges, we need to refresh them in the $account object
        $account->badges = open_badges_get_badges($account->uid);
        $account->badges_all = open_badges_get_badges($account->uid, array('nolimit' => TRUE));
      }
      break;

    case 'delete':
      db_query('DELETE FROM {open_badges_user} WHERE uid = %d', $account->uid);
      break;

    case 'view':
      //dpm("open_badges_user: doing 'view' probably calling theme for open_badge and open_badge_group");
      //dpm($account, FALSE, "The account in open_badges_user");
      if (is_array($account->badges) && count($account->badges)) {
        $badgeimgs = array();
        foreach ($account->badges as $badge) {
          $badgeimgs[] = theme('open_badge', $badge, $account);
        }
        $account->content['open_badges'] = array(
          '#type' => 'user_profile_category',
          '#title' => t('Open Badges'),
          '#weight' => 10,
          '#attributes' => array('class' => 'open-badges'),
        );
        $account->content['open_badges']['link1'] = array(
          '#type' => 'user_profile_item',
          '#value' => theme('open_badges_link', 'connect/badges', array('text' => t('Earn more badges'))), // XXX Should be configurable
          '#weight' => 2,
          '#attributes' => array('class' => 'open-badges'),
        );
        $account->content['open_badges']['badges'] = array(
          '#type' => 'user_profile_item',
          '#value' => theme('open_badge_group', $badgeimgs),
          '#weight' => 3,
          '#attributes' => array('class' => 'badges'),
        );
        $account->content['open_badges']['link2'] = array(
          '#type' => 'user_profile_item',
          '#value' => t('View your badges in the ') . theme('open_badges_link', 'http://beta.openbadges.org/backpack/login#', array('text' => t('Mozilla OBI Backpack'))), // XXX Should be configurable
          '#weight' => 4,
          '#attributes' => array('class' => 'open-badges'),
        );
        $account->content['open_badges']['link3'] = array(
          '#type' => 'user_profile_item',
          '#value' => t('To learn more about the Mozilla OBI Backpack, go ') . theme('open_badges_link', 'https://wiki.mozilla.org/Badges/About', array('text' => t('here'))), // XXX Should be configurable
          '#weight' => 5,
          '#attributes' => array('class' => 'open-badges'),
        );
      }
  }
}

/**
 * Helper function for building badge class names.
 * Was originally using form_clean_id, but it is not secure.
 *
 * @param $badge - the object describing the badge.
 * @return string containing the class name.
 */
function _open_badges_class($badge) {
  // Doing separate lines makes changing the algorithm easier.
  $class = $badge->name;
  $class = strip_tags($class, '');
  $class = drupal_strtolower($class);
  $class = str_replace(array('"', "'"), '', $class);
  $class = str_replace(array('_', ' '), '-', $class);

  //dpm("_open_badges_class: badge->name = $badge->name becomes $class.");
  return $class;
}

/**
 * Implements hook_theme().
 */
function open_badges_theme() {
  return array(
    'open_badge' => array(
      'arguments' => array('badge' => NULL, 'account' => NULL),
    ),
    'open_badge_group' => array(
      'arguments' => array('badgeimages' => array()),
    ),
    'open_badges_userweight_form' => array(
      'arguments' => array('form' => NULL),
    ),
    'open_badges_badgelist_form' => array(
      'arguments' => array('form' => NULL),
    ),
    'open_badges_roles_form' => array(
      'arguments' => array('form' => NULL),
    ),
    'open_badges_change_form_theme' => array(
      'arguments' => array('form' => NULL),
    ),
    'open_badges_show_recipients' => array(
      'arguments' => array('form' => NULL),
    ),
    'open_badges_date' => array(
      'arguments' => array('form' => NULL, 'attributes' => NULL),
    ),
    'open_badges_link' => array(
      'arguments' => array('form' => NULL, 'attributes' => NULL),
    ),
    'open_badges_allowsharing' => array(
      'arguments' => array('form' => NULL, 'attributes' => NULL),
    ),
  );
}

/**
 * form for users to weight their own badges
 */
function open_badges_userweight_form(&$form_state, $account) {
  $allbadges = $account->badges_all;
  $delta = 0;
  $form = array('#tree' => TRUE);
  //dpm($allbadges, "open_badges_userweight_form: The list of all badges");
  //dpm($form_state, "open_badges_userweight_form: The incoming form_state");

  // We need to know what the weight delta will be, which depends on the number
  // of badges we will list.
  foreach ($allbadges as $badge) {
    if (!$badge->fixedweight) {
      $delta++;
    }
  }

  $userprefs = open_badges_get_userprefs($account->uid);
  $userallowsharing = $userprefs['userallowsharing'];
  $useremails = $userprefs['useremails'];
  //dpm("open_badges_userweight_form: The userallowsharing value returned from open_badges_get_userprefs: " . ($userallowsharing === FALSE ? "FALSE" : $userallowsharing));

  // Pass the initial value through to the validation and submission functions
  $form_state['open_badges']['initial_values']['userallowsharing'] = $userallowsharing;
  $form_state['open_badges']['initial_values']['useremails'] = $useremails;
  // Only show 'No Decision' as an option until a decision has been made
  if ($userallowsharing == OPEN_BADGES_USER_DECISION_NONE) {
    drupal_set_message(t('Note: You have not yet decided whether to share badges with Mozilla\'s OBI (Open Badge Infrastructure)'), 'warning', FALSE);
  }

  $form['userallowsharing'] = array(
    '#type' => 'select',
    '#title' => t('Share all badges with Mozilla\'s OBI (Open Badge Infrastructure)?'),
    //'#required' => TRUE,
    '#default_value' => $userallowsharing,
    '#options' => ($userallowsharing == FALSE | $userallowsharing == OPEN_BADGES_USER_DECISION_NONE) ?
                  array(OPEN_BADGES_USER_DECISION_NONE => t('No Decision'),
                        OPEN_BADGES_USER_DECISION_NO => t('No'),
                        OPEN_BADGES_USER_DECISION_YES => t('Yes')) :
                  array(OPEN_BADGES_USER_DECISION_NO => t('No'),
                        OPEN_BADGES_USER_DECISION_YES => t('Yes')) ,
  );

  $form['useremails'] = array(
    '#type' => 'select',
    '#title' => t('Receive emails when new badges are earned?'),
    //'#required' => TRUE,
    '#default_value' => $useremails == FALSE ? OPEN_BADGES_USER_DECISION_YES : $useremails,
    '#options' => array(OPEN_BADGES_USER_DECISION_NO => t('No'),
                        OPEN_BADGES_USER_DECISION_YES => t('Yes')) ,
  );

  // Build a table listing the appropriate badges.
  foreach ($allbadges as $badge) {
    // We cannot include fixed weight badges.
    if ($badge->fixedweight) {
      continue;
    }

    // Set the badge default weight.
    $weight = $badge->weight;
    if (isset($badge->userweight)) {
      $weight = $badge->userweight;
    }

    $form['badge'][$badge->bid] = array('#value' => theme('open_badge', $badge, $account));
    $form['name'][$badge->bid] = array('#value' => check_plain($badge->name));
    $form['description'][$badge->bid] = array('#value' => check_plain($badge->description));
    $form['issuedate'][$badge->bid] = array('#value' => theme('open_badges_date', $badge->issuedate, array('prefix' => t('Issued: '))));
    $form['expirationdate'][$badge->bid] = array('#value' => theme('open_badges_date', $badge->expirationdate, array('prefix' => t('Expires: '))));
    $form['criteria'][$badge->bid] = array('#value' => theme('open_badges_link', $badge->criteria, array('text' => t('Criteria'))));
    $form['evidenceurl'][$badge->bid] = array('#value' => theme('open_badges_link', $badge->evidenceurl, array('text' => t('Evidence'))));

    //dpm("open_badges_userweight_form: Badge {$badge->bid} badgeallowshring is {$badge->allowdisplay}");
    $form['allowdisplay'][$badge->bid] = array(
      '#type' => 'select',
      '#title' => t('Display this badge on this site?'),
      //'#required' => TRUE,
      '#default_value' => $badge->allowdisplay,
      // Only show 'No Decision' as an option until a decision has been made
      '#options' => $badge->allowdisplay == OPEN_BADGES_USER_DECISION_NONE ?
                    array(OPEN_BADGES_USER_DECISION_NONE => t('No Decision'),
                          OPEN_BADGES_USER_DECISION_NO => t('No'),
                          OPEN_BADGES_USER_DECISION_YES => t('Yes')) :
                    array(OPEN_BADGES_USER_DECISION_NO => t('No'),
                          OPEN_BADGES_USER_DECISION_YES => t('Yes')),
    );
    //dpm("open_badges_userweight_form: saving initial allowdisplay value of {$badge->allowdisplay} for badge {$badge->bid}");
    $form_state['open_badges']['initial_values'][$badge->bid]['allowdisplay'] = $badge->allowdisplay;

    //dpm("open_badges_userweight_form: Badge {$badge->bid} has weight {$weight}, delta is {$delta}");
    $form['weight'][$badge->bid] = array(
      '#type' => 'weight',
      '#default_value' => $weight,
      '#delta' => $delta,
      '#attributes' => array('class' => 'open_badges_userweight_element'),
    );
  }

  $form['uid'] = array(
    '#type' => 'value',
    '#value' => $account->uid,
  );

  $form['submit'] = array('#type' => 'submit', '#value' => t('Submit'));

  //dpm($form, "open_badges_userweight_form: the final form");
  //dpm($form_state, "open_badges_userweight_form: the final form_state");
  return $form;
}

/**
 * Process open_badges_userweight_form form submissions.
 *
 * Update the badge userweights
 */
function open_badges_userweight_form_submit($form, &$form_state) {
  //dpm($form, "open_badges_userweight_form_submit: The submitted form!");
  //dpm($form_state, "open_badges_userweight_form_submit: The submitted form_state!");
  $wrote_user_preferences = FALSE;
  if (isset($form['weight']) && is_array($form['weight'])) {
    foreach (element_children($form['weight']) as $bid) {
      db_query("UPDATE {open_badges_user} SET userweight = %d WHERE bid = %d AND uid = %d",
      $form_state['values'][$bid],
      $bid,
      $form_state['values']['uid']
      );
    }
    drupal_set_message(t('Your badge order has been updated.'));
  }
  if (isset($form_state['values']['userallowsharing']) && $form_state['values']['userallowsharing'] != $form_state['open_badges']['initial_values']['userallowsharing']) {
    if ($form_state['open_badges']['initial_values']['userallowsharing'] === FALSE && $form_state['open_badges']['initial_values']['useremails'] === FALSE) {
      $record = new StdClass();
      $record->uid = $form_state['values']['uid'];
      $record->userallowsharing = $form_state['values']['userallowsharing'];
      $result = drupal_write_record('open_badges_user_preferences', $record);
      //dpm("The result of drupal_write_record() was '{$result}'");
      $wrote_user_preferences = TRUE;
    } else {
      db_query("UPDATE {open_badges_user_preferences} SET userallowsharing = %d WHERE uid = %d",
               $form_state['values']['userallowsharing'], $form_state['values']['uid']);
    }
    drupal_set_message(t('Your badges will @yesno be shared with Mozilla OBI',
             array('@yesno' => $form_state['values']['userallowsharing'] == OPEN_BADGES_USER_DECISION_NO ? t('NOT') : t('now'))));
  }
  if (isset($form_state['values']['useremails']) && $form_state['values']['useremails'] != $form_state['open_badges']['initial_values']['useremails']) {
    if ($wrote_user_preferences == FALSE && $form_state['open_badges']['initial_values']['userallowsharing'] === FALSE && $form_state['open_badges']['initial_values']['useremails'] === FALSE) {
      $record = new StdClass();
      $record->uid = $form_state['values']['uid'];
      $record->useremails = $form_state['values']['useremails'];
      $result = drupal_write_record('open_badges_user_preferences', $record);
      //dpm("The result of drupal_write_record() was '{$result}'");
    } else {
      db_query("UPDATE {open_badges_user_preferences} SET useremails = %d WHERE uid = %d",
               $form_state['values']['useremails'], $form_state['values']['uid']);
    }
    drupal_set_message(t('You will @yesno receive emails when you earn new badges',
             array('@yesno' => $form_state['values']['useremails'] == OPEN_BADGES_USER_DECISION_NO ? t('no longer') : t('now'))));
  }
  if (isset($form['allowdisplay']) && is_array($form['allowdisplay'])) {
    foreach (element_children($form['allowdisplay']) as $bid) {
      $allowdisplay = $form_state['values']['allowdisplay'][$bid];
      //dpm("open_badges_userweight_form_submit: For badge {$bid}, allowdisplay is '{$allowdisplay}' initial value was: " . $form_state['open_badges']['initial_values'][$bid]['allowdisplay']);
      if ($allowdisplay != $form_state['open_badges']['initial_values'][$bid]['allowdisplay']) {
        if ($allowdisplay == OPEN_BADGES_USER_DECISION_NO || $allowdisplay == OPEN_BADGES_USER_DECISION_YES) {
          //dpm("open_badges_userweight_form_submit: updating allowdisplay to {$allowdisplay} for badge {$bid}, uid {$form_state['values']['uid']}");
          db_query("UPDATE {open_badges_user} SET allowdisplay = %d WHERE bid = %d AND uid = %d AND state != %d",
                   $allowdisplay, $bid, $form_state['values']['uid'], OPEN_BADGES_STATE_BAKED_AND_REVOKED);
          drupal_set_message(t('Badge \'@name\' will @yesno be displayed',
                  array('@name' => $form['name'][$bid]['#value'],
                  '@yesno' => $allowdisplay == OPEN_BADGES_USER_DECISION_NO ? t('NOT') : t('now'))),
                  'warning', FALSE);
        }
      }
    }
  }
  // Instead of a redirect, cause the form to be rebuilt and re-displayed
  //$form_state['rebuild'] = TRUE;
  $form_state['redirect'] = 'user/' . $form_state['values']['uid'] . '/open_badges';

}

/**
 * Theme a date to be displayed
 */
function theme_open_badges_date($value, $attributes) {
  //dpm("theme_open_badges_date: entered");
  //dpm($value, "theme_open_badges_date: value");
  //dpm($attributes, "theme_open_badges_date: attribute information");
  return $attributes['prefix'] . ($value == 0 ? t('N/A') : format_date($value, 'custom', 'm/d/Y', 0));
}

/**
 * Theme a link to be displayed
 */
function theme_open_badges_link($value, $attributes) {
  //dpm("theme_open_badges_link: entered");
  //dpm($value, "theme_open_badges_link: value");
  //dpm($attributes, "theme_open_badges_link: attribute information");
  if ($value != '') {
    return l($attributes['text'], $value, array());
  } else {
    return $attributes['text'];
  }
}

/**
 * Theme information about whether the user has allowed sharing of the badge
 */
function theme_open_badges_allowsharing($value, $attributes) {
  //dpm("theme_open_badges_allowsharing: entered");
  //dpm($value, "theme_open_badges_allowsharing: form information");
  //dpm($attributes, "theme_open_badges_allowsharing: attribute information");
  switch($value) {
    case OPEN_BADGES_USER_DECISION_YES:
      return t('This badge should be displayed/shared');
      break;
    case OPEN_BADGES_USER_DECISION_NO:
      return t('This badge should NOT be displayed/shared');
      break;
    case OPEN_BADGES_USER_DECISION_NONE:
     return t('No choice has been made yet!');
     break;
  }
}


/**
 * Form theming function
 */
function theme_open_badges_userweight_form($form) {
  $output = '';

  // Loop through the array items in the name array to get all the bids for our listed badges
  if (isset($form['name']) && is_array($form['name'])) {
    foreach (element_children($form['name']) as $key) {
      // We only want bids as values of $key
      if (!is_numeric($key)) {
        continue;
      }

      // Create the rows array for the table theme
      // We create an inner table within each row for name, description, issuedate, expirationdate, etc.
      $row = array();
      $subrow1 = array();
      $subrow2 = array();
      $subrow3 = array();

      $row[] = array('data' => drupal_render($form['badge'][$key]), 'colspan' => 1);
      $row[] = array('data' => drupal_render($form['weight'][$key]), 'colspan' => 1, /*'width' => '10%'*/);

      $subrow1[] = array('data' => drupal_render($form['name'][$key]), 'colspan' => 2, /*'width' => '20%'*/);
      $subrow1[] = array('data' => drupal_render($form['description'][$key]), 'colspan' => 4, /*'width' => '40%'*/);

      $subrow2[] = array('data' => drupal_render($form['issuedate'][$key]), 'colspan' => 2, /*'width' => '20%'*/);
      $subrow2[] = array('data' => drupal_render($form['criteria'][$key]), 'colspan' => 2, /*'width' => '20%'*/);
      $subrow2[] = array('data' => drupal_render($form['evidenceurl'][$key]), 'colspan' => 2, /*'width' => '20%'*/);

      $subrow3[] = array('data' => drupal_render($form['expirationdate'][$key]), 'colspan' => 2, /*'width' => '20%'*/);
      $subrow3[] = array ('data' => drupal_render($form['allowdisplay'][$key]), 'colspan' => 4, /*'width' => '40%'*/);

      $row[] = theme('table', NULL, array($subrow1, $subrow2, $subrow3));

      // If users are allowed to change weight, add the draggable class to the row
      if (variable_get('open_badges_userweight', 0)) {
        $rows[] = array('data' => $row, 'class' => 'draggable', '#weight' => $form['weight'][$key]['#value']);
      } else {
        $rows[] = array('data' => $row, '#weight' => $form['weight'][$key]['#value']);
      }
    }

    // Sort the rows by their weights
    usort($rows, 'element_sort');
  }
  else {
    $rows[] = array(array('data' => t('No badges available.'), 'colspan' => '3'));
  }

  // This makes the table draggable
  drupal_add_tabledrag('open_badges_userweight', 'order', 'sibling', 'open_badges_userweight_element');

  // Place the general choices before the table of issued badges
  $output .= drupal_render($form['userallowsharing']);
  $output .= drupal_render($form['useremails']);

  // Theme the rows we have processed so far into a table
  $output .= theme('table', $form['header']['#value'], $rows, array('id' => 'open_badges_userweight'));

  // Render any remaining form elements
  $output .= drupal_render($form);

  return $output;

}

/**
 * Menu callback; Retrieve a JSON object containing autocomplete suggestions for badges
 */
function open_badges_badge_autocomplete($string = '') {
  $matches = array();

  if (preg_match('/^[^(]+/', $string, $searchstring)) {
    $trimstring = trim($searchstring[0]);
    $result = db_query_range("SELECT * FROM {open_badges_badges} WHERE name LIKE '%%%s%%'", $trimstring, 0, 10);
    while ($badge = db_fetch_object($result)) {
      $matches[$badge->name . ' (' . t('Badge ID') . ' ' . $badge->bid .')'] = check_plain($badge->name) . ' ' . theme('open_badge', $badge);
    }
  }

  drupal_json($matches);
}

/**
 * Validates submissions for textfields that use open_badges_badge_autocomplete strings
 *
 * @param $value
 *   The textfield value
 *
 * @return array($bid,$result)
 * $bid
 *   the bid detected in the string (integer)
 *   for an invalid string, this will be NULL
 * $result
 *   'valid' for a valid string with a real bid
 *   'string' for an incorrectly formatted string
 *   'nobid' for a correctly formatted string with an invalid badge ID
 */
function open_badges_badge_autocomplete_validation($value) {
  if (preg_match('/\('. t('Badge ID') .' (\d+)\)/', $value, $matches)) {
    //The format was correct, but we need to check the bid exists
    if (db_result(db_query('SELECT COUNT(*) FROM {open_badges_badges} b WHERE b.bid=%d', $matches[1]))) {
      //Result found
      return array($matches[1], 'valid');
    }
    else {
      //No result found, return the error code
      return array($matches[1], 'nobid');
    }
  }
  else {
      //Pattern does not match, return the error code
      return array(NULL, 'string');
  }
}


/**
 * Define the page on user/uid/open_badges/edit.
 */
function open_badges_page($uid) {
  $account = user_load($uid);

  drupal_set_title(t('Edit open badges for %user_name', array('%user_name' => $account->name)));

  return drupal_get_form('open_badges_change_form', $account);

}

/**
 * Define the page on user/uid/open_badges.
 */
function open_badges_userweight_page($uid) {
  $account = user_load($uid);
  global $user;

  drupal_set_title(t('Open Badges for %user_name', array('%user_name' => $account->name)));

  //dpm("open_badges_userweight_page: account uid: {$account->uid} user uid: {$user->uid} variable open_badges_userweight: ". variable_get('open_badges_userweight', 0));
  // Do we have the right to rearrange badges?
  if (/*variable_get('open_badges_userweight', 0) &&*/ ($account->uid == $user->uid || user_access('change badge assignments')) ) {
    // If the setting allows it and we are the badge owner or somebody with permission, yes.
    //dpm("open_badges_userweight_page: using open_badges_userweight_form");
    return drupal_get_form('open_badges_userweight_form', $account);
  }
  else {
    //dpm("open_badges_userweight_page: doing a list...");
    // Otherwise, just list the badges on the page.
    $open_badges = open_badges_get_badges($account->uid, array('nolimit' => TRUE));
    $badges = array();
    foreach ((array)$open_badges as $badge) {
      //dpm($badge, "The badge in open_badges_userweight_page");
      $badges[] = theme('open_badge', $badge, $account);
    }
    if ($badges) {
      $badges = array(theme('item_list', $badges));
      return theme('open_badge_group', $badges);
    }
    else {
      return t('This user is not currently assigned any badges.');
    }
  }
}

/**
 * Form to change badges of a user
 */

//  http://drupal.org/node/1245766

function theme_open_badges_change_form_theme($form) {
  $rows = array();

  // Format the 'add' elements as a table and add
  // that table to the 'add' fieldset
  for ($id = 1; $id <= 5; $id++) {
    $row = array();
    $row[] = drupal_render($form['add']['add'. $id]);
    $row[] = drupal_render($form['add']['issuedate'. $id]);
    $row[] = drupal_render($form['add']['expirationdate'. $id]);
    $row[] = drupal_render($form['add']['evidenceurl'. $id]);
    $rows[] = $row;
  }
  $header = array();
  $attributes = array();
  $addout .= theme('table', $header, $rows, $attributes);
  $form['add']['#children'] = $addout;
  $output .= drupal_render($form);
  return $output;
}

function open_badges_change_form(&$form_state, $account) {
  $form = array();

  $form['uid'] = array(
    '#type' => 'value',
    '#value' => $account->uid,
  );
  $form['add'] = array(
    '#type' => 'fieldset',
    '#title' => t('Add Badges'),
    '#weight' => 3,
    '#collapsible' => TRUE,
    '#collapsed' => FALSE,
  );
  for ($i = 1; $i <= 5; $i++) {
    $form['add']['add'. $i] = array(
      '#type' => 'textfield',
      '#title' => t('New Badge !number', array('!number' => $i)),
      '#size' => 40,
      '#maxlength' => 255,
      '#autocomplete_path' => 'open_badges/autocomplete',
    );
    $form['add']['issuedate'. $i] = array(
      '#type' => 'textfield',
      '#default_value' => 'yyyy-mm-dd',
      '#title' => t('Issue Date'),
      '#description' => t('Defaults to \'now\''),
    '#size' => 20,
      '#maxlength' => 30
    );
    $form['add']['expirationdate'. $i] = array(
      '#type' => 'textfield',
      '#default_value' => 'yyyy-mm-dd',
      '#title' => t('Expiration Date'),
      '#description' => t('Defaults to \'never\''),
      '#size' => 20,
      '#maxlength' => 30
    );
    $form['add']['evidenceurl'. $i] = array(
      '#type' => 'textfield',
      '#title' => t('Evidence URL'),
      '#size' => 30,
      '#maxlength' => 255
    );
  }
  if (count($account->badges_all)) {
    $form['remove'] = array(
      '#type' => 'fieldset',
      '#title' => t('Remove Badges'),
      '#weight' => 5,
      '#collapsible' => TRUE,
      '#collapsed' => FALSE,
    );
    foreach ($account->badges_all as $badge) {
      $form['remove'][$badge->bid] = array(
        '#type' => 'checkbox',
        '#title' => theme('open_badge', $badge, $account),
        '#return_value' => 1,
        '#default_value' => 0,
        '#description' => check_plain($badge->name),
      );
    }
  }

  $form['submit'] = array(
    '#type' => 'submit',
    '#value' => t('Update Badges'),
    '#weight' => 10,
  );

  $form['#theme'] = 'open_badges_change_form_theme';
  return $form;
}

/**
 * Validate open_badges_change_form form submissions.
 */
function open_badges_change_form_validate($form, &$form_state) {
  for ($i = 1; $i <= 5; $i++) {
    if (!empty($form_state['values']['add'. $i])) {
      $validation = open_badges_badge_autocomplete_validation($form_state['values']['add'. $i]);
      switch ($validation[1]) {
        case 'nobid':
          form_set_error('add'. $i, t('@value is not a valid badge ID. Try using the autocomplete function (requires javascript).', array('@value' => $validation[0])));
          break;
        case 'string':
          form_set_error('add'. $i, t('"@value" is not a valid badge. Try using the autocomplete function (requires javascript).', array('@value' => $form_state['values']['add'. $i])));
          break;
      }
    }
    // Verify dates if something other than the default
    if (!empty($form_state['values']['issuedate'. $i]) && $form_state['values']['issuedate'. $i] != 'yyyy-mm-dd') {
      if (!preg_match('/\d{4}\-\d{2}-\d{2}/', $form_state['values']['issuedate'. $i])) {
        form_set_error('issuedate'. $i, t('@value is not in the required \'yyyy-mm-dd\' format.', array('@value' => $form_state['values']['issuedate'. $i])));
      }
    }
    if (!empty($form_state['values']['expirationdate'. $i]) && $form_state['values']['expirationdate'. $i] != 'yyyy-mm-dd') {
      if (!preg_match('/\d{4}\-\d{2}-\d{2}/', $form_state['values']['expirationdate'. $i])) {
        form_set_error('expirationdate'. $i, t('@value is not in the required \'yyyy-mm-dd\' format.', array('@value' => $form_state['values']['expirationdate'. $i])));
      }
    }
  }
}

/**
 * Process open_badges_change_form form submissions.
 *
 * Add the named badge. Remove the checked badges.
 */
function open_badges_change_form_submit($form, &$form_state) {
  $uid = $form_state['values']['uid'];

  //Add badges for non-empty fields
  for ($i = 1; $i <= 5; $i++) {
    $extras = array();
    $extras['type'] = 'user';

    if (!empty($form_state['values']['add'. $i])) {
      $validation = open_badges_badge_autocomplete_validation($form_state['values']['add'. $i]);

      $issuedate = $form_state['values']['issuedate'. $i];
      if (!empty($issuedate) && $issuedate != 'yyyy-mm-dd') {
        $extras['issuedate'] = strtotime($issuedate);
      }

      $expirationdate = $form_state['values']['expirationdate'. $i];
      if (!empty($expirationdate) && $expirationdate != 'yyyy-mm-dd') {
        $extras['expirationdate'] = strtotime($expirationdate);
      }

      if (!empty($form_state['values']['evidenceurl'. $i])) {
        $extras['evidenceurl'] = $form_state['values']['evidenceurl'. $i];
      }
      //dpm("open_badges_change_form_submit: issuedate: {$extras['issuedate']}, expirationdate: {$extras['expirationdate']}, evidenceurl: {$extras['evidenceurl']}");
      open_badges_user_add_badge($uid, $validation[0], $extras);
    }
  }

  //Remove any checked badges
  $badges_to_go = array();
  foreach ($form_state['values'] as $bid => $value) {
    if (is_numeric($bid) && $value == 1) {
      $badges_to_go[] = $bid;
    }
  }
  if (count($badges_to_go)) {
    foreach ($badges_to_go as $bid) {
      open_badges_user_remove_badge($uid, $bid);
    }
    drupal_set_message(t('!removalcount badge(s) removed.', array('!removalcount' => count($badges_to_go))));
  }

}

/**
 * Assign open badges to a user
 *
 * @param $edit is an array containing badges array
 * @param $uid is the user id
 * @param $quiet suppresses message display
 */
function open_badges_user_save($edit, $uid, $quiet = TRUE) {
  $badges = open_badges_get_badges($uid);

  if (is_array($edit)) {
    // an array of just the checked boxes please
    $newbadges = array();
    foreach ($edit as $bid => $is_selected) {
      if ($is_selected) {
        $newbadges[] = $bid;
      }
    }

    $success = TRUE;

    // what are the added badges?
    $added = array_diff($newbadges, array_keys($badges));

    foreach ($added as $bid) {
      if (!key_exists($bid, $badges)) {
        $success = (boolean) open_badges_user_add_badge($uid, $bid, array('type' => NULL));
      }
    }

    // what are the removed badges?
    $removed = array_diff(array_keys($badges), $newbadges);

    foreach ($removed as $bid) {
      // and user has this badge
      if (key_exists($bid, $badges)) {
        $success = $success && (boolean) open_badges_user_remove_badge($uid, $bid);
      }
    }
    if ($success && !$quiet) {
      drupal_set_message(t('Badges saved.'));
    }
    elseif (!$quiet) {
      drupal_set_message(t('There was a problem saving badges to the database.'), 'error');
    }
  }
}

/**
 * Generate a new 'random' assertionurl value
 *
 * @param $uid User ID.
 * @param $bid Badge ID.
 * @param $type Whether set as part of the role ('role'), or individually assigned ('user').
 */
function _generate_assertionurl($uid, $bid, $type) {
  return sha1(rand() . $uid . $bid . $type . format_date(time()));
}

/**
 * Main function to add a badge to user.
 *
 * @param $uid User ID.
 * @param $bid Badge ID.
 * @param $extras Array with extra values.  All are optional except 'type',
 *                which may be specified as NULL, 'user', or 'role'
 *   'type'           Whether set as part of the role ('role'), or individually assigned ('user').
 *   'issuedate'      The date the badge was issued (defaults to 'now')
 *   'expirationdate' The date the badge expires, or expired.  (defaults to 'never')
 *   'evidenceurl'       URL for location describing what the user did to earn the badge
 *
 * @return bool with query success
 */
function open_badges_user_add_badge($uid, $bid, $extras) {
  //dpm($extras, "open_badges_user_add_badge: The extras");
  $type = $extras['type'];
  $issuedate = isset($extras['issuedate']) ? $extras['issuedate'] : time();
  $expirationdate = isset($extras['expirationdate']) ? $extras['expirationdate'] : 0;
  $evidenceurl = isset($extras['evidenceurl']) ? $extras['evidenceurl'] : NULL;

  $userprefs = open_badges_get_userprefs($uid);
  //dpm($userprefs, "open_badges_user_add_badge: preferences for uid {$uid}");
  $sendtobackpack = $userprefs['userallowsharing'] == OPEN_BADGES_USER_DECISION_YES ? TRUE : FALSE;
  // XXX TESTING -- Only uid 18 uses real value for now! XXX
  //if ($uid != 18) {
  //  //dpm("open_badges_user_add_badge: setting sendtobackpack to FALSE for uid {$uid}");
  //  $sendtobackpack = FALSE;
  //}

  $existingbadge = open_badges_get_user_badge($uid, $bid, $type);
  if ($existingbadge != NULL) {
    $assertionurl = $existingbadge->assertionurl;
  } else {
    $assertionurl = _generate_assertionurl($uid, $bid, $type);
  }

  // The assertion processing code expects to find the assertionurl in a DB entry,
  // so we can't bake the badge until after the DB entry has been added.
  $dbresult = db_query('INSERT INTO {open_badges_user} (uid, bid, type, issuedate, expirationdate, evidenceurl, state, assertionurl)
                        VALUES (%d, %d, \'%s\', %d, %d, \'%s\', %d, \'%s\')',
                        $uid, $bid, $type, $issuedate, $expirationdate, $evidenceurl, OPEN_BADGES_STATE_EARNED, $assertionurl);
  if ($dbresult === FALSE) {
    return $dbresult;
  }
  // XXX Always re-bake, or can we re-use an existing one in some (or all) cases?
  return open_badges_bake_badge($uid, $bid, $type, $issuedate, $assertionurl, $sendtobackpack, TRUE);
}


/**
 * remove a badge from user.
 *
 * @param $uid User ID.
 * @param $bid Badge ID.
 * @param $type Whether set as part of the role ('role), or individually assigned ('user').
 * @return bool with query success
 */
function open_badges_user_remove_badge($uid, $bid, $type = NULL) {
  //dpm("open_badges_user_remove_badge: '{$uid}', '{$bid}', '{$type}'");
  if ($type == NULL) {
    $type = 'user';
  }
  $badge = open_badges_get_user_badge($uid, $bid, $type);
  //dpm($badge, "open_badges_user_remove_badge: the returned badge for '{$uid}', '{$bid}', '{$type}'");

  $originalstate = $badge->state;

  // Remove baked image from filesystem
  if (strlen($badge->bakedimage) != 0) {
    _remove_baked_badge_file($badge->bakedimage);
  }


  //dpm("open_badges_user_remove_badge: the badge's original state is {$originalstate}");
  switch($originalstate) {
    // Don't remove entry, but update expiration and state
    case OPEN_BADGES_STATE_BAKED_AND_SHARED:
    case OPEN_BADGES_STATE_BAKED:
      $ret = db_query('UPDATE {open_badges_user} SET state = %d, expirationdate = %d
                       WHERE uid = %d AND bid = %d AND state = %d AND type LIKE \'%s\'',
                       OPEN_BADGES_STATE_BAKED_AND_REVOKED, time(), $uid, $bid, $originalstate, $type);
      if ($originalstate == OPEN_BADGES_STATE_BAKED) {
        //dpm("open_badges_user_remove_badge: skipping OBI notification for badge in state {$originalstate}");
        break;
      }
      // If it has been shared with OBI, we need to "re-bake" with new expiration date
      //dpm("open_badges_user_remove_badge: attempting OBI notification for badge in state {$originalstate}");
      $headers = array();
      $queryarray = array();

      // Construct the query string
      $ourorigin = variable_get('open_badges_defaultissuerorigin', '');  // Assertion URL must be absolute
      $queryarray['assertion'] = $ourorigin . '/open_badges/assertion/' . $badge->assertionurl;
      $queryarray['award'] = "true";
      $querystring = http_build_query($queryarray, '', '&');
      // Add the query string to the url -- it is not 'data'!
      $bakerserviceurl = variable_get('open_badges_badgebakingurl', '');
      $bakerserviceurl .= '?' . $querystring;

      //dpm("open_badges_user_remove_badge: The baker url is '{$bakerserviceurl}'");

      $bakeresult = drupal_http_request($bakerserviceurl, $headers, 'GET', NULL);

      //dpm("open_badges_user_remove_badge: The result of the expiration request: {$bakeresult->code}");

      if ($bakeresult->code > 200) {
        drupal_set_message("Error {$bakeresult->code}, expiring badge {$bid} for uid {$uid}", 'error');
        watchdog('error', "Error from baking service while expiring badge for uid @uid and badge @bid : @code : @message : @reason",
                 array('@uid' => $uid, '@bid' => $bid, '@code' => $bakeresult->code,
                 '@message' => $bakeresult->error, '@reason' => $bakeresult->data), WATCHDOG_WARNING);
        return FALSE;
      }
      break;
    // If we had an error baking the badge, just delete it
    case OPEN_BADGES_STATE_EARNED:
      if (is_null($type)) {
        $ret = db_query('DELETE FROM {open_badges_user} WHERE uid=%d AND bid=%d AND state=%d', $uid, $bid, OPEN_BADGES_STATE_EARNED);
      } else {
        $ret = db_query('DELETE FROM {open_badges_user} WHERE uid=%d AND bid=%d AND state=%d AND type=\'%s\'', $uid, $bid, OPEN_BADGES_STATE_EARNED, $type);
      }
      break;
    default:
      drupal_set_message("Unimplemented case for removing badge {$bid} for uid {$uid} in state {$originalstate}");
      break;
  }
  return $ret;
}


/**
 * Return array of open badges where keys are badge ids (bid)
 *   and values are object containing badge info.
 * @param $uid
 *   if $uid is a user id, returns badges for that user.
 *   if $uid is 'all', returns all badges.
 *   if $uid is 'select', returns badges for form_select options.
 * @param $options array of options.
 *   $options['nolimit'] : if TRUE, the limit clause will not be applied for a user
 *   returned values for 'select' are just badge names.
 */
function open_badges_get_badges($uid, $options = array()) {
  static $badges = array(), $past_uid, $past_options;
  global $user;

  //dpm("open_badges_get_badges: uid: '{$uid}', past_uid: '{$past_uid}', current user's id: {$user->uid}");
  if (isset($badges[$uid])) {
    //dpm($badges[$uid], "open_badges_get_badges: CACHED badges[uid] for uid $uid");
    return $badges[$uid];
  }

  // Do this so we don't return NULL.
  $badges[$uid] = array();

  if (empty($past_uid) || $past_uid !== $uid || $past_options !== $options ) {
    $past_uid = $uid;
    if ($uid == 'all' || $uid == 'select') {
      //dpm("open_badges_get_badges: getting '{$uid}' badges");
      $sql = db_query('SELECT b.bid, b.weight, b.name, b.image, b.criteria, b.description,
        b.unhideable, b.fixedweight, b.doesnotcounttolimit, b.tid
        FROM {open_badges_badges} b
        ORDER BY b.weight, b.name');
    }
    else {
      $usr = db_result(db_query('SELECT COUNT(uid) FROM {users} WHERE uid = %d AND status = 0', $uid));

      if ($usr && variable_get('open_badges_showblocked', 0)) {
        //dpm("open_badges_get_badges: getting blocked users badges");
        $sql = db_query('SELECT DISTINCT b.bid, b.weight, b.name, b.image, b.criteria, b.description,
          b.unhideable, b.fixedweight, b.doesnotcounttolimit, b.tid, u.allowdisplay, u.userweight, u.issuedate, u.expirationdate, u.evidenceurl, u.state,
          CASE WHEN b.fixedweight = 1 THEN b.weight ELSE COALESCE(u.userweight,b.weight) END coalescedweight
          FROM {open_badges_badges} b
            INNER JOIN {open_badges_user} u ON b.bid = u.bid
            INNER JOIN {open_badges_roles} r ON b.bid = r.bid
          WHERE u.uid = %d AND r.rid = 0
          ORDER BY coalescedweight, b.name',
          $uid);
      }
      else {
        //dpm("open_badges_get_badges: getting normal badge list for uid {$uid}");
        $query = 'SELECT DISTINCT b.bid, b.weight, b.name, b.image, b.criteria, b.description,
          b.unhideable, b.fixedweight, b.doesnotcounttolimit, b.tid, u.allowdisplay, u.userweight, u.issuedate, u.expirationdate, u.evidenceurl, u.state,
          CASE WHEN b.fixedweight = 1 THEN b.weight ELSE COALESCE(u.userweight,b.weight) END coalescedweight
          FROM {open_badges_badges} b
            INNER JOIN {open_badges_user} u ON b.bid = u.bid
          WHERE u.uid = %d
          ORDER BY coalescedweight, b.name
          ';
        $sql = db_query($query, $uid);

      }
    }

    // Should we limit the badges returned?
    if (!$options['nolimit'] && variable_get('open_badges_showone', 0)) {
      $limit = variable_get('open_badges_showone', 1);
    }
    else {
      // Set to -1 for no limit.
      $limit = -1;
    }


    $checksharingoption = user_access('manage badges') == FALSE && ($uid != 'all' && $uid != 'select' && $uid != $user->uid);
    //dpm("open_badges_get_badges: checksharingoption is " . ($checksharingoption ? "TRUE" : "FALSE"));
    while ($badge = db_fetch_object($sql)) {
      //dpm($badge, "open_badges_get_badges: an entry being considered");
      // Display the badge if there's no limit or if the badge is unhideable or if we are within our limit.
      if ($checksharingoption && $badge->allowdisplay != OPEN_BADGES_USER_DECISION_YES)
        continue;
      // XXX Need a way to return expired or revoked badges and indicate they are expired or revoked!!!
      //dpm("open_badges_get_badges: badge {$badge->bid} for user {$badge->uid} has state {$badge->state}");
      if (isset($badge->state) && $badge->state != OPEN_BADGES_STATE_BAKED && $badge->state != OPEN_BADGES_STATE_BAKED_AND_SHARED)
        continue;
      if ($limit != 0 || $badge->unhideable == 1) {
        if ($uid == 'select') {
          $badges[$uid][$badge->bid] = $badge->name;
          $badges[$badge->bid]['#attributes'] = array('class' => 'badge ' . _open_badges_class($badge));
        }
        else {
          $badges[$uid][$badge->bid] = $badge;
          $badges[$uid][$badge->bid]->class = 'badge ' . _open_badges_class($badge);
        }
        //Count down our limit, unless the badge doesn't count towards it
        if (!$badge->doesnotcounttolimit) {
          $limit--;
        }
      }
    }
  }

  //dpm($badges[$uid], "open_badges_get_badges: badges[uid] for uid $uid");
  return $badges[$uid];
}


/**
 * Return an array containing information about all recipients of a given badge id
 *
 * Returns uid, type (where type indicates if the user received
 * the badge because of a role ('role') or individually ('user')),
 * name, and email address for the user(s).
 */
function open_badges_get_badge_recipients($bid) {
  static $recipients = array();

  //dpm("open_badges_get_badge_recipients: entered");
  // Return cached value if we get called multiple times for some reason
  if (isset($recipients[$bid])) {
    //dpm("open_badges_get_badge_recipients: returning cached data!");
    return $recipients[$bid];
  }

  $sql = db_query('SELECT obu.uid, obu.type, obu.state, u.name, u.mail
                   FROM {open_badges_user} obu
                   LEFT JOIN {users} u ON obu.uid = u.uid
                   WHERE obu.bid = %d', $bid);
  while ($r = db_fetch_object($sql)) {
    // Ignore badges that are revoked
    //dpm("open_badges_get_badge_recipients: badge {$bid} for user {$r->uid} has state {$r->state}");
    if ($r->state != OPEN_BADGES_STATE_BAKED && $r->state != OPEN_BADGES_STATE_BAKED_AND_SHARED) {
      //dpm("open_badges_get_badge_recipients: skipping badge {$bid} for user {$r->uid} because of state {$r->state}");
      continue;
    }
    $recipients[$bid][] = $r;
  }
  //dpm($recipients[$bid], "open_badges_get_badge_recipients: returning");
  return $recipients[$bid];
}

/**
 * Helper function for sorting the recipients array in open_badges_show_recipients
 * Sort by number of badges, descending
 */
function _recipients_sort_helper($a, $b) {
  return count(array_keys($a)) > count(array_keys($b)) ? -1 : 1;
}

/**
 * Show recipients of badge $bid
 */
function open_badges_show_recipients($bid, $height=350, $width=700, $wrap=5) {
  // Get a list of all the badges
  $allbadges = open_badges_get_badges('all');
  // Get a list of all the users and their badges
  $allusers = open_badges_get_users();

  if ($bid == 'all') {
    $output = "<h2>All Badge recipients</h2>";
    $nobadgemsg = "<br />No users are displaying badges<br />";
  } else {
    //dpm($allbadges, "All the badge information");
    $output = "<h2>Users who have received the '" . $allbadges[$bid]->name . "' badge</h2>";
    $nobadgemsg = "<br />No users are displaying this badge<br />";
  }

  $users = array();
  // Make a list of the users who received this badge, and all their other badges
  foreach ($allusers as $uid => $u) {
    if (($bid == 'all' && !isset($u['none'])) ||
       ((isset($u['user']) && isset($u['user'][$bid])) || (isset($u['role']) && isset($u['role'][$bid])))) {
      //dpm("User {$uid} received badge {$bid}");
      if (is_array($u['user'])) {
        foreach ($u['user'] as $uu) {
          $users[$uid]['name'] = $uu->name;
          $users[$uid][$uu->bid] = $uu;
        }
      }
      if (is_array($u['role'])) {
        foreach ($u['role'] as $ur) {
          $users[$uid]['name'] = $ur->name;
          $users[$uid][$ur->bid] = $ur;
        }
      }
    }
  }

  // Sort the list putting users with the most badges first
  uasort($users, _recipients_sort_helper);

  if (count($users) == 0) {
    $output .= $nobadgemsg;
  } else {
    $output .= '<div style="overflow:auto; height:'. $height . 'px; width:'. $width . 'px">';
    $output .= '<table cellpadding="5" cellspacing="5" style="width:100px">';

    foreach ($users as $uid => $userbadges) {
      // Grab the name, and condense the list to the badgeids
      $username = $userbadges['name'];
      $badgeids = array_keys($userbadges);
      array_shift($badgeids);

      // Output a row for each user, listing all their badges
      $output .= '<tr>';
      $output = $output . '<td> ' . $username . ' </td>';
      $count = 0;
      foreach ($badgeids as $bid) {
        $output = $output . '<td> ' . theme_open_badge($allbadges[$bid]) . ' </td>';
        if (++$count >= $wrap) {
          $output .= '</tr><tr><td></td>';
          $count = 0;
        }
      }
      $output .= '</tr>';
    }
    $output .= '</table>';
    $output .= '</div>';
  }

  // This shows all badges
  //$block = module_invoke('views', 'block', 'view', 'open_badges_recipients-block_1');
  //$output .= $block['content'];

  // So does this!
  //$output .= views_embed_view('open_badges_recipients', 'default');
  return $output;
}

/**
 * Return badge object for given badge id
 */
function open_badges_get_badge($bid) {
  return db_fetch_object(db_query('SELECT * FROM {open_badges_badges} WHERE bid = %d', $bid));
}

/**
 * Return a user's badge object for given badge id and type
 * Ignores badges that have been revoked.
 *
 */
function open_badges_get_user_badge($uid, $bid, $type) {
  return db_fetch_object(db_query('SELECT * FROM {open_badges_user}
                                   WHERE uid = %d AND bid = %d AND state != %d AND type LIKE \'%%%s%%\'',
                                   $uid, $bid, OPEN_BADGES_STATE_BAKED_AND_REVOKED, $type));
}

/**
 * Return user preferences. (Allow sharing of badges with Mozilla OBI, receive emails about new badges.)
 * @return The user's preferences, or if the user has not set anything, the default values.
 */
function open_badges_get_userprefs($uid) {
  $prefs = array();
  //dpm("open_badges_get_userprefs: entered with uid {$uid}");
  $res =  db_fetch_object(db_query('SELECT * FROM {open_badges_user_preferences} WHERE uid = %d', $uid));
  if ($res === FALSE) {
    //dpm("open_badges_get_userprefs: setting defaults for uid {$uid}");
    $prefs['uid'] = $uid;
    $prefs['userallowsharing'] = FALSE;
    $prefs['useremails'] = FALSE;
  } else {
    $prefs = (array) $res;
  }
  //dpm($prefs, "open_badges_get_userprefs: preferences for uid {$uid}");
  return (array) $prefs;
}

function open_badges_delete_form($form_state, $bid) {
  if ($badge = open_badges_get_badge($bid)) {
    $form = array();
    $form['badge'] = array('#value' => theme('open_badge_group', array(theme('open_badge', $badge))));
    $form['bid'] = array('#type' => 'value', '#value' => $bid);
    return confirm_form($form, t('Are you sure you want to delete the badge %name?', array('%name' => $badge->name)), 'admin/user/open_badges');
  }
  form_set_error('', t('This badge does not exist.'));
}

function open_badges_delete_form_submit($form, &$form_state) {
  $bid = $form_state['values']['bid'];
  db_query("DELETE FROM {open_badges_badges} WHERE bid = %d", $bid);
  // XXX Much more to do as far as notifying OBI about these?!?
  db_query("DELETE FROM {open_badges_user} WHERE bid = %d", $bid);
  db_query("DELETE FROM {open_badges_roles} WHERE bid = %d", $bid);
  drupal_set_message(t('Badge deleted.'));
  $form_state['redirect'] = 'admin/user/open_badges';
}


/**
 * Returns an array where keys are role ids (rid) and values are the badge ids (bid) associated with that role
 * These values are assigned on admin/user/open_badges/roles
 *
 * @param $rid - if set, return only values for this role
 *
 * @param $options - array of options
 * $options['returnbadges'] - if TRUE, return badge objects, not just bids
 *
 * @return a list of roles
 */
function open_badges_get_roles($rid = NULL, $options = array()) {
  $roles = array();
  $options = array_merge(array('returnbadges' => 'FALSE'), $options);

  if ($rid) {
    $sql = db_query('SELECT ubr.rid, ubr.bid, ubb.name, ubb.image, ubb.weight, ubb.criteria, ubb.tid FROM {open_badges_roles} ubr INNER JOIN {open_badges_badges} ubb ON ubb.bid=ubr.bid WHERE ubr.rid = %d', $rid);
  }
  else {
    $sql = db_query('SELECT ubr.rid, ubr.bid, ubb.name, ubb.image, ubb.weight, ubb.criteria, ubb.tid FROM {open_badges_roles} ubr INNER JOIN {open_badges_badges} ubb ON ubb.bid=ubr.bid', $rid);
  }
  while ($row = db_fetch_object($sql)) {
    if ($options['returnbadges']) {
      $row->image = _open_badges_build_image($row);
      $roles[$row->rid] = $row;
    }
    else {
      $roles[$row->rid] = $row->bid;
    }
  }
  return $roles;
}
/**
 * Return an array of all users and what badges, if any, they have already received.
 * Also indicates if they've received the badge individually or because of their role.
 *
 * @return An array containing a row for each user and which, if any, badges they've been issued
 */
function open_badges_get_users() {
  global $user;
  $admin = FALSE;
  if (user_access('manage badges') == TRUE || user_access('change badge assignments') == TRUE) {
    $admin = TRUE;
  }
  //dpm("open_badges_get_users: user is {$user->uid}, admin is " . ($admin ? "TRUE" : "FALSE"));

  $users = array();
  $qresult = db_query('SELECT u.uid, u.name, u.mail, obu.bid, obu.type, obu.state, obu.allowdisplay
                       FROM {users} u
                       LEFT JOIN {open_badges_user} obu
                       ON obu.uid = u.uid
                       ORDER BY u.uid ASC');
  $current_uid = -1;
  while ($row = db_fetch_object($qresult)) {
    //dpm($row, 'get_users: A raw row from the db_query');

    // Since we ignore revoked badges below, we keep track in case
    // a user only has revoked badges.  In that case, we add them
    // to the 'none' array.
    if ($current_uid != -1 && $row->uid != $current_uid) {
      if (!is_array($users[$current_uid])) {
        $users[$current_uid]['none'] = $current_row;
      }
    }
    $current_uid = $row->uid;
    $current_row = $row;
    //dpm("open_badges_get_users: processing row with uid '{$row->uid}' name '{$row->name}' bid '{$row->bid}' type '{$row->type}' state '{$row->state}'");
    if (!isset($row->bid)) {
      //dpm("User has NO badges: uid '{$row->uid}' name '{$row->name}'");
      $users[$row->uid]['none'] = $row;
    } else {
      // Ignore revoked badges while we go through this list
      // Also, if the user is not an admin and the badge is
      // not marked with 'allowdisplay', ignore it
      if ($row->state != OPEN_BADGES_STATE_BAKED_AND_REVOKED && ($admin == TRUE || $row->allowdisplay == OPEN_BADGES_USER_DECISION_YES)) {
        $users[$row->uid][$row->type][$row->bid] = $row;
      }
    }
  }
  // Include the last user if all they have are revoked badges!
  if ($current_uid != -1 && !is_array($users[$current_uid])) {
      $users[$current_uid]['none'] = $current_row;
  }

  //dpm($users, "open_badges_get_users: the final array");
  return $users;
}

/**
 * Save information about roles for open_badges (in settings)
 *
 * @param $roles
 *   An array in the format rid => badge_info for each role/badge relationship.
 */
function open_badges_save_roles($roles) {
  //dpm($roles, "save_roles: the input roles array");
  if (is_array($roles)) {
    // We have to clear out all badges first.
    // XXX YIKES! We need to preserve assertionurl values first,
    // XXX or figure out how to not do this mass delete and re-add!
    // XXX We also need to generate new assertionurls where necessary
    // XXX And add possible values for issuedate, expirationdate, and evidenceurl
    // XXX This could be made less intrusive if we look to see which roles<->bid
    // XXX assignments have changed, rather than blowing away everything and
    // XXX recreating everything?!?
    $success = TRUE;
    db_query('DELETE FROM {open_badges_roles}');
    db_query("DELETE FROM {open_badges_user} WHERE type='role'");

    // Now we loop through the roles and their badges, and assign them to
    // each user accordingly.
    foreach ($roles as $rid => $info) {
      //dpm($rid, "save_roles: role id");
      //dpm($info, "save_roles: info");

      if ($info['badge']) {
        //dpm("***** Processing entry for role id {$rid}, badge ID {$info['badge']} *****.");
        // First of all, insert all the role and badge relationship
        // into open_badges_roles.
        $success = $success && db_query('INSERT INTO {open_badges_roles} (rid, bid) VALUES (%d, %d)', $rid, $info['badge']);

        if (isset($info['issuedate']) && $info['issuedate'] != 'yyyy-mm-dd') {
          $issuedate = strtotime($info['issuedate']);
        } else {
          $issuedate = time();
        }

        if (isset($info['expirationdate']) && $info['expirationdate'] != 'yyyy-mm-dd') {
          $expirationdate = strtotime($info['expirationdate']);
        } else {
          $expirationdate = 0;
        }
        if (isset($info['evidenceurl'])) $evidenceurl = $info['evidenceurl']; else $evidenceurl = NULL;

        // XXX Need UID to make these unique!?!?!?
        // XXX Need to set STATE
        // XXX Think more about this.  Perhaps, baking *should* be done during cron?
        $assertionurl = _generate_assertionurl($uid, $info['badge'], 'role');

        // For all of these queries, we LEFT JOIN open_badges_user to check
        // whether there are existing entries for that badge for that user
        // of the "role" type. Otherwise, we get database errors when
        // multiple roles assign the same badge

        // The blocked user "role" (represented as rid 0) has no entry in
        // the users_role table, so it needs its own special query.
        if ($rid == 0) {
          //dpm("Doing an insert for blocked user");
          $success = $success && db_query("
            INSERT INTO {open_badges_user} (uid, bid, type, issuedate, expirationdate, assertionurl, evidenceurl)
            SELECT u.uid, %d, 'role', %d, %d, '%s', '%s'
            FROM {users} u
            LEFT JOIN {open_badges_user} ubu
            ON ubu.uid=u.uid AND ubu.bid=%d AND ubu.type='role'
            WHERE status = 0 AND ubu.uid IS NULL
          ", $info['badge'], $issuedate, $expirationdate, $assertionurl, $evidenceurl, $info['badge']);
        }
        // The authenticated user role (represented as rid 2) has no entry
        // in the users_role table, so it needs its own special query.
        elseif ($rid == 2) {
          //dpm("Doing an insert for authenticated user");
          $success = $success && db_query("
            INSERT INTO {open_badges_user} (uid, bid, type, issuedate, expirationdate, assertionurl, evidenceurl)
            SELECT u.uid, %d, 'role', %d, %d, '%s', '%s'
            FROM {users} u
            LEFT JOIN {open_badges_user} ubu
            ON ubu.uid=u.uid AND ubu.bid=%d AND ubu.type='role'
            WHERE u.uid > 0 AND ubu.uid IS NULL
          ", $info['badge'], $issuedate, $expirationdate, $assertionurl, $evidenceurl, $info['badge']);
        }
        // For all the normal roles, we want to run this query.
        else {
          //dpm("Doing an insert for specific user");
          $success = $success && db_query("
            INSERT INTO {open_badges_user} (uid, bid, type, issuedate, expirationdate, assertionurl, evidenceurl)
            SELECT ur.uid, %d, 'role', %d, %d, '%s', '%s'
            FROM {users_roles} ur
            LEFT JOIN {open_badges_user} ubu
            ON ubu.uid=ur.uid AND ubu.bid=%d AND ubu.type='role'
            WHERE ur.rid=%d AND ubu.uid IS NULL
          ", $info['badge'], $issuedate, $expirationdate, $assertionurl, $evidenceurl, $info['badge'], $rid);
        }
      }
    }
    if ($success) {
      drupal_set_message(t('Roles saved.'));
    }
    else {
      drupal_set_message(t('There was a problem saving roles to the database'));
    }
  }
}

/**
 * Returns HTML representation of open badges for given uid
 *   @param $uid the user id
 *   @param $refresh (FALSE) when TRUE, refreshes the cache for $uid
 *
 *   @return string html representation of openbadges
 */
function open_badges_for_uid($uid, $refresh = FALSE) {
  //dpm("open_badges_for_uid: entered");
  static $cache;
  if ($uid) {
    if (isset($cache[$uid]) && !$refresh) {
      return $cache[$uid];
    }
    else {
      $open_badges = open_badges_get_badges($uid);
        foreach ((array)$open_badges as $badge) {
        $badges[] = theme('open_badge', $badge, user_load($uid));
      }
      $cache[$uid] = isset($badges) ? theme('open_badge_group', $badges) : '';
      return $cache[$uid];
    }
  }
}

/**
 * Get all open badges for a user.
 * @param $load is array defining criteria for user_load().
 *   The most common use will be:
 *   open_badges_for_user(array('uid'=>123));
 * @return string containing HTML representation of open badges for given user.
 */
function open_badges_for_user($load, $list = FALSE) {
  //dpm("open_badges_for_user: entered");
  // @TODO: cache the results to minimize queries.
  $account = user_load($load);

  foreach ((array)$account->badges as $badge) {
    $badges[] = theme('open_badge', $badge, $account);
  }

  if ($list) {
    $badges = array(theme('item_list', $badges));
  }

  if ($badges) {
    return theme('open_badge_group', $badges);
  }
  else {
    // Do we have a "no badges" message?
    if ($nobadges = variable_get('open_badges_nobadges', '')) {
      $nobadges = '<div class="open_badges_no_badges">' . filter_xss_admin(t($nobadges)) . '</div>';
      return theme('open_badge_group', array($nobadges));
    }
    else {
      return FALSE;
    }
  }
}

/**
 * Return html representation of a group of badges
 * $badgeimages is an array of badge image tags from theme_open_badge()
 */
function theme_open_badge_group($badgeimages) {
  //dpm($badgeimages, "theme_open_badge_group: the badgeimages");
  if (!empty($badgeimages)) {
    return '<div class="open_badges">'. implode('', $badgeimages) .'</div>';
  }
}

/**
 * Helper function to produce badge image.
 */
function _open_badges_build_image($badge) {
  if (!isset($badge->class)) {
    $badge->class = 'badge ' . _open_badges_class($badge);
  }
  //dpm("_open_badges_build_image: badge class is '{$badge->class}' and image is '{$badge->image}'");
  if (variable_get('open_badges_imagecache', 0)) {
    //dpm("_open_badges_build_image: got variable open_badges_imagecache -- doing theme('imagecache', ...)");
    $image = theme('imagecache', 'open-badges', $badge->image, $badge->name, $badge->name, array('class' => $badge->class));
  }
  else {
    // If we have a full image URL, don't require theme_image to get the size
    // (it only breaks).
    $get_size = valid_url($badge->image, TRUE);
    //dpm("_open_badges_build_image: calling theme 'image' for image '{$badge->image}'");
    $image = theme('image', $badge->image, $badge->name, $badge->name, array('class' => $badge->class), !$get_size);
  }
  //dpm("_open_badges_build_image: returning '{$image}'");
  return $image;
}

/**
 * Return html representation of a badge image
 * (note: theme_image does the check_plaining)
 *
 */
function theme_open_badge($badge, $account = NULL) {
  //If we haven't been supplied with a user, use whoever is logged in
  global $user;
  if (is_null($account)) {
    $account = $user;
  }

  if (!isset($badge->class)) {
    $badge->class = 'badge ' . _open_badges_class($badge);
  }
  //dpm("theme_open_badge: badge class is '{$badge->class}'");
  $image = _open_badges_build_image($badge);
  //dpm("The image from _open_badges_build_image is '{$image}'");

  $criteria = $badge->criteria;
  // Implement token replacement.
  if (module_exists('token')) {
    $criteria = token_replace($criteria, $type = 'openbadge', $object = $badge);
    $criteria = token_replace($criteria, $type = 'user', $object = $account);
  }

  $pieces = parse_url($criteria);
  $pieces['html'] = TRUE;
  if (isset($pieces['scheme'])) {
    $pieces['path'] = $pieces['scheme'] . '://' . $pieces['host'] . $pieces['path'];
  }

  return l($image, $pieces['path'], $pieces);
}

/**
 *  Implements hook_views_api().
 */
function open_badges_views_api() {
  return array(
    'api' => 2.0,
  );
}

/**
 * Implements hook_action_info().
 */
function open_badges_action_info() {
  return array(
    'open_badges_add_badge_action' => array(
      'description' => t('Add badge'),
      'type' => 'user',
      'configurable' => TRUE,
      'hooks' => array('any' => TRUE),
      ),
    'open_badges_remove_badge_action' => array(
      'description' => t('Remove badge'),
      'type' => 'user',
      'configurable' => TRUE,
      'hooks' => array('any' => TRUE),
    ),
  );
}

/**
 * Implements Drupal action.
 * Adds a badge to the current user.
 */
function open_badges_add_badge_action(&$account, $context = array()) {
  if (isset($account->uid)) {
    $uid = $account->uid;
  }
  elseif (isset($context['uid'])) {
    $uid = $context['uid'];
  }
  else {
    global $user;
    $uid = $user->uid;
  }
  $success = TRUE;
  $badges = open_badges_get_badges('all');

  foreach ($context['badges'] as $bid) {
    $success = (boolean) open_badges_user_add_badge($uid, $bid, array('type' => 'user'));
    if ($success) {
      watchdog('action', 'Added open badge %badge to user %uid.', array('%uid' => $uid, '%badge' => $bid));
    }
    else {
      watchdog('action', 'Unable to add open badge %badge to user %uid.', array('%uid' => $uid, '%badge' => $bid), WATCHDOG_WARNING);
    }
  }
}

function open_badges_add_badge_action_form($context) {
  $form['badges'] = array('#tree' => TRUE);

  $badges = open_badges_get_badges('all');
  $context['badges'] = is_array($context['badges']) ? $context['badges'] : array();

  foreach ($badges as $badge) {
    $form['badges'][$badge->bid] = array(
      '#type' => 'checkbox',
      '#title' => theme('open_badge', $badge),
      '#return_value' => 1,
      '#default_value' => $context['badges'][$badge->bid],
      '#description' => check_plain($badge->name),
    );
  }

  return $form;
}

function open_badges_add_badge_action_submit($form, $form_state) {
  $badges = array();
  foreach ($form_state['values']['badges'] as $badge => $set) {
    if ($set) {
      $badges[$badge] = $badge;
    }
  }
  return array('badges' => $badges);
}

/**
 * Implements Drupal action.
 * Removes a badge from the current user.
 */
function open_badges_remove_badge_action(&$account, $context = array()) {
  if (isset($account->uid)) {
    $uid = $account->uid;
  }
  elseif (isset($context['uid'])) {
    $uid = $context['uid'];
  }
  else {
    global $user;
    $uid = $user->uid;
  }
  $success = TRUE;
  $badges = open_badges_get_badges('all');

  foreach ($context['badges'] as $bid) {
    $success = (boolean) open_badges_user_remove_badge($uid, $bid, 'user');
    if ($success) {
      watchdog('action', 'Removed open badge %badge from user %name.', array('%name' => check_plain($user->name), '%badge' => check_plain($badges[$bid]->name)));
    }
    else {
      watchdog('action', 'Unable to remove open badge %badge from user %name.', array('%name' => check_plain($user->name), '%badge' => check_plain($badges[$bid]->name)), WATCHDOG_WARNING);
    }
  }
}

function open_badges_remove_badge_action_form($context) {
  $form['badges'] = array('#tree' => TRUE);

  $badges = open_badges_get_badges('all');
  $context['badges'] = is_array($context['badges']) ? $context['badges'] : array();

  foreach ($badges as $badge) {
    $form['badges'][$badge->bid] = array(
      '#type' => 'checkbox',
      '#title' => theme('open_badge', $badge),
      '#return_value' => 1,
      '#default_value' => $context['badges'][$badge->bid],
      '#description' => check_plain($badge->name),
    );
  }

  return $form;
}

function open_badges_remove_badge_action_submit($form, $form_state) {
  $badges = array();
  foreach ($form_state['values']['badges'] as $badge => $set) {
    if ($set) {
      $badges[$badge] = $badge;
    }
  }
  return array('badges' => $badges);
}

/**
 * Implements hook_token_values().
 * @TODO: Add tokens for Submitted By module?
 */
function open_badges_token_values($type, $object = NULL) {
  if ($type == 'openbadge') {
    $badge = $object;
    $tokens['openbadge-name'] = $badge->name;
    $tokens['openbadge-bid'] = $badge->bid;
    return $tokens;
  }
}

/**
 * Implements hook_token_list().
 */
function open_badges_token_list($type = 'all') {
  if ($type == 'openbadge' || $type == 'all') {
    $tokens['openbadge']['openbadge-name'] = t("The badge name");
    $tokens['openbadge']['openbadge-bid'] = t("The badge id number (bid)");
    return $tokens;
  }
}
/**
 * Implements hook_block();
 */
function open_badges_block($op = 'list', $delta = 0, $edit = array()) {
  switch ($op) {
    case 'list':
      return open_badges_block_list();

    case 'view':
      return open_badges_block_view($delta);

    case 'configure':
      return open_badges_block_configure($delta);

    case 'save':
      return open_badges_block_save($delta, $edit);
  }
}

/**
 * Function for open_badges_block(op = 'list').
 */
function open_badges_block_list() {
  return array(
    'current_node' => array('info' => t('Open_Badges: Content Author'), 'cache' => BLOCK_NO_CACHE),
    );
}

/**
 * Function for open_badges_block(op = 'view').
 */
function open_badges_block_view($delta = 0) {
  //dpm("open_badges_block_view: entered");
  $block = array();

  switch ($delta) {
    case 'current_node':
      $arg2 = arg(2);
      if (arg(0) == 'node' && is_numeric(arg(1)) && empty($arg2)) {
        $node = menu_get_object();
        if (in_array($node->type, variable_get('open_badges_current_node_types', array()))) {
          $badges = open_badges_for_user(array('uid' => $node->uid));
          $account = user_load(array('uid' => $node->uid));
          $block['title'] = t("@name's Open Badges", array('@name' => $account->name));
          $block['content'] = $badges;
        }
      }
      break;
  }

  return $block;
}

/**
 * Function for open_badges_block(op = 'configure').
 */
function open_badges_block_configure($delta = 0) {
  $form = array();

  switch ($delta) {
    case 'current_node':
      $form['types'] = array(
        '#type' => 'checkboxes',
        '#title' => t('Show on these content types'),
        '#default_value' => variable_get('open_badges_current_node_types', array()),
        '#options' => node_get_types('names'),
        '#attributes' => array('class' => 'container-inline'),
        );
      break;
  }

  return $form;
}

/**
 * Function for open_badges_block(op = 'save').
 */
function open_badges_block_save($delta = 0, $edit = array()) {
  switch ($delta) {
    case 'current_node':
      variable_set('open_badges_current_node_types', array_filter($edit['types']));
      return;
  }
}

/**
 * Process badges when a user changes their decision on whether to share badges with OBI
 *
 * @param $uid      The user who just changed their sharing decision
 * @param $decision The user's decision value (OPEN_BADGES_USER_DECISION_NO or OPEN_BADGES_USER_DECISION_YES)
 */
function open_badges_process_new_sharing_decision($uid, $decision) {
  switch($decision) {
    case OPEN_BADGES_USER_DECISION_NO:
      $newstate = OPEN_BADGES_STATE_BAKED_NO_DISPLAY;
      $oldstate1 = OPEN_BADGES_STATE_BAKED;
      $oldstate2 = OPEN_BADGES_STATE_BAKED_AND_SHARED;
      break;
    case OPEN_BADGES_USER_DECISION_YES:
      $newstate = OPEN_BADGES_STATE_BAKED_AND_SHARED;
      $oldstate1 = OPEN_BADGES_STATE_BAKED;
      $oldstate2 = OPEN_BADGES_STATE_BAKED_NO_DISPLAY;
      break;
  }
  // XXX Need to tell OBI about the change in status before updating the Database!?
  // XXX Need issuedate to UPDATE the right one(s) here???
  $result = db_query('UPDATE {open_badges_user} SET state = %d WHERE uid = %d AND (state = %d OR state %d)',
                     $newstate, $uid, $oldstate1, $oldstate2);
}

function _baked_badge_path($assertionpath) {
  $dir = _baked_badge_dir();
  if ($dir === FALSE) {
    return FALSE;
  }
  return file_create_path($dir . '/' . $assertionpath . '.png');
}

function _baked_badge_dir() {
  $dir = file_create_path('open_badges_baked');
  $is_writable = file_check_directory($dir, FILE_CREATE_DIRECTORY);
  if ($is_writable === FALSE) {
    drupal_set_message(t('The directory for baked badges, @dir, is not writable'), array('@dir' => $dir), 'error', TRUE);
    return FALSE;
  } else {
    //dpm("_baked_badge_dir: The directory being returned is '{$dir}'");
    return $dir;
  }
}

/**
 * Remove a baked badge image upon badge removal
 *
 * returns TRUE on success, FALSE on failure
 */
function _remove_baked_badge_file($bakedimagepath) {
  $return = unlink($bakedimagepath);
}

/**
 * Save a baked badge image and update the database
 *
 */
function _save_baked_badge($assertionpath, $badgeblob) {
  $path = _baked_badge_path($assertionpath);
  if (!$path) {
    return FALSE;
  }
  //dpm("_save_baked_badge: The final path for baked badge is '{$path}'");
  $filename = file_save_data($badgeblob, $path, FILE_EXISTS_REPLACE);
  //dpm($filename, "_save_baked_badge: The file returned from file_save_data");
  // Note that the documentation says that file_save_data() returns the filename
  // or 0 on error.  Checking $filename == 0 causes this function to return FALSE
  // even though the file was saved?
  return $filename;
}

function _update_badge_state_and_bakedimage($uid, $bid, $type, $issuedate, $newstate, $bakedimage) {
  $result =  db_query('UPDATE {open_badges_user} SET state = %d, bakedimage = \'%s\' WHERE uid = %d AND bid = %d AND type LIKE \'%%%s%%\' AND issuedate = %d',
                      $newstate, $bakedimage, $uid, $bid, $type, $issuedate);
  //dpm("The db state and bakedimage update returned '{$result}'");
  //dpm($result, "The result of _update_badges_state_and_bakedimage");
  return ($result === FALSE ? FALSE : TRUE);
}

/**
 * Bake a single badge
 */
function open_badges_bake_badge($uid, $bid, $type, $issuedate, $assertionurl, $sendtobackpack=FALSE, $deleteonerror=TRUE) {
  $headers = array();
  $queryarray = array();

  // Construct the query string
  $ourorigin = variable_get('open_badges_defaultissuerorigin', '');  // Assertion URL must be absolute
  $queryarray['assertion'] = $ourorigin . '/open_badges/assertion/' . $assertionurl;
  $queryarray['award'] = $sendtobackpack ? "true" : "false";
  $querystring = http_build_query($queryarray, '', '&');
  // Add the query string to the url -- it is not 'data'!
  $bakerserviceurl = variable_get('open_badges_badgebakingurl', '');
  $bakerserviceurl .= '?' . $querystring;

  //dpm("open_badges_bake_badge: The baker url is '{$bakerserviceurl}'");

  $bakeresult = drupal_http_request($bakerserviceurl, $headers, 'GET', NULL);

  //dpm("open_badges_bake_badge: The return code from the baking request: {$bakeresult->code}");

  if ($bakeresult->code > 200) {
    drupal_set_message("Error {$bakeresult->code}, baking badge {$bid} for uid {$uid}", 'error');
    watchdog('error', "Error from baking service for uid @uid and badge @bid : @code : @message : @reason",
             array('@uid' => $uid, '@bid' => $bid, '@code' => $bakeresult->code,
             '@message' => $bakeresult->error, '@reason' => $bakeresult->data), WATCHDOG_WARNING);
    if ($deleteonerror) open_badges_user_remove_badge($uid, $bid, $type);
    return FALSE;
  }

  if ($bakeresult->data === NULL || strlen($bakeresult->data) == 0) {
    drupal_set_message("Error, no response from the baking service while baking badge {$bid} for uid {$uid}", 'error');
    watchdog('error', "Error, no response from the baking service while baking badge for uid @uid and badge @bid",
             array('@uid' => $uid, '@bid' => $bid), WATCHDOG_WARNING);
    if ($deleteonerror) open_badges_user_remove_badge($uid, $bid, $type);
    return FALSE;
  }

  $bakedimage = _save_baked_badge($assertionurl, $bakeresult->data);
  //dpm($bakedimage, "open_badges_bake_badge: The filename returned from _save_baked_badge");
  if ($bakedimage === FALSE) {
    drupal_set_message("Error saving baked badge to path {$assertionurl} for uid {$uid} and badge {$bid}", 'error');
    watchdog('error', "Error saving baked badge to path @path for uid @uid and badge @bid.",
             array('@uid' => $uid, '@bid' => $bid, '@path' => $assertionurl), WATCHDOG_WARNING);
    if ($deleteonerror) open_badges_user_remove_badge($uid, $bid, $type);
    return FALSE;
  }

  // Check for header indicating whether it was successfully sent to the backpack (if requested)
  $newstate = OPEN_BADGES_STATE_BAKED;
  if ($sendtobackpack === TRUE) {
    //dpm("open_badges_bake_badge: Checking for x-badge-awarded header value");
    if (isset($bakeresult->headers['x-badge-awarded']) && $bakeresult->headers['x-badge-awarded'] != 'false') {
      //dpm("open_badges_bake_badge: Badge has been sent to backpack!");
      $newstate = OPEN_BADGES_STATE_BAKED_AND_SHARED;
    }
  }
  //dpm("open_badges_bake_badge: sendtobackpack: {$sendtobackpack}, newstate: {$newstate}");
  return _update_badge_state_and_bakedimage($uid, $bid, $type, $issuedate, $newstate, $bakedimage);
}

/**
 * Submit badges in the 'earned' state to be baked
 */
function open_badges_bake_badges() {
  $result = db_query('SELECT * FROM {open_badges_user} obu
                      LEFT JOIN {open_badges_user_preferences} obp ON obu.uid = obp.uid
                      WHERE state = %d', OPEN_BADGES_STATE_EARNED);
  while (($badge = db_fetch_object($result)) != NULL) {
    open_badges_bake_badge($badge->uid, $badge->bid, $badge->issuedate, $badge->assertionurl, $badge->issuedate,
                           (bool)($badge->userallowsharing == OPEN_BADGES_USER_DECISION_YES), TRUE);
  }
}

/**
 * Notify users of their shiny new badges!
 *
 * We get a list of 'baked' badges where the user has not yet been notified.
 * The result list should be ordered by UID.
 *
 * This version loops through and collects all the badges for a user and batches
 * them up into a single email message.
 *
 * XXX Need to mark each entry as 'notified' after the email is successfully sent!
 *
 * mysql>
  SELECT * FROM open_badges_user obu
         LEFT JOIN users u ON obu.uid = u.uid
         LEFT JOIN open_badges_badges obb ON obu.bid = obb.bid
         LEFT JOIN open_badges_user_preferences obp ON obu.uid = obp.uid AND obp.useremails = 2
         WHERE obu.usernotified = 0 AND (obu.state = 2 OR obu.state = 3)
         ORDER BY obu.uid;
 *
function open_badges_notify_new_recipients_bulk() {
  $result = db_query('SELECT * FROM {open_badges_user} obu
                      LEFT JOIN {users} u ON obu.uid = u.uid
                      LEFT JOIN {open_badges_badges} obb ON obu.bid = obb.bid
                      LEFT JOIN {open_badges_user_preferences} obp ON obu.uid = obp.uid AND obp.useremails = %d
                      WHERE obu.usernotified = %d AND (obu.state = %d OR obu.state =  %d)
                      ORDER BY obu.uid',
                      USER_BADGES_USER_DECISION_YES, 0, OPEN_BADGES_STATE_BAKED, OPEN_BADGES_STATE_BAKED_AND_SHARED);
  //dpm($result, "open_badges_notify_new_recipients: The result of the query");

  $from = variable_get('open_badges_fromaddress', NULL);

  $current_uid = -1;
  $first_entry = TRUE;
  $params = array();
  $params['badgecount'] = 0;
  $key = '';

  while (($badge = db_fetch_object($result)) != NULL) {
    //dpm($badge, "A baked badge whose recipient needs to be notified");

    if ($first_entry || $current_uid != $badge->uid) {
      if ($first_entry) {
        $first_entry = FALSE;
      } else {
        // We are processing a new UID, send off the message we've composed for the previous user
        $message = _open_badges_send_mimemail($key, $params);
        //XXX Update entry to indicate they've been notified (if the email works)
      }
      //dpm("Initializing for a new user: {$badge->uid}");
      $params = array();
      $params['badgecount'] = 0;
      $params['attachments'] = array();
      $current_uid = $badge->uid;
      $account = user_load($current_uid);
      $params['account'] = $account;
      // This should be the same for all badges for the same user?
      $key = $badge->state == OPEN_BADGES_STATE_BAKED ? 'notshared' : 'shared';
    }
    //dpm("Adding a baked image {$badge->bakedimage} for uid {$current_uid}");
    $attachment = array();
    $attachment['filepath'] = '/' . $badge->bakedimage;
    $attachment['filecontent'] = NULL;
    $attachment['filename'] = 'badge_' . ($params['badgecount'] + 1) . '.png'; // Do another join and get badge name?
    $attachment['filemime'] = 'image/png';
    $params['attachments'][] = $attachment;
    $params['badgecount']++;
  }
  // Send off the last message we've composed
  $message = _open_badges_send_mimemail($key, $params);
  //XXX Update entry to indicate they've been notified (if the email works)
}
 */

/**
 * Notify users of their shiny new badges!
 *
 * We get a list of 'baked' badges where the user has not yet been notified.
 * The result list should be ordered by UID.  This version sends a seperate
 * email for each badge earned.
 *
 */
function open_badges_notify_new_recipients() {
  //dpm("open_badges_notify_new_recipients: entered");

  $from = variable_get('open_badges_fromaddress', NULL);

  $sql = "SELECT obu.uid, obu.bid, obu.bakedimage, obu.state, obu.type, obu.issuedate,
                 obb.name, obb.criteria, obb.description, obp.useremails
          FROM {open_badges_user} obu
          LEFT JOIN {open_badges_badges} obb ON obu.bid = obb.bid
          LEFT JOIN {open_badges_user_preferences} obp ON obu.uid = obp.uid
          WHERE obu.usernotified = %d AND (obu.state = %d OR obu.state =  %d)
          ORDER BY obu.uid";

  // db_rewrite_sql() is causing bad query?
  //$result = db_query(db_rewrite_sql($sql),
  //                   0, OPEN_BADGES_STATE_BAKED, OPEN_BADGES_STATE_BAKED_AND_SHARED);
  $result = db_query($sql, 0, OPEN_BADGES_STATE_BAKED, OPEN_BADGES_STATE_BAKED_AND_SHARED);
                     if ($result === FALSE) {
    drupal_set_message("open_badges_notify_new_recipients: Error getting list of recipients", 'error');
    return;
  }
  //dpm("open_badges_notify_new_recipients: There were " . db_affected_rows() . " results from the SELECT query");

  while ($row = db_fetch_object($result)) {

    // useremails will be NULL if the user has no preferences entry yet
    if ($row->useremails == OPEN_BADGES_USER_DECISION_NO) {
      //dpm("SKIPPING ENTRY for user " . $row->uid . ", because they don't want email");
      continue;
    }
    //dpm($row, "open_badges_notify_new_recipients: notifying user about this badge");

    $params = array();
    $params['attachments'] = array();
    $account = user_load($row->uid);
    $params['account'] = $account;
    $key = $row->state == OPEN_BADGES_STATE_BAKED ? 'notshared' : 'shared';

    $attachment = array();
    $attachment['filepath'] = '/' . $row->bakedimage;
    $attachment['filecontent'] = NULL;
    $attachment['filename'] = $row->name . '.png';
    $attachment['filemime'] = 'image/png';
    $params['attachments'][] = $attachment;
    $params['info'] = $row;

    $message = _open_badges_send_mimemail($key, $params);

    $updateresult = db_query('UPDATE {open_badges_user} SET usernotified = %d
                              WHERE uid = %d AND bid = %d AND type LIKE \'%%%s%%\' AND issuedate = %d',
                              1, $row->uid, $row->bid, $row->type, $row->issuedate);
    //dpm($updateresult, "open_badges_notify_new_recipients: The result of the UPDATE query");
  }
  //dpm("open_badges_notify_new_recipients: exiting");
}

/**
 *
 * Do Markdown-style link, "[<link text>] (<url>)", substitutions.
 *
 */
function _do_markdown_link_substitutions($original) {
  $subbed = preg_replace_callback(
    "/\[(.+?)\][ ]?\((.+?)\)/",
    create_function(
        '$matches',
        'return l($matches[1], $matches[2]);'
    ),
    $original
  );
  return $subbed;
}

/**
 *
 * Do substitutions in the given string with the values in the given array
 *
 */
function _do_text_substitutions($original, $subs) {
  //dpm("_do_text_substitutions: original '{$original}'");
  //dpm($subs, "_do_text_substitutions: The subs array");
  $subbed = $original;
  foreach($subs as $key => $value) {
    $subbed = str_replace($key, $value, $subbed);
  }

  // Now check for Markdown-style URL substitutions and make them
  $subbed = _do_markdown_link_substitutions($subbed);

  //dpm("_do_text_substitution: returning '{$subbed}'");
  return $subbed;
}

/**
 *
 * Prepare the pre-set substitution list for email templates
 * @param array $info Array of substitution information obtained from the database
 * @return array of key value pairs
 */
function _prepare_substitutions($info) {
  $ret = array();
  $ret['{Badge Title}'] = $info->name;
  $ret['{Badge Description}'] = $info->description;
  $ret['{Badge Criteria URL}'] = $info->criteria;
  $ret['{Badge Recipients URL}'] = 'open_badges/' . $info->bid;
  $ret['{Badge User URL}'] = 'user/' . $info->uid . '/open_badges';
  $ret['{Mozilla Backpack URL}'] = 'http://beta.openbadges.org/'; // XXX
  //dpm($ret, "_prepare_substitutions: the returned values");
  return $ret;
}

/**
 * Use mimemail to send notification email
 */
function _open_badges_send_mimemail($key, $params) {
  $subs = _prepare_substitutions($params['info']);
  //dpm("_open_badges_send_mimemail: entered!");
  //dpm($params, "_open_badges_send_mimemail: params");
  $sender = variable_get('open_badges_fromaddress', NULL);
  $recipient = $params['account'];
  $subject = variable_get('open_badges_subject', t('You have earned a new badge!'));
  $subject = _do_text_substitutions($subject, $subs);
  $headers = array();
  switch ($key) {
    case 'shared':
      $body = variable_get('open_badges_bodyshared', '');
      break;
    case 'notshared':
      $body = variable_get('open_badges_bodynotshared', '');
      break;
  }
  $body = _do_text_substitutions($body, $subs);
  $attachments = $params['attachments'];

  //dpm($params, "The params used to populate parameters for mimemail");
  //dpm($sender, "The sender of the email");
  //dpm($recipient, "The recipient of the email");
  // XXX TESTING Temporary while debugging...
  //if ($recipient->uid != 18) {
  //  drupal_set_message("NOT SENDING email to user @name, @uid", array(@name => $recipient->name, @uid => $recipient->uid), 'error');
  //  return FALSE;
  //}
  drupal_set_message("SENDING email to user @name, @uid", array(@name => $recipient->name, @uid => $recipient->uid), 'error');

  $sentmsg = mimemail($sender, $recipient, $subject, $body, NULL, $headers, NULL, $attachments);
  //dpm($sentmsg, "The email sent");
  return $sentmsg;
}

/**
 * Process a request, presumedly from the Baking Service, for an assertion
 *
 * Returns a JSON blob with a "well-formatted" badge assertion
 * See https://github.com/brianlovesdata/openbadges/wiki/Assertions
 * for assertion documentation
 */
function open_badges_process_assertion_request($fullurl) {
  //dpm("open_badges_process_assertion_request: entered with '{$fullurl}'");
  $fullurl = trim($fullurl);
  $j = stripos($fullurl, '.json');
  $assertionurl = $j !== FALSE ? substr($fullurl, 0, $j) : $fullurl;

  $result = db_query('SELECT * FROM {open_badges_user} obu
                      LEFT JOIN {users} u ON obu.uid = u.uid
                      LEFT JOIN {open_badges_badges} obb ON obu.bid = obb.bid
                      WHERE obu.assertionurl LIKE \'%s\'', $assertionurl);
  //dpm("The result of the query is " . ($result == NULL ? "NULL" : $result));
  //dpm($result, "The result of the database query for the assertion url {$url}");
  // If we don't have the requested assertion URL, politely tell them to go away
  $count = 0;
  $info = NULL;
  while (($i = db_fetch_object($result)) != NULL) {
    $info = $i;
    $count++;
  }
  if ($count == 0) {
    return t('System error: no such assertion URL');
  }
  if ($count > 1) {
    return t('System error: multiple matching assertion URLs');
  }
  //dpm($info, "The returned information");
  //dpm("You have supplied assertion url '{$url}' and count is {$count}");

  // Compile the assertion
  $a = array();
  $a['recipient'] = $info->mail;
  if ($info->evidenceurl != '') {
    $a['evidenceurl'] = $info->evidenceurl;
  }
  if ($info->expirationdata != 0) {
    $a['expires'] = format_date($info->expirationdate, 'custom', 'Y-m-d');
  }
  $a['issued_on'] = format_date($info->issuedate, 'custom', 'Y-m-d');

  $a['badge'] = array();
  $a['badge']['version'] = '0.5.0';
  $a['badge']['name'] = str_replace("'", "\u0027", $info->name);
  $a['badge']['image'] = '/' . $info->image;
  $a['badge']['description'] = str_replace("'", "\u0027", $info->description);
  $a['badge']['criteria'] = $info->criteria;

  $a['badge']['issuer'] = array();
  $a['badge']['issuer']['origin'] = $info->originurl != '' ? $info->originurl : variable_get('open_badges_defaultissuerorigin', '');
  if ($a['badge']['issuer']['origin'] == '') {
    return t('System error: no issuer origin location supplied');
  }
  $a['badge']['issuer']['name'] = $info->issuername != '' ? $info->issuername : variable_get('open_badges_defaultissuername', '');
  if ($a['badge']['issuer']['name'] == '') {
    return t('System error: no issuer name supplied');
  }
  if ($info->issuerorg != '') {
    $a['badge']['issuer']['org'] = $info->issuerorg;
  }
  if ($info->issuercontact != '') {
    $a['badge']['issuer']['contact'] = $info->issuercontact;
  }

  // Now return the assertion to the requestor
  // (Can't use drupal_json() because it sends the wrong header)
  drupal_set_header('Content-Type: application/json;');
  echo drupal_to_js($a);

  return;
}

/**
 * "Re-bake" badges for users that have changed their sharing preference from
 * "undecided" or "no" to "yes".
 *
 * Note that to my knowledge, there is no way to "unshare" badges once they
 * have been shared.  So there is nothing to perform the opposite operation
 * when a user has changed their preference from "yes" to "no".
 */
function open_badges_share_badges()
{
  //dpm("open_badges_share_badges: entered");

  $sql = "SELECT obu.uid, obu.bid, obu.state, obu.type, obu.issuedate, obu.assertionurl
          FROM {open_badges_user} obu
          LEFT JOIN {open_badges_user_preferences} obp ON obu.uid = obp.uid
          WHERE obp.userallowsharing = %d AND obu.state = %d
          ORDER BY obu.uid";

  $result = db_query($sql, OPEN_BADGES_USER_DECISION_YES, OPEN_BADGES_STATE_BAKED);
  if ($result === FALSE) {
    drupal_set_message("open_badges_share_badges: Error getting list of badges which need to be re-baked", 'error');
    return;
  }
  //dpm("open_badges_share_badges: There were " . db_affected_rows() . " results from the SELECT query");

  while ($row = db_fetch_object($result)) {
    open_badges_bake_badge($row->uid, $row->bid, $row->type, $row->issuedate, $row->assertionurl, TRUE, FALSE);
  }
  //dpm("open_badges_share_badges: exiting");
}

/**
 * Implements hook_cron()
 */
function open_badges_cron() {
  /*
   * The open_badges_bake_badges() function is inteneded to bake badges during
   * cron.  Instead, we are currently baking badges as they are issued.
   *
   * open_badges_bake_badges();
   */

  // Send email notifications to new badge recipients
  open_badges_notify_new_recipients();

  // When users change their sharing option, re-bake badges sending them to the backpack
  open_badges_share_badges();

 /*
  * UNCOMMENT in order to get Open Badges to work along with Auto Assign Role
  * notes: - this is a quite fast solution in order to solve Auto Assign Role issue
  *        - do not forget to set up your cron
  */
//   $result = db_query('SELECT * FROM {open_badges_roles}');
//
//   $roles = array();
//   while ($o = db_fetch_object($result)) {
//     $roles[$o->rid] = $o->bid;
//   }
//
//   open_badges_save_roles($roles);
}