diff options
| author | msquare <msquare@notrademark.de> | 2017-06-20 16:50:21 +0200 |
|---|---|---|
| committer | msquare <msquare@notrademark.de> | 2017-06-20 16:50:21 +0200 |
| commit | 56814fa2fdf58b4013f4d57c5ea87619c7122957 (patch) | |
| tree | 640945769b7e9626cdf43162c786147f5c962029 /includes/controller/shift_entries_controller.php | |
| parent | a5fc5bd0979e8de1fce8a8addd351a6e7bd6aeb8 (diff) | |
| parent | cd30017b97afc3c7001fbb9eb14b54dbb980b7b6 (diff) | |
Merge branch 'pr/316' into feature-igel-rewrite
Diffstat (limited to 'includes/controller/shift_entries_controller.php')
| -rw-r--r-- | includes/controller/shift_entries_controller.php | 422 |
1 files changed, 263 insertions, 159 deletions
diff --git a/includes/controller/shift_entries_controller.php b/includes/controller/shift_entries_controller.php index d0a12288..cb2d9bee 100644 --- a/includes/controller/shift_entries_controller.php +++ b/includes/controller/shift_entries_controller.php @@ -1,187 +1,291 @@ <?php +use Engelsystem\Database\DB; + /** * Sign up for a shift. + * + * @return string */ -function shift_entry_add_controller() { - global $privileges, $user; - - if (isset($_REQUEST['shift_id']) && preg_match("/^[0-9]*$/", $_REQUEST['shift_id'])) { - $shift_id = $_REQUEST['shift_id']; - } else { - redirect(page_link_to('user_shifts')); - } - - // Locations laden - $rooms = sql_select("SELECT * FROM `Room` WHERE `show`='Y' ORDER BY `Name`"); - $room_array = []; - foreach ($rooms as $room) { - $room_array[$room['RID']] = $room['Name']; - } - - $shift = Shift($shift_id); - $shift['Name'] = $room_array[$shift['RID']]; - if ($shift == null) { - redirect(page_link_to('user_shifts')); - } - - if (isset($_REQUEST['type_id']) && preg_match("/^[0-9]*$/", $_REQUEST['type_id'])) { - $type_id = $_REQUEST['type_id']; - } else { - redirect(page_link_to('user_shifts')); - } - - if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) { - $type = AngelType($type_id); - } else { - $type = sql_select("SELECT * FROM `UserAngelTypes` JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) WHERE `AngelTypes`.`id` = '" . sql_escape($type_id) . "' AND (`AngelTypes`.`restricted` = 0 OR (`UserAngelTypes`.`user_id` = '" . sql_escape($user['UID']) . "' AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL))"); - $type = $type[0]; - } - - if ($type == null) { - redirect(page_link_to('user_shifts')); - } - - if (isset($_REQUEST['user_id']) && preg_match("/^[0-9]*$/", $_REQUEST['user_id']) && (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges))) { - $user_id = $_REQUEST['user_id']; - } else { - $user_id = $user['UID']; - } - - $needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $type); - $shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $type['id']); - - $shift_signup_allowed = Shift_signup_allowed(User($user_id), $shift, $type, null, null, $needed_angeltype, $shift_entries); - if (! $shift_signup_allowed->isSignupAllowed()) { - error(_("You are not allowed to sign up for this shift. Maybe shift is full or already running.")); - redirect(shift_link($shift)); - } - - if (isset($_REQUEST['submit'])) { - $selected_type_id = $type_id; - if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) { - - if (sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1") == 0) { +function shift_entry_add_controller() +{ + global $privileges, $user; + + $shift_id = 0; + if (isset($_REQUEST['shift_id']) && preg_match('/^\d*$/', $_REQUEST['shift_id'])) { + $shift_id = $_REQUEST['shift_id']; + } else { redirect(page_link_to('user_shifts')); - } - - if (isset($_REQUEST['angeltype_id']) && test_request_int('angeltype_id') && sql_num_query("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($_REQUEST['angeltype_id']) . "' LIMIT 1") > 0) { - $selected_type_id = $_REQUEST['angeltype_id']; - } } - - if (sql_num_query("SELECT * FROM `ShiftEntry` WHERE `SID`='" . sql_escape($shift['SID']) . "' AND `UID` = '" . sql_escape($user_id) . "'")) { - return error("This angel does already have an entry for this shift.", true); + + // Locations laden + $rooms = Rooms(); + $room_array = []; + foreach ($rooms as $room) { + $room_array[$room['RID']] = $room['Name']; } - - $freeloaded = $shift['freeloaded']; - $freeload_comment = $shift['freeload_comment']; - if (in_array("user_shifts_admin", $privileges)) { - $freeloaded = isset($_REQUEST['freeloaded']); - $freeload_comment = strip_request_item_nl('freeload_comment'); + + $shift = Shift($shift_id); + $shift['Name'] = $room_array[$shift['RID']]; + if ($shift == null) { + redirect(page_link_to('user_shifts')); } - - $comment = strip_request_item_nl('comment'); - $result = ShiftEntry_create([ - 'SID' => $shift_id, - 'TID' => $selected_type_id, - 'UID' => $user_id, - 'Comment' => $comment, - 'freeloaded' => $freeloaded, - 'freeload_comment' => $freeload_comment - ]); - if ($result === false) { - engelsystem_error('Unable to create shift entry.'); + + $type_id = 0; + if (isset($_REQUEST['type_id']) && preg_match('/^\d*$/', $_REQUEST['type_id'])) { + $type_id = $_REQUEST['type_id']; + } else { + redirect(page_link_to('user_shifts')); } - - if ($type['restricted'] == 0 && sql_num_query("SELECT * FROM `UserAngelTypes` INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` WHERE `angeltype_id` = '" . sql_escape($selected_type_id) . "' AND `user_id` = '" . sql_escape($user_id) . "'") == 0) { - sql_query("INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES ('" . sql_escape($user_id) . "', '" . sql_escape($selected_type_id) . "')"); + + if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', $privileges)) { + $type = AngelType($type_id); + } else { + // TODO: Move queries to model + $type = DB::select(' + SELECT * + FROM `UserAngelTypes` + JOIN `AngelTypes` ON (`UserAngelTypes`.`angeltype_id` = `AngelTypes`.`id`) + WHERE `AngelTypes`.`id` = ? + AND ( + `AngelTypes`.`restricted` = 0 + OR ( + `UserAngelTypes`.`user_id` = ? + AND NOT `UserAngelTypes`.`confirm_user_id` IS NULL + ) + ) + ', [$type_id, $user['UID']]); + $type = array_shift($type); } - - $user_source = User($user_id); - engelsystem_log("User " . User_Nick_render($user_source) . " signed up for shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end'])); - success(_("You are subscribed. Thank you!") . ' <a href="' . page_link_to('user_myshifts') . '">' . _("My shifts") . ' »</a>'); - redirect(shift_link($shift)); - } - - if (in_array('user_shifts_admin', $privileges)) { - $users = sql_select("SELECT *, (SELECT count(*) FROM `ShiftEntry` WHERE `freeloaded`=1 AND `ShiftEntry`.`UID`=`User`.`UID`) AS `freeloaded` FROM `User` ORDER BY `Nick`"); - $users_select = []; - foreach ($users as $usr) { - $users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? "" : " (" . _("Freeloader") . ")"); + + if (empty($type)) { + redirect(page_link_to('user_shifts')); } - $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']); - - $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); - $angeltypes = []; - foreach ($angeltypes_source as $angeltype) { - $angeltypes[$angeltype['id']] = $angeltype['name']; + + if ( + isset($_REQUEST['user_id']) + && preg_match('/^\d*$/', $_REQUEST['user_id']) + && ( + in_array('user_shifts_admin', $privileges) + || in_array('shiftentry_edit_angeltype_supporter', $privileges) + ) + ) { + $user_id = $_REQUEST['user_id']; + } else { + $user_id = $user['UID']; } - $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']); - } elseif (in_array('shiftentry_edit_angeltype_supporter', $privileges)) { - $users = Users_by_angeltype($type); - $users_select = []; - foreach ($users as $usr) { - if (! $type['restricted'] || $usr['confirm_user_id'] != null) { - $users_select[$usr['UID']] = $usr['Nick']; - } + + $needed_angeltype = NeededAngeltype_by_Shift_and_Angeltype($shift, $type); + $shift_entries = ShiftEntries_by_shift_and_angeltype($shift['SID'], $type['id']); + + $shift_signup_allowed = Shift_signup_allowed( + User($user_id), + $shift, + $type, + null, + null, + $needed_angeltype, + $shift_entries + ); + if (!$shift_signup_allowed->isSignupAllowed()) { + error(_('You are not allowed to sign up for this shift. Maybe shift is full or already running.')); + redirect(shift_link($shift)); + } + + if (isset($_REQUEST['submit'])) { + $selected_type_id = $type_id; + if (in_array('user_shifts_admin', $privileges) || in_array('shiftentry_edit_angeltype_supporter', + $privileges) + ) { + + if (count(DB::select('SELECT `UID` FROM `User` WHERE `UID`=? LIMIT 1', [$user_id])) == 0) { + redirect(page_link_to('user_shifts')); + } + + if ( + isset($_REQUEST['angeltype_id']) + && test_request_int('angeltype_id') + && count(DB::select( + 'SELECT `id` FROM `AngelTypes` WHERE `id`=? LIMIT 1', + [$_REQUEST['angeltype_id']] + )) > 0 + ) { + $selected_type_id = $_REQUEST['angeltype_id']; + } + } + + if (count(DB::select( + 'SELECT `id` FROM `ShiftEntry` WHERE `SID`= ? AND `UID` = ?', + [$shift['SID'], $user_id])) + ) { + return error('This angel does already have an entry for this shift.', true); + } + + $freeloaded = isset($shift['freeloaded']) ? $shift['freeloaded'] : false; + $freeload_comment = isset($shift['freeload_comment']) ? $shift['freeload_comment'] : ''; + if (in_array('user_shifts_admin', $privileges)) { + $freeloaded = isset($_REQUEST['freeloaded']); + $freeload_comment = strip_request_item_nl('freeload_comment'); + } + + $comment = strip_request_item_nl('comment'); + $result = ShiftEntry_create([ + 'SID' => $shift_id, + 'TID' => $selected_type_id, + 'UID' => $user_id, + 'Comment' => $comment, + 'freeloaded' => $freeloaded, + 'freeload_comment' => $freeload_comment + ]); + if ($result === false) { + engelsystem_error('Unable to create shift entry.'); + } + + if ( + $type['restricted'] == 0 + && count(DB::select(' + SELECT `UserAngelTypes`.`id` FROM `UserAngelTypes` + INNER JOIN `AngelTypes` ON `AngelTypes`.`id` = `UserAngelTypes`.`angeltype_id` + WHERE `angeltype_id` = ? + AND `user_id` = ? + ', [$selected_type_id, $user_id])) == 0 + ) { + DB::insert( + 'INSERT INTO `UserAngelTypes` (`user_id`, `angeltype_id`) VALUES (?, ?)', + [$user_id, $selected_type_id] + ); + } + + $user_source = User($user_id); + engelsystem_log( + 'User ' . User_Nick_render($user_source) + . ' signed up for shift ' . $shift['name'] + . ' from ' . date('Y-m-d H:i', $shift['start']) + . ' to ' . date('Y-m-d H:i', $shift['end']) + ); + success(_('You are subscribed. Thank you!') . ' <a href="' . page_link_to('user_myshifts') . '">' . _('My shifts') . ' »</a>'); + redirect(shift_link($shift)); } - $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']); - - $angeltypes_source = User_angeltypes($user); - $angeltypes = []; - foreach ($angeltypes_source as $angeltype) { - if ($angeltype['supporter']) { - $angeltypes[$angeltype['id']] = $angeltype['name']; - } - $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']); + + $angeltype_select = ''; + if (in_array('user_shifts_admin', $privileges)) { + $users = DB::select(' + SELECT *, + ( + SELECT count(*) + FROM `ShiftEntry` + WHERE `freeloaded`=1 + AND `ShiftEntry`.`UID`=`User`.`UID` + ) AS `freeloaded` + FROM `User` + ORDER BY `Nick` + '); + $users_select = []; + foreach ($users as $usr) { + $users_select[$usr['UID']] = $usr['Nick'] . ($usr['freeloaded'] == 0 ? '' : ' (' . _('Freeloader') . ')'); + } + $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']); + + $angeltypes_source = DB::select('SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`'); + $angeltypes = []; + foreach ($angeltypes_source as $angeltype) { + $angeltypes[$angeltype['id']] = $angeltype['name']; + } + $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']); + } elseif (in_array('shiftentry_edit_angeltype_supporter', $privileges)) { + $users = Users_by_angeltype($type); + $users_select = []; + foreach ($users as $usr) { + if (!$type['restricted'] || $usr['confirm_user_id'] != null) { + $users_select[$usr['UID']] = $usr['Nick']; + } + } + $user_text = html_select_key('user_id', 'user_id', $users_select, $user['UID']); + + $angeltypes_source = User_angeltypes($user); + $angeltypes = []; + foreach ($angeltypes_source as $angeltype) { + if ($angeltype['supporter']) { + $angeltypes[$angeltype['id']] = $angeltype['name']; + } + $angeltype_select = html_select_key('angeltype_id', 'angeltype_id', $angeltypes, $type['id']); + } + } else { + $user_text = User_Nick_render($user); + $angeltype_select = $type['name']; } - } else { - $user_text = User_Nick_render($user); - $angeltype_select = $type['name']; - } - - return ShiftEntry_edit_view($user_text, date("Y-m-d H:i", $shift['start']) . ' – ' . date('Y-m-d H:i', $shift['end']) . ' (' . shift_length($shift) . ')', $shift['Name'], $shift['name'], $angeltype_select, "", false, null, in_array('user_shifts_admin', $privileges)); + + return ShiftEntry_edit_view( + $user_text, + date('Y-m-d H:i', $shift['start']) + . ' – ' + . date('Y-m-d H:i', $shift['end']) + . ' (' . shift_length($shift) . ')', + $shift['Name'], + $shift['name'], + $angeltype_select, '', + false, + null, + in_array('user_shifts_admin', $privileges) + ); } /** * Remove somebody from a shift. */ -function shift_entry_delete_controller() { - global $privileges, $user; - - if (! isset($_REQUEST['entry_id']) || ! test_request_int('entry_id')) { - redirect(page_link_to('user_shifts')); - } - $entry_id = $_REQUEST['entry_id']; - - $shift_entry_source = sql_select(" - SELECT `User`.`Nick`, `ShiftEntry`.`Comment`, `ShiftEntry`.`UID`, `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, `AngelTypes`.`name` as `angel_type`, `AngelTypes`.`id` as `angeltype_id` +function shift_entry_delete_controller() +{ + global $privileges, $user; + + if (!isset($_REQUEST['entry_id']) || !test_request_int('entry_id')) { + redirect(page_link_to('user_shifts')); + } + $entry_id = $_REQUEST['entry_id']; + + $shift_entry_source = DB::select(' + SELECT + `User`.`Nick`, + `ShiftEntry`.`Comment`, + `ShiftEntry`.`UID`, + `ShiftTypes`.`name`, + `Shifts`.*, + `Room`.`Name`, + `AngelTypes`.`name` AS `angel_type`, + `AngelTypes`.`id` AS `angeltype_id` FROM `ShiftEntry` JOIN `User` ON (`User`.`UID`=`ShiftEntry`.`UID`) JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) JOIN `ShiftTypes` ON (`ShiftTypes`.`id` = `Shifts`.`shifttype_id`) JOIN `Room` ON (`Shifts`.`RID` = `Room`.`RID`) - WHERE `ShiftEntry`.`id`='" . sql_escape($entry_id) . "'"); - if (count($shift_entry_source) > 0) { - $shift_entry_source = $shift_entry_source[0]; - - if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter', $privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id'])))) { - redirect(page_link_to('user_shifts')); - } - - $result = ShiftEntry_delete($entry_id); - if ($result === false) { - engelsystem_error('Unable to delete shift entry.'); + WHERE `ShiftEntry`.`id`=?', + [$entry_id] + ); + if (count($shift_entry_source) > 0) { + $shift_entry_source = array_shift($shift_entry_source); + + if (!in_array('user_shifts_admin', $privileges) && (!in_array('shiftentry_edit_angeltype_supporter', + $privileges) || !User_is_AngelType_supporter($user, AngelType($shift_entry_source['angeltype_id']))) + ) { + redirect(page_link_to('user_shifts')); + } + + $result = ShiftEntry_delete($entry_id); + if ($result === false) { + engelsystem_error('Unable to delete shift entry.'); + } + + engelsystem_log( + 'Deleted ' . User_Nick_render($shift_entry_source) . '\'s shift: ' . $shift_entry_source['name'] + . ' at ' . $shift_entry_source['Name'] + . ' from ' . date('Y-m-d H:i', $shift_entry_source['start']) + . ' to ' . date('Y-m-d H:i', $shift_entry_source['end']) + . ' as ' . $shift_entry_source['angel_type'] + ); + success(_('Shift entry deleted.')); + } else { + error(_('Entry not found.')); } - - engelsystem_log("Deleted " . User_Nick_render($shift_entry_source) . "'s shift: " . $shift_entry_source['name'] . " at " . $shift_entry_source['Name'] . " from " . date("Y-m-d H:i", $shift_entry_source['start']) . " to " . date("Y-m-d H:i", $shift_entry_source['end']) . " as " . $shift_entry_source['angel_type']); - success(_("Shift entry deleted.")); - } else { - error(_("Entry not found.")); - } - redirect(shift_link($shift_entry_source)); -} -?>
\ No newline at end of file + redirect(shift_link($shift_entry_source)); +} |