add total system

git-svn-id: svn://svn.cccv.de/engel-system@1 29ba0400-6e00-0410-a75a-ca02368028f8

1 files changed, 118 insertions, 0 deletions

diff --git a/admin/user2.php b/admin/user2.php
new file mode 100755
index 00000000..39b3385b
--- /dev/null
+++ b/admin/user2.php
@@ -0,0 +1,118 @@
+<?PHP
+
+$title = "User-Liste";
+$header = "Index";
+include ("./inc/header.php");
+include ("./inc/funktion_db_list.php");
+include ("./inc/crypt.php");
+
+if (IsSet($action)) 
+{
+	
+	function SQLExec( $SQL )
+	{ 
+		global $con;
+	
+		$Erg = mysql_query($SQL, $con);
+		if ($Erg == 1) {
+			echo "&Auml;nderung wurde gesichert...\n";
+		} else {
+			echo "Fehler beim speichern...\n";
+		}
+
+	}
+
+	SetHeaderGo2Back();
+	echo "Gesendeter Befehl: $action<br>";
+
+	switch ($action) {
+
+	case "change":
+		if (IsSet($enterUID))
+		{
+			if ($Type == "Normal")
+			{
+				$SQL = "UPDATE `User` SET ";
+				$SQL.= " `Nick` = '$eNick', `Name` = '$eName', `Vorname` = '$eVorname', ".
+					"`Telefon` = '$eTelefon', `Handy` = '$eHandy', `DECT` = '$eDECT', ".
+					"`email` = '$eemail', `Size` = '$eSize', ".
+					"`Gekommen`= '$eGekommen', `Aktiv`= '$eAktiv', ".
+					"`Tshirt` = '$eTshirt' ";
+				$SQL.= "WHERE `UID` = '$enterUID' LIMIT 1;";
+				echo "User-";
+				SQLExec( $SQL );
+			}
+			if ($Type == "Secure")
+			{
+				$SQL2 = "UPDATE `UserCVS` SET ";
+			  	$SQL_CVS = "SELECT * FROM `UserCVS` WHERE UID=$enterUID";
+				$Erg_CVS =  mysql_query($SQL_CVS, $con);
+				$CVS_Data = mysql_fetch_array($Erg_CVS);
+				$CVS_Data_i = 1;
+				foreach ($CVS_Data as $CVS_Data_Name => $CVS_Data_Value) 
+				{
+					if( ($CVS_Data_i+1)%2 && $CVS_Data_Name!="UID")
+						$SQL2.= "`$CVS_Data_Name` = '".$$CVS_Data_i."', ";
+			    		$CVS_Data_i++;
+					}
+				$SQL2 = substr( $SQL2, 0, strlen($SQL2)-2 );
+				$SQL2.= "  WHERE `UID` = '$enterUID' LIMIT 1;";
+				echo "<br>Secure-";
+				SQLExec( $SQL2 );
+			}
+		}
+		break;
+
+	case "delete":
+		if (IsSet($enterUID))
+		{
+			$SQL="delete from `User` WHERE `UID` = '$enterUID' LIMIT 1;";
+			SQLExec( $SQL );
+			$SQL2="delete from `UserCVS` WHERE `UID` = '$enterUID' LIMIT 1;";
+			SQLExec( $SQL2 );
+			$SQL3="UPDATE `ShiftEntry` SET `UID` = '0', `Comment` = NULL ".
+				"WHERE `UID` = '$enterUID' LIMIT 1;";
+			SQLExec( $SQL3 );
+		}
+		break;
+
+
+	case "newpw":
+		echo "Bitte neues Kennwort f&uuml;r <b>";
+		// Get Nick
+		$USQL = "SELECT * FROM User where UID=$eUID";
+		$Erg = mysql_query($USQL, $con);
+		echo mysql_result($Erg, 0, "Nick");
+		echo "</b> eingeben:<br>";
+		echo "<form action=\"./user2.php\" method=\"POST\">\n";	
+		echo "<input type=\"Password\" name=\"ePasswort\">";
+		echo "<input type=\"Password\" name=\"ePasswort2\">";
+		echo "<input type=\"hidden\" name=\"eUID\" value=\"$eUID\">";
+		echo "<input type=\"hidden\" name=\"action\" value=\"newpwsave\">\n";
+	        echo "<input type=\"submit\" value=\"sichern...\">\n";
+	        echo "</form>";
+		break;
+
+	case "newpwsave":
+		if ($ePasswort == $ePasswort2) 
+		{	// beide Passwoerter passen... 
+			$ePasswort = PassCrypt($ePasswort);
+			$SQL="UPDATE `User` SET `Passwort`='$ePasswort' where `UID` = '$eUID'";
+			SQLExec( $SQL );
+		} 
+		else 
+			echo "Das Passwort wurde nicht &uuml;bereinstimmend eingegeben!";
+		break;
+	} // end switch
+
+// ende - Action ist gesetzt 
+} 
+else 
+{
+	// kein Action gesetzt -> abbruch
+	echo "Unzul&auml;ssiger Aufruf. Bitte neu editieren...";
+}
+
+include ("./inc/footer.php");
+?>
+