diff options
author | Bot <bot@myigel.name> | 2017-01-02 15:43:36 +0100 |
---|---|---|
committer | Igor Scheller <igor.scheller@igorshp.de> | 2017-01-02 15:49:53 +0100 |
commit | d71e7bbfad2f07f82df0c515608996d250fd4182 (patch) | |
tree | 5083a17b218c08b3a699a0bf15bec926cc2dd185 /includes/pages | |
parent | 7313e15ce8236e19331fb6639a3a5b97c8f06ecd (diff) |
Formatting
Diffstat (limited to 'includes/pages')
-rw-r--r-- | includes/pages/admin_active.php | 108 | ||||
-rw-r--r-- | includes/pages/admin_arrive.php | 184 | ||||
-rw-r--r-- | includes/pages/admin_free.php | 85 | ||||
-rw-r--r-- | includes/pages/admin_groups.php | 172 | ||||
-rw-r--r-- | includes/pages/admin_import.php | 577 | ||||
-rw-r--r-- | includes/pages/admin_log.php | 26 | ||||
-rw-r--r-- | includes/pages/admin_news.php | 84 | ||||
-rw-r--r-- | includes/pages/admin_questions.php | 169 | ||||
-rw-r--r-- | includes/pages/admin_rooms.php | 154 | ||||
-rw-r--r-- | includes/pages/admin_shifts.php | 428 | ||||
-rw-r--r-- | includes/pages/admin_user.php | 213 | ||||
-rw-r--r-- | includes/pages/guest_login.php | 385 | ||||
-rw-r--r-- | includes/pages/guest_stats.php | 24 | ||||
-rw-r--r-- | includes/pages/user_atom.php | 22 | ||||
-rw-r--r-- | includes/pages/user_ical.php | 19 | ||||
-rw-r--r-- | includes/pages/user_messages.php | 180 | ||||
-rw-r--r-- | includes/pages/user_myshifts.php | 76 | ||||
-rw-r--r-- | includes/pages/user_news.php | 80 | ||||
-rw-r--r-- | includes/pages/user_questions.php | 83 | ||||
-rw-r--r-- | includes/pages/user_settings.php | 74 | ||||
-rw-r--r-- | includes/pages/user_shifts.php | 158 |
21 files changed, 1785 insertions, 1516 deletions
diff --git a/includes/pages/admin_active.php b/includes/pages/admin_active.php index 46e88e23..38edbfdb 100644 --- a/includes/pages/admin_active.php +++ b/includes/pages/admin_active.php @@ -8,34 +8,37 @@ function admin_active_title() function admin_active() { global $tshirt_sizes, $shift_sum_formula; - + $msg = ""; $search = ""; $forced_count = sql_num_query("SELECT * FROM `User` WHERE `force_active`=1"); $count = $forced_count; $limit = ""; $set_active = ""; - + if (isset($_REQUEST['search'])) { $search = strip_request_item('search'); } - + $show_all_shifts = isset($_REQUEST['show_all_shifts']); - + if (isset($_REQUEST['set_active'])) { $valid = true; - + if (isset($_REQUEST['count']) && preg_match("/^[0-9]+$/", $_REQUEST['count'])) { $count = strip_request_item('count'); if ($count < $forced_count) { - error(sprintf(_("At least %s angels are forced to be active. The number has to be greater."), $forced_count)); + error(sprintf( + _("At least %s angels are forced to be active. The number has to be greater."), + $forced_count + )); redirect(page_link_to('admin_active')); } } else { $valid = false; $msg .= error(_("Please enter a number of angels to be marked as active."), true); } - + if ($valid) { $limit = " LIMIT " . $count; } @@ -56,14 +59,14 @@ function admin_active() } sql_query("UPDATE `User` SET `Aktiv`=1 WHERE `force_active`=TRUE"); engelsystem_log("These angels are active now: " . join(", ", $user_nicks)); - + $limit = ""; $msg = success(_("Marked angels."), true); } else { $set_active = '<a href="' . page_link_to('admin_active') . '&serach=' . $search . '">« ' . _("back") . '</a> | <a href="' . page_link_to('admin_active') . '&search=' . $search . '&count=' . $count . '&set_active&ack">' . _("apply") . '</a>'; } } - + if (isset($_REQUEST['active']) && preg_match("/^[0-9]+$/", $_REQUEST['active'])) { $user_id = $_REQUEST['active']; $user_source = User($user_id); @@ -105,14 +108,15 @@ function admin_active() $msg = error(_("Angel not found."), true); } } - + $users = sql_select(" SELECT `User`.*, COUNT(`ShiftEntry`.`id`) as `shift_count`, ${shift_sum_formula} as `shift_length` FROM `User` LEFT JOIN `ShiftEntry` ON `User`.`UID` = `ShiftEntry`.`UID` LEFT JOIN `Shifts` ON `ShiftEntry`.`SID` = `Shifts`.`SID` " . ($show_all_shifts ? "" : "AND (`Shifts`.`end` < " . time() . " OR `Shifts`.`end` IS NULL)") . " WHERE `User`.`Gekommen` = 1 GROUP BY `User`.`UID` - ORDER BY `force_active` DESC, `shift_length` DESC" . $limit); + ORDER BY `force_active` DESC, `shift_length` DESC" . $limit + ); $matched_users = []; if ($search == "") { $tokens = []; @@ -128,7 +132,7 @@ function admin_active() break; } } - if (! $match) { + if (!$match) { continue; } } @@ -138,7 +142,7 @@ function admin_active() $usr['active'] = glyph_bool($usr['Aktiv'] == 1); $usr['force_active'] = glyph_bool($usr['force_active'] == 1); $usr['tshirt'] = glyph_bool($usr['Tshirt'] == 1); - + $actions = []; if ($usr['Aktiv'] == 0) { $actions[] = '<a href="' . page_link_to('admin_active') . '&active=' . $usr['UID'] . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' . _("set active") . '</a>'; @@ -150,54 +154,54 @@ function admin_active() if ($usr['Tshirt'] == 1) { $actions[] = '<a href="' . page_link_to('admin_active') . '&not_tshirt=' . $usr['UID'] . ($show_all_shifts ? '&show_all_shifts=' : '') . '&search=' . $search . '">' . _("remove t-shirt") . '</a>'; } - + $usr['actions'] = join(' ', $actions); - + $matched_users[] = $usr; } - + $shirt_statistics = []; foreach (array_keys($tshirt_sizes) as $size) { if ($size != '') { $shirt_statistics[] = [ - 'size' => $size, - 'needed' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Gekommen`=1"), - 'given' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Tshirt`=1") - ]; + 'size' => $size, + 'needed' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Gekommen`=1"), + 'given' => sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Size`='" . sql_escape($size) . "' AND `Tshirt`=1") + ]; } } $shirt_statistics[] = [ - 'size' => '<b>' . _("Sum") . '</b>', - 'needed' => '<b>' . User_arrived_count() . '</b>', - 'given' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>' - ]; - + 'size' => '<b>' . _("Sum") . '</b>', + 'needed' => '<b>' . User_arrived_count() . '</b>', + 'given' => '<b>' . sql_select_single_cell("SELECT count(*) FROM `User` WHERE `Tshirt`=1") . '</b>' + ]; + return page_with_title(admin_active_title(), [ - form([ - form_text('search', _("Search angel:"), $search), - form_checkbox('show_all_shifts', _("Show all shifts"), $show_all_shifts), - form_submit('submit', _("Search")) - ], page_link_to('admin_active')), - $set_active == "" ? form([ - form_text('count', _("How much angels should be active?"), $count), - form_submit('set_active', _("Preview")) - ]) : $set_active, - msg(), - table([ - 'nick' => _("Nickname"), - 'shirt_size' => _("Size"), - 'shift_count' => _("Shifts"), - 'work_time' => _("Length"), - 'active' => _("Active?"), - 'force_active' => _("Forced"), - 'tshirt' => _("T-shirt?"), - 'actions' => "" - ], $matched_users), - '<h2>' . _("Shirt statistics") . '</h2>', - table([ - 'size' => _("Size"), - 'needed' => _("Needed shirts"), - 'given' => _("Given shirts") - ], $shirt_statistics) - ]); + form([ + form_text('search', _("Search angel:"), $search), + form_checkbox('show_all_shifts', _("Show all shifts"), $show_all_shifts), + form_submit('submit', _("Search")) + ], page_link_to('admin_active')), + $set_active == "" ? form([ + form_text('count', _("How much angels should be active?"), $count), + form_submit('set_active', _("Preview")) + ]) : $set_active, + msg(), + table([ + 'nick' => _("Nickname"), + 'shirt_size' => _("Size"), + 'shift_count' => _("Shifts"), + 'work_time' => _("Length"), + 'active' => _("Active?"), + 'force_active' => _("Forced"), + 'tshirt' => _("T-shirt?"), + 'actions' => "" + ], $matched_users), + '<h2>' . _("Shirt statistics") . '</h2>', + table([ + 'size' => _("Size"), + 'needed' => _("Needed shirts"), + 'given' => _("Given shirts") + ], $shirt_statistics) + ]); } diff --git a/includes/pages/admin_arrive.php b/includes/pages/admin_arrive.php index c2e97072..cd910bd0 100644 --- a/includes/pages/admin_arrive.php +++ b/includes/pages/admin_arrive.php @@ -12,7 +12,7 @@ function admin_arrive() if (isset($_REQUEST['search'])) { $search = strip_request_item('search'); } - + if (isset($_REQUEST['reset']) && preg_match("/^[0-9]*$/", $_REQUEST['reset'])) { $user_id = $_REQUEST['reset']; $user_source = User($user_id); @@ -36,7 +36,7 @@ function admin_arrive() $msg = error(_("Angel not found."), true); } } - + $users = sql_select("SELECT * FROM `User` ORDER BY `Nick`"); $arrival_count_at_day = []; $planned_arrival_count_at_day = []; @@ -57,11 +57,11 @@ function admin_arrive() break; } } - if (! $match) { + if (!$match) { continue; } } - + $usr['nick'] = User_Nick_render($usr); if ($usr['planned_departure_date'] != null) { $usr['rendered_planned_departure_date'] = date('Y-m-d', $usr['planned_departure_date']); @@ -72,131 +72,131 @@ function admin_arrive() $usr['rendered_arrival_date'] = $usr['arrival_date'] > 0 ? date('Y-m-d', $usr['arrival_date']) : "-"; $usr['arrived'] = $usr['Gekommen'] == 1 ? _("yes") : ""; $usr['actions'] = $usr['Gekommen'] == 1 ? '<a href="' . page_link_to('admin_arrive') . '&reset=' . $usr['UID'] . '&search=' . $search . '">' . _("reset") . '</a>' : '<a href="' . page_link_to('admin_arrive') . '&arrived=' . $usr['UID'] . '&search=' . $search . '">' . _("arrived") . '</a>'; - + if ($usr['arrival_date'] > 0) { $day = date('Y-m-d', $usr['arrival_date']); - if (! isset($arrival_count_at_day[$day])) { + if (!isset($arrival_count_at_day[$day])) { $arrival_count_at_day[$day] = 0; } - $arrival_count_at_day[$day] ++; + $arrival_count_at_day[$day]++; } - + if ($usr['planned_arrival_date'] != null) { $day = date('Y-m-d', $usr['planned_arrival_date']); - if (! isset($planned_arrival_count_at_day[$day])) { + if (!isset($planned_arrival_count_at_day[$day])) { $planned_arrival_count_at_day[$day] = 0; } - $planned_arrival_count_at_day[$day] ++; + $planned_arrival_count_at_day[$day]++; } - + if ($usr['planned_departure_date'] != null && $usr['Gekommen'] == 1) { $day = date('Y-m-d', $usr['planned_departure_date']); - if (! isset($planned_departure_count_at_day[$day])) { + if (!isset($planned_departure_count_at_day[$day])) { $planned_departure_count_at_day[$day] = 0; } - $planned_departure_count_at_day[$day] ++; + $planned_departure_count_at_day[$day]++; } - + $users_matched[] = $usr; } - + ksort($arrival_count_at_day); ksort($planned_arrival_count_at_day); ksort($planned_departure_count_at_day); - + $arrival_at_day = []; $arrival_sum = 0; foreach ($arrival_count_at_day as $day => $count) { $arrival_sum += $count; $arrival_at_day[$day] = [ - 'day' => $day, - 'count' => $count, - 'sum' => $arrival_sum - ]; + 'day' => $day, + 'count' => $count, + 'sum' => $arrival_sum + ]; } - + $planned_arrival_at_day = []; $planned_arrival_sum = 0; foreach ($planned_arrival_count_at_day as $day => $count) { $planned_arrival_sum += $count; $planned_arrival_at_day[$day] = [ - 'day' => $day, - 'count' => $count, - 'sum' => $planned_arrival_sum - ]; + 'day' => $day, + 'count' => $count, + 'sum' => $planned_arrival_sum + ]; } - + $planned_departure_at_day = []; $planned_departure_sum = 0; foreach ($planned_departure_count_at_day as $day => $count) { $planned_departure_sum += $count; $planned_departure_at_day[$day] = [ - 'day' => $day, - 'count' => $count, - 'sum' => $planned_departure_sum - ]; + 'day' => $day, + 'count' => $count, + 'sum' => $planned_departure_sum + ]; } - + return page_with_title(admin_arrive_title(), [ - msg(), - form([ - form_text('search', _("Search"), $search), - form_submit('submit', _("Search")) - ]), - table([ - 'nick' => _("Nickname"), - 'rendered_planned_arrival_date' => _("Planned arrival"), - 'arrived' => _("Arrived?"), - 'rendered_arrival_date' => _("Arrival date"), - 'rendered_planned_departure_date' => _("Planned departure"), - 'actions' => "" - ], $users_matched), - div('row', [ - div('col-md-4', [ - heading(_("Planned arrival statistics"), 2), - bargraph('planned_arrives', 'day', [ - 'count' => _("arrived"), - 'sum' => _("arrived sum") - ], [ - 'count' => '#090', - 'sum' => '#888' - ], $planned_arrival_at_day), - table([ - 'day' => _("Date"), - 'count' => _("Count"), - 'sum' => _("Sum") - ], $planned_arrival_at_day) - ]), - div('col-md-4', [ - heading(_("Arrival statistics"), 2), - bargraph('arrives', 'day', [ - 'count' => _("arrived"), - 'sum' => _("arrived sum") - ], [ - 'count' => '#090', - 'sum' => '#888' - ], $arrival_at_day), - table([ - 'day' => _("Date"), - 'count' => _("Count"), - 'sum' => _("Sum") - ], $arrival_at_day) - ]), - div('col-md-4', [ - heading(_("Planned departure statistics"), 2), - bargraph('planned_departures', 'day', [ - 'count' => _("arrived"), - 'sum' => _("arrived sum") - ], [ - 'count' => '#090', - 'sum' => '#888' - ], $planned_departure_at_day), - table([ - 'day' => _("Date"), - 'count' => _("Count"), - 'sum' => _("Sum") - ], $planned_departure_at_day) - ]) - ]) - ]); + msg(), + form([ + form_text('search', _("Search"), $search), + form_submit('submit', _("Search")) + ]), + table([ + 'nick' => _("Nickname"), + 'rendered_planned_arrival_date' => _("Planned arrival"), + 'arrived' => _("Arrived?"), + 'rendered_arrival_date' => _("Arrival date"), + 'rendered_planned_departure_date' => _("Planned departure"), + 'actions' => "" + ], $users_matched), + div('row', [ + div('col-md-4', [ + heading(_("Planned arrival statistics"), 2), + bargraph('planned_arrives', 'day', [ + 'count' => _("arrived"), + 'sum' => _("arrived sum") + ], [ + 'count' => '#090', + 'sum' => '#888' + ], $planned_arrival_at_day), + table([ + 'day' => _("Date"), + 'count' => _("Count"), + 'sum' => _("Sum") + ], $planned_arrival_at_day) + ]), + div('col-md-4', [ + heading(_("Arrival statistics"), 2), + bargraph('arrives', 'day', [ + 'count' => _("arrived"), + 'sum' => _("arrived sum") + ], [ + 'count' => '#090', + 'sum' => '#888' + ], $arrival_at_day), + table([ + 'day' => _("Date"), + 'count' => _("Count"), + 'sum' => _("Sum") + ], $arrival_at_day) + ]), + div('col-md-4', [ + heading(_("Planned departure statistics"), 2), + bargraph('planned_departures', 'day', [ + 'count' => _("arrived"), + 'sum' => _("arrived sum") + ], [ + 'count' => '#090', + 'sum' => '#888' + ], $planned_departure_at_day), + table([ + 'day' => _("Date"), + 'count' => _("Count"), + 'sum' => _("Sum") + ], $planned_departure_at_day) + ]) + ]) + ]); } diff --git a/includes/pages/admin_free.php b/includes/pages/admin_free.php index db0c239f..947dd93b 100644 --- a/includes/pages/admin_free.php +++ b/includes/pages/admin_free.php @@ -8,12 +8,12 @@ function admin_free_title() function admin_free() { global $privileges; - + $search = ""; if (isset($_REQUEST['search'])) { $search = strip_request_item('search'); } - + $angeltypesearch = ""; if (empty($_REQUEST['angeltype'])) { $_REQUEST['angeltype'] = ''; @@ -24,15 +24,15 @@ function admin_free() } $angeltypesearch .= ") "; } - + $angel_types_source = sql_select("SELECT `id`, `name` FROM `AngelTypes` ORDER BY `name`"); $angel_types = [ - '' => 'alle Typen' - ]; + '' => 'alle Typen' + ]; foreach ($angel_types_source as $angel_type) { $angel_types[$angel_type['id']] = $angel_type['name']; } - + $users = sql_select(" SELECT `User`.* FROM `User` @@ -42,7 +42,7 @@ function admin_free() WHERE `User`.`Gekommen` = 1 AND `Shifts`.`SID` IS NULL GROUP BY `User`.`UID` ORDER BY `Nick`"); - + $free_users_table = []; if ($search == "") { $tokens = []; @@ -59,44 +59,47 @@ function admin_free() break; } } - if (! $match) { + if (!$match) { continue; } } - + $free_users_table[] = [ - 'name' => User_Nick_render($usr), - 'shift_state' => User_shift_state_render($usr), - 'dect' => $usr['DECT'], - 'jabber' => $usr['jabber'], - 'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'), - 'actions' => in_array('admin_user', $privileges) ? button(page_link_to('admin_user') . '&id=' . $usr['UID'], _("edit"), 'btn-xs') : '' - ]; + 'name' => User_Nick_render($usr), + 'shift_state' => User_shift_state_render($usr), + 'dect' => $usr['DECT'], + 'jabber' => $usr['jabber'], + 'email' => $usr['email_by_human_allowed'] ? $usr['email'] : glyph('eye-close'), + 'actions' => + in_array('admin_user', $privileges) + ? button(page_link_to('admin_user') . '&id=' . $usr['UID'], _("edit"), 'btn-xs') + : '' + ]; } return page_with_title(admin_free_title(), [ - form([ - div('row', [ - div('col-md-4', [ - form_text('search', _("Search"), $search) - ]), - div('col-md-4', [ - form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype']) - ]), - div('col-md-2', [ - form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only'])) - ]), - div('col-md-2', [ - form_submit('submit', _("Search")) - ]) - ]) - ]), - table([ - 'name' => _("Nick"), - 'shift_state' => '', - 'dect' => _("DECT"), - 'jabber' => _("Jabber"), - 'email' => _("E-Mail"), - 'actions' => '' - ], $free_users_table) - ]); + form([ + div('row', [ + div('col-md-4', [ + form_text('search', _("Search"), $search) + ]), + div('col-md-4', [ + form_select('angeltype', _("Angeltype"), $angel_types, $_REQUEST['angeltype']) + ]), + div('col-md-2', [ + form_checkbox('confirmed_only', _("Only confirmed"), isset($_REQUEST['confirmed_only'])) + ]), + div('col-md-2', [ + form_submit('submit', _("Search")) + ]) + ]) + ]), + table([ + 'name' => _("Nick"), + 'shift_state' => '', + 'dect' => _("DECT"), + 'jabber' => _("Jabber"), + 'email' => _("E-Mail"), + 'actions' => '' + ], $free_users_table) + ]); } diff --git a/includes/pages/admin_groups.php b/includes/pages/admin_groups.php index 04e4320d..d170c374 100644 --- a/includes/pages/admin_groups.php +++ b/includes/pages/admin_groups.php @@ -9,90 +9,122 @@ function admin_groups() { $html = ""; $groups = sql_select("SELECT * FROM `Groups` ORDER BY `Name`"); - if (! isset($_REQUEST["action"])) { + if (!isset($_REQUEST["action"])) { $groups_table = []; foreach ($groups as $group) { - $privileges = sql_select("SELECT * FROM `GroupPrivileges` JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) WHERE `group_id`='" . sql_escape($group['UID']) . "'"); + $privileges = sql_select(" + SELECT * + FROM `GroupPrivileges` + JOIN `Privileges` ON (`GroupPrivileges`.`privilege_id` = `Privileges`.`id`) + WHERE `group_id`='" . sql_escape($group['UID']) . "' + "); $privileges_html = []; - + foreach ($privileges as $priv) { $privileges_html[] = $priv['name']; } - + $groups_table[] = [ - 'name' => $group['Name'], - 'privileges' => join(', ', $privileges_html), - 'actions' => button(page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], _("edit"), 'btn-xs') - ]; + 'name' => $group['Name'], + 'privileges' => join(', ', $privileges_html), + 'actions' => button( + page_link_to('admin_groups') . '&action=edit&id=' . $group['UID'], + _("edit"), + 'btn-xs' + ) + ]; } - + return page_with_title(admin_groups_title(), [ - table([ - 'name' => _("Name"), - 'privileges' => _("Privileges"), - 'actions' => '' - ], $groups_table) - ]); + table([ + 'name' => _("Name"), + 'privileges' => _("Privileges"), + 'actions' => '' + ], $groups_table) + ]); } else { switch ($_REQUEST["action"]) { - case 'edit': - if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) { - $group_id = $_REQUEST['id']; - } else { - return error("Incomplete call, missing Groups ID.", true); - } - - $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1"); - if (count($group) > 0) { - list($group) = $group; - $privileges = sql_select("SELECT `Privileges`.*, `GroupPrivileges`.`group_id` FROM `Privileges` LEFT OUTER JOIN `GroupPrivileges` ON (`Privileges`.`id` = `GroupPrivileges`.`privilege_id` AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "') ORDER BY `Privileges`.`name`"); - $privileges_html = ""; - $privileges_form = []; - foreach ($privileges as $priv) { - $privileges_form[] = form_checkbox('privileges[]', $priv['desc'] . ' (' . $priv['name'] . ')', $priv['group_id'] != "", $priv['id']); - $privileges_html .= sprintf('<tr><td><input type="checkbox" ' . 'name="privileges[]" value="%s" %s />' . '</td> <td>%s</td> <td>%s</td></tr>', $priv['id'], ($priv['group_id'] != "" ? 'checked="checked"' : ''), $priv['name'], $priv['desc']); - } - - $privileges_form[] = form_submit('submit', _("Save")); - $html .= page_with_title(_("Edit group"), [ - form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id) - ]); - } else { - return error("No Group found.", true); - } - break; - - case 'save': - if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) { - $group_id = $_REQUEST['id']; - } else { - return error("Incomplete call, missing Groups ID.", true); - } - - $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1"); - if (! is_array($_REQUEST['privileges'])) { - $_REQUEST['privileges'] = []; - } - if (count($group) > 0) { - list($group) = $group; - sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($group_id) . "'"); - $privilege_names = []; - foreach ($_REQUEST['privileges'] as $priv) { - if (preg_match("/^[0-9]{1,}$/", $priv)) { - $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1"); - if (count($group_privileges_source) > 0) { - sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($group_id) . "', `privilege_id`='" . sql_escape($priv) . "'"); - $privilege_names[] = $group_privileges_source[0]['name']; + case 'edit': + if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) { + $group_id = $_REQUEST['id']; + } else { + return error("Incomplete call, missing Groups ID.", true); + } + + $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1"); + if (count($group) > 0) { + list($group) = $group; + $privileges = sql_select(" + SELECT `Privileges`.*, `GroupPrivileges`.`group_id` + FROM `Privileges` + LEFT OUTER JOIN `GroupPrivileges` + ON ( + `Privileges`.`id` = `GroupPrivileges`.`privilege_id` + AND `GroupPrivileges`.`group_id`='" . sql_escape($group_id) . "' + ) + ORDER BY `Privileges`.`name` + "); + $privileges_html = ""; + $privileges_form = []; + foreach ($privileges as $priv) { + $privileges_form[] = form_checkbox( + 'privileges[]', + $priv['desc'] . ' (' . $priv['name'] . ')', + $priv['group_id'] != "", + $priv['id'] + ); + $privileges_html .= sprintf( + '<tr><td><input type="checkbox" name="privileges[]" value="%s" %s /></td> <td>%s</td> <td>%s</td></tr>', + $priv['id'], + ($priv['group_id'] != "" ? 'checked="checked"' : ''), + $priv['name'], + $priv['desc'] + ); } + + $privileges_form[] = form_submit('submit', _("Save")); + $html .= page_with_title(_("Edit group"), [ + form($privileges_form, page_link_to('admin_groups') . '&action=save&id=' . $group_id) + ]); + } else { + return error("No Group found.", true); } - } - engelsystem_log("Group privileges of group " . $group['Name'] . " edited: " . join(", ", $privilege_names)); - redirect(page_link_to("admin_groups")); - } else { - return error("No Group found.", true); + break; + + case 'save': + if (isset($_REQUEST['id']) && preg_match("/^-[0-9]{1,11}$/", $_REQUEST['id'])) { + $group_id = $_REQUEST['id']; + } else { + return error("Incomplete call, missing Groups ID.", true); + } + + $group = sql_select("SELECT * FROM `Groups` WHERE `UID`='" . sql_escape($group_id) . "' LIMIT 1"); + if (!is_array($_REQUEST['privileges'])) { + $_REQUEST['privileges'] = []; + } + if (count($group) > 0) { + list($group) = $group; + sql_query("DELETE FROM `GroupPrivileges` WHERE `group_id`='" . sql_escape($group_id) . "'"); + $privilege_names = []; + foreach ($_REQUEST['privileges'] as $priv) { + if (preg_match("/^[0-9]{1,}$/", $priv)) { + $group_privileges_source = sql_select("SELECT * FROM `Privileges` WHERE `id`='" . sql_escape($priv) . "' LIMIT 1"); + if (count($group_privileges_source) > 0) { + sql_query("INSERT INTO `GroupPrivileges` SET `group_id`='" . sql_escape($group_id) . "', `privilege_id`='" . sql_escape($priv) . "'"); + $privilege_names[] = $group_privileges_source[0]['name']; + } + } + } + engelsystem_log( + "Group privileges of group " . $group['Name'] + . " edited: " . join(", ", $privilege_names) + ); + redirect(page_link_to("admin_groups")); + } else { + return error("No Group found.", true); + } + break; } - break; - } } return $html; } diff --git a/includes/pages/admin_import.php b/includes/pages/admin_import.php index e1674670..46c13ac7 100644 --- a/includes/pages/admin_import.php +++ b/includes/pages/admin_import.php @@ -11,28 +11,31 @@ function admin_import() global $user; $html = ""; $import_dir = __DIR__ . '/../../import'; - + $step = "input"; - if (isset($_REQUEST['step']) && in_array($step, [ - 'input', - 'check', - 'import' - ])) { + if ( + isset($_REQUEST['step']) + && in_array($step, [ + 'input', + 'check', + 'import' + ]) + ) { $step = $_REQUEST['step']; } - + if ($test_handle = @fopen($import_dir . '/tmp', 'w')) { fclose($test_handle); @unlink($import_dir . '/tmp'); } else { error(_('Webserver has no write-permission on import directory.')); } - + $import_file = $import_dir . '/import_' . $user['UID'] . '.xml'; $shifttype_id = null; $add_minutes_start = 15; $add_minutes_end = 15; - + $shifttypes_source = ShiftTypes(); if ($shifttypes_source === false) { engelsystem_error('Unable to load shifttypes.'); @@ -41,301 +44,323 @@ function admin_import() foreach ($shifttypes_source as $shifttype) { $shifttypes[$shifttype['id']] = $shifttype['name']; } - + switch ($step) { - case 'input': - $valid = false; - - if (isset($_REQUEST['submit'])) { - $valid = true; - - if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { - $shifttype_id = $_REQUEST['shifttype_id']; - } else { - $valid = false; - error(_('Please select a shift type.')); - } - - if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { - $add_minutes_start = trim($_REQUEST['add_minutes_start']); - } else { - $valid = false; - error(_("Please enter an amount of minutes to add to a talk's begin.")); - } - - if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { - $add_minutes_end = trim($_REQUEST['add_minutes_end']); - } else { - $valid = false; - error(_("Please enter an amount of minutes to add to a talk's end.")); - } - - if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) { - if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) { - libxml_use_internal_errors(true); - if (simplexml_load_file($import_file) === false) { - $valid = false; - error(_('No valid xml/xcal file provided.')); - unlink($import_file); - } - } else { - $valid = false; - error(_('File upload went wrong.')); - } - } else { - $valid = false; - error(_('Please provide some data.')); - } - } - - if ($valid) { - redirect(page_link_to('admin_import') . "&step=check&shifttype_id=" . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start); - } else { - $html .= div('well well-sm text-center', [ - _('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import')) - ]) . div('row', [ - div('col-md-offset-3 col-md-6', [ - form([ - form_info('', _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.")), - form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), - form_spinner('add_minutes_start', _("Add minutes to start"), $add_minutes_start), - form_spinner('add_minutes_end', _("Add minutes to end"), $add_minutes_end), - form_file('xcal_file', _("xcal-File (.xcal)")), - form_submit('submit', _("Import")) - ]) - ]) - ]); - } - break; - - case 'check': - if (! file_exists($import_file)) { - error(_('Missing import file.')); - redirect(page_link_to('admin_import')); - } - - if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { - $shifttype_id = $_REQUEST['shifttype_id']; - } else { - error(_('Please select a shift type.')); - redirect(page_link_to('admin_import')); - } - - if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { - $add_minutes_start = trim($_REQUEST['add_minutes_start']); - } else { - error(_("Please enter an amount of minutes to add to a talk's begin.")); - redirect(page_link_to('admin_import')); - } - - if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { - $add_minutes_end = trim($_REQUEST['add_minutes_end']); - } else { - error(_("Please enter an amount of minutes to add to a talk's end.")); - redirect(page_link_to('admin_import')); - } - - list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); - list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end); - - $html .= div('well well-sm text-center', [ - '<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import')) - ]) . form([ - div('row', [ - div('col-sm-6', [ - '<h3>' . _("Rooms to create") . '</h3>', - table(_("Name"), $rooms_new) - ]), - div('col-sm-6', [ - '<h3>' . _("Rooms to delete") . '</h3>', - table(_("Name"), $rooms_deleted) - ]) - ]), - '<h3>' . _("Shifts to create") . '</h3>', - table([ - 'day' => _("Day"), - 'start' => _("Start"), - 'end' => _("End"), - 'shifttype' => _('Shift type'), - 'title' => _("Title"), - 'room' => _("Room") - ], shifts_printable($events_new, $shifttypes)), - '<h3>' . _("Shifts to update") . '</h3>', - table([ - 'day' => _("Day"), - 'start' => _("Start"), - 'end' => _("End"), - 'shifttype' => _('Shift type'), - 'title' => _("Title"), - 'room' => _("Room") - ], shifts_printable($events_updated, $shifttypes)), - '<h3>' . _("Shifts to delete") . '</h3>', - table([ - 'day' => _("Day"), - 'start' => _("Start"), - 'end' => _("End"), - 'shifttype' => _('Shift type'), - 'title' => _("Title"), - 'room' => _("Room") - ], shifts_printable($events_deleted, $shifttypes)), - form_submit('submit', _("Import")) - ], page_link_to('admin_import') . '&step=import&shifttype_id=' . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start); - break; - - case 'import': - if (! file_exists($import_file)) { - error(_('Missing import file.')); - redirect(page_link_to('admin_import')); - } - - if (! file_exists($import_file)) { - redirect(page_link_to('admin_import')); - } - - if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { - $shifttype_id = $_REQUEST['shifttype_id']; - } else { - error(_('Please select a shift type.')); - redirect(page_link_to('admin_import')); - } - - if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { - $add_minutes_start = trim($_REQUEST['add_minutes_start']); - } else { - error(_("Please enter an amount of minutes to add to a talk's begin.")); - redirect(page_link_to('admin_import')); - } - - if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { - $add_minutes_end = trim($_REQUEST['add_minutes_end']); - } else { - error(_("Please enter an amount of minutes to add to a talk's end.")); - redirect(page_link_to('admin_import')); - } - - list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); - foreach ($rooms_new as $room) { - $result = Room_create($room, true, true); - if ($result === false) { - engelsystem_error('Unable to create room.'); - } - $rooms_import[trim($room)] = sql_id(); - } - foreach ($rooms_deleted as $room) { - sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1"); - } - - list($events_new, $events_updated, $events_deleted) = prepare_events($import_file, $shifttype_id, $add_minutes_start, $add_minutes_end); - foreach ($events_new as $event) { - $result = Shift_create($event); - if ($result === false) { - engelsystem_error('Unable to create shift.'); - } - } - - foreach ($events_updated as $event) { - $result = Shift_update_by_psid($event); - if ($result === false) { - engelsystem_error('Unable to update shift.'); - } - } - - foreach ($events_deleted as $event) { - $result = Shift_delete_by_psid($event['PSID']); - if ($result === false) { - engelsystem_error('Unable to delete shift.'); - } - } - - engelsystem_log("Frab import done"); - - unlink($import_file); - - $html .= div('well well-sm text-center', [ - '<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Validation') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Import') . glyph('ok-circle') . '</span>' - ]) . success(_("It's done!"), true); - break; - default: - redirect(page_link_to('admin_import')); - } - + case 'input': + $valid = false; + + if (isset($_REQUEST['submit'])) { + $valid = true; + + if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { + $shifttype_id = $_REQUEST['shifttype_id']; + } else { + $valid = false; + error(_('Please select a shift type.')); + } + + if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { + $add_minutes_start = trim($_REQUEST['add_minutes_start']); + } else { + $valid = false; + error(_("Please enter an amount of minutes to add to a talk's begin.")); + } + + if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { + $add_minutes_end = trim($_REQUEST['add_minutes_end']); + } else { + $valid = false; + error(_("Please enter an amount of minutes to add to a talk's end.")); + } + + if (isset($_FILES['xcal_file']) && ($_FILES['xcal_file']['error'] == 0)) { + if (move_uploaded_file($_FILES['xcal_file']['tmp_name'], $import_file)) { + libxml_use_internal_errors(true); + if (simplexml_load_file($import_file) === false) { + $valid = false; + error(_('No valid xml/xcal file provided.')); + unlink($import_file); + } + } else { + $valid = false; + error(_('File upload went wrong.')); + } + } else { + $valid = false; + error(_('Please provide some data.')); + } + } + + if ($valid) { + redirect(page_link_to('admin_import') . "&step=check&shifttype_id=" . $shifttype_id . "&add_minutes_end=" . $add_minutes_end . "&add_minutes_start=" . $add_minutes_start); + } else { + $html .= div('well well-sm text-center', [ + _('File Upload') . mute(glyph('arrow-right')) . mute(_('Validation')) . mute(glyph('arrow-right')) . mute(_('Import')) + ]) . div('row', [ + div('col-md-offset-3 col-md-6', [ + form([ + form_info( + '', + _("This import will create/update/delete rooms and shifts by given FRAB-export file. The needed file format is xcal.") + ), + form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), + form_spinner('add_minutes_start', _("Add minutes to start"), $add_minutes_start), + form_spinner('add_minutes_end', _("Add minutes to end"), $add_minutes_end), + form_file('xcal_file', _("xcal-File (.xcal)")), + form_submit('submit', _("Import")) + ]) + ]) + ]); + } + break; + + case 'check': + if (!file_exists($import_file)) { + error(_('Missing import file.')); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { + $shifttype_id = $_REQUEST['shifttype_id']; + } else { + error(_('Please select a shift type.')); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { + $add_minutes_start = trim($_REQUEST['add_minutes_start']); + } else { + error(_("Please enter an amount of minutes to add to a talk's begin.")); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { + $add_minutes_end = trim($_REQUEST['add_minutes_end']); + } else { + error(_("Please enter an amount of minutes to add to a talk's end.")); + redirect(page_link_to('admin_import')); + } + + list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); + list($events_new, $events_updated, $events_deleted) = prepare_events( + $import_file, + $shifttype_id, + $add_minutes_start, + $add_minutes_end + ); + + $html .= div( + 'well well-sm text-center', + [ + '<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . _('Validation') . mute(glyph('arrow-right')) . mute(_('Import')) + ]) + . form( + [ + div('row', [ + div('col-sm-6', [ + '<h3>' . _("Rooms to create") . '</h3>', + table(_("Name"), $rooms_new) + ]), + div('col-sm-6', [ + '<h3>' . _("Rooms to delete") . '</h3>', + table(_("Name"), $rooms_deleted) + ]) + ]), + '<h3>' . _("Shifts to create") . '</h3>', + table([ + 'day' => _("Day"), + 'start' => _("Start"), + 'end' => _("End"), + 'shifttype' => _('Shift type'), + 'title' => _("Title"), + 'room' => _("Room") + ], shifts_printable($events_new, $shifttypes)), + '<h3>' . _("Shifts to update") . '</h3>', + table([ + 'day' => _("Day"), + 'start' => _("Start"), + 'end' => _("End"), + 'shifttype' => _('Shift type'), + 'title' => _("Title"), + 'room' => _("Room") + ], shifts_printable($events_updated, $shifttypes)), + '<h3>' . _("Shifts to delete") . '</h3>', + table([ + 'day' => _("Day"), + 'start' => _("Start"), + 'end' => _("End"), + 'shifttype' => _('Shift type'), + 'title' => _("Title"), + 'room' => _("Room") + ], shifts_printable($events_deleted, $shifttypes)), + form_submit('submit', _("Import")) + ], + page_link_to('admin_import') + . '&step=import&shifttype_id=' . $shifttype_id + . "&add_minutes_end=" . $add_minutes_end + . "&add_minutes_start=" . $add_minutes_start + ); + break; + + case 'import': + if (!file_exists($import_file)) { + error(_('Missing import file.')); + redirect(page_link_to('admin_import')); + } + + if (!file_exists($import_file)) { + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['shifttype_id']) && isset($shifttypes[$_REQUEST['shifttype_id']])) { + $shifttype_id = $_REQUEST['shifttype_id']; + } else { + error(_('Please select a shift type.')); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['add_minutes_start']) && is_numeric(trim($_REQUEST['add_minutes_start']))) { + $add_minutes_start = trim($_REQUEST['add_minutes_start']); + } else { + error(_("Please enter an amount of minutes to add to a talk's begin.")); + redirect(page_link_to('admin_import')); + } + + if (isset($_REQUEST['add_minutes_end']) && is_numeric(trim($_REQUEST['add_minutes_end']))) { + $add_minutes_end = trim($_REQUEST['add_minutes_end']); + } else { + error(_("Please enter an amount of minutes to add to a talk's end.")); + redirect(page_link_to('admin_import')); + } + + list($rooms_new, $rooms_deleted) = prepare_rooms($import_file); + foreach ($rooms_new as $room) { + $result = Room_create($room, true, true); + if ($result === false) { + engelsystem_error('Unable to create room.'); + } + $rooms_import[trim($room)] = sql_id(); + } + foreach ($rooms_deleted as $room) { + sql_query("DELETE FROM `Room` WHERE `Name`='" . sql_escape($room) . "' LIMIT 1"); + } + + list($events_new, $events_updated, $events_deleted) = prepare_events( + $import_file, + $shifttype_id, + $add_minutes_start, + $add_minutes_end + ); + foreach ($events_new as $event) { + $result = Shift_create($event); + if ($result === false) { + engelsystem_error('Unable to create shift.'); + } + } + + foreach ($events_updated as $event) { + $result = Shift_update_by_psid($event); + if ($result === false) { + engelsystem_error('Unable to update shift.'); + } + } + + foreach ($events_deleted as $event) { + $result = Shift_delete_by_psid($event['PSID']); + if ($result === false) { + engelsystem_error('Unable to delete shift.'); + } + } + + engelsystem_log("Frab import done"); + + unlink($import_file); + + $html .= div('well well-sm text-center', [ + '<span class="text-success">' . _('File Upload') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Validation') . glyph('ok-circle') . '</span>' . mute(glyph('arrow-right')) . '<span class="text-success">' . _('Import') . glyph('ok-circle') . '</span>' + ]) . success(_("It's done!"), true); + break; + default: + redirect(page_link_to('admin_import')); + } + return page_with_title(admin_import_title(), [ - msg(), - $html - ]); + msg(), + $html + ]); } function prepare_rooms($file) { global $rooms_import; $data = read_xml($file); - - // Load rooms from db for compare with input - $rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'"); + + // Load rooms from db for compare with input + $rooms = sql_select("SELECT * FROM `Room` WHERE `FromPentabarf`='Y'"); $rooms_db = []; $rooms_import = []; foreach ($rooms as $room) { - $rooms_db[] = (string) $room['Name']; + $rooms_db[] = (string)$room['Name']; $rooms_import[$room['Name']] = $room['RID']; } - + $events = $data->vcalendar->vevent; $rooms_pb = []; foreach ($events as $event) { - $rooms_pb[] = (string) $event->location; - if (! isset($rooms_import[trim($event->location)])) { + $rooms_pb[] = (string)$event->location; + if (!isset($rooms_import[trim($event->location)])) { $rooms_import[trim($event->location)] = trim($event->location); } } $rooms_pb = array_unique($rooms_pb); - + $rooms_new = array_diff($rooms_pb, $rooms_db); $rooms_deleted = array_diff($rooms_db, $rooms_pb); - + return [ - $rooms_new, - $rooms_deleted - ]; + $rooms_new, + $rooms_deleted + ]; } function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_end) { global $rooms_import; $data = read_xml($file); - + $rooms = sql_select("SELECT * FROM `Room`"); $rooms_db = []; foreach ($rooms as $room) { $rooms_db[$room['Name']] = $room['RID']; } - + $events = $data->vcalendar->vevent; $shifts_pb = []; foreach ($events as $event) { $event_pb = $event->children("http://pentabarf.org"); $event_id = trim($event_pb->{ - 'event-id' }); + 'event-id'}); $shifts_pb[$event_id] = [ - 'shifttype_id' => $shifttype_id, - 'start' => parse_date("Ymd\THis", $event->dtstart) - $add_minutes_start * 60, - 'end' => parse_date("Ymd\THis", $event->dtend) + $add_minutes_end * 60, - 'RID' => $rooms_import[trim($event->location)], - 'title' => trim($event->summary), - 'URL' => trim($event->url), - 'PSID' => $event_id - ]; + 'shifttype_id' => $shifttype_id, + 'start' => parse_date("Ymd\THis", $event->dtstart) - $add_minutes_start * 60, + 'end' => parse_date("Ymd\THis", $event->dtend) + $add_minutes_end * 60, + 'RID' => $rooms_import[trim($event->location)], + 'title' => trim($event->summary), + 'URL' => trim($event->url), + 'PSID' => $event_id + ]; } - + $shifts = sql_select("SELECT * FROM `Shifts` WHERE `PSID` IS NOT NULL ORDER BY `start`"); $shifts_db = []; foreach ($shifts as $shift) { $shifts_db[$shift['PSID']] = $shift; } - + $shifts_new = []; $shifts_updated = []; foreach ($shifts_pb as $shift) { - if (! isset($shifts_db[$shift['PSID']])) { + if (!isset($shifts_db[$shift['PSID']])) { $shifts_new[] = $shift; } else { $tmp = $shifts_db[$shift['PSID']]; @@ -344,25 +369,25 @@ function prepare_events($file, $shifttype_id, $add_minutes_start, $add_minutes_e } } } - + $shifts_deleted = []; foreach ($shifts_db as $shift) { - if (! isset($shifts_pb[$shift['PSID']])) { + if (!isset($shifts_pb[$shift['PSID']])) { $shifts_deleted[] = $shift; } } - + return [ - $shifts_new, - $shifts_updated, - $shifts_deleted - ]; + $shifts_new, + $shifts_updated, + $shifts_deleted + ]; } function read_xml($file) { global $xml_import; - if (! isset($xml_import)) { + if (!isset($xml_import)) { $xml_import = simplexml_load_file($file); } return $xml_import; @@ -372,27 +397,27 @@ function shifts_printable($shifts, $shifttypes) { global $rooms_import; $rooms = array_flip($rooms_import); - + uasort($shifts, 'shift_sort'); - + $shifts_printable = []; foreach ($shifts as $shift) { $shifts_printable[] = [ - 'day' => date("l, Y-m-d", $shift['start']), - 'start' => date("H:i", $shift['start']), - 'shifttype' => ShiftType_name_render([ - 'id' => $shift['shifttype_id'], - 'name' => $shifttypes[$shift['shifttype_id']] - ]), - 'title' => shorten($shift['title']), - 'end' => date("H:i", $shift['end']), - 'room' => $rooms[$shift['RID']] - ]; + 'day' => date("l, Y-m-d", $shift['start']), + 'start' => date("H:i", $shift['start']), + 'shifttype' => ShiftType_name_render([ + 'id' => $shift['shifttype_id'], + 'name' => $shifttypes[$shift['shifttype_id']] + ]), + 'title' => shorten($shift['title']), + 'end' => date("H:i", $shift['end']), + 'room' => $rooms[$shift['RID']] + ]; } return $shifts_printable; } function shift_sort($shift_a, $shift_b) { - return ($shift_a['start'] < $shift_b['start']) ? - 1 : 1; + return ($shift_a['start'] < $shift_b['start']) ? -1 : 1; } diff --git a/includes/pages/admin_log.php b/includes/pages/admin_log.php index d4548c07..fc07cc87 100644 --- a/includes/pages/admin_log.php +++ b/includes/pages/admin_log.php @@ -12,23 +12,23 @@ function admin_log() $filter = strip_request_item('keyword'); } $log_entries_source = LogEntries_filter($filter); - + $log_entries = []; foreach ($log_entries_source as $log_entry) { $log_entry['date'] = date("d.m.Y H:i", $log_entry['timestamp']); $log_entries[] = $log_entry; } - + return page_with_title(admin_log_title(), [ - msg(), - form([ - form_text('keyword', _("Search"), $filter), - form_submit(_("Search"), "Go") - ]), - table([ - 'date' => "Time", - 'nick' => "Angel", - 'message' => "Log Entry" - ], $log_entries) - ]); + msg(), + form([ + form_text('keyword', _("Search"), $filter), + form_submit(_("Search"), "Go") + ]), + table([ + 'date' => "Time", + 'nick' => "Angel", + 'message' => "Log Entry" + ], $log_entries) + ]); } diff --git a/includes/pages/admin_news.php b/includes/pages/admin_news.php index 46d72ddd..1a35f04a 100644 --- a/includes/pages/admin_news.php +++ b/includes/pages/admin_news.php @@ -3,65 +3,67 @@ function admin_news() { global $user; - - if (! isset($_GET["action"])) { + + if (!isset($_GET["action"])) { redirect(page_link_to("news")); } - + $html = '<div class="col-md-12"><h1>' . _("Edit news entry") . '</h1>' . msg(); if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { $news_id = $_REQUEST['id']; } else { return error("Incomplete call, missing News ID.", true); } - + $news = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); if (empty($news)) { return error("No News found.", true); } switch ($_REQUEST["action"]) { - default: - redirect(page_link_to('news')); - case 'edit': - list($news) = $news; - - $user_source = User($news['UID']); - - $html .= form([ - form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])), - form_info(_("Author"), User_Nick_render($user_source)), - form_text('eBetreff', _("Subject"), $news['Betreff']), - form_textarea('eText', _("Message"), $news['Text']), - form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1), - form_submit('submit', _("Save")) - ], page_link_to('admin_news&action=save&id=' . $news_id)); - - $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '"><span class="glyphicon glyphicon-trash"></span> ' . _("Delete") . '</a>'; - break; - - case 'save': - list($news) = $news; - - sql_query("UPDATE `News` SET + default: + redirect(page_link_to('news')); + case 'edit': + list($news) = $news; + + $user_source = User($news['UID']); + + $html .= form([ + form_info(_("Date"), date("Y-m-d H:i", $news['Datum'])), + form_info(_("Author"), User_Nick_render($user_source)), + form_text('eBetreff', _("Subject"), $news['Betreff']), + form_textarea('eText', _("Message"), $news['Text']), + form_checkbox('eTreffen', _("Meeting"), $news['Treffen'] == 1, 1), + form_submit('submit', _("Save")) + ], page_link_to('admin_news&action=save&id=' . $news_id)); + + $html .= '<a class="btn btn-danger" href="' . page_link_to('admin_news&action=delete&id=' . $news_id) . '">' + . '<span class="glyphicon glyphicon-trash"></span> ' . _("Delete") + . '</a>'; + break; + + case 'save': + list($news) = $news; + + sql_query("UPDATE `News` SET `Datum`='" . sql_escape(time()) . "', `Betreff`='" . sql_escape($_POST["eBetreff"]) . "', `Text`='" . sql_escape($_POST["eText"]) . "', `UID`='" . sql_escape($user['UID']) . "', `Treffen`='" . sql_escape($_POST["eTreffen"]) . "' WHERE `ID`='" . sql_escape($news_id) . "'"); - engelsystem_log("News updated: " . $_POST["eBetreff"]); - success(_("News entry updated.")); - redirect(page_link_to("news")); - break; - - case 'delete': - list($news) = $news; - - sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); - engelsystem_log("News deleted: " . $news['Betreff']); - success(_("News entry deleted.")); - redirect(page_link_to("news")); - break; - } + engelsystem_log("News updated: " . $_POST["eBetreff"]); + success(_("News entry updated.")); + redirect(page_link_to("news")); + break; + + case 'delete': + list($news) = $news; + + sql_query("DELETE FROM `News` WHERE `ID`='" . sql_escape($news_id) . "' LIMIT 1"); + engelsystem_log("News deleted: " . $news['Betreff']); + success(_("News entry deleted.")); + redirect(page_link_to("news")); + break; + } return $html . '</div>'; } diff --git a/includes/pages/admin_questions.php b/includes/pages/admin_questions.php index e8a2e50d..c65280d5 100644 --- a/includes/pages/admin_questions.php +++ b/includes/pages/admin_questions.php @@ -11,112 +11,129 @@ function admin_questions_title() function admin_new_questions() { global $privileges, $page; - + if ($page != "admin_questions") { if (in_array("admin_questions", $privileges)) { $new_messages = sql_num_query("SELECT * FROM `Questions` WHERE `AID` IS NULL"); - + if ($new_messages > 0) { return '<a href="' . page_link_to("admin_questions") . '">' . _('There are unanswered questions!') . '</a>'; } } } - + return null; } function admin_questions() { global $user; - - if (! isset($_REQUEST['action'])) { + + if (!isset($_REQUEST['action'])) { $unanswered_questions_table = []; $questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL"); foreach ($questions as $question) { $user_source = User($question['UID']); - + $unanswered_questions_table[] = [ - 'from' => User_Nick_render($user_source), - 'question' => str_replace("\n", "<br />", $question['Question']), - 'answer' => form([ - form_textarea('answer', '', ''), - form_submit('submit', _("Save")) - ], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']), - 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs') - ]; + 'from' => User_Nick_render($user_source), + 'question' => str_replace("\n", "<br />", $question['Question']), + 'answer' => form([ + form_textarea('answer', '', ''), + form_submit('submit', _("Save")) + ], page_link_to('admin_questions') . '&action=answer&id=' . $question['QID']), + 'actions' => button( + page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], + _("delete"), + 'btn-xs' + ) + ]; } - + $answered_questions_table = []; $questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL"); foreach ($questions as $question) { $user_source = User($question['UID']); $answer_user_source = User($question['AID']); $answered_questions_table[] = [ - 'from' => User_Nick_render($user_source), - 'question' => str_replace("\n", "<br />", $question['Question']), - 'answered_by' => User_Nick_render($answer_user_source), - 'answer' => str_replace("\n", "<br />", $question['Answer']), - 'actions' => button(page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], _("delete"), 'btn-xs') - ]; + 'from' => User_Nick_render($user_source), + 'question' => str_replace("\n", "<br />", $question['Question']), + 'answered_by' => User_Nick_render($answer_user_source), + 'answer' => str_replace("\n", "<br />", $question['Answer']), + 'actions' => button( + page_link_to("admin_questions") . '&action=delete&id=' . $question['QID'], + _("delete"), + 'btn-xs' + ) + ]; } - + return page_with_title(admin_questions_title(), [ - '<h2>' . _("Unanswered questions") . '</h2>', - table([ - 'from' => _("From"), - 'question' => _("Question"), - 'answer' => _("Answer"), - 'actions' => '' - ], $unanswered_questions_table), - '<h2>' . _("Answered questions") . '</h2>', - table([ - 'from' => _("From"), - 'question' => _("Question"), - 'answered_by' => _("Answered by"), - 'answer' => _("Answer"), - 'actions' => '' - ], $answered_questions_table) - ]); + '<h2>' . _("Unanswered questions") . '</h2>', + table([ + 'from' => _("From"), + 'question' => _("Question"), + 'answer' => _("Answer"), + 'actions' => '' + ], $unanswered_questions_table), + '<h2>' . _("Answered questions") . '</h2>', + table([ + 'from' => _("From"), + 'question' => _("Question"), + 'answered_by' => _("Answered by"), + 'answer' => _("Answer"), + 'actions' => '' + ], $answered_questions_table) + ]); } else { switch ($_REQUEST['action']) { - case 'answer': - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $question_id = $_REQUEST['id']; - } else { - return error("Incomplete call, missing Question ID.", true); - } - - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - if (count($question) > 0 && $question[0]['AID'] == null) { - $answer = trim(preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", '', strip_tags($_REQUEST['answer']))); - - if ($answer != "") { - sql_query("UPDATE `Questions` SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer); - redirect(page_link_to("admin_questions")); - } else { - return error("Enter an answer!", true); - } - } else { - return error("No question found.", true); - } - break; - case 'delete': - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $question_id = $_REQUEST['id']; - } else { - return error("Incomplete call, missing Question ID.", true); - } - - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - if (count($question) > 0) { - sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - engelsystem_log("Question deleted: " . $question[0]['Question']); - redirect(page_link_to("admin_questions")); - } else { - return error("No question found.", true); + case 'answer': + if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { + $question_id = $_REQUEST['id']; + } else { + return error("Incomplete call, missing Question ID.", true); + } + + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); + if (count($question) > 0 && $question[0]['AID'] == null) { + $answer = trim( + preg_replace("/([^\p{L}\p{P}\p{Z}\p{N}\n]{1,})/ui", + '', + strip_tags($_REQUEST['answer']) + )); + + if ($answer != "") { + sql_query(" + UPDATE `Questions` + SET `AID`='" . sql_escape($user['UID']) . "', `Answer`='" . sql_escape($answer) . "' + WHERE `QID`='" . sql_escape($question_id) . "' + LIMIT 1 + "); + engelsystem_log("Question " . $question[0]['Question'] . " answered: " . $answer); + redirect(page_link_to("admin_questions")); + } else { + return error("Enter an answer!", true); + } + } else { + return error("No question found.", true); + } + break; + case 'delete': + if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { + $question_id = $_REQUEST['id']; + } else { + return error("Incomplete call, missing Question ID.", true); + } + + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); + if (count($question) > 0) { + sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); + engelsystem_log("Question deleted: " . $question[0]['Question']); + redirect(page_link_to("admin_questions")); + } else { + return error("No question found.", true); + } + break; } - break; - } } } diff --git a/includes/pages/admin_rooms.php b/includes/pages/admin_rooms.php index 365c2f69..9a596f15 100644 --- a/includes/pages/admin_rooms.php +++ b/includes/pages/admin_rooms.php @@ -11,24 +11,24 @@ function admin_rooms() $rooms = []; foreach ($rooms_source as $room) { $rooms[] = [ - 'name' => Room_name_render($room), - 'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '✓' : '', - 'public' => $room['show'] == 'Y' ? '✓' : '', - 'actions' => table_buttons([ - button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'), - button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs') - ]) - ]; + 'name' => Room_name_render($room), + 'from_pentabarf' => $room['FromPentabarf'] == 'Y' ? '✓' : '', + 'public' => $room['show'] == 'Y' ? '✓' : '', + 'actions' => table_buttons([ + button(page_link_to('admin_rooms') . '&show=edit&id=' . $room['RID'], _("edit"), 'btn-xs'), + button(page_link_to('admin_rooms') . '&show=delete&id=' . $room['RID'], _("delete"), 'btn-xs') + ]) + ]; } $room = null; - + if (isset($_REQUEST['show'])) { $msg = ""; $name = ""; $from_pentabarf = ""; $public = 'Y'; $number = ""; - + $angeltypes_source = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $angeltypes = []; $angeltypes_count = []; @@ -36,7 +36,7 @@ function admin_rooms() $angeltypes[$angeltype['id']] = $angeltype['name']; $angeltypes_count[$angeltype['id']] = 0; } - + if (test_request_int('id')) { $room = Room($_REQUEST['id']); if ($room === false) { @@ -45,23 +45,23 @@ function admin_rooms() if ($room == null) { redirect(page_link_to('admin_rooms')); } - + $room_id = $_REQUEST['id']; $name = $room['Name']; $from_pentabarf = $room['FromPentabarf']; $public = $room['show']; $number = $room['Number']; - + $needed_angeltypes = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($room_id) . "'"); foreach ($needed_angeltypes as $needed_angeltype) { $angeltypes_count[$needed_angeltype['angel_type_id']] = $needed_angeltype['count']; } } - + if ($_REQUEST['show'] == 'edit') { if (isset($_REQUEST['submit'])) { $valid = true; - + if (isset($_REQUEST['name']) && strlen(strip_request_item('name')) > 0) { $name = strip_request_item('name'); if (isset($room) && sql_num_query("SELECT * FROM `Room` WHERE `Name`='" . sql_escape($name) . "' AND NOT `RID`=" . sql_escape($room_id)) > 0) { @@ -72,34 +72,37 @@ function admin_rooms() $valid = false; $msg .= error(_("Please enter a name."), true); } - + if (isset($_REQUEST['from_pentabarf'])) { $from_pentabarf = 'Y'; } else { $from_pentabarf = ''; } - + if (isset($_REQUEST['public'])) { $public = 'Y'; } else { $public = ''; } - + if (isset($_REQUEST['number'])) { $number = strip_request_item('number'); } else { $valid = false; } - + foreach ($angeltypes as $angeltype_id => $angeltype) { - if (isset($_REQUEST['angeltype_count_' . $angeltype_id]) && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id])) { + if ( + isset($_REQUEST['angeltype_count_' . $angeltype_id]) + && preg_match("/^[0-9]{1,4}$/", $_REQUEST['angeltype_count_' . $angeltype_id]) + ) { $angeltypes_count[$angeltype_id] = $_REQUEST['angeltype_count_' . $angeltype_id]; } else { $valid = false; $msg .= error(sprintf(_("Please enter needed angels for type %s.", $angeltype)), true); } } - + if ($valid) { if (isset($room_id)) { sql_query("UPDATE `Room` SET `Name`='" . sql_escape($name) . "', `FromPentabarf`='" . sql_escape($from_pentabarf) . "', `show`='" . sql_escape($public) . "', `Number`='" . sql_escape($number) . "' WHERE `RID`='" . sql_escape($room_id) . "' LIMIT 1"); @@ -111,7 +114,7 @@ function admin_rooms() } engelsystem_log("Room created: " . $name . ", pentabarf import: " . $from_pentabarf . ", public: " . $public . ", number: " . $number); } - + NeededAngelTypes_delete_by_room($room_id); $needed_angeltype_info = []; foreach ($angeltypes_count as $angeltype_id => $angeltype_count) { @@ -121,8 +124,11 @@ function admin_rooms() $needed_angeltype_info[] = $angeltype['name'] . ": " . $angeltype_count; } } - - engelsystem_log("Set needed angeltypes of room " . $name . " to: " . join(", ", $needed_angeltype_info)); + + engelsystem_log( + "Set needed angeltypes of room " . $name + . " to: " . join(", ", $needed_angeltype_info) + ); success(_("Room saved.")); redirect(page_link_to("admin_rooms")); } @@ -130,68 +136,68 @@ function admin_rooms() $angeltypes_count_form = []; foreach ($angeltypes as $angeltype_id => $angeltype) { $angeltypes_count_form[] = div('col-lg-4 col-md-6 col-xs-6', [ - form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]) - ]); + form_spinner('angeltype_count_' . $angeltype_id, $angeltype, $angeltypes_count[$angeltype_id]) + ]); } - + return page_with_title(admin_rooms_title(), [ - buttons([ - button(page_link_to('admin_rooms'), _("back"), 'back') - ]), - $msg, - form([ - div('row', [ - div('col-md-6', [ - form_text('name', _("Name"), $name), - form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf), - form_checkbox('public', _("Public"), $public), - form_text('number', _("Room number"), $number) - ]), - div('col-md-6', [ - div('row', [ - div('col-md-12', [ - form_info(_("Needed angels:")) - ]), - join($angeltypes_count_form) - ]) - ]) - ]), - form_submit('submit', _("Save")) - ]) - ]); + buttons([ + button(page_link_to('admin_rooms'), _("back"), 'back') + ]), + $msg, + form([ + div('row', [ + div('col-md-6', [ + form_text('name', _("Name"), $name), + form_checkbox('from_pentabarf', _("Frab import"), $from_pentabarf), + form_checkbox('public', _("Public"), $public), + form_text('number', _("Room number"), $number) + ]), + div('col-md-6', [ + div('row', [ + div('col-md-12', [ + form_info(_("Needed angels:")) + ]), + join($angeltypes_count_form) + ]) + ]) + ]), + form_submit('submit', _("Save")) + ]) + ]); } elseif ($_REQUEST['show'] == 'delete') { if (isset($_REQUEST['ack'])) { - if (! Room_delete($room_id)) { + if (!Room_delete($room_id)) { engelsystem_error("Unable to delete room."); } - + engelsystem_log("Room deleted: " . $name); success(sprintf(_("Room %s deleted."), $name)); redirect(page_link_to('admin_rooms')); } - + return page_with_title(admin_rooms_title(), [ - buttons([ - button(page_link_to('admin_rooms'), _("back"), 'back') - ]), - sprintf(_("Do you want to delete room %s?"), $name), - buttons([ - button(page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', _("Delete"), 'delete') - ]) - ]); + buttons([ + button(page_link_to('admin_rooms'), _("back"), 'back') + ]), + sprintf(_("Do you want to delete room %s?"), $name), + buttons([ + button(page_link_to('admin_rooms') . '&show=delete&id=' . $room_id . '&ack', _("Delete"), 'delete') + ]) + ]); } } - + return page_with_title(admin_rooms_title(), [ - buttons([ - button(page_link_to('admin_rooms') . '&show=edit', _("add")) - ]), - msg(), - table([ - 'name' => _("Name"), - 'from_pentabarf' => _("Frab import"), - 'public' => _("Public"), - 'actions' => "" - ], $rooms) - ]); + buttons([ + button(page_link_to('admin_rooms') . '&show=edit', _("add")) + ]), + msg(), + table([ + 'name' => _("Name"), + 'from_pentabarf' => _("Frab import"), + 'public' => _("Public"), + 'actions' => "" + ], $rooms) + ]); } diff --git a/includes/pages/admin_shifts.php b/includes/pages/admin_shifts.php index 79c9874a..b2a67786 100644 --- a/includes/pages/admin_shifts.php +++ b/includes/pages/admin_shifts.php @@ -9,7 +9,7 @@ function admin_shifts_title() function admin_shifts() { $valid = true; - + $rid = 0; $start = parse_date("Y-m-d H:i", date("Y-m-d") . " 00:00"); $end = $start; @@ -19,23 +19,23 @@ function admin_shifts() $change_hours = []; $title = ""; $shifttype_id = null; - - // Locations laden (auch unsichtbare - fuer Erzengel ist das ok) - $rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`"); + + // Locations laden (auch unsichtbare - fuer Erzengel ist das ok) + $rooms = sql_select("SELECT * FROM `Room` ORDER BY `Name`"); $room_array = []; foreach ($rooms as $room) { $room_array[$room['RID']] = $room['Name']; } - - // Engeltypen laden - $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); + + // Engeltypen laden + $types = sql_select("SELECT * FROM `AngelTypes` ORDER BY `name`"); $needed_angel_types = []; foreach ($types as $type) { $needed_angel_types[$type['id']] = 0; } - - // Load shift types - $shifttypes_source = ShiftTypes(); + + // Load shift types + $shifttypes_source = ShiftTypes(); if ($shifttypes_source === false) { engelsystem_error('Unable to load shift types.'); } @@ -43,7 +43,7 @@ function admin_shifts() foreach ($shifttypes_source as $shifttype) { $shifttypes[$shifttype['id']] = $shifttype['name']; } - + if (isset($_REQUEST['preview']) || isset($_REQUEST['back'])) { if (isset($_REQUEST['shifttype_id'])) { $shifttype = ShiftType($_REQUEST['shifttype_id']); @@ -60,38 +60,42 @@ function admin_shifts() $valid = false; error(_('Please select a shift type.')); } - - // Name/Bezeichnung der Schicht, darf leer sein - $title = strip_request_item('title'); - - // Auswahl der sichtbaren Locations für die Schichten - if (isset($_REQUEST['rid']) && preg_match("/^[0-9]+$/", $_REQUEST['rid']) && isset($room_array[$_REQUEST['rid']])) { - $rid = $_REQUEST['rid']; - } else { - $valid = false; - $rid = $rooms[0]['RID']; - error(_('Please select a location.')); - } - + + // Name/Bezeichnung der Schicht, darf leer sein + $title = strip_request_item('title'); + + // Auswahl der sichtbaren Locations für die Schichten + if ( + isset($_REQUEST['rid']) + && preg_match("/^[0-9]+$/", $_REQUEST['rid']) + && isset($room_array[$_REQUEST['rid']]) + ) { + $rid = $_REQUEST['rid']; + } else { + $valid = false; + $rid = $rooms[0]['RID']; + error(_('Please select a location.')); + } + if (isset($_REQUEST['start']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['start'])) { $start = $tmp; } else { $valid = false; error(_('Please select a start time.')); } - + if (isset($_REQUEST['end']) && $tmp = parse_date("Y-m-d H:i", $_REQUEST['end'])) { $end = $tmp; } else { $valid = false; error(_('Please select an end time.')); } - + if ($start >= $end) { $valid = false; error(_('The shifts end has to be after its start.')); } - + if (isset($_REQUEST['mode'])) { if ($_REQUEST['mode'] == 'single') { $mode = 'single'; @@ -104,7 +108,10 @@ function admin_shifts() error(_('Please enter a shift duration in minutes.')); } } elseif ($_REQUEST['mode'] == 'variable') { - if (isset($_REQUEST['change_hours']) && preg_match("/^([0-9]{2}(,|$))/", trim(str_replace(" ", "", $_REQUEST['change_hours'])))) { + if ( + isset($_REQUEST['change_hours']) + && preg_match("/^([0-9]{2}(,|$))/", trim(str_replace(" ", "", $_REQUEST['change_hours']))) + ) { $mode = 'variable'; $change_hours = array_map('trim', explode(",", $_REQUEST['change_hours'])); } else { @@ -116,14 +123,17 @@ function admin_shifts() $valid = false; error(_('Please select a mode.')); } - + if (isset($_REQUEST['angelmode'])) { if ($_REQUEST['angelmode'] == 'location') { $angelmode = 'location'; } elseif ($_REQUEST['angelmode'] == 'manually') { $angelmode = 'manually'; foreach ($types as $type) { - if (isset($_REQUEST['type_' . $type['id']]) && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['id']]))) { + if ( + isset($_REQUEST['type_' . $type['id']]) + && preg_match("/^[0-9]+$/", trim($_REQUEST['type_' . $type['id']])) + ) { $needed_angel_types[$type['id']] = trim($_REQUEST['type_' . $type['id']]); } else { $valid = false; @@ -142,144 +152,152 @@ function admin_shifts() $valid = false; error(_('Please select needed angels.')); } - - // Beim Zurück-Knopf das Formular zeigen - if (isset($_REQUEST['back'])) { - $valid = false; - } - - // Alle Eingaben in Ordnung - if ($valid) { - if ($angelmode == 'location') { - $needed_angel_types = []; - $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'"); - foreach ($needed_angel_types_location as $type) { - $needed_angel_types[$type['angel_type_id']] = $type['count']; - } + + // Beim Zurück-Knopf das Formular zeigen + if (isset($_REQUEST['back'])) { + $valid = false; } - $shifts = []; - if ($mode == 'single') { - $shifts[] = [ - 'start' => $start, - 'end' => $end, - 'RID' => $rid, - 'title' => $title, - 'shifttype_id' => $shifttype_id - ]; - } elseif ($mode == 'multi') { - $shift_start = $start; - do { - $shift_end = $shift_start + $length * 60; - - if ($shift_end > $end) { - $shift_end = $end; - } - if ($shift_start >= $shift_end) { - break; + + // Alle Eingaben in Ordnung + if ($valid) { + if ($angelmode == 'location') { + $needed_angel_types = []; + $needed_angel_types_location = sql_select("SELECT * FROM `NeededAngelTypes` WHERE `room_id`='" . sql_escape($rid) . "'"); + foreach ($needed_angel_types_location as $type) { + $needed_angel_types[$type['angel_type_id']] = $type['count']; } - - $shifts[] = [ - 'start' => $shift_start, - 'end' => $shift_end, - 'RID' => $rid, - 'title' => $title, - 'shifttype_id' => $shifttype_id - ]; - - $shift_start = $shift_end; - } while ($shift_end < $end); - } elseif ($mode == 'variable') { - rsort($change_hours); - $day = parse_date("Y-m-d H:i", date("Y-m-d", $start) . " 00:00"); - $change_index = 0; - // Ersten/nächsten passenden Schichtwechsel suchen - foreach ($change_hours as $i => $change_hour) { - if ($start < $day + $change_hour * 60 * 60) { - $change_index = $i; - } elseif ($start == $day + $change_hour * 60 * 60) { - // Start trifft Schichtwechsel - $change_index = ($i + count($change_hours) - 1) % count($change_hours); - break; - } else { - break; } - } - - $shift_start = $start; - do { - $day = parse_date("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00"); - $shift_end = $day + $change_hours[$change_index] * 60 * 60; - - if ($shift_end > $end) { - $shift_end = $end; - } - if ($shift_start >= $shift_end) { - $shift_end += 24 * 60 * 60; - } - + $shifts = []; + if ($mode == 'single') { $shifts[] = [ - 'start' => $shift_start, - 'end' => $shift_end, - 'RID' => $rid, - 'title' => $title, - 'shifttype_id' => $shifttype_id - ]; - - $shift_start = $shift_end; - $change_index = ($change_index + count($change_hours) - 1) % count($change_hours); - } while ($shift_end < $end); - } - - $shifts_table = []; - foreach ($shifts as $shift) { - $shifts_table_entry = [ - 'timeslot' => '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $shift['start']) . ' - ' . date("H:i", $shift['end']) . '<br />' . Room_name_render(Room($shift['RID'])), - 'title' => ShiftType_name_render(ShiftType($shifttype_id)) . ($shift['title'] ? '<br />' . $shift['title'] : ''), - 'needed_angels' => '' - ]; - foreach ($types as $type) { - if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) { - $shifts_table_entry['needed_angels'] .= '<b>' . AngelType_name_render($type) . ':</b> ' . $needed_angel_types[$type['id']] . '<br />'; + 'start' => $start, + 'end' => $end, + 'RID' => $rid, + 'title' => $title, + 'shifttype_id' => $shifttype_id + ]; + } elseif ($mode == 'multi') { + $shift_start = $start; + do { + $shift_end = $shift_start + $length * 60; + + if ($shift_end > $end) { + $shift_end = $end; + } + if ($shift_start >= $shift_end) { + break; + } + + $shifts[] = [ + 'start' => $shift_start, + 'end' => $shift_end, + 'RID' => $rid, + 'title' => $title, + 'shifttype_id' => $shifttype_id + ]; + + $shift_start = $shift_end; + } while ($shift_end < $end); + } elseif ($mode == 'variable') { + rsort($change_hours); + $day = parse_date("Y-m-d H:i", date("Y-m-d", $start) . " 00:00"); + $change_index = 0; + // Ersten/nächsten passenden Schichtwechsel suchen + foreach ($change_hours as $i => $change_hour) { + if ($start < $day + $change_hour * 60 * 60) { + $change_index = $i; + } elseif ($start == $day + $change_hour * 60 * 60) { + // Start trifft Schichtwechsel + $change_index = ($i + count($change_hours) - 1) % count($change_hours); + break; + } else { + break; + } } + + $shift_start = $start; + do { + $day = parse_date("Y-m-d H:i", date("Y-m-d", $shift_start) . " 00:00"); + $shift_end = $day + $change_hours[$change_index] * 60 * 60; + + if ($shift_end > $end) { + $shift_end = $end; + } + if ($shift_start >= $shift_end) { + $shift_end += 24 * 60 * 60; + } + + $shifts[] = [ + 'start' => $shift_start, + 'end' => $shift_end, + 'RID' => $rid, + 'title' => $title, + 'shifttype_id' => $shifttype_id + ]; + + $shift_start = $shift_end; + $change_index = ($change_index + count($change_hours) - 1) % count($change_hours); + } while ($shift_end < $end); } - $shifts_table[] = $shifts_table_entry; - } - - // Fürs Anlegen zwischenspeichern: - $_SESSION['admin_shifts_shifts'] = $shifts; - $_SESSION['admin_shifts_types'] = $needed_angel_types; - - $hidden_types = ""; - foreach ($needed_angel_types as $type_id => $count) { - $hidden_types .= form_hidden('type_' . $type_id, $count); + + $shifts_table = []; + foreach ($shifts as $shift) { + $shifts_table_entry = [ + 'timeslot' => + '<span class="glyphicon glyphicon-time"></span> ' + . date("Y-m-d H:i", $shift['start']) + . ' - ' + . date("H:i", $shift['end']) + . '<br />' + . Room_name_render(Room($shift['RID'])), + 'title' => + ShiftType_name_render(ShiftType($shifttype_id)) + . ($shift['title'] ? '<br />' . $shift['title'] : ''), + 'needed_angels' => '' + ]; + foreach ($types as $type) { + if (isset($needed_angel_types[$type['id']]) && $needed_angel_types[$type['id']] > 0) { + $shifts_table_entry['needed_angels'] .= '<b>' . AngelType_name_render($type) . ':</b> ' . $needed_angel_types[$type['id']] . '<br />'; + } + } + $shifts_table[] = $shifts_table_entry; + } + + // Fürs Anlegen zwischenspeichern: + $_SESSION['admin_shifts_shifts'] = $shifts; + $_SESSION['admin_shifts_types'] = $needed_angel_types; + + $hidden_types = ""; + foreach ($needed_angel_types as $type_id => $count) { + $hidden_types .= form_hidden('type_' . $type_id, $count); + } + return page_with_title(_("Preview"), [ + form([ + $hidden_types, + form_hidden('shifttype_id', $shifttype_id), + form_hidden('title', $title), + form_hidden('rid', $rid), + form_hidden('start', date("Y-m-d H:i", $start)), + form_hidden('end', date("Y-m-d H:i", $end)), + form_hidden('mode', $mode), + form_hidden('length', $length), + form_hidden('change_hours', implode(', ', $change_hours)), + form_hidden('angelmode', $angelmode), + form_submit('back', _("back")), + table([ + 'timeslot' => _('Time and location'), + 'title' => _('Type and title'), + 'needed_angels' => _('Needed angels') + ], $shifts_table), + form_submit('submit', _("Save")) + ]) + ]); } - return page_with_title(_("Preview"), [ - form([ - $hidden_types, - form_hidden('shifttype_id', $shifttype_id), - form_hidden('title', $title), - form_hidden('rid', $rid), - form_hidden('start', date("Y-m-d H:i", $start)), - form_hidden('end', date("Y-m-d H:i", $end)), - form_hidden('mode', $mode), - form_hidden('length', $length), - form_hidden('change_hours', implode(', ', $change_hours)), - form_hidden('angelmode', $angelmode), - form_submit('back', _("back")), - table([ - 'timeslot' => _('Time and location'), - 'title' => _('Type and title'), - 'needed_angels' => _('Needed angels') - ], $shifts_table), - form_submit('submit', _("Save")) - ]) - ]); - } } elseif (isset($_REQUEST['submit'])) { - if (! is_array($_SESSION['admin_shifts_shifts']) || ! is_array($_SESSION['admin_shifts_types'])) { + if (!is_array($_SESSION['admin_shifts_shifts']) || !is_array($_SESSION['admin_shifts_types'])) { redirect(page_link_to('admin_shifts')); } - + foreach ($_SESSION['admin_shifts_shifts'] as $shift) { $shift['URL'] = null; $shift['PSID'] = null; @@ -287,8 +305,13 @@ function admin_shifts() if ($shift_id === false) { engelsystem_error('Unable to create shift.'); } - - engelsystem_log("Shift created: " . $shifttypes[$shift['shifttype_id']] . " with title " . $shift['title'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end'])); + + engelsystem_log( + "Shift created: " . $shifttypes[$shift['shifttype_id']] + . " with title " . $shift['title'] + . " from " . date("Y-m-d H:i", $shift['start']) + . " to " . date("Y-m-d H:i", $shift['end']) + ); $needed_angel_types_info = []; foreach ($_SESSION['admin_shifts_types'] as $type_id => $count) { $angel_type_source = sql_select("SELECT * FROM `AngelTypes` WHERE `id`='" . sql_escape($type_id) . "' LIMIT 1"); @@ -298,7 +321,7 @@ function admin_shifts() } } } - + engelsystem_log("Shift needs following angel types: " . join(", ", $needed_angel_types_info)); success("Schichten angelegt."); redirect(page_link_to('admin_shifts')); @@ -306,42 +329,61 @@ function admin_shifts() unset($_SESSION['admin_shifts_shifts']); unset($_SESSION['admin_shifts_types']); } - - if (! isset($_REQUEST['rid'])) { + + if (!isset($_REQUEST['rid'])) { $_REQUEST['rid'] = null; } $angel_types = ""; foreach ($types as $type) { - $angel_types .= '<div class="col-md-4">' . form_spinner('type_' . $type['id'], $type['name'], $needed_angel_types[$type['id']]) . '</div>'; + $angel_types .= '<div class="col-md-4">' . form_spinner( + 'type_' . $type['id'], + $type['name'], + $needed_angel_types[$type['id']] + ) + . '</div>'; } - + return page_with_title(admin_shifts_title(), [ - msg(), - form([ - form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), - form_text('title', _("Title"), $title), - form_select('rid', _("Room"), $room_array, $_REQUEST['rid']), - div('row', [ - div('col-md-6', [ - form_text('start', _("Start"), date("Y-m-d H:i", $start)), - form_text('end', _("End"), date("Y-m-d H:i", $end)), - form_info(_("Mode"), ''), - form_radio('mode', _("Create one shift"), $mode == 'single', 'single'), - form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'), - form_text('length', _("Length"), ! empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'), - form_radio('mode', _("Create multiple shifts with variable length"), $mode == 'variable', 'variable'), - form_text('change_hours', _("Shift change hours"), ! empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22') - ]), - div('col-md-6', [ - form_info(_("Needed angels"), ''), - form_radio('angelmode', _("Take needed angels from room settings"), $angelmode == 'location', 'location'), - form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'), - div('row', [ - $angel_types - ]) - ]) - ]), - form_submit('preview', _("Preview")) - ]) - ]); + msg(), + form([ + form_select('shifttype_id', _('Shifttype'), $shifttypes, $shifttype_id), + form_text('title', _("Title"), $title), + form_select('rid', _("Room"), $room_array, $_REQUEST['rid']), + div('row', [ + div('col-md-6', [ + form_text('start', _("Start"), date("Y-m-d H:i", $start)), + form_text('end', _("End"), date("Y-m-d H:i", $end)), + form_info(_("Mode"), ''), + form_radio('mode', _("Create one shift"), $mode == 'single', 'single'), + form_radio('mode', _("Create multiple shifts"), $mode == 'multi', 'multi'), + form_text('length', _("Length"), !empty($_REQUEST['length']) ? $_REQUEST['length'] : '120'), + form_radio( + 'mode', + _("Create multiple shifts with variable length"), + $mode == 'variable', + 'variable' + ), + form_text( + 'change_hours', + _("Shift change hours"), + !empty($_REQUEST['change_hours']) ? $_REQUEST['change_hours'] : '00, 04, 08, 10, 12, 14, 16, 18, 20, 22' + ) + ]), + div('col-md-6', [ + form_info(_("Needed angels"), ''), + form_radio( + 'angelmode', + _("Take needed angels from room settings"), + $angelmode == 'location', + 'location' + ), + form_radio('angelmode', _("The following angels are needed"), $angelmode == 'manually', 'manually'), + div('row', [ + $angel_types + ]) + ]) + ]), + form_submit('preview', _("Preview")) + ]) + ]); } diff --git a/includes/pages/admin_user.php b/includes/pages/admin_user.php index e84e3089..12d92720 100644 --- a/includes/pages/admin_user.php +++ b/includes/pages/admin_user.php @@ -8,23 +8,23 @@ function admin_user_title() function admin_user() { global $user, $privileges, $tshirt_sizes, $privileges; - + $html = ''; - - if (! isset($_REQUEST['id'])) { + + if (!isset($_REQUEST['id'])) { redirect(users_link()); } - + $user_id = $_REQUEST['id']; - if (! isset($_REQUEST['action'])) { + if (!isset($_REQUEST['action'])) { $user_source = User($user_id); if ($user_source == null) { error(_('This user does not exist.')); redirect(users_link()); } - + $html .= "Hallo,<br />" . "hier kannst du den Eintrag ändern. Unter dem Punkt 'Gekommen' " . "wird der Engel als anwesend markiert, ein Ja bei Aktiv bedeutet, " . "dass der Engel aktiv war und damit ein Anspruch auf ein T-Shirt hat. " . "Wenn T-Shirt ein 'Ja' enthält, bedeutet dies, dass der Engel " . "bereits sein T-Shirt erhalten hat.<br /><br />\n"; - + $html .= "<form action=\"" . page_link_to("admin_user") . "&action=save&id=$user_id\" method=\"post\">\n"; $html .= "<table border=\"0\">\n"; $html .= "<input type=\"hidden\" name=\"Type\" value=\"Normal\">\n"; @@ -42,132 +42,135 @@ function admin_user() $html .= " <tr><td>email</td><td>" . "<input type=\"text\" size=\"40\" name=\"eemail\" value=\"" . $user_source['email'] . "\"></td></tr>\n"; } $html .= " <tr><td>jabber</td><td>" . "<input type=\"text\" size=\"40\" name=\"ejabber\" value=\"" . $user_source['jabber'] . "\"></td></tr>\n"; - $html .= " <tr><td>Size</td><td>" . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) . "</td></tr>\n"; - + $html .= " <tr><td>Size</td><td>" + . html_select_key('size', 'eSize', $tshirt_sizes, $user_source['Size']) + . "</td></tr>\n"; + $options = [ - '1' => _("Yes"), - '0' => _("No") - ]; - - // Gekommen? - $html .= " <tr><td>Gekommen</td><td>\n"; + '1' => _("Yes"), + '0' => _("No") + ]; + + // Gekommen? + $html .= " <tr><td>Gekommen</td><td>\n"; $html .= html_options('eGekommen', $options, $user_source['Gekommen']) . "</td></tr>\n"; - - // Aktiv? - $html .= " <tr><td>Aktiv</td><td>\n"; + + // Aktiv? + $html .= " <tr><td>Aktiv</td><td>\n"; $html .= html_options('eAktiv', $options, $user_source['Aktiv']) . "</td></tr>\n"; - - // Aktiv erzwingen - if (in_array('admin_active', $privileges)) { - $html .= " <tr><td>" . _("Force active") . "</td><td>\n"; - $html .= html_options('force_active', $options, $user_source['force_active']) . "</td></tr>\n"; - } - - // T-Shirt bekommen? - $html .= " <tr><td>T-Shirt</td><td>\n"; + + // Aktiv erzwingen + if (in_array('admin_active', $privileges)) { + $html .= " <tr><td>" . _("Force active") . "</td><td>\n"; + $html .= html_options('force_active', $options, $user_source['force_active']) . "</td></tr>\n"; + } + + // T-Shirt bekommen? + $html .= " <tr><td>T-Shirt</td><td>\n"; $html .= html_options('eTshirt', $options, $user_source['Tshirt']) . "</td></tr>\n"; - + $html .= " <tr><td>Hometown</td><td>" . "<input type=\"text\" size=\"40\" name=\"Hometown\" value=\"" . $user_source['Hometown'] . "\"></td></tr>\n"; - + $html .= "</table>\n</td><td valign=\"top\"></td></tr>"; - + $html .= "</td></tr>\n"; $html .= "</table>\n<br />\n"; $html .= "<input type=\"submit\" value=\"Speichern\">\n"; $html .= "</form>"; - + $html .= "<hr />"; - + $html .= form_info('', _('Please visit the angeltypes page or the users profile to manage users angeltypes.')); - + $html .= "Hier kannst Du das Passwort dieses Engels neu setzen:<form action=\"" . page_link_to("admin_user") . "&action=change_pw&id=$user_id\" method=\"post\">\n"; $html .= "<table>\n"; $html .= " <tr><td>Passwort</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw\" value=\"\"></td></tr>\n"; $html .= " <tr><td>Wiederholung</td><td>" . "<input type=\"password\" size=\"40\" name=\"new_pw2\" value=\"\"></td></tr>\n"; - + $html .= "</table>"; $html .= "<input type=\"submit\" value=\"Speichern\">\n"; $html .= "</form>"; - + $html .= "<hr />"; - + $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id` LIMIT 1"); if (count($my_highest_group) > 0) { $my_highest_group = $my_highest_group[0]['group_id']; } - + $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id` LIMIT 1"); if (count($his_highest_group) > 0) { $his_highest_group = $his_highest_group[0]['group_id']; } - + if ($user_id != $user['UID'] && $my_highest_group <= $his_highest_group) { $html .= "Hier kannst Du die Benutzergruppen des Engels festlegen:<form action=\"" . page_link_to("admin_user") . "&action=save_groups&id=" . $user_id . "\" method=\"post\">\n"; $html .= '<table>'; - + $groups = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group) . "' ORDER BY `Groups`.`Name`"); foreach ($groups as $group) { $html .= '<tr><td><input type="checkbox" name="groups[]" value="' . $group['UID'] . '"' . ($group['group_id'] != "" ? ' checked="checked"' : '') . ' /></td><td>' . $group['Name'] . '</td></tr>'; } - + $html .= '</table>'; - + $html .= "<input type=\"submit\" value=\"Speichern\">\n"; $html .= "</form>"; - + $html .= "<hr />"; } - + $html .= buttons([ - button(user_delete_link($user_source), glyph('lock') . _("delete"), 'btn-danger') - ]); - + button(user_delete_link($user_source), glyph('lock') . _("delete"), 'btn-danger') + ]); + $html .= "<hr />"; } else { switch ($_REQUEST['action']) { - case 'save_groups': - if ($user_id != $user['UID']) { - $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`"); - $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id`"); - - if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) { - $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`"); - $groups = []; - $grouplist = []; - foreach ($groups_source as $group) { - $groups[$group['UID']] = $group; - $grouplist[] = $group['UID']; - } - - if (! is_array($_REQUEST['groups'])) { - $_REQUEST['groups'] = []; - } - - sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "'"); - $user_groups_info = []; - foreach ($_REQUEST['groups'] as $group) { - if (in_array($group, $grouplist)) { - sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`='" . sql_escape($group) . "'"); - $user_groups_info[] = $groups[$group]['Name']; + case 'save_groups': + if ($user_id != $user['UID']) { + $my_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user['UID']) . "' ORDER BY `group_id`"); + $his_highest_group = sql_select("SELECT * FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "' ORDER BY `group_id`"); + + if (count($my_highest_group) > 0 && (count($his_highest_group) == 0 || ($my_highest_group[0]['group_id'] <= $his_highest_group[0]['group_id']))) { + $groups_source = sql_select("SELECT * FROM `Groups` LEFT OUTER JOIN `UserGroups` ON (`UserGroups`.`group_id` = `Groups`.`UID` AND `UserGroups`.`uid` = '" . sql_escape($user_id) . "') WHERE `Groups`.`UID` >= '" . sql_escape($my_highest_group[0]['group_id']) . "' ORDER BY `Groups`.`Name`"); + $groups = []; + $grouplist = []; + foreach ($groups_source as $group) { + $groups[$group['UID']] = $group; + $grouplist[] = $group['UID']; + } + + if (!is_array($_REQUEST['groups'])) { + $_REQUEST['groups'] = []; + } + + sql_query("DELETE FROM `UserGroups` WHERE `uid`='" . sql_escape($user_id) . "'"); + $user_groups_info = []; + foreach ($_REQUEST['groups'] as $group) { + if (in_array($group, $grouplist)) { + sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`='" . sql_escape($group) . "'"); + $user_groups_info[] = $groups[$group]['Name']; + } + } + $user_source = User($user_id); + engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", + $user_groups_info)); + $html .= success("Benutzergruppen gespeichert.", true); + } else { + $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true); } + } else { + $html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true); } - $user_source = User($user_id); - engelsystem_log("Set groups of " . User_Nick_render($user_source) . " to: " . join(", ", $user_groups_info)); - $html .= success("Benutzergruppen gespeichert.", true); - } else { - $html .= error("Du kannst keine Engel mit mehr Rechten bearbeiten.", true); - } - } else { - $html .= error("Du kannst Deine eigenen Rechte nicht bearbeiten.", true); - } - break; - - case 'save': - $force_active = $user['force_active']; - if (in_array('admin_active', $privileges)) { - $force_active = $_REQUEST['force_active']; - } - $SQL = "UPDATE `User` SET + break; + + case 'save': + $force_active = $user['force_active']; + if (in_array('admin_active', $privileges)) { + $force_active = $_REQUEST['force_active']; + } + $SQL = "UPDATE `User` SET `Nick` = '" . sql_escape($_POST["eNick"]) . "', `Name` = '" . sql_escape($_POST["eName"]) . "', `Vorname` = '" . sql_escape($_POST["eVorname"]) . "', @@ -185,25 +188,25 @@ function admin_user() `Hometown` = '" . sql_escape($_POST["Hometown"]) . "' WHERE `UID` = '" . sql_escape($user_id) . "' LIMIT 1"; - sql_query($SQL); - engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]); - $html .= success("Änderung wurde gespeichert...\n", true); - break; - - case 'change_pw': - if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) { - set_password($user_id, $_REQUEST['new_pw']); - $user_source = User($user_id); - engelsystem_log("Set new password for " . User_Nick_render($user_source)); - $html .= success("Passwort neu gesetzt.", true); - } else { - $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true); + sql_query($SQL); + engelsystem_log("Updated user: " . $_POST["eNick"] . ", " . $_POST["eSize"] . ", arrived: " . $_POST["eGekommen"] . ", active: " . $_POST["eAktiv"] . ", tshirt: " . $_POST["eTshirt"]); + $html .= success("Änderung wurde gespeichert...\n", true); + break; + + case 'change_pw': + if ($_REQUEST['new_pw'] != "" && $_REQUEST['new_pw'] == $_REQUEST['new_pw2']) { + set_password($user_id, $_REQUEST['new_pw']); + $user_source = User($user_id); + engelsystem_log("Set new password for " . User_Nick_render($user_source)); + $html .= success("Passwort neu gesetzt.", true); + } else { + $html .= error("Die Eingaben müssen übereinstimmen und dürfen nicht leer sein!", true); + } + break; } - break; - } } - + return page_with_title(_("Edit user"), [ - $html - ]); + $html + ]); } diff --git a/includes/pages/guest_login.php b/includes/pages/guest_login.php index 293fb891..482b7670 100644 --- a/includes/pages/guest_login.php +++ b/includes/pages/guest_login.php @@ -19,9 +19,9 @@ function logout_title() function guest_register() { global $tshirt_sizes, $enable_tshirt_size, $default_theme, $user, $min_password_length; - + $event_config = EventConfig(); - + $msg = ""; $nick = ""; $lastname = ""; @@ -40,19 +40,19 @@ function guest_register() $password_hash = ""; $selected_angel_types = []; $planned_arrival_date = null; - + $angel_types_source = AngelTypes(); $angel_types = []; foreach ($angel_types_source as $angel_type) { $angel_types[$angel_type['id']] = $angel_type['name'] . ($angel_type['restricted'] ? " (restricted)" : ""); - if (! $angel_type['restricted']) { + if (!$angel_type['restricted']) { $selected_angel_types[] = $angel_type['id']; } } - + if (isset($_REQUEST['submit'])) { $valid = true; - + if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 1) { $nick = User_validate_Nick($_REQUEST['nick']); if (sql_num_query("SELECT * FROM `User` WHERE `Nick`='" . sql_escape($nick) . "' LIMIT 1") > 0) { @@ -61,12 +61,15 @@ function guest_register() } } else { $valid = false; - $msg .= error(sprintf(_("Your nick "%s" is too short (min. 2 characters)."), User_validate_Nick($_REQUEST['nick'])), true); + $msg .= error(sprintf( + _("Your nick "%s" is too short (min. 2 characters)."), + User_validate_Nick($_REQUEST['nick']) + ), true); } - + if (isset($_REQUEST['mail']) && strlen(strip_request_item('mail')) > 0) { $mail = strip_request_item('mail'); - if (! check_email($mail)) { + if (!check_email($mail)) { $valid = false; $msg .= error(_("E-mail address is not correct."), true); } @@ -74,23 +77,23 @@ function guest_register() $valid = false; $msg .= error(_("Please enter your e-mail."), true); } - + if (isset($_REQUEST['email_shiftinfo'])) { $email_shiftinfo = true; } - + if (isset($_REQUEST['email_by_human_allowed'])) { $email_by_human_allowed = true; } - + if (isset($_REQUEST['jabber']) && strlen(strip_request_item('jabber')) > 0) { $jabber = strip_request_item('jabber'); - if (! check_email($jabber)) { + if (!check_email($jabber)) { $valid = false; $msg .= error(_("Please check your jabber account information."), true); } } - + if ($enable_tshirt_size) { if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']]) && $_REQUEST['tshirt_size'] != '') { $tshirt_size = $_REQUEST['tshirt_size']; @@ -99,7 +102,7 @@ function guest_register() $msg .= error(_("Please select your shirt size."), true); } } - + if (isset($_REQUEST['password']) && strlen($_REQUEST['password']) >= $min_password_length) { if ($_REQUEST['password'] != $_REQUEST['password2']) { $valid = false; @@ -107,30 +110,33 @@ function guest_register() } } else { $valid = false; - $msg .= error(sprintf(_("Your password is too short (please use at least %s characters)."), $min_password_length), true); + $msg .= error(sprintf( + _("Your password is too short (please use at least %s characters)."), + $min_password_length + ), true); } - + if (isset($_REQUEST['planned_arrival_date'])) { $tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_arrival_date'] . " 00:00"); $result = User_validate_planned_arrival_date($tmp); $planned_arrival_date = $result->getValue(); - if (! $result->isValid()) { + if (!$result->isValid()) { $valid = false; error(_("Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date.")); } } - + $selected_angel_types = []; foreach (array_keys($angel_types) as $angel_type_id) { if (isset($_REQUEST['angel_types_' . $angel_type_id])) { $selected_angel_types[] = $angel_type_id; } } - - // Trivia - if (isset($_REQUEST['lastname'])) { - $lastname = strip_request_item('lastname'); - } + + // Trivia + if (isset($_REQUEST['lastname'])) { + $lastname = strip_request_item('lastname'); + } if (isset($_REQUEST['prename'])) { $prename = strip_request_item('prename'); } @@ -152,7 +158,7 @@ function guest_register() if (isset($_REQUEST['comment'])) { $comment = strip_request_item_nl('comment'); } - + if ($valid) { sql_query(" INSERT INTO `User` SET @@ -176,36 +182,39 @@ function guest_register() `Sprache`='" . sql_escape($_SESSION["locale"]) . "', `arrival_date`=NULL, `planned_arrival_date`='" . sql_escape($planned_arrival_date) . "'"); - - // Assign user-group and set password - $user_id = sql_id(); + + // Assign user-group and set password + $user_id = sql_id(); sql_query("INSERT INTO `UserGroups` SET `uid`='" . sql_escape($user_id) . "', `group_id`=-2"); set_password($user_id, $_REQUEST['password']); - - // Assign angel-types - $user_angel_types_info = []; + + // Assign angel-types + $user_angel_types_info = []; foreach ($selected_angel_types as $selected_angel_type_id) { sql_query("INSERT INTO `UserAngelTypes` SET `user_id`='" . sql_escape($user_id) . "', `angeltype_id`='" . sql_escape($selected_angel_type_id) . "'"); $user_angel_types_info[] = $angel_types[$selected_angel_type_id]; } - - engelsystem_log("User " . User_Nick_render(User($user_id)) . " signed up as: " . join(", ", $user_angel_types_info)); + + engelsystem_log( + "User " . User_Nick_render(User($user_id)) + . " signed up as: " . join(", ", $user_angel_types_info) + ); success(_("Angel registration successful!")); - - // User is already logged in - that means a supporter has registered an angel. Return to register page. - if (isset($user)) { - redirect(page_link_to('register')); - } - - // If a welcome message is present, display registration success page. - if ($event_config != null && $event_config['event_welcome_msg'] != null) { - return User_registration_success_view($event_config['event_welcome_msg']); - } - + + // User is already logged in - that means a supporter has registered an angel. Return to register page. + if (isset($user)) { + redirect(page_link_to('register')); + } + + // If a welcome message is present, display registration success page. + if ($event_config != null && $event_config['event_welcome_msg'] != null) { + return User_registration_success_view($event_config['event_welcome_msg']); + } + redirect('?'); } } - + $buildup_start_date = time(); $teardown_end_date = null; if ($event_config != null) { @@ -216,79 +225,105 @@ function guest_register() $teardown_end_date = $event_config['teardown_end_date']; } } - + return page_with_title(register_title(), [ - _("By completing this form you're registering as a Chaos-Angel. This script will create you an account in the angel task scheduler."), - $msg, - msg(), - form([ - div('row', [ - div('col-md-6', [ - div('row', [ - div('col-sm-4', [ - form_text('nick', _("Nick") . ' ' . entry_required(), $nick) - ]), - div('col-sm-8', [ - form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail), - form_checkbox('email_shiftinfo', _("The engelsystem is allowed to send me an email (e.g. when my shifts change)"), $email_shiftinfo), - form_checkbox('email_by_human_allowed', _("Humans are allowed to send me an email (e.g. for ticket vouchers)"), $email_by_human_allowed) - ]) - ]), - div('row', [ - div('col-sm-6', [ - form_date('planned_arrival_date', _("Planned date of arrival") . ' ' . entry_required(), $planned_arrival_date, $buildup_start_date, $teardown_end_date) - ]), - div('col-sm-6', [ - $enable_tshirt_size ? form_select('tshirt_size', _("Shirt size") . ' ' . entry_required(), $tshirt_sizes, $tshirt_size) : '' - ]) - ]), - div('row', [ - div('col-sm-6', [ - form_password('password', _("Password") . ' ' . entry_required()) - ]), - div('col-sm-6', [ - form_password('password2', _("Confirm password") . ' ' . entry_required()) - ]) - ]), - form_checkboxes('angel_types', _("What do you want to do?") . sprintf(" (<a href=\"%s\">%s</a>)", page_link_to('angeltypes') . '&action=about', _("Description of job types")), $angel_types, $selected_angel_types), - form_info("", _("Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section.")) - ]), - div('col-md-6', [ - div('row', [ - div('col-sm-4', [ - form_text('dect', _("DECT"), $dect) - ]), - div('col-sm-4', [ - form_text('mobile', _("Mobile"), $mobile) - ]), - div('col-sm-4', [ - form_text('tel', _("Phone"), $tel) - ]) - ]), - form_text('jabber', _("Jabber"), $jabber), - div('row', [ - div('col-sm-6', [ - form_text('prename', _("First name"), $prename) - ]), - div('col-sm-6', [ - form_text('lastname', _("Last name"), $lastname) - ]) - ]), - div('row', [ - div('col-sm-3', [ - form_text('age', _("Age"), $age) - ]), - div('col-sm-9', [ - form_text('hometown', _("Hometown"), $hometown) - ]) - ]), - form_info(entry_required() . ' = ' . _("Entry required!")) - ]) - ]), - // form_textarea('comment', _("Did you help at former CCC events and which tasks have you performed then?"), $comment), - form_submit('submit', _("Register")) - ]) - ]); + _("By completing this form you're registering as a Chaos-Angel. This script will create you an account in the angel task scheduler."), + $msg, + msg(), + form([ + div('row', [ + div('col-md-6', [ + div('row', [ + div('col-sm-4', [ + form_text('nick', _("Nick") . ' ' . entry_required(), $nick) + ]), + div('col-sm-8', [ + form_email('mail', _("E-Mail") . ' ' . entry_required(), $mail), + form_checkbox( + 'email_shiftinfo', + _("The engelsystem is allowed to send me an email (e.g. when my shifts change)"), + $email_shiftinfo + ), + form_checkbox( + 'email_by_human_allowed', + _("Humans are allowed to send me an email (e.g. for ticket vouchers)"), + $email_by_human_allowed + ) + ]) + ]), + div('row', [ + div('col-sm-6', [ + form_date( + 'planned_arrival_date', + _("Planned date of arrival") . ' ' . entry_required(), + $planned_arrival_date, $buildup_start_date, $teardown_end_date + ) + ]), + div('col-sm-6', [ + $enable_tshirt_size ? form_select('tshirt_size', + _("Shirt size") . ' ' . entry_required(), + $tshirt_sizes, $tshirt_size) : '' + ]) + ]), + div('row', [ + div('col-sm-6', [ + form_password('password', _("Password") . ' ' . entry_required()) + ]), + div('col-sm-6', [ + form_password('password2', _("Confirm password") . ' ' . entry_required()) + ]) + ]), + form_checkboxes( + 'angel_types', + _("What do you want to do?") . sprintf( + " (<a href=\"%s\">%s</a>)", + page_link_to('angeltypes') . '&action=about', + _("Description of job types") + ), + $angel_types, + $selected_angel_types + ), + form_info( + "", + _("Restricted angel types need will be confirmed later by a supporter. You can change your selection in the options section.") + ) + ]), + div('col-md-6', [ + div('row', [ + div('col-sm-4', [ + form_text('dect', _("DECT"), $dect) + ]), + div('col-sm-4', [ + form_text('mobile', _("Mobile"), $mobile) + ]), + div('col-sm-4', [ + form_text('tel', _("Phone"), $tel) + ]) + ]), + form_text('jabber', _("Jabber"), $jabber), + div('row', [ + div('col-sm-6', [ + form_text('prename', _("First name"), $prename) + ]), + div('col-sm-6', [ + form_text('lastname', _("Last name"), $lastname) + ]) + ]), + div('row', [ + div('col-sm-3', [ + form_text('age', _("Age"), $age) + ]), + div('col-sm-9', [ + form_text('hometown', _("Hometown"), $hometown) + ]) + ]), + form_info(entry_required() . ' = ' . _("Entry required!")) + ]) + ]), + // form_textarea('comment', _("Did you help at former CCC events and which tasks have you performed then?"), $comment), + form_submit('submit', _("Register")) + ]) + ]); } function entry_required() @@ -305,10 +340,10 @@ function guest_logout() function guest_login() { $nick = ""; - + unset($_SESSION['uid']); $valid = true; - + if (isset($_REQUEST['submit'])) { if (isset($_REQUEST['nick']) && strlen(User_validate_Nick($_REQUEST['nick'])) > 0) { $nick = User_validate_Nick($_REQUEST['nick']); @@ -316,7 +351,7 @@ function guest_login() if (count($login_user) > 0) { $login_user = $login_user[0]; if (isset($_REQUEST['password'])) { - if (! verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) { + if (!verify_password($_REQUEST['password'], $login_user['Passwort'], $login_user['UID'])) { $valid = false; error(_("Your password is incorrect. Please try it again.")); } @@ -332,75 +367,75 @@ function guest_login() $valid = false; error(_("Please enter a nickname.")); } - + if ($valid) { $_SESSION['uid'] = $login_user['UID']; $_SESSION['locale'] = $login_user['Sprache']; - + redirect(page_link_to('news')); } } - + $event_config = EventConfig(); - + return page([ - div('col-md-12', [ - div('row', [ - EventConfig_countdown_page($event_config) - ]), - div('row', [ - div('col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4', [ - div('panel panel-primary first', [ - div('panel-heading', [ - '<span class="icon-icon_angel"></span> ' . _("Login") - ]), - div('panel-body', [ - msg(), - form([ - form_text_placeholder('nick', _("Nick"), $nick), - form_password_placeholder('password', _("Password")), - form_submit('submit', _("Login")), - ! $valid ? buttons([ - button(page_link_to('user_password_recovery'), _("I forgot my password")) - ]) : '' - ]) - ]), - div('panel-footer', [ - glyph('info-sign') . _("Please note: You have to activate cookies!") - ]) - ]) - ]) - ]), - div('row', [ - div('col-sm-6 text-center', [ - heading(register_title(), 2), - get_register_hint() - ]), - div('col-sm-6 text-center', [ - heading(_("What can I do?"), 2), - '<p>' . _("Please read about the jobs you can do to help us.") . '</p>', - buttons([ - button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description") . ' »') - ]) - ]) - ]) - ]) - ]); + div('col-md-12', [ + div('row', [ + EventConfig_countdown_page($event_config) + ]), + div('row', [ + div('col-sm-6 col-sm-offset-3 col-md-4 col-md-offset-4', [ + div('panel panel-primary first', [ + div('panel-heading', [ + '<span class="icon-icon_angel"></span> ' . _("Login") + ]), + div('panel-body', [ + msg(), + form([ + form_text_placeholder('nick', _("Nick"), $nick), + form_password_placeholder('password', _("Password")), + form_submit('submit', _("Login")), + !$valid ? buttons([ + button(page_link_to('user_password_recovery'), _("I forgot my password")) + ]) : '' + ]) + ]), + div('panel-footer', [ + glyph('info-sign') . _("Please note: You have to activate cookies!") + ]) + ]) + ]) + ]), + div('row', [ + div('col-sm-6 text-center', [ + heading(register_title(), 2), + get_register_hint() + ]), + div('col-sm-6 text-center', [ + heading(_("What can I do?"), 2), + '<p>' . _("Please read about the jobs you can do to help us.") . '</p>', + buttons([ + button(page_link_to('angeltypes') . '&action=about', _("Teams/Job description") . ' »') + ]) + ]) + ]) + ]) + ]); } function get_register_hint() { global $privileges; - + if (in_array('register', $privileges)) { return join('', [ - '<p>' . _("Please sign up, if you want to help us!") . '</p>', - buttons([ - button(page_link_to('register'), register_title() . ' »') - ]) - ]); + '<p>' . _("Please sign up, if you want to help us!") . '</p>', + buttons([ + button(page_link_to('register'), register_title() . ' »') + ]) + ]); } - - //FIXME: return error(_("Registration is disabled."), true); - return error("Registration is <a href='https://engelsystem.de/33c3/overwhelmed.html'>disabled</a>.", true); + + //FIXME: return error(_("Registration is disabled."), true); + return error("Registration is <a href='https://engelsystem.de/33c3/overwhelmed.html'>disabled</a>.", true); } diff --git a/includes/pages/guest_stats.php b/includes/pages/guest_stats.php index 2559dd4d..1994f044 100644 --- a/includes/pages/guest_stats.php +++ b/includes/pages/guest_stats.php @@ -3,32 +3,32 @@ function guest_stats() { global $api_key; - + if (isset($_REQUEST['api_key'])) { if ($_REQUEST['api_key'] == $api_key) { $stats = []; - - list($user_count) = sql_select("SELECT count(*) as `user_count` FROM `User`"); + + list($user_count) = sql_select("SELECT count(*) AS `user_count` FROM `User`"); $stats['user_count'] = $user_count['user_count']; - - list($arrived_user_count) = sql_select("SELECT count(*) as `user_count` FROM `User` WHERE `Gekommen`=1"); + + list($arrived_user_count) = sql_select("SELECT count(*) AS `user_count` FROM `User` WHERE `Gekommen`=1"); $stats['arrived_user_count'] = $arrived_user_count['user_count']; - + $done_shifts_seconds = sql_select_single_cell("SELECT SUM(`Shifts`.`end` - `Shifts`.`start`) FROM `ShiftEntry` JOIN `Shifts` USING (`SID`) WHERE `Shifts`.`end` < UNIX_TIMESTAMP()"); $stats['done_work_hours'] = round($done_shifts_seconds / (60 * 60), 0); - + $users_in_action = sql_select("SELECT `Shifts`.`start`, `Shifts`.`end` FROM `ShiftEntry` JOIN `Shifts` ON `Shifts`.`SID`=`ShiftEntry`.`SID` WHERE UNIX_TIMESTAMP() BETWEEN `Shifts`.`start` AND `Shifts`.`end`"); $stats['users_in_action'] = count($users_in_action); - + header("Content-Type: application/json"); raw_output(json_encode($stats)); return; } raw_output(json_encode([ - 'error' => "Wrong api_key." - ])); + 'error' => "Wrong api_key." + ])); } raw_output(json_encode([ - 'error' => "Missing parameter api_key." - ])); + 'error' => "Missing parameter api_key." + ])); } diff --git a/includes/pages/user_atom.php b/includes/pages/user_atom.php index 88e8f201..ee4ddae5 100644 --- a/includes/pages/user_atom.php +++ b/includes/pages/user_atom.php @@ -4,24 +4,24 @@ function user_atom() { global $user, $DISPLAY_NEWS; - - if (! isset($_REQUEST['key']) || ! preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) { + + if (!isset($_REQUEST['key']) || !preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) { engelsystem_error("Missing key."); } $key = $_REQUEST['key']; - + $user = User_by_api_key($key); if ($user == null) { engelsystem_error("Key invalid."); } - if (! in_array('atom', privileges_for_user($user['UID']))) { + if (!in_array('atom', privileges_for_user($user['UID']))) { engelsystem_error("No privilege for atom."); } - + $news = sql_select("SELECT * FROM `News` " . (empty($_REQUEST['meetings']) ? '' : 'WHERE `Treffen` = 1 ') . "ORDER BY `ID` DESC LIMIT " . sql_escape($DISPLAY_NEWS)); - + $output = make_atom_entries_from_news($news); - + header('Content-Type: application/atom+xml; charset=utf-8'); header("Content-Length: " . strlen($output)); raw_output($output); @@ -32,7 +32,13 @@ function make_atom_entries_from_news($news_entries) $html = '<?xml version="1.0" encoding="utf-8"?> <feed xmlns="http://www.w3.org/2005/Atom"> <title>Engelsystem</title> - <id>' . $_SERVER['HTTP_HOST'] . htmlspecialchars(preg_replace('#[&?]key=[a-f0-9]{32}#', '', $_SERVER['REQUEST_URI'])) . '</id> + <id>' . $_SERVER['HTTP_HOST'] + . htmlspecialchars(preg_replace( + '#[&?]key=[a-f0-9]{32}#', + '', + $_SERVER['REQUEST_URI'] + )) + . '</id> <updated>' . date('Y-m-d\TH:i:sP', $news_entries[0]['Datum']) . "</updated>\n"; foreach ($news_entries as $news_entry) { $html .= make_atom_entry_from_news($news_entry); diff --git a/includes/pages/user_ical.php b/includes/pages/user_ical.php index 49546e58..05c67d51 100644 --- a/includes/pages/user_ical.php +++ b/includes/pages/user_ical.php @@ -6,30 +6,30 @@ function user_ical() { global $user; - - if (! isset($_REQUEST['key']) || ! preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) { + + if (!isset($_REQUEST['key']) || !preg_match("/^[0-9a-f]{32}$/", $_REQUEST['key'])) { engelsystem_error("Missing key."); } $key = $_REQUEST['key']; - + $user = User_by_api_key($key); if ($user == null) { engelsystem_error("Key invalid."); } - - if (! in_array('ical', privileges_for_user($user['UID']))) { + + if (!in_array('ical', privileges_for_user($user['UID']))) { engelsystem_error("No privilege for ical."); } - + $ical_shifts = load_ical_shifts(); - + send_ical_from_shifts($ical_shifts); } /** * Renders an ical calender from given shifts array. * - * @param array<Shift> $shifts + * @param array <Shift> $shifts */ function send_ical_from_shifts($shifts) { @@ -53,7 +53,8 @@ function make_ical_entry_from_shift($shift) { $output = "BEGIN:VEVENT\r\n"; $output .= "UID:" . md5($shift['start'] . $shift['end'] . $shift['name']) . "\r\n"; - $output .= "SUMMARY:" . str_replace("\n", "\\n", $shift['name']) . " (" . str_replace("\n", "\\n", $shift['title']) . ")\r\n"; + $output .= "SUMMARY:" . str_replace("\n", "\\n", $shift['name']) + . " (" . str_replace("\n", "\\n", $shift['title']) . ")\r\n"; if (isset($shift['Comment'])) { $output .= "DESCRIPTION:" . str_replace("\n", "\\n", $shift['Comment']) . "\r\n"; } diff --git a/includes/pages/user_messages.php b/includes/pages/user_messages.php index f9278828..b7ff093f 100644 --- a/includes/pages/user_messages.php +++ b/includes/pages/user_messages.php @@ -8,7 +8,7 @@ function messages_title() function user_unread_messages() { global $user; - + if (isset($user)) { $new_messages = sql_num_query("SELECT * FROM `Messages` WHERE isRead='N' AND `RUID`='" . sql_escape($user['UID']) . "'"); if ($new_messages > 0) { @@ -21,113 +21,121 @@ function user_unread_messages() function user_messages() { global $user; - - if (! isset($_REQUEST['action'])) { + + if (!isset($_REQUEST['action'])) { $users = sql_select("SELECT * FROM `User` WHERE NOT `UID`='" . sql_escape($user['UID']) . "' ORDER BY `Nick`"); - + $to_select_data = [ - "" => _("Select recipient...") - ]; - + "" => _("Select recipient...") + ]; + foreach ($users as $u) { $to_select_data[$u['UID']] = $u['Nick']; } - + $to_select = html_select_key('to', 'to', $to_select_data, ''); - + $messages = sql_select("SELECT * FROM `Messages` WHERE `SUID`='" . sql_escape($user['UID']) . "' OR `RUID`='" . sql_escape($user['UID']) . "' ORDER BY `isRead`,`Datum` DESC"); - + $messages_table = [ - [ - 'news' => '', - 'timestamp' => date("Y-m-d H:i"), - 'from' => User_Nick_render($user), - 'to' => $to_select, - 'text' => form_textarea('text', '', ''), - 'actions' => form_submit('submit', _("Save")) - ] - ]; - + [ + 'news' => '', + 'timestamp' => date("Y-m-d H:i"), + 'from' => User_Nick_render($user), + 'to' => $to_select, + 'text' => form_textarea('text', '', ''), + 'actions' => form_submit('submit', _("Save")) + ] + ]; + foreach ($messages as $message) { $sender_user_source = User($message['SUID']); $receiver_user_source = User($message['RUID']); - + $messages_table_entry = [ - 'new' => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '', - 'timestamp' => date("Y-m-d H:i", $message['Datum']), - 'from' => User_Nick_render($sender_user_source), - 'to' => User_Nick_render($receiver_user_source), - 'text' => str_replace("\n", '<br />', $message['Text']) - ]; - + 'new' => $message['isRead'] == 'N' ? '<span class="glyphicon glyphicon-envelope"></span>' : '', + 'timestamp' => date("Y-m-d H:i", $message['Datum']), + 'from' => User_Nick_render($sender_user_source), + 'to' => User_Nick_render($receiver_user_source), + 'text' => str_replace("\n", '<br />', $message['Text']) + ]; + if ($message['RUID'] == $user['UID']) { if ($message['isRead'] == 'N') { - $messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=read&id=' . $message['id'], _("mark as read"), 'btn-xs'); + $messages_table_entry['actions'] = button( + page_link_to("user_messages") . '&action=read&id=' . $message['id'], + _("mark as read"), + 'btn-xs' + ); } } else { - $messages_table_entry['actions'] = button(page_link_to("user_messages") . '&action=delete&id=' . $message['id'], _("delete message"), 'btn-xs'); + $messages_table_entry['actions'] = button( + page_link_to("user_messages") . '&action=delete&id=' . $message['id'], + _("delete message"), + 'btn-xs' + ); } $messages_table[] = $messages_table_entry; } - + return page_with_title(messages_title(), [ - msg(), - sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)), - form([ - table([ - 'new' => _("New"), - 'timestamp' => _("Date"), - 'from' => _("Transmitted"), - 'to' => _("Recipient"), - 'text' => _("Message"), - 'actions' => '' - ], $messages_table) - ], page_link_to('user_messages') . '&action=send') - ]); + msg(), + sprintf(_("Hello %s, here can you leave messages for other angels"), User_Nick_render($user)), + form([ + table([ + 'new' => _("New"), + 'timestamp' => _("Date"), + 'from' => _("Transmitted"), + 'to' => _("Recipient"), + 'text' => _("Message"), + 'actions' => '' + ], $messages_table) + ], page_link_to('user_messages') . '&action=send') + ]); } else { switch ($_REQUEST['action']) { - case "read": - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $message_id = $_REQUEST['id']; - } else { - return error(_("Incomplete call, missing Message ID."), true); - } - - $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); - if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { - sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); - redirect(page_link_to("user_messages")); - } else { - return error(_("No Message found."), true); - } - break; - - case "delete": - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $message_id = $_REQUEST['id']; - } else { - return error(_("Incomplete call, missing Message ID."), true); - } - - $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); - if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { - sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); - redirect(page_link_to("user_messages")); - } else { - return error(_("No Message found."), true); - } - break; - - case "send": - if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) { - redirect(page_link_to("user_messages")); - } else { - return error(_("Transmitting was terminated with an Error."), true); + case "read": + if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { + $message_id = $_REQUEST['id']; + } else { + return error(_("Incomplete call, missing Message ID."), true); + } + + $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); + if (count($message) > 0 && $message[0]['RUID'] == $user['UID']) { + sql_query("UPDATE `Messages` SET `isRead`='Y' WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); + redirect(page_link_to("user_messages")); + } else { + return error(_("No Message found."), true); + } + break; + + case "delete": + if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { + $message_id = $_REQUEST['id']; + } else { + return error(_("Incomplete call, missing Message ID."), true); + } + + $message = sql_select("SELECT * FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); + if (count($message) > 0 && $message[0]['SUID'] == $user['UID']) { + sql_query("DELETE FROM `Messages` WHERE `id`='" . sql_escape($message_id) . "' LIMIT 1"); + redirect(page_link_to("user_messages")); + } else { + return error(_("No Message found."), true); + } + break; + + case "send": + if (Message_send($_REQUEST['to'], $_REQUEST['text']) === true) { + redirect(page_link_to("user_messages")); + } else { + return error(_("Transmitting was terminated with an Error."), true); + } + break; + + default: + return error(_("Wrong action."), true); } - break; - - default: - return error(_("Wrong action."), true); - } } } diff --git a/includes/pages/user_myshifts.php b/includes/pages/user_myshifts.php index fbfe3f33..8c2d9442 100644 --- a/includes/pages/user_myshifts.php +++ b/includes/pages/user_myshifts.php @@ -10,15 +10,20 @@ function user_myshifts() { global $LETZTES_AUSTRAGEN; global $user, $privileges; - - if (isset($_REQUEST['id']) && in_array("user_shifts_admin", $privileges) && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0) { + + if ( + isset($_REQUEST['id']) + && in_array("user_shifts_admin", $privileges) + && preg_match("/^[0-9]{1,}$/", $_REQUEST['id']) + && sql_num_query("SELECT * FROM `User` WHERE `UID`='" . sql_escape($_REQUEST['id']) . "'") > 0 + ) { $user_id = $_REQUEST['id']; } else { $user_id = $user['UID']; } - + list($shifts_user) = sql_select("SELECT * FROM `User` WHERE `UID`='" . sql_escape($user_id) . "' LIMIT 1"); - + if (isset($_REQUEST['reset'])) { if ($_REQUEST['reset'] == "ack") { User_reset_api_key($user); @@ -26,9 +31,12 @@ function user_myshifts() redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); } return page_with_title(_("Reset API key"), [ - error(_("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), true), - button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger') - ]); + error( + _("If you reset the key, the url to your iCal- and JSON-export and your atom feed changes! You have to update it in every application using one of these exports."), + true + ), + button(page_link_to('user_myshifts') . '&reset=ack', _("Continue"), 'btn-danger') + ]); } elseif (isset($_REQUEST['edit']) && preg_match("/^[0-9]*$/", $_REQUEST['edit'])) { $user_id = $_REQUEST['edit']; $shift = sql_select("SELECT @@ -39,7 +47,7 @@ function user_myshifts() `ShiftTypes`.`name`, `Shifts`.*, `Room`.`Name`, - `AngelTypes`.`name` as `angel_type` + `AngelTypes`.`name` AS `angel_type` FROM `ShiftEntry` JOIN `AngelTypes` ON (`ShiftEntry`.`TID` = `AngelTypes`.`id`) JOIN `Shifts` ON (`ShiftEntry`.`SID` = `Shifts`.`SID`) @@ -51,7 +59,7 @@ function user_myshifts() $shift = $shift[0]; $freeloaded = $shift['freeloaded']; $freeload_comment = $shift['freeload_comment']; - + if (isset($_REQUEST['submit'])) { $valid = true; if (in_array("user_shifts_admin", $privileges)) { @@ -62,28 +70,44 @@ function user_myshifts() error(_("Please enter a freeload comment!")); } } - + $comment = strip_request_item_nl('comment'); $user_source = User($shift['UID']); - + if ($valid) { $result = ShiftEntry_update([ - 'id' => $user_id, - 'Comment' => $comment, - 'freeloaded' => $freeloaded, - 'freeload_comment' => $freeload_comment - ]); + 'id' => $user_id, + 'Comment' => $comment, + 'freeloaded' => $freeloaded, + 'freeload_comment' => $freeload_comment + ]); if ($result === false) { engelsystem_error('Unable to update shift entry.'); } - - engelsystem_log("Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " with comment " . $comment . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO")); + + engelsystem_log( + "Updated " . User_Nick_render($user_source) . "'s shift " . $shift['name'] + . " from " . date("Y-m-d H:i", $shift['start']) + . " to " . date("Y-m-d H:i", $shift['end']) + . " with comment " . $comment + . ". Freeloaded: " . ($freeloaded ? "YES Comment: " . $freeload_comment : "NO") + ); success(_("Shift saved.")); redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); } } - - return ShiftEntry_edit_view(User_Nick_render($shifts_user), date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), $shift['Name'], $shift['name'], $shift['angel_type'], $shift['Comment'], $shift['freeloaded'], $shift['freeload_comment'], in_array("user_shifts_admin", $privileges)); + + return ShiftEntry_edit_view( + User_Nick_render($shifts_user), + date("Y-m-d H:i", $shift['start']) . ', ' . shift_length($shift), + $shift['Name'], + $shift['name'], + $shift['angel_type'], + $shift['Comment'], + $shift['freeloaded'], + $shift['freeload_comment'], + in_array("user_shifts_admin", $privileges) + ); } else { redirect(page_link_to('user_myshifts')); } @@ -104,8 +128,14 @@ function user_myshifts() $room = Room($shift['RID']); $angeltype = AngelType($shift['TID']); $shifttype = ShiftType($shift['shifttype_id']); - - engelsystem_log("Deleted own shift: " . $shifttype['name'] . " at " . $room['Name'] . " from " . date("Y-m-d H:i", $shift['start']) . " to " . date("Y-m-d H:i", $shift['end']) . " as " . $angeltype['name']); + + engelsystem_log( + "Deleted own shift: " . $shifttype['name'] + . " at " . $room['Name'] + . " from " . date("Y-m-d H:i", $shift['start']) + . " to " . date("Y-m-d H:i", $shift['end']) + . " as " . $angeltype['name'] + ); success(_("Shift canceled.")); } else { error(_("It's too late to sign yourself off the shift. If neccessary, ask the dispatcher to do so.")); @@ -114,6 +144,6 @@ function user_myshifts() redirect(user_link($shifts_user)); } } - + redirect(page_link_to('users') . '&action=view&user_id=' . $shifts_user['UID']); } diff --git a/includes/pages/user_news.php b/includes/pages/user_news.php index a26b4d8d..31f38eaa 100644 --- a/includes/pages/user_news.php +++ b/includes/pages/user_news.php @@ -18,26 +18,26 @@ function meetings_title() function user_meetings() { global $DISPLAY_NEWS; - + $html = '<div class="col-md-12"><h1>' . meetings_title() . '</h1>' . msg(); - + if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) { $page = $_REQUEST['page']; } else { $page = 0; } - + $news = sql_select("SELECT * FROM `News` WHERE `Treffen`=1 ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); foreach ($news as $entry) { $html .= display_news($entry); } - + $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); $html .= '<div class="text-center">' . '<ul class="pagination">'; - for ($i = 0; $i < $dis_rows; $i ++) { + for ($i = 0; $i < $dis_rows; $i++) { if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) { $html .= '<li class="active">'; - } elseif (! isset($_REQUEST['page']) && $i == 0) { + } elseif (!isset($_REQUEST['page']) && $i == 0) { $html .= '<li class="active">'; } else { $html .= '<li>'; @@ -45,29 +45,31 @@ function user_meetings() $html .= '<a href="' . page_link_to("user_meetings") . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; } $html .= '</ul></div></div>'; - + return $html; } function display_news($news) { global $privileges, $page; - + $html = ''; $html .= '<div class="panel' . ($news['Treffen'] == 1 ? ' panel-info' : ' panel-default') . '">'; $html .= '<div class="panel-heading">'; $html .= '<h3 class="panel-title">' . ($news['Treffen'] == 1 ? '[Meeting] ' : '') . ReplaceSmilies($news['Betreff']) . '</h3>'; $html .= '</div>'; $html .= '<div class="panel-body">' . ReplaceSmilies(nl2br($news['Text'])) . '</div>'; - + $html .= '<div class="panel-footer text-muted">'; if (in_array("admin_news", $privileges)) { - $html .= '<div class="pull-right">' . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') . '</div>'; + $html .= '<div class="pull-right">' + . button_glyph(page_link_to("admin_news") . '&action=edit&id=' . $news['ID'], 'edit', 'btn-xs') + . '</div>'; } $html .= '<span class="glyphicon glyphicon-time"></span> ' . date("Y-m-d H:i", $news['Datum']) . ' '; - + $user_source = User($news['UID']); - + $html .= User_Nick_render($user_source); if ($page != "news_comments") { $html .= ' <a href="' . page_link_to("news_comments") . '&nid=' . $news['ID'] . '"><span class="glyphicon glyphicon-comment"></span> ' . _("Comments") . ' »</a> <span class="badge">' . sql_num_query("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($news['ID']) . "'") . '</span>'; @@ -80,9 +82,13 @@ function display_news($news) function user_news_comments() { global $user; - + $html = '<div class="col-md-12"><h1>' . user_news_comments_title() . '</h1>'; - if (isset($_REQUEST["nid"]) && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0) { + if ( + isset($_REQUEST["nid"]) + && preg_match("/^[0-9]{1,}$/", $_REQUEST['nid']) + && sql_num_query("SELECT * FROM `News` WHERE `ID`='" . sql_escape($_REQUEST['nid']) . "' LIMIT 1") > 0 + ) { $nid = $_REQUEST["nid"]; list($news) = sql_select("SELECT * FROM `News` WHERE `ID`='" . sql_escape($nid) . "' LIMIT 1"); if (isset($_REQUEST["text"])) { @@ -91,13 +97,13 @@ function user_news_comments() engelsystem_log("Created news_comment: " . $text); $html .= success(_("Entry saved."), true); } - + $html .= display_news($news); - + $comments = sql_select("SELECT * FROM `NewsComments` WHERE `Refid`='" . sql_escape($nid) . "' ORDER BY 'ID'"); foreach ($comments as $comment) { $user_source = User($comment['UID']); - + $html .= '<div class="panel panel-default">'; $html .= '<div class="panel-body">' . nl2br($comment['Text']) . '</div>'; $html .= '<div class="panel-footer text-muted">'; @@ -106,27 +112,27 @@ function user_news_comments() $html .= '</div>'; $html .= '</div>'; } - + $html .= '<hr /><h2>' . _("New Comment:") . '</h2>'; $html .= form([ - form_textarea('text', _("Message"), ''), - form_submit('submit', _("Save")) - ], page_link_to('news_comments') . '&nid=' . $news['ID']); + form_textarea('text', _("Message"), ''), + form_submit('submit', _("Save")) + ], page_link_to('news_comments') . '&nid=' . $news['ID']); } else { $html .= _("Invalid request."); } - + return $html . '</div>'; } function user_news() { global $DISPLAY_NEWS, $privileges, $user; - + $html = '<div class="col-md-12"><h1>' . news_title() . '</h1>' . msg(); - + if (isset($_POST["text"]) && isset($_POST["betreff"]) && in_array("admin_news", $privileges)) { - if (! isset($_POST["treffen"]) || ! in_array("admin_news", $privileges)) { + if (!isset($_POST["treffen"]) || !in_array("admin_news", $privileges)) { $_POST["treffen"] = 0; } sql_query("INSERT INTO `News` (`Datum`, `Betreff`, `Text`, `UID`, `Treffen`) " . "VALUES ('" . sql_escape(time()) . "', '" . sql_escape($_POST["betreff"]) . "', '" . sql_escape($_POST["text"]) . "', '" . sql_escape($user['UID']) . "', '" . sql_escape($_POST["treffen"]) . "');"); @@ -134,24 +140,24 @@ function user_news() success(_("Entry saved.")); redirect(page_link_to('news')); } - + if (isset($_REQUEST['page']) && preg_match("/^[0-9]{1,}$/", $_REQUEST['page'])) { $page = $_REQUEST['page']; } else { $page = 0; } - + $news = sql_select("SELECT * FROM `News` ORDER BY `Datum` DESC LIMIT " . sql_escape($page * $DISPLAY_NEWS) . ", " . sql_escape($DISPLAY_NEWS)); foreach ($news as $entry) { $html .= display_news($entry); } - + $dis_rows = ceil(sql_num_query("SELECT * FROM `News`") / $DISPLAY_NEWS); $html .= '<div class="text-center">' . '<ul class="pagination">'; - for ($i = 0; $i < $dis_rows; $i ++) { + for ($i = 0; $i < $dis_rows; $i++) { if (isset($_REQUEST['page']) && $i == $_REQUEST['page']) { $html .= '<li class="active">'; - } elseif (! isset($_REQUEST['page']) && $i == 0) { + } elseif (!isset($_REQUEST['page']) && $i == 0) { $html .= '<li class="active">'; } else { $html .= '<li>'; @@ -159,17 +165,17 @@ function user_news() $html .= '<a href="' . page_link_to("news") . '&page=' . $i . '">' . ($i + 1) . '</a></li>'; } $html .= '</ul></div>'; - + if (in_array("admin_news", $privileges)) { $html .= '<hr />'; $html .= '<h2>' . _("Create news:") . '</h2>'; - + $html .= form([ - form_text('betreff', _("Subject"), ''), - form_textarea('text', _("Message"), ''), - form_checkbox('treffen', _("Meeting"), false, 1), - form_submit('submit', _("Save")) - ]); + form_text('betreff', _("Subject"), ''), + form_textarea('text', _("Message"), ''), + form_checkbox('treffen', _("Meeting"), false, 1), + form_submit('submit', _("Save")) + ]); } return $html . '</div>'; } diff --git a/includes/pages/user_questions.php b/includes/pages/user_questions.php index 35231e1a..d1a90292 100644 --- a/includes/pages/user_questions.php +++ b/includes/pages/user_questions.php @@ -8,51 +8,58 @@ function questions_title() function user_questions() { global $user; - - if (! isset($_REQUEST['action'])) { - $open_questions = sql_select("SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"); - - $answered_questions = sql_select("SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'"); + + if (!isset($_REQUEST['action'])) { + $open_questions = sql_select( + "SELECT * FROM `Questions` WHERE `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'" + ); + + $answered_questions = sql_select( + "SELECT * FROM `Questions` WHERE NOT `AID` IS NULL AND `UID`='" . sql_escape($user['UID']) . "'" + ); foreach ($answered_questions as &$question) { $answer_user_source = User($question['AID']); $question['answer_user'] = User_Nick_render($answer_user_source); } - + return Questions_view($open_questions, $answered_questions, page_link_to("user_questions") . '&action=ask'); } else { switch ($_REQUEST['action']) { - case 'ask': - $question = strip_request_item_nl('question'); - if ($question != "") { - $result = sql_query("INSERT INTO `Questions` SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "'"); - if ($result === false) { - engelsystem_error(_("Unable to save question.")); - } - success(_("You question was saved.")); - redirect(page_link_to("user_questions")); - } else { - return page_with_title(questions_title(), [ - error(_("Please enter a question!"), true) - ]); - } - break; - case 'delete': - if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { - $question_id = $_REQUEST['id']; - } else { - return error(_("Incomplete call, missing Question ID."), true); - } - - $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { - sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); - redirect(page_link_to("user_questions")); - } else { - return page_with_title(questions_title(), [ - error(_("No question found."), true) - ]); + case 'ask': + $question = strip_request_item_nl('question'); + if ($question != "") { + $result = sql_query(" + INSERT INTO `Questions` + SET `UID`='" . sql_escape($user['UID']) . "', `Question`='" . sql_escape($question) . "' + "); + if ($result === false) { + engelsystem_error(_("Unable to save question.")); + } + success(_("You question was saved.")); + redirect(page_link_to("user_questions")); + } else { + return page_with_title(questions_title(), [ + error(_("Please enter a question!"), true) + ]); + } + break; + case 'delete': + if (isset($_REQUEST['id']) && preg_match("/^[0-9]{1,11}$/", $_REQUEST['id'])) { + $question_id = $_REQUEST['id']; + } else { + return error(_("Incomplete call, missing Question ID."), true); + } + + $question = sql_select("SELECT * FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); + if (count($question) > 0 && $question[0]['UID'] == $user['UID']) { + sql_query("DELETE FROM `Questions` WHERE `QID`='" . sql_escape($question_id) . "' LIMIT 1"); + redirect(page_link_to("user_questions")); + } else { + return page_with_title(questions_title(), [ + error(_("No question found."), true) + ]); + } + break; } - break; - } } } diff --git a/includes/pages/user_settings.php b/includes/pages/user_settings.php index cfdbc7ab..831936c4 100644 --- a/includes/pages/user_settings.php +++ b/includes/pages/user_settings.php @@ -14,11 +14,11 @@ function settings_title() function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) { $valid = true; - + if (isset($_REQUEST['mail'])) { $result = User_validate_mail($_REQUEST['mail']); $user_source['email'] = $result->getValue(); - if (! $result->isValid()) { + if (!$result->isValid()) { $valid = false; error(_("E-mail address is not correct.")); } @@ -26,60 +26,60 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) $valid = false; error(_("Please enter your e-mail.")); } - + $user_source['email_shiftinfo'] = isset($_REQUEST['email_shiftinfo']); $user_source['email_by_human_allowed'] = isset($_REQUEST['email_by_human_allowed']); - + if (isset($_REQUEST['jabber'])) { $result = User_validate_jabber($_REQUEST['jabber']); $user_source['jabber'] = $result->getValue(); - if (! $result->isValid()) { + if (!$result->isValid()) { $valid = false; error(_("Please check your jabber account information.")); } } - + if (isset($_REQUEST['tshirt_size']) && isset($tshirt_sizes[$_REQUEST['tshirt_size']])) { $user_source['Size'] = $_REQUEST['tshirt_size']; } elseif ($enable_tshirt_size) { $valid = false; } - + if (isset($_REQUEST['planned_arrival_date'])) { $tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_arrival_date'] . " 00:00"); $result = User_validate_planned_arrival_date($tmp); $user_source['planned_arrival_date'] = $result->getValue(); - if (! $result->isValid()) { + if (!$result->isValid()) { $valid = false; error(_("Please enter your planned date of arrival. It should be after the buildup start date and before teardown end date.")); } } - + if (isset($_REQUEST['planned_departure_date'])) { $tmp = parse_date("Y-m-d H:i", $_REQUEST['planned_departure_date'] . " 00:00"); $result = User_validate_planned_departure_date($user_source['planned_arrival_date'], $tmp); $user_source['planned_departure_date'] = $result->getValue(); - if (! $result->isValid()) { + if (!$result->isValid()) { $valid = false; error(_("Please enter your planned date of departure. It should be after your planned arrival date and after buildup start date and before teardown end date.")); } } - - // Trivia - $user_source['Name'] = strip_request_item('lastname', $user_source['Name']); + + // Trivia + $user_source['Name'] = strip_request_item('lastname', $user_source['Name']); $user_source['Vorname'] = strip_request_item('prename', $user_source['Vorname']); $user_source['Alter'] = strip_request_item('age', $user_source['Alter']); $user_source['Telefon'] = strip_request_item('tel', $user_source['Telefon']); $user_source['DECT'] = strip_request_item('dect', $user_source['DECT']); $user_source['Handy'] = strip_request_item('mobile', $user_source['Handy']); $user_source['Hometown'] = strip_request_item('hometown', $user_source['Hometown']); - + if ($valid) { User_update($user_source); success(_("Settings saved.")); redirect(page_link_to('user_settings')); } - + return $user_source; } @@ -92,7 +92,10 @@ function user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes) function user_settings_password($user_source) { global $min_password_length; - if (! isset($_REQUEST['password']) || ! verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID'])) { + if ( + !isset($_REQUEST['password']) + || !verify_password($_REQUEST['password'], $user_source['Passwort'], $user_source['UID']) + ) { error(_("-> not OK. Please try again.")); } elseif (strlen($_REQUEST['new_password']) < $min_password_length) { error(_("Your password is to short (please use at least 6 characters).")); @@ -110,27 +113,27 @@ function user_settings_password($user_source) * Change user theme * * @param User $user_sources - * The user - * @param array<String> $themes - * List of available themes + * The user + * @param array <String> $themes + * List of available themes */ function user_settings_theme($user_source, $themes) { $valid = true; - + if (isset($_REQUEST['theme']) && isset($themes[$_REQUEST['theme']])) { $user_source['color'] = $_REQUEST['theme']; } else { $valid = false; } - + if ($valid) { sql_query("UPDATE `User` SET `color`='" . sql_escape($user_source['color']) . "' WHERE `UID`='" . sql_escape($user_source['UID']) . "'"); - + success(_("Theme changed.")); redirect(page_link_to('user_settings')); } - + return $user_source; } @@ -138,28 +141,28 @@ function user_settings_theme($user_source, $themes) * Change use locale * * @param User $user_source - * The user - * @param array<String> $locales - * List of available locales + * The user + * @param array <String> $locales + * List of available locales */ function user_settings_locale($user_source, $locales) { $valid = true; - + if (isset($_REQUEST['language']) && isset($locales[$_REQUEST['language']])) { $user_source['Sprache'] = $_REQUEST['language']; } else { $valid = false; } - + if ($valid) { sql_query("UPDATE `User` SET `Sprache`='" . sql_escape($user_source['Sprache']) . "' WHERE `UID`='" . sql_escape($user_source['UID']) . "'"); $_SESSION['locale'] = $user_source['Sprache']; - + success("Language changed."); redirect(page_link_to('user_settings')); } - + return $user_source; } @@ -170,7 +173,7 @@ function user_settings() { global $enable_tshirt_size, $tshirt_sizes, $themes, $locales; global $user; - + $buildup_start_date = null; $teardown_end_date = null; $event_config = EventConfig(); @@ -182,9 +185,9 @@ function user_settings() $teardown_end_date = $event_config['teardown_end_date']; } } - + $user_source = $user; - + if (isset($_REQUEST['submit'])) { $user_source = user_settings_main($user_source, $enable_tshirt_size, $tshirt_sizes); } elseif (isset($_REQUEST['submit_password'])) { @@ -194,6 +197,7 @@ function user_settings() } elseif (isset($_REQUEST['submit_language'])) { $user_source = user_settings_locale($user_source, $locales); } - - return User_settings_view($user_source, $locales, $themes, $buildup_start_date, $teardown_end_date, $enable_tshirt_size, $tshirt_sizes); + + return User_settings_view($user_source, $locales, $themes, $buildup_start_date, $teardown_end_date, + $enable_tshirt_size, $tshirt_sizes); } diff --git a/includes/pages/user_shifts.php b/includes/pages/user_shifts.php index 0a8ddf4f..e325989c 100644 --- a/includes/pages/user_shifts.php +++ b/includes/pages/user_shifts.php @@ -16,21 +16,21 @@ function shifts_title() function user_shifts() { global $user; - + if (User_is_freeloader($user)) { redirect(page_link_to('user_myshifts')); } - - // Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins - if (isset($_REQUEST['entry_id'])) { - return shift_entry_delete_controller(); - } elseif (isset($_REQUEST['edit_shift'])) { - return shift_edit_controller(); - } elseif (isset($_REQUEST['delete_shift'])) { - return shift_delete_controller(); - } elseif (isset($_REQUEST['shift_id'])) { - return shift_entry_add_controller(); - } + + // Löschen einzelner Schicht-Einträge (Also Belegung einer Schicht von Engeln) durch Admins + if (isset($_REQUEST['entry_id'])) { + return shift_entry_delete_controller(); + } elseif (isset($_REQUEST['edit_shift'])) { + return shift_edit_controller(); + } elseif (isset($_REQUEST['delete_shift'])) { + return shift_delete_controller(); + } elseif (isset($_REQUEST['shift_id'])) { + return shift_entry_add_controller(); + } return view_user_shifts(); } @@ -47,15 +47,15 @@ function update_ShiftsFilter_timerange(ShiftsFilter $shiftsFilter, $days) if ($start_time == null) { $start_time = time(); } - + $end_time = $shiftsFilter->getEndTime(); if ($end_time == null) { $end_time = $start_time + 24 * 60 * 60; } - + $shiftsFilter->setStartTime(check_request_datetime('start_day', 'start_time', $days, $start_time)); $shiftsFilter->setEndTime(check_request_datetime('end_day', 'end_time', $days, $end_time)); - + if ($shiftsFilter->getStartTime() > $shiftsFilter->getEndTime()) { $shiftsFilter->setEndTime($shiftsFilter->getStartTime() + 24 * 60 * 60); } @@ -66,9 +66,9 @@ function update_ShiftsFilter_timerange(ShiftsFilter $shiftsFilter, $days) * * @param ShiftsFilter $shiftsFilter * The shifts filter to update from request data - * @param boolean $user_shifts_admin + * @param boolean $user_shifts_admin * Has the user user_shift_admin privilege? - * @param string[] $days + * @param string[] $days * An array of available filter days */ function update_ShiftsFilter(ShiftsFilter $shiftsFilter, $user_shifts_admin, $days) @@ -106,12 +106,30 @@ function load_days() function load_types() { global $user; - + if (sql_num_query("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0") == 0) { error(_("The administration has not configured any angeltypes yet - or you are not subscribed to any angeltype.")); redirect('?'); } - $types = sql_select("SELECT `AngelTypes`.`id`, `AngelTypes`.`name`, (`AngelTypes`.`restricted`=0 OR (NOT `UserAngelTypes`.`confirm_user_id` IS NULL OR `UserAngelTypes`.`id` IS NULL)) as `enabled` FROM `AngelTypes` LEFT JOIN `UserAngelTypes` ON (`UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "') ORDER BY `AngelTypes`.`name`"); + $types = sql_select(" + SELECT + `AngelTypes`.`id`, + `AngelTypes`.`name`, + ( + `AngelTypes`.`restricted`=0 + OR ( + NOT `UserAngelTypes`.`confirm_user_id` IS NULL + OR `UserAngelTypes`.`id` IS NULL + ) + ) AS `enabled` + FROM `AngelTypes` + LEFT JOIN `UserAngelTypes` + ON ( + `UserAngelTypes`.`angeltype_id`=`AngelTypes`.`id` + AND `UserAngelTypes`.`user_id`='" . sql_escape($user['UID']) . "' + ) + ORDER BY `AngelTypes`.`name` + "); if (empty($types)) { return sql_select("SELECT `id`, `name` FROM `AngelTypes` WHERE `restricted` = 0"); } @@ -122,62 +140,77 @@ function view_user_shifts() { global $user, $privileges; global $ical_shifts; - + $ical_shifts = []; $days = load_days(); $rooms = load_rooms(); $types = load_types(); - - if (! isset($_SESSION['ShiftsFilter'])) { + + if (!isset($_SESSION['ShiftsFilter'])) { $room_ids = [ - $rooms[0]['id'] - ]; + $rooms[0]['id'] + ]; $type_ids = array_map('get_ids_from_array', $types); $_SESSION['ShiftsFilter'] = new ShiftsFilter(in_array('user_shifts_admin', $privileges), $room_ids, $type_ids); } update_ShiftsFilter($_SESSION['ShiftsFilter'], in_array('user_shifts_admin', $privileges), $days); $shiftsFilter = $_SESSION['ShiftsFilter']; - + $shiftCalendarRenderer = shiftCalendarRendererByShiftFilter($shiftsFilter); - + if ($user['api_key'] == "") { User_reset_api_key($user, false); } - + $filled = [ - [ - 'id' => '1', - 'name' => _("occupied") - ], - [ - 'id' => '0', - 'name' => _("free") - ] - ]; + [ + 'id' => '1', + 'name' => _("occupied") + ], + [ + 'id' => '0', + 'name' => _("free") + ] + ]; $start_day = date("Y-m-d", $shiftsFilter->getStartTime()); $start_time = date("H:i", $shiftsFilter->getStartTime()); $end_day = date("Y-m-d", $shiftsFilter->getEndTime()); $end_time = date("H:i", $shiftsFilter->getEndTime()); - + return page([ - div('col-md-12', [ - msg(), - template_render(__DIR__ . '/../../templates/user_shifts.html', [ - 'title' => shifts_title(), - 'room_select' => make_select($rooms, $shiftsFilter->getRooms(), "rooms", _("Rooms")), - 'start_select' => html_select_key("start_day", "start_day", array_combine($days, $days), $start_day), - 'start_time' => $start_time, - 'end_select' => html_select_key("end_day", "end_day", array_combine($days, $days), $end_day), - 'end_time' => $end_time, - 'type_select' => make_select($types, $shiftsFilter->getTypes(), "types", _("Angeltypes") . '<sup>1</sup>'), - 'filled_select' => make_select($filled, $shiftsFilter->getFilled(), "filled", _("Occupancy")), - 'task_notice' => '<sup>1</sup>' . _("The tasks shown here are influenced by the angeltypes you joined already!") . " <a href=\"" . page_link_to('angeltypes') . '&action=about' . "\">" . _("Description of the jobs.") . "</a>", - 'shifts_table' => msg() . $shiftCalendarRenderer->render(), - 'ical_text' => '<h2>' . _("iCal export") . '</h2><p>' . sprintf(_("Export of shown shifts. <a href=\"%s\">iCal format</a> or <a href=\"%s\">JSON format</a> available (please keep secret, otherwise <a href=\"%s\">reset the api key</a>)."), page_link_to_absolute('ical') . '&key=' . $user['api_key'], page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], page_link_to('user_myshifts') . '&reset') . '</p>', - 'filter' => _("Filter") - ]) - ]) - ]); + div('col-md-12', [ + msg(), + template_render(__DIR__ . '/../../templates/user_shifts.html', [ + 'title' => shifts_title(), + 'room_select' => make_select($rooms, $shiftsFilter->getRooms(), "rooms", _("Rooms")), + 'start_select' => html_select_key("start_day", "start_day", array_combine($days, $days), $start_day), + 'start_time' => $start_time, + 'end_select' => html_select_key("end_day", "end_day", array_combine($days, $days), $end_day), + 'end_time' => $end_time, + 'type_select' => make_select( + $types, + $shiftsFilter->getTypes(), + "types", + _("Angeltypes") . '<sup>1</sup>' + ), + 'filled_select' => make_select($filled, $shiftsFilter->getFilled(), "filled", _("Occupancy")), + 'task_notice' => + '<sup>1</sup>' + . _("The tasks shown here are influenced by the angeltypes you joined already!") + . " <a href=\"" . page_link_to('angeltypes') . '&action=about' . "\">" + . _("Description of the jobs.") + . "</a>", + 'shifts_table' => msg() . $shiftCalendarRenderer->render(), + 'ical_text' => '<h2>' . _("iCal export") . '</h2><p>' . sprintf( + _("Export of shown shifts. <a href=\"%s\">iCal format</a> or <a href=\"%s\">JSON format</a> available (please keep secret, otherwise <a href=\"%s\">reset the api key</a>)."), + page_link_to_absolute('ical') . '&key=' . $user['api_key'], + page_link_to_absolute('shifts_json_export') . '&key=' . $user['api_key'], + page_link_to('user_myshifts') . '&reset' + ) . '</p>', + 'filter' => _("Filter") + ]) + ]) + ]); } function get_ids_from_array($array) @@ -191,16 +224,21 @@ function make_select($items, $selected, $name, $title = null) if (isset($title)) { $html_items[] = '<h4>' . $title . '</h4>' . "\n"; } - + foreach ($items as $i) { - $html_items[] = '<div class="checkbox"><label><input type="checkbox" name="' . $name . '[]" value="' . $i['id'] . '"' . (in_array($i['id'], $selected) ? ' checked="checked"' : '') . '> ' . $i['name'] . '</label>' . (! isset($i['enabled']) || $i['enabled'] ? '' : glyph("lock")) . '</div><br />'; + $html_items[] = '<div class="checkbox">' + . '<label><input type="checkbox" name="' . $name . '[]" value="' . $i['id'] . '"' + . (in_array($i['id'], $selected) ? ' checked="checked"' : '') + . '> ' . $i['name'] . '</label>' + . (!isset($i['enabled']) || $i['enabled'] ? '' : glyph("lock")) + . '</div><br />'; } $html = '<div id="selection_' . $name . '" class="selection ' . $name . '">' . "\n"; $html .= implode("\n", $html_items); $html .= buttons([ - button("javascript: checkAll('selection_" . $name . "', true)", _("All"), ""), - button("javascript: checkAll('selection_" . $name . "', false)", _("None"), "") - ]); + button("javascript: checkAll('selection_" . $name . "', true)", _("All"), ""), + button("javascript: checkAll('selection_" . $name . "', false)", _("None"), "") + ]); $html .= '</div>' . "\n"; return $html; } |